www.rackutean-bank.top Open in urlscan Pro
112.213.108.30 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.rackutean-bank.top/taxes.asp
Submission: On August 31 via api (August 31st 2024, 3:12:58 am UTC) from BY — Scanned from DE

Summary HTTP 22 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 22 HTTP transactions. The main IP is 112.213.108.30, located in Hong Kong and belongs to CTGSERVERLIMITED-AS-AP CTG Server Limited, HK. The main domain is www.rackutean-bank.top.
TLS certificate: Issued by R10 on July 29th 2024. Valid for: 3 months.

This is the only time www.rackutean-bank.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Rakuten (E-commerce)

Domain & IP information

	IP Address	AS Autonomous System
17	112.213.108.30 112.213.108.30	152194 (CTGSERVER...) (CTGSERVERLIMITED-AS-AP CTG Server Limited)
5	23.206.209.151 23.206.209.151	16625 (AKAMAI-AS) (AKAMAI-AS)
22	3

17 112.213.108.30 (Hong Kong)

ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK)

www.rackutean-bank.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.206.209.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-209-151.deploy.static.akamaitechnologies.com

image.card.jp.rakuten-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	rackutean-bank.top www.rackutean-bank.top	397 KB
5	rakuten-static.com image.card.jp.rakuten-static.com	71 KB
22	2

	Domain	Requested by
17	www.rackutean-bank.top	www.rackutean-bank.top
5	image.card.jp.rakuten-static.com	www.rackutean-bank.top
22	2

This site contains links to these domains. Also see Links.

Domain
r10.to
privacy.rakuten.co.jp
www.rakuten-card.co.jp
www.rakuten.co.jp
support.rakuten-card.jp
static.id.rakuten.co.jp
www.jpcert.or.jp
www.facebook.com

Subject Issuer	Validity	Valid
www.rackutean-bank.top R10	`2024-07-29` - `2024-10-27`	3 months	crt.sh
intl.rakuten-static.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-18` - `2025-02-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.rackutean-bank.top/taxes.asp
Frame ID: 9C4004398A9717DB0F19137B10D0F890
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

楽天e-NAVI: ログイン画面

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

486 kB
Transfer

900 kB
Size

1
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: http://r10.to/hqJ06m
Title: アプリならラクラク明細確認ログインも指紋認証で安心

Search URL Search Domain Scan URL

URL: https://privacy.rakuten.co.jp/
Title: 個人情報保護方針

Search URL Search Domain Scan URL

URL: https://r10.to/hroftZ
Title: ユーザID・パスワードを忘れた場合

Search URL Search Domain Scan URL

URL: https://www.rakuten-card.co.jp/agreement/card_member/
Title: 会員規約（個人情報の取扱に関する同意条項）

Search URL Search Domain Scan URL

URL: https://www.rakuten-card.co.jp/personal/statement/
Title: プライバシーステートメント

Search URL Search Domain Scan URL

URL: https://www.rakuten.co.jp/myrakuten/help/
Title: 楽天会員とは？

Search URL Search Domain Scan URL

URL: https://www.rakuten-card.co.jp/service/e-navi/login-support/?l-id=enavi_oo_enavi-login_to_login-support_sp
Title: ログインができない場合の解決方法

Search URL Search Domain Scan URL

URL: https://www.rakuten-card.co.jp/info/rules/site/
Title: ご利用にあたって（ご準備いただくもの/推奨環境）

Search URL Search Domain Scan URL

URL: https://support.rakuten-card.jp/category/show/17?site_domain=guest
Title: よくあるご質問

Search URL Search Domain Scan URL

URL: https://www.rakuten-card.co.jp/service/e-navi/start_procedure/flow/
Title: 初めてご登録する場合

Search URL Search Domain Scan URL

URL: https://support.rakuten-card.jp/faq/show/76?site_domain=guest
Title: 家族カードを登録する場合

Search URL Search Domain Scan URL

URL: https://support.rakuten-card.jp/faq/show/35?site_domain=guest
Title: カード番号が変更になった場合

Search URL Search Domain Scan URL

URL: https://support.rakuten-card.jp/faq/show/135?site_domain=guest
Title: カードを複数枚登録している場合

Search URL Search Domain Scan URL

URL: https://www.rakuten-card.co.jp/security/security-info/
Title: 楽天及び楽天カードを装った不審なメール

Search URL Search Domain Scan URL

URL: https://www.rakuten-card.co.jp/security/
Title: 楽天カードのセキュリティサービス

Search URL Search Domain Scan URL

URL: https://static.id.rakuten.co.jp/static/about_security/jpn/
Title: こちら

Search URL Search Domain Scan URL

URL: https://www.jpcert.or.jp/m/pr/2017/pr170002.html

Search URL Search Domain Scan URL

URL: https://support.rakuten-card.jp/?site_domain=guest
Title: よくあるご質問

Search URL Search Domain Scan URL

URL: https://www.rakuten-card.co.jp/contact/robbery/?l-id=enavi_all_footer_lostdial_sp
Title: カードの紛失・盗難

Search URL Search Domain Scan URL

URL: https://www.rakuten-card.co.jp/personal/statement/?l-id=enavi_all_footer_personalstatement_sp
Title: 個人情報の取り扱い

Search URL Search Domain Scan URL

URL: https://www.rakuten-card.co.jp/info/rules/credit_policy/?l-id=enavi_all_footer_creditpolicy_sp
Title: クレジットポリシー

Search URL Search Domain Scan URL

URL: https://www.rakuten-card.co.jp/info/rules/menseki/?l-id=enavi_all_footer_menseki_sp
Title: 免責事項

Search URL Search Domain Scan URL

URL: https://www.rakuten-card.co.jp/info/rules/copy/?l-id=enavi_all_footer_rulescopy_sp
Title: コピーライト

Search URL Search Domain Scan URL

URL: https://www.rakuten-card.co.jp/info/rules/site/?l-id=enavi_all_footer_siteinfo_sp
Title: サイトのご利用案内

Search URL Search Domain Scan URL

URL: https://www.rakuten-card.co.jp/info/rules/maintenance/?l-id=enavi_all_footer_maintenance_sp
Title: メンテナンス情報

Search URL Search Domain Scan URL

URL: https://www.facebook.com/RakutenCard

Search URL Search Domain Scan URL

URL: https://www.rakuten-card.co.jp/service/twitter/

Search URL Search Domain Scan URL

URL: https://www.rakuten-card.co.jp/service/instagram/?l-id=enavi_oo_footer_to_ig_sp

Search URL Search Domain Scan URL

URL: https://www.rakuten-card.co.jp/e-navi/index.xhtml?smart=0
Title: 表示モード：PC

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request taxes.asp Show response
www.rackutean-bank.top/ 23 KB
8 KB 2352ms
208ms Document
text/html 112.213.108.30
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rackutean-bank.top/taxes.asp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 112.213.108.30 , Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 76343edb9afa074998161bd16f96fc6ba3b53094982d401dcf1d2b7e155ccb32

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 7996
Content-Type: text/html
Date: Sat, 31 Aug 2024 03:12:51 GMT
Server: Microsoft-IIS/8.5
Vary: Accept-Encoding
X-Powered-By: ASP.NET

GET
H/1.1 200
OK sp_common.css
www.rackutean-bank.top/navi/ 372 KB
164 KB 436ms
435ms Stylesheet
text/css 112.213.108.30
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rackutean-bank.top/navi/sp_common.css
Requested by: Host: www.rackutean-bank.top
URL: https://www.rackutean-bank.top/taxes.asp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 112.213.108.30 , Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: faebb529fa9870029ef491192fe406ea8d6c7c25b5f92324bfc9ed1b77b6193c

Request headers

Referer: https://www.rackutean-bank.top/taxes.asp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 03:12:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Apr 2022 14:58:52 GMT
Server: Microsoft-IIS/8.5
ETag: "09e82271050d81:0"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes

GET
H/1.1 200
OK common.css
www.rackutean-bank.top/navi/ 79 KB
23 KB 1035ms
629ms Stylesheet
text/css 112.213.108.30
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rackutean-bank.top/navi/common.css
Requested by: Host: www.rackutean-bank.top
URL: https://www.rackutean-bank.top/taxes.asp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 112.213.108.30 , Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b3f38e45dc7dc874e83091773fb9043c332cca920a996d7a6c10405f0c039360

Request headers

Referer: https://www.rackutean-bank.top/taxes.asp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 03:12:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Apr 2022 13:57:26 GMT
Server: Microsoft-IIS/8.5
ETag: "0a77b92750d81:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 23024

GET
H/1.1 200
OK sdButton.css
www.rackutean-bank.top/navi/ 5 KB
2 KB 643ms
221ms Stylesheet
text/css 112.213.108.30
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rackutean-bank.top/navi/sdButton.css
Requested by: Host: www.rackutean-bank.top
URL: https://www.rackutean-bank.top/taxes.asp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 112.213.108.30 , Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 616e65e7f33f2c82c6dc4c8d0e912abfacab2613293904f00bcfdcf4dd44066a

Request headers

Referer: https://www.rackutean-bank.top/taxes.asp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 03:12:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Apr 2022 13:57:28 GMT
Server: Microsoft-IIS/8.5
ETag: "0d4ac93750d81:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1350

GET
H/1.1 200
OK login.css
www.rackutean-bank.top/navi/ 8 KB
3 KB 648ms
222ms Stylesheet
text/css 112.213.108.30
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rackutean-bank.top/navi/login.css
Requested by: Host: www.rackutean-bank.top
URL: https://www.rackutean-bank.top/taxes.asp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 112.213.108.30 , Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9df91ea7200ce3e1f05852935c91e97bf661358f780a90685e65b20b728901a7

Request headers

Referer: https://www.rackutean-bank.top/taxes.asp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 03:12:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Apr 2022 13:57:34 GMT
Server: Microsoft-IIS/8.5
ETag: "05b4097750d81:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2583

GET
H/1.1 200
OK challenger.css
www.rackutean-bank.top/navi/ 2 KB
1 KB 646ms
219ms Stylesheet
text/css 112.213.108.30
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rackutean-bank.top/navi/challenger.css
Requested by: Host: www.rackutean-bank.top
URL: https://www.rackutean-bank.top/taxes.asp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 112.213.108.30 , Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d5bd47efbf5b0cf47fec9e7400993f8f97362000b13f6be453ce8efc4e1ef0d7

Request headers

Referer: https://www.rackutean-bank.top/taxes.asp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 03:12:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Apr 2022 13:57:38 GMT
Server: Microsoft-IIS/8.5
ETag: "0b5a299750d81:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 780

GET
H/1.1 200
OK BGD27-RKZLH-HC9BY-VXAAE-E5EDR Show response
www.rackutean-bank.top/navi/ 205 KB
76 KB 1120ms
683ms Script
text/plain 112.213.108.30
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rackutean-bank.top/navi/BGD27-RKZLH-HC9BY-VXAAE-E5EDR
Requested by: Host: www.rackutean-bank.top
URL: https://www.rackutean-bank.top/taxes.asp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 112.213.108.30 , Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Referer: https://www.rackutean-bank.top/taxes.asp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 03:12:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Apr 2022 13:57:40 GMT
Server: Microsoft-IIS/8.5
ETag: "0e2d39a750d81:0"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/plain
Accept-Ranges: bytes

GET
H/1.1 200
OK icn_appSmartBanner.gif
www.rackutean-bank.top/navi/ 8 KB
8 KB 220ms
220ms Image
image/gif 112.213.108.30
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rackutean-bank.top/navi/icn_appSmartBanner.gif
Requested by: Host: www.rackutean-bank.top
URL: https://www.rackutean-bank.top/taxes.asp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 112.213.108.30 , Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 134a79b6a414ff5a7e2fcf543ce3e035df79dc411f3b986066b39cec2b2a7fba

Request headers

Referer: https://www.rackutean-bank.top/taxes.asp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 03:12:52 GMT
Last-Modified: Thu, 14 Apr 2022 13:57:40 GMT
Server: Microsoft-IIS/8.5
ETag: "0e2d39a750d81:0"
X-Powered-By: ASP.NET
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 7770

GET
H/1.1 200
OK btnDel2.png
www.rackutean-bank.top/navi/ 431 B
676 B 201ms
200ms Image
image/png 112.213.108.30
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rackutean-bank.top/navi/btnDel2.png
Requested by: Host: www.rackutean-bank.top
URL: https://www.rackutean-bank.top/taxes.asp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 112.213.108.30 , Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: bc640fbae04c7d171d29fdd8674cf2bfd572593604e430cc79ea94fb44d64c01

Request headers

Referer: https://www.rackutean-bank.top/taxes.asp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 03:12:52 GMT
Last-Modified: Thu, 14 Apr 2022 13:57:40 GMT
Server: Microsoft-IIS/8.5
ETag: "0e2d39a750d81:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 431

GET
H/1.1 200
OK rc-logo_CardEnavi_2.svg
www.rackutean-bank.top/navi/ 9 KB
9 KB 1046ms
442ms Image
image/svg+xml 112.213.108.30
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rackutean-bank.top/navi/rc-logo_CardEnavi_2.svg
Requested by: Host: www.rackutean-bank.top
URL: https://www.rackutean-bank.top/taxes.asp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 112.213.108.30 , Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 77466d0200849ec13ab960b689dca4b5b99e804adb47b6154e986efcd8c7f6b1

Request headers

Referer: https://www.rackutean-bank.top/taxes.asp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 03:12:51 GMT
Last-Modified: Thu, 14 Apr 2022 13:57:42 GMT
Server: Microsoft-IIS/8.5
ETag: "0f59c750d81:0"
X-Powered-By: ASP.NET
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 9046

GET
H/1.1 200
OK stop_540x249.png
www.rackutean-bank.top/navi/ 57 KB
57 KB 652ms
651ms Image
image/png 112.213.108.30
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rackutean-bank.top/navi/stop_540x249.png
Requested by: Host: www.rackutean-bank.top
URL: https://www.rackutean-bank.top/taxes.asp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 112.213.108.30 , Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e1039b942a52729c7bd4fe9427a4f8a86816142ef90dd2be9b6ffcd353145a02

Request headers

Referer: https://www.rackutean-bank.top/taxes.asp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 03:12:51 GMT
Last-Modified: Thu, 14 Apr 2022 13:57:42 GMT
Server: Microsoft-IIS/8.5
ETag: "0f59c750d81:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 58080

GET
H/1.1 200
OK img_rc_enavi_banzai.png
www.rackutean-bank.top/navi/ 9 KB
9 KB 217ms
217ms Image
image/png 112.213.108.30
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rackutean-bank.top/navi/img_rc_enavi_banzai.png
Requested by: Host: www.rackutean-bank.top
URL: https://www.rackutean-bank.top/taxes.asp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 112.213.108.30 , Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d428fd1fb18d2ee4b7018da94a9a0762f22c5278f82b8a245d767623f8d5ab58

Request headers

Referer: https://www.rackutean-bank.top/taxes.asp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 03:12:52 GMT
Last-Modified: Thu, 14 Apr 2022 13:57:44 GMT
Server: Microsoft-IIS/8.5
ETag: "03c369d750d81:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 9412

GET
H/1.1 200
OK img_rc_enavi_facebook_btn.png
www.rackutean-bank.top/navi/ 3 KB
3 KB 222ms
221ms Image
image/png 112.213.108.30
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rackutean-bank.top/navi/img_rc_enavi_facebook_btn.png
Requested by: Host: www.rackutean-bank.top
URL: https://www.rackutean-bank.top/taxes.asp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 112.213.108.30 , Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 74bb5f8e3b7e7925f89b8b31fc98200160aceb0ed5aa4eb28bed9983756d934c

Request headers

Referer: https://www.rackutean-bank.top/taxes.asp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 03:12:52 GMT
Last-Modified: Thu, 14 Apr 2022 13:57:44 GMT
Server: Microsoft-IIS/8.5
ETag: "03c369d750d81:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2617

GET
H/1.1 200
OK img_rc_enavi_twitter_btn.png
www.rackutean-bank.top/navi/ 3 KB
3 KB 219ms
218ms Image
image/png 112.213.108.30
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rackutean-bank.top/navi/img_rc_enavi_twitter_btn.png
Requested by: Host: www.rackutean-bank.top
URL: https://www.rackutean-bank.top/taxes.asp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 112.213.108.30 , Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7e3488ecd781e3a83fee06f30406e12f54e0564194dc4cc59a063dcd5b9629ce

Request headers

Referer: https://www.rackutean-bank.top/taxes.asp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 03:12:52 GMT
Last-Modified: Thu, 14 Apr 2022 13:57:46 GMT
Server: Microsoft-IIS/8.5
ETag: "069679e750d81:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3100

GET
H/1.1 200
OK img_rc_enavi_Instagram_btn.png
www.rackutean-bank.top/navi/ 5 KB
5 KB 202ms
201ms Image
image/png 112.213.108.30
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rackutean-bank.top/navi/img_rc_enavi_Instagram_btn.png
Requested by: Host: www.rackutean-bank.top
URL: https://www.rackutean-bank.top/taxes.asp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 112.213.108.30 , Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0f58eb3137f3038e7b60fcde821955124cf3ce43da5c49c99e47dbd3737b7cb5

Request headers

Referer: https://www.rackutean-bank.top/taxes.asp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 03:12:52 GMT
Last-Modified: Thu, 14 Apr 2022 13:57:46 GMT
Server: Microsoft-IIS/8.5
ETag: "069679e750d81:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5344

GET
H/1.1 200
OK img_rc_enavi_Instagram_banner.png
www.rackutean-bank.top/navi/ 23 KB
23 KB 449ms
449ms Image
image/png 112.213.108.30
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rackutean-bank.top/navi/img_rc_enavi_Instagram_banner.png
Requested by: Host: www.rackutean-bank.top
URL: https://www.rackutean-bank.top/taxes.asp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 112.213.108.30 , Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ded20667d2b64c47ed147ab0b21d69853e9d314f3c128febab9d9477d3806ff3

Request headers

Referer: https://www.rackutean-bank.top/taxes.asp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 03:12:51 GMT
Last-Modified: Thu, 14 Apr 2022 13:57:46 GMT
Server: Microsoft-IIS/8.5
ETag: "069679e750d81:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 23495

GET
H2 200 rexicon-32-check.svg
image.card.jp.rakuten-static.com/r-enavi/WebImages/images/sp/login/ 288 B
432 B 1070ms
25ms Image
image/svg+xml 23.206.209.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.card.jp.rakuten-static.com/r-enavi/WebImages/images/sp/login/rexicon-32-check.svg

Requested by

Host: www.rackutean-bank.top
URL: https://www.rackutean-bank.top/navi/login.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.206.209.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-209-151.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

027955e7d4d65ff988f8a9b9b586a843d9d0c3c79ed47ad5f4046e83e6bbd2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rackutean-bank.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Apr 2019 07:21:19 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 218
x-xss-protection: 1; mode=block
expires: Tue, 23 Jan 2024 19:01:52 GMT

GET
H2 200 rexicon-32-new-window-l.svg
image.card.jp.rakuten-static.com/r-enavi/WebImages/images/sp/login/ 445 B
481 B 1052ms
8ms Image
image/svg+xml 23.206.209.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.card.jp.rakuten-static.com/r-enavi/WebImages/images/sp/login/rexicon-32-new-window-l.svg

Requested by

Host: www.rackutean-bank.top
URL: https://www.rackutean-bank.top/navi/login.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.206.209.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-209-151.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4d1de4ecb415cada2052d1d3733ab2d123691707583cab3e3f9a1ebfa96dd232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rackutean-bank.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Apr 2019 07:21:19 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 266
x-xss-protection: 1; mode=block
expires: Mon, 05 Feb 2024 12:13:55 GMT

GET
H2 200 rexicon-32-chevron-right.svg
image.card.jp.rakuten-static.com/r-enavi/WebImages/images/sp/login/ 315 B
443 B 1053ms
9ms Image
image/svg+xml 23.206.209.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.card.jp.rakuten-static.com/r-enavi/WebImages/images/sp/login/rexicon-32-chevron-right.svg

Requested by

Host: www.rackutean-bank.top
URL: https://www.rackutean-bank.top/navi/login.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.206.209.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-209-151.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

61f30c6851b1ef5e73f3371bf5e5dff51f4e968c85b353744d45d32c480483bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rackutean-bank.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Apr 2019 07:21:19 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 229
x-xss-protection: 1; mode=block
expires: Fri, 26 Jan 2024 10:26:56 GMT

GET
H2 200 rexicon-32-sign-info-l.svg
image.card.jp.rakuten-static.com/r-enavi/WebImages/images/sp/login/ 473 B
494 B 1053ms
8ms Image
image/svg+xml 23.206.209.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.card.jp.rakuten-static.com/r-enavi/WebImages/images/sp/login/rexicon-32-sign-info-l.svg

Requested by

Host: www.rackutean-bank.top
URL: https://www.rackutean-bank.top/navi/login.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.206.209.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-209-151.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4c20c5e7e9e5dd269c9cf036bdcfdee942dfc45dcdb80e043c695f9337168405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rackutean-bank.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Apr 2019 07:21:19 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 279
x-xss-protection: 1; mode=block
expires: Mon, 20 Nov 2023 14:48:31 GMT

GET
H2 200 rex_icon.png
image.card.jp.rakuten-static.com/r-enavi/WebImages/images/sp/common/ 69 KB
69 KB 1053ms
9ms Image
image/png 23.206.209.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.card.jp.rakuten-static.com/r-enavi/WebImages/images/sp/common/rex_icon.png

Requested by

Host: www.rackutean-bank.top
URL: https://www.rackutean-bank.top/navi/sp_common.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.206.209.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-209-151.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

915d7d7f0dc23fb06f2532550fdf71c1dcb21622dd6eb47b2edfde085a73d87d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rackutean-bank.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:12:54 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Jul 2018 00:13:30 GMT
server: Apache
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 70318
x-xss-protection: 1; mode=block
expires: Sun, 18 Feb 2024 04:11:50 GMT

GET
DATA 200
OK truncated
/ 18 KB
18 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24e1446473430be5e12d07249c79b1a4bf4e18d5f556942d402fdb24ee1938f3

Request headers

Referer
Origin: https://www.rackutean-bank.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H/1.1 404
Not Found favicon.ico
www.rackutean-bank.top/ 1 KB
1 KB 215ms
214ms Other
text/html 112.213.108.30
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rackutean-bank.top/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 112.213.108.30 , Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f

Request headers

Referer: https://www.rackutean-bank.top/taxes.asp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 03:12:53 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Length: 1163
Content-Type: text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Rakuten (E-commerce)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.rackutean-bank.top/	1969-12-31 23:59:59	Name: ASPSESSIONIDCECCBTTC Value: BDMLNFCBOJAAPKNGBCLOMDAN

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.rackutean-bank.top/taxes.asp(Line 13) Message: X-Frame-Options may only be set via an HTTP header sent along with a document. It may not be set inside <meta>.
network	error	URL: https://www.rackutean-bank.top/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: https://www.rackutean-bank.top/taxes.asp Message: The resource https://www.rackutean-bank.top/navi/BGD27-RKZLH-HC9BY-VXAAE-E5EDR was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

image.card.jp.rakuten-static.com
www.rackutean-bank.top
112.213.108.30
23.206.209.151
027955e7d4d65ff988f8a9b9b586a843d9d0c3c79ed47ad5f4046e83e6bbd2ce
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0f58eb3137f3038e7b60fcde821955124cf3ce43da5c49c99e47dbd3737b7cb5
134a79b6a414ff5a7e2fcf543ce3e035df79dc411f3b986066b39cec2b2a7fba
24e1446473430be5e12d07249c79b1a4bf4e18d5f556942d402fdb24ee1938f3
4c20c5e7e9e5dd269c9cf036bdcfdee942dfc45dcdb80e043c695f9337168405
4d1de4ecb415cada2052d1d3733ab2d123691707583cab3e3f9a1ebfa96dd232
58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f
616e65e7f33f2c82c6dc4c8d0e912abfacab2613293904f00bcfdcf4dd44066a
61f30c6851b1ef5e73f3371bf5e5dff51f4e968c85b353744d45d32c480483bc
74bb5f8e3b7e7925f89b8b31fc98200160aceb0ed5aa4eb28bed9983756d934c
76343edb9afa074998161bd16f96fc6ba3b53094982d401dcf1d2b7e155ccb32
77466d0200849ec13ab960b689dca4b5b99e804adb47b6154e986efcd8c7f6b1
7e3488ecd781e3a83fee06f30406e12f54e0564194dc4cc59a063dcd5b9629ce
915d7d7f0dc23fb06f2532550fdf71c1dcb21622dd6eb47b2edfde085a73d87d
9df91ea7200ce3e1f05852935c91e97bf661358f780a90685e65b20b728901a7
b3f38e45dc7dc874e83091773fb9043c332cca920a996d7a6c10405f0c039360
bc640fbae04c7d171d29fdd8674cf2bfd572593604e430cc79ea94fb44d64c01
d428fd1fb18d2ee4b7018da94a9a0762f22c5278f82b8a245d767623f8d5ab58
d5bd47efbf5b0cf47fec9e7400993f8f97362000b13f6be453ce8efc4e1ef0d7
ded20667d2b64c47ed147ab0b21d69853e9d314f3c128febab9d9477d3806ff3
e1039b942a52729c7bd4fe9427a4f8a86816142ef90dd2be9b6ffcd353145a02
faebb529fa9870029ef491192fe406ea8d6c7c25b5f92324bfc9ed1b77b6193c

www.rackutean-bank.top Open in urlscan Pro 112.213.108.30 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

486 kBTransfer

900 kBSize

1 Cookies

29 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

3 Console Messages

Indicators

www.rackutean-bank.top Open in urlscan Pro
112.213.108.30 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

486 kB
Transfer

900 kB
Size

1
Cookies

22 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!