www.mangaeye.com
Open in
urlscan Pro
87.121.112.95
Malicious Activity!
Public Scan
Effective URL: https://www.mangaeye.com/ibg/client/login_sp.php
Submission: On March 11 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on March 10th 2024. Valid for: 3 months.
This is the only time www.mangaeye.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Rakuten Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2606:4700:303... 2606:4700:3035::ac43:d303 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 20 | 87.121.112.95 87.121.112.95 | 34224 (NETERRA-AS) (NETERRA-AS) | |
10 | 23.34.102.36 23.34.102.36 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
2 | 23.194.83.142 23.194.83.142 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
2 | 23.51.167.195 23.51.167.195 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
33 | 5 |
ASN13335 (CLOUDFLARENET, US)
everything-court-6957.hlni6zme9.workers.dev |
ASN16625 (AKAMAI-AS, US)
PTR: a23-34-102-36.deploy.static.akamaitechnologies.com
csf.rakuten-bank.co.jp |
ASN16625 (AKAMAI-AS, US)
PTR: a23-194-83-142.deploy.static.akamaitechnologies.com
www.rakuten-bank.co.jp |
ASN16625 (AKAMAI-AS, US)
PTR: a23-51-167-195.deploy.static.akamaitechnologies.com
sfes.rakuten-bank.co.jp |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
mangaeye.com
1 redirects
www.mangaeye.com |
493 KB |
14 |
rakuten-bank.co.jp
csf.rakuten-bank.co.jp www.rakuten-bank.co.jp sfes.rakuten-bank.co.jp |
216 KB |
1 |
rakutan-bak07.cyou
1 redirects
rakutan-bak07.cyou |
191 B |
1 |
workers.dev
everything-court-6957.hlni6zme9.workers.dev |
580 B |
33 | 4 |
Domain | Requested by | |
---|---|---|
19 | www.mangaeye.com |
1 redirects
everything-court-6957.hlni6zme9.workers.dev
www.mangaeye.com |
10 | csf.rakuten-bank.co.jp |
www.mangaeye.com
csf.rakuten-bank.co.jp |
2 | sfes.rakuten-bank.co.jp |
csf.rakuten-bank.co.jp
|
2 | www.rakuten-bank.co.jp |
csf.rakuten-bank.co.jp
|
1 | rakutan-bak07.cyou | 1 redirects |
1 | everything-court-6957.hlni6zme9.workers.dev | |
33 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.rakuten-bank.co.jp |
Subject Issuer | Validity | Valid | |
---|---|---|---|
hlni6zme9.workers.dev GTS CA 1P5 |
2024-03-03 - 2024-06-01 |
3 months | crt.sh |
www.mangaeye.com R3 |
2024-03-10 - 2024-06-08 |
3 months | crt.sh |
rakuten-bank.co.jp DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-21 - 2024-12-21 |
a year | crt.sh |
www.rakuten-bank.co.jp DigiCert SHA2 Extended Validation Server CA |
2023-02-17 - 2024-03-19 |
a year | crt.sh |
sfes.rakuten-bank.co.jp DigiCert EV RSA CA G2 |
2023-05-08 - 2024-05-31 |
a year | crt.sh |
This page contains 7 frames:
Primary Page:
https://www.mangaeye.com/ibg/client/login_sp.php
Frame ID: 917340AB97299610092CD9A91F4C73BA
Requests: 19 HTTP requests in this frame
Frame:
https://csf.rakuten-bank.co.jp/shared/include/fes/personal/prom_body01_sfes_sclalos01.html
Frame ID: 37BED0781F7ED7B099EB8CE79E10D7B5
Requests: 4 HTTP requests in this frame
Frame:
https://sfes.rakuten-bank.co.jp/rb/mobile/html/iframeControl.html?height=1335&iframeid=PROM_BODY01&cacheb=0.17650205809357922&bsh=1335&bch=1335&esh=1335&ech=1335&rc=0
Frame ID: 89F8000CB43F35289101399ADA553C80
Requests: 2 HTTP requests in this frame
Frame:
https://www.rakuten-bank.co.jp/info/inc/output/inc_fes.html
Frame ID: 75452353E6022951F8C71E9744ACF3DB
Requests: 1 HTTP requests in this frame
Frame:
https://csf.rakuten-bank.co.jp/shared/include/fes/personal/prom_body01_sfes_sclalos01.html
Frame ID: C25C12D9E8766E0DA702D3DA36655241
Requests: 4 HTTP requests in this frame
Frame:
https://sfes.rakuten-bank.co.jp/rb/mobile/html/iframeControl.html?height=1335&iframeid=PROM_BODY01&cacheb=0.6797130430672271&bsh=1335&bch=1335&esh=1335&ech=1335&rc=0
Frame ID: 588986C49858EFB39E77E68DE41C8DFF
Requests: 2 HTTP requests in this frame
Frame:
https://www.rakuten-bank.co.jp/info/inc/output/inc_fes.html
Frame ID: 93AAD2440BFB0A41C5EA55D26E7510FB
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
楽天銀行Page URL History Show full URLs
-
http://everything-court-6957.hlni6zme9.workers.dev/
HTTP 307
https://everything-court-6957.hlni6zme9.workers.dev/ Page URL
-
https://rakutan-bak07.cyou/?m=000&t=000&ip=2a00:1633:128:4::3&language=jp-JP,jp;q=0.9&d=000
HTTP 302
https://www.mangaeye.com/ HTTP 302
https://www.mangaeye.com/ibg/client/login_sp.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- (?:/([\d.]+))?/vue(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- jquery-ui.*\.js
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: FAQ
Search URL Search Domain Scan URL
Title: 口座をお持ちでないお客さま
Search URL Search Domain Scan URL
Title: 法人・個人事業主のお客さまはPC環境よりご利用ください
Search URL Search Domain Scan URL
Title: ATM・ コンビニ
Search URL Search Domain Scan URL
Title: 金利一覧
Search URL Search Domain Scan URL
Title: 住宅ローン
Search URL Search Domain Scan URL
Title: カードローンのお申込
Search URL Search Domain Scan URL
Title: メンバーズデスク
Search URL Search Domain Scan URL
Title: お問い合わせ先 楽天銀行カスタマーセンター
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://everything-court-6957.hlni6zme9.workers.dev/
HTTP 307
https://everything-court-6957.hlni6zme9.workers.dev/ Page URL
-
https://rakutan-bak07.cyou/?m=000&t=000&ip=2a00:1633:128:4::3&language=jp-JP,jp;q=0.9&d=000
HTTP 302
https://www.mangaeye.com/ HTTP 302
https://www.mangaeye.com/ibg/client/login_sp.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://everything-court-6957.hlni6zme9.workers.dev/ HTTP 307
- https://everything-court-6957.hlni6zme9.workers.dev/
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
everything-court-6957.hlni6zme9.workers.dev/ Redirect Chain
|
130 B 580 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
login_sp.php
www.mangaeye.com/ibg/client/ Redirect Chain
|
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
www.mangaeye.com/ibg/css/sp/ |
114 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app1.css
www.mangaeye.com/ibg/css/sp/ |
2 KB 1012 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app_download_bnr.css
www.mangaeye.com/ibg/css/sp/ |
819 B 1023 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe.css
www.mangaeye.com/ibg/css/sp/ |
74 B 276 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.css
www.mangaeye.com/ibg/css/sp/ |
35 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tooltip.css
www.mangaeye.com/ibg/css/sp/ |
1 KB 778 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app_banner_02.png
www.mangaeye.com/ibg/img/sp/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
load.gif
www.mangaeye.com/ibg/img/ |
16 KB 16 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_change-password.png
www.mangaeye.com/ibg/img/sp/ |
31 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue.js
www.mangaeye.com/ibg/js/ |
334 KB 104 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.js
www.mangaeye.com/ibg/js/ |
281 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login_sp.js
www.mangaeye.com/ibg/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prom_body01_sfes_sclalos01.html
csf.rakuten-bank.co.jp/shared/include/fes/personal/ Frame 37BE |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sfesConstant.js
csf.rakuten-bank.co.jp/shared/js/fes/ Frame 37BE |
996 B 698 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframeScripts.js
csf.rakuten-bank.co.jp/shared/js/fes/ Frame 37BE |
3 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
csf.rakuten-bank.co.jp/shared/sfes/css/ Frame 37BE |
98 KB 99 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dummy.html
csf.rakuten-bank.co.jp/shared/include/fes/ Frame 89F8 |
0 162 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
inc_fes.html
www.rakuten-bank.co.jp/info/inc/output/ Frame 7545 |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframeControl.html
sfes.rakuten-bank.co.jp/rb/mobile/html/ Frame 89F8 |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
www.mangaeye.com/ibg/img/sp/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ui-icons.svg
www.mangaeye.com/ibg/img/sp/ |
13 KB 13 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
categories-items.svg
www.mangaeye.com/ibg/img/sp/ |
129 KB 129 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prom_body01_sfes_sclalos01.html
csf.rakuten-bank.co.jp/shared/include/fes/personal/ Frame C25C |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
load.gif
www.mangaeye.com/ibg/img/ |
16 KB 16 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_change-password.png
www.mangaeye.com/ibg/img/sp/ |
31 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sfesConstant.js
csf.rakuten-bank.co.jp/shared/js/fes/ Frame C25C |
996 B 698 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframeScripts.js
csf.rakuten-bank.co.jp/shared/js/fes/ Frame C25C |
3 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
csf.rakuten-bank.co.jp/shared/sfes/css/ Frame C25C |
98 KB 99 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dummy.html
csf.rakuten-bank.co.jp/shared/include/fes/ Frame 5889 |
0 162 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
inc_fes.html
www.rakuten-bank.co.jp/info/inc/output/ Frame 93AA |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframeControl.html
sfes.rakuten-bank.co.jp/rb/mobile/html/ Frame 5889 |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Rakuten Bank (Banking)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| Vue function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
csf.rakuten-bank.co.jp
everything-court-6957.hlni6zme9.workers.dev
rakutan-bak07.cyou
sfes.rakuten-bank.co.jp
www.mangaeye.com
www.rakuten-bank.co.jp
23.194.83.142
23.34.102.36
23.51.167.195
2606:4700:3035::ac43:d303
87.121.112.95
2d0a762a89086221dc46daa58c7cf51b25a6be67259e887671495397a8c2f36e
3030e6b5c4e92ccf8819b989a6292779ded8a3a60cabf302043f668805ff5107
352baa818da109925437a8433057ddc6f91ec48efe88bc5741b2f9e34450fdce
378bb7a5f6c2b8a9b0d983a613b92f8b42a4cb93b4d0260144a66717a2f4be1a
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
4787f2a1011f78b70cc07d60c93ce1af703d18467cbe2b27f6d1d896f4db443f
48bfe127f41106286f0eb9fb58fdb43ebf9f1cef3c7bc54b3345b4c0d0519459
4e18c5dbe13dd87b817f4cf5140d089b5537f71deb9c3da36f7bc22e97ff51a4
581b6bff5f198dbfd42c6e3d51bab666be0d8862c5b28607f6f3b9591819d9d8
5fc17d676bb72dcf745e7c03797025e02a59af0a9ed1411abbada2bfc2c452d2
6bb2508b15b240493b35b950c7d643b9947f9ca0ceaa9a2d3be23e26ab207d56
7d2e435d1515c4dfde0293fa9796533928c6e7308c075a669c34d0249bb17605
810dcc11d85c765124cff92c3e39b101a8d97388227168d89e1754cb9b15a992
8684b594ac08b403cbd20ada4dc294bdd18e67c6442291353d197936116de125
99e2082d448001b0bc17407e69726c45337f6198270301e616f834d6e015e496
9c6e212fe276a35d176c05a957312d39a7dd320a0a52d9967a3aa0859b3f76fd
9d070f080a5e271a76046ab50b2c6c04a69cea65d17c985c6b18e6393b936324
b8de4c0813216d93750a5fd2945f5f5dce761807cc6711adc2e8f6c54f27be9c
d7464c4f388be5daf1d906ded417ec8533e2c8fb49f04300f4bfeef5f08a97bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f30cbab21ab2cbfd11b488c999f0e97821c5b8822cdfebe509b4ec20e0a7bb95
f8a199df2c30b51712bc4a0835ae5a11b5977e4d9138b12db729b3aa72b4f1dc
fc5809aef8c63c6b8b8b9785c897f7576ef0d2cb9cdcce126a32cec47899f864