diff --git a/indicators/Config-88426540.yml b/indicators/Config-88426540.yml
new file mode 100644
index 00000000..7347df5b
--- /dev/null
+++ b/indicators/Config-88426540.yml
@@ -0,0 +1,22 @@
+title: ResourceRedConfig and urlConfig Detection 88426540
+description: |
+    Detect phishing sites that use ResourceRedConfig.js and urlConfig.json
+references:
+  - https://urlscan.io/result/88426540-8f66-4fe2-b8f2-526e7025ace7
+  - https://urlscan.io/result/05189f5c-f969-45da-a6fd-d3fec490f0f7
+  - https://urlscan.io/result/d4886a4c-114a-4a0a-9b07-614fddc6171f
+
+detection:
+
+    ResourceRedConfig:
+        requests|contains: 'ResourceRedConfig.js'
+
+    urlConfig:
+        requests|contains: 'urlConfig.json'
+
+    condition: ResourceRedConfig and urlConfig
+
+tags:
+  - kit
+  - target.rakuten
+  - target_country.japan
diff --git a/indicators/rakuten-88426540.yml b/indicators/rakuten-88426540.yml
deleted file mode 100644
index f919c4c4..00000000
--- a/indicators/rakuten-88426540.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-title: Rakuten Phishing Kit 88426540
-description: |
-    Detects a Rakuten phishing kit targeting Japanese users.
-references:
-  - https://urlscan.io/result/88426540-8f66-4fe2-b8f2-526e7025ace7
-  - https://urlscan.io/result/ab83507a-012d-413e-bd3f-fee0fe5e9da4
-
-detection:
-
-    RakutenTitle:
-        title:
-            - "楽天e-NAVI: ログイン画面"
-
-    ScriptCharacteristic: 
-        js|contains: 
-            - 'window.location.href = "index.html"//移动端页面'
-
-    ConfigScript:
-        requests|contains: 'ResourceRedConfig.js'
-
-    condition: RakutenTitle and ScriptCharacteristic and ConfigScript
-
-tags:
-  - kit
-  - target.rakuten
-  - target_country.japan
\ No newline at end of file