www.gorakuten.shop Open in urlscan Pro
2606:4700:3036::ac43:c1a9 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.gorakuten.shop/
Submission: On November 26 via manual (November 26th 2020, 11:04:35 am UTC) from JP

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3036::ac43:c1a9, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.gorakuten.shop.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 23rd 2020. Valid for: a year.

This is the only time www.gorakuten.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Rakuten (E-commerce)

Domain & IP information

	IP Address		AS Autonomous System
29	2606:4700:303... 2606:4700:3036::ac43:c1a9		13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	1

29 2606:4700:3036::ac43:c1a9 (United States)

ASN13335 (CLOUDFLARENET, US)

www.gorakuten.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	gorakuten.shop www.gorakuten.shop	75 KB
29	1

	Domain	Requested by
29	www.gorakuten.shop	www.gorakuten.shop
29	1

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-11-23` - `2021-11-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.gorakuten.shop/
Frame ID: 0176B1E1C6D13A19332D2E66EC9F3F27
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

【楽天】ログイン

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

29
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

75 kB
Transfer

86 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.gorakuten.shop/	8 KB 3 KB	560ms 542ms	Document text/html	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f365a802be08aa4a9933f1fe50df029702dbaae856458b4dfa27e22a53c84563` Request headers :method GET :authority www.gorakuten.shop :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:18 GMT content-type text/html set-cookie __cfduid=daa4cc4de66df69b7e36f0419651150351606388657; expires=Sat, 26-Dec-20 11:04:17 GMT; path=/; domain=.gorakuten.shop; HttpOnly; SameSite=Lax; Secure last-modified Sun, 31 May 2020 10:40:53 GMT vary Accept-Encoding cf-cache-status DYNAMIC cf-request-id 06a5d2c66d0000062df2b83000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rnltkAli9Dh0UOeslniLNYmxmXiKd8SG4dU8qHdHV1O%2FqnscWulEZEsbAXHyuO9gixcA1h5T7MQYGnzLeYEBl7EGP%2FxsBWAFFu%2BOwiYXWbVWf6lA3ImHmbame%2BEt0a8%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5f8320b71d19062d-FRA content-encoding br
GET H2	200	ichiba_chat_appender_v1_0.css www.gorakuten.shop/static/css/	5 KB 1 KB	18ms 16ms	Stylesheet text/css	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gorakuten.shop/static/css/ichiba_chat_appender_v1_0.css Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `df1043518a757a24eaa1f27921be681099fd063f8e1a670c1eff8fdd8cda74d7` Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 5402 cf-polished origSize=6486 cf-request-id 06a5d2c8910000062dcf319000000001 last-modified Sun, 31 May 2020 10:11:09 GMT server cloudflare etag W/"1956-5a6eee5a86940-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=89Ydca1evsDDUErB7MASKj1tVsbPkzfeD4JY6WYXwFOZEhb0f60svanYPMVqPGOCdZ3TKSZ6xrQGyUAS1Rfd7GkdJ%2Ft1F3nC3FYusNBbHyMziAtoiARo0VIvffJ2zGI%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 5f8320ba8fc0062d-FRA cf-bgj minify
GET H2	404	jquery-1.12.4.min.js www.gorakuten.shop/static/js/	0 0	525ms 523ms	Script text/html	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gorakuten.shop/static/js/jquery-1.12.4.min.js Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:18 GMT content-encoding br cf-cache-status EXPIRED nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X8QP%2FF0uKeGJA%2BIBFvCa1kiHojzbuLBAZzvpJRZ7AxUD6AUg9%2FEl6OETjrCF0Nt4DyiAixDMbNv%2FseDAOAjRprfPH987lTaoglxif3FaJYZcgqeJU1TbpVh7dHuH1jU%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 5f8320ba8fd1062d-FRA cf-request-id 06a5d2c8930000062dfd174000000001
GET H2	404	hint.js www.gorakuten.shop/static/js/	0 0	512ms 511ms	Script text/html	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gorakuten.shop/static/js/hint.js Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:18 GMT content-encoding br cf-cache-status EXPIRED nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z7NBPNX7FfAHJmh%2BTEcgrBy%2BF5z43e7l48RsTrTHM92aXozvJyq5H3e182LqfQmomTp30Y7neZ6p7s4Z%2Bjkkd8nJLWg42MIOeG%2FievcsUZAbZ54tBUdizEsRQ%2BmL7rA%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 5f8320ba8fd3062d-FRA cf-request-id 06a5d2c8940000062df6acc000000001
GET H2	404	id.js www.gorakuten.shop/static/js/	0 0	541ms 540ms	Script text/html	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gorakuten.shop/static/js/id.js Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:18 GMT content-encoding br cf-cache-status EXPIRED nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gcNKBismRariTBb2AfyShxU7D2LwNDWEw%2BBUHqxnsffrKrL31b0QzAOC0MoFWKholEm3tv9qwnlEz8%2FTQ%2FrfGiuLU9OyaU8YUbbNHxfBqYtZpu3sJyW8idr3OM0ZcNc%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 5f8320ba8fd7062d-FRA cf-request-id 06a5d2c8960000062df2bc4000000001
GET H2	200	common_login.css www.gorakuten.shop/static/css/	7 KB 2 KB	32ms 31ms	Stylesheet text/css	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gorakuten.shop/static/css/common_login.css Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e26ea0c1edffa91bca5fd97c33857d2bbf711d9794bd0dbe9faad887282f64a7` Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 5402 cf-polished origSize=11458 cf-request-id 06a5d2c8920000062d1aa6b000000001 last-modified Sun, 31 May 2020 10:11:07 GMT server cloudflare etag W/"2cc2-5a6eee589e4c0-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4duJ0BjTtT38LQPvVLA6%2BNFE4UskvXpTb3b2DlUc%2BrgW6vtBGXlJZGtKQNWHIOKXFJtQagA31E4qhLn7MWKc0ZEDK6jT07HBMNkPmtmBiyPCnmD%2BjQMDN22D9l7HK0A%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 5f8320ba8fc8062d-FRA cf-bgj minify
GET H2	404	loginstyle.css www.gorakuten.shop/static/css/	0 0	525ms 524ms	Stylesheet text/html	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gorakuten.shop/static/css/loginstyle.css Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:18 GMT content-encoding br cf-cache-status EXPIRED nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MsO6WTjGnssP3powcpmBA5rASfevwLFDcV%2FqJSDjzRWE%2Bg%2ByDQg6TibsUMOQHDB1z5hALONuE2%2Fbnyyqjpf1OgjuJ3r%2FYFiNXsdVu93OWRJCik%2Fz1HwYl%2Fykg0%2Fe0Kw%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 5f8320ba8fce062d-FRA cf-request-id 06a5d2c8930000062ddcb26000000001
GET H2	404	tls_alert.js www.gorakuten.shop/static/js/	0 0	496ms 495ms	Script text/html	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gorakuten.shop/static/js/tls_alert.js Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:18 GMT content-encoding br cf-cache-status EXPIRED nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dDDUWJV1w8G1xY13x0O6ggT3ptr%2FfrP3oPCpTyq1gM37DD5AzTpy92VijFLU%2F3ihalbvG2kQiyKpstUX6pz0h8I%2BZjuE9fMkbeyXMOhswWdtnla24UJ9w4w8IF8aTAk%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 5f8320ba8fe7062d-FRA cf-request-id 06a5d2c8960000062d14b18000000001
GET H2	404	tls12.js www.gorakuten.shop/static/js/	0 0	18ms 17ms	Script text/html	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gorakuten.shop/static/js/tls12.js Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} server cloudflare age 1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F9ZwgT%2FTlZpwyCitB3BrLT4DuhWJ%2Bh5aBkGtmm%2Fr41iRQJM8qsJi066KtM2ihD%2B641fwHopcHqxMvCiO%2F9ItrwmL4ioOriR6BjBp2jLQg5M23S4SB0sK7CD9bzwqHnk%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 5f8320ba8fed062d-FRA cf-request-id 06a5d2c8970000062dbd04a000000001
GET H2	200	rakuten_pc_32px@2x_wm.png www.gorakuten.shop/static/picture/	4 KB 4 KB	14ms 13ms	Image image/png	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.gorakuten.shop/static/picture/rakuten_pc_32px@2x_wm.png Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6da28d7a134d543417892f859bad07f0ac729296d84618a57d30b31810cea58a` Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:18 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 5402 content-length 3746 cf-request-id 06a5d2caf10000062dc7341000000001 last-modified Sun, 31 May 2020 10:10:42 GMT server cloudflare etag "ea2-5a6eee40c6c80" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=38ocXimzdkDulr511%2FiGxb%2FJfMoHI2V1gK%2FYNJi11PZjc0XX%2Fk4b5%2FHYB%2B4MfKzEu6JamgYYXTPtxcb7pk7lZiBxGIP0UseT0xIeBJKX%2FNBQDB3DvrpNACTxLBfy5Xk%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 5f8320be4c36062d-FRA
GET H2	200	t.gif www.gorakuten.shop/static/picture/	43 B 376 B	22ms 20ms	Image image/gif	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.gorakuten.shop/static/picture/t.gif Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b` Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:18 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 5402 content-length 43 cf-request-id 06a5d2caf10000062dfd1c7000000001 last-modified Sun, 31 May 2020 10:10:46 GMT server cloudflare etag "2b-5a6eee4497580" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NjRPf9As6WcnN4iJ8zz2S0V%2FuLzMmS1asPOlwO2FuH7dq%2BuBfoq%2B9LU%2B1gPvvxTISF5STbQSDT558p0m89NSJBtnQfY2NDFWdsowhy%2FORbUDIpuNDDQgLjr0fWW2x%2FY%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 5f8320be4c37062d-FRA
GET H2	404	count.php www.gorakuten.shop/	0 0	544ms 544ms	Script text/html	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gorakuten.shop/count.php Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:19 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FxgERF73xL72BCNDfPuzna8czueOa5pujUcZDa8zR5pQmmMiIVaEZ3M5ViHWjsT1W95kU3lPjgKzybNdH1uT8I2Bl5KONlYYoBkEV%2F0t%2BAac47BeyirB0Cj4cqk%2F5B4%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 5f8320bdeadc062d-FRA cf-request-id 06a5d2cab30000062df280d000000001
GET H2	200	stop_540x249.png www.gorakuten.shop/static/picture/	57 KB 57 KB	15ms 13ms	Image image/png	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.gorakuten.shop/static/picture/stop_540x249.png Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e1039b942a52729c7bd4fe9427a4f8a86816142ef90dd2be9b6ffcd353145a02` Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:18 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 5402 content-length 58080 cf-request-id 06a5d2caf10000062da900e000000001 last-modified Sun, 31 May 2020 10:10:45 GMT server cloudflare etag "e2e0-5a6eee43a3340" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rjojI1XT52Z6HNdox9omOVuRr%2FMhL%2B4UkR0qoSV%2Fhvyz6OELVsvIq52wU6sMzu%2BVZL6k%2ByZDiYGbgXJRG7ySZBLF3WC0C0xb9hb1QdE%2FDLYinyMlaIrwktZ4phgkAdM%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 5f8320be4c39062d-FRA
GET H2	200	rakuten_pc_20px@2x.png www.gorakuten.shop/static/picture/	2 KB 3 KB	20ms 19ms	Image image/png	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.gorakuten.shop/static/picture/rakuten_pc_20px@2x.png Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `62775ef2856f63d6399abc1d54077916df8d62b16414816012b9ff0fad4efada` Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:18 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 5402 content-length 2484 cf-request-id 06a5d2caf20000062def130000000001 last-modified Sun, 31 May 2020 10:10:41 GMT server cloudflare etag "9b4-5a6eee3fd2a40" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=72wKPcCvm5%2F58pfZCIUBa%2BoMZorpVk%2FjAWV%2BmqN1UZm%2Fi2d03KpD%2FxL01WJtAl14NI8Y1%2BuosdFLZsJDm3m7L0Ze78NauPLAltXTqBAquF9aml8U6cCrKcfm%2Fcn%2BSNY%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 5f8320be4c3c062d-FRA
GET H2	404	challenger.js www.gorakuten.shop/static/js/	0 0	555ms 555ms	Script text/html	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gorakuten.shop/static/js/challenger.js Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:19 GMT content-encoding br cf-cache-status EXPIRED nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bAkHSmbighoNjlKkjoQmqg%2B4zQ28dVR%2FXTFuxcG4yAGp%2BwiPSZjcgu7C7WR5lQa%2BLNySdYyJHBm5juwzCq7zptvQFlRudSiDb937FWLmOjoP1%2Fg97QkDAIMgQ4T5TUo%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 5f8320bdeade062d-FRA cf-request-id 06a5d2cab40000062db3203000000001
GET H2	404	challenger.css www.gorakuten.shop/static/css/	0 0	536ms 534ms	Stylesheet text/html	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gorakuten.shop/static/css/challenger.css Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:19 GMT content-encoding br cf-cache-status EXPIRED nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=is6pgXV9hL3a9dt%2FaGD7xzUyhMDuQM5%2F2LIG0TF9hVyGhGRJCrab3v8hcVfUcv7CkDs0%2B1oXrgEIdWMobbEpPeXhQZPNXm4loA1LkUH5WBmZhZ3qReVaKi8Px1ew5j0%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 5f8320be4c2f062d-FRA cf-request-id 06a5d2caf00000062dec185000000001
GET H2	200	pop.gif www.gorakuten.shop/static/picture/	75 B 436 B	20ms 19ms	Image image/gif	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.gorakuten.shop/static/picture/pop.gif Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7ab9a4d7f597471f82e8ebc6019525cd45f81decff7853062056a3c3417eba59` Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:18 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 5402 content-length 75 cf-request-id 06a5d2caf20000062dd5013000000001 last-modified Sun, 31 May 2020 10:10:40 GMT server cloudflare etag "4b-5a6eee3ede800" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wp4vWcL9QwJL3%2B74Z2RGAriz1Bjk%2BL94pNudzEyqOkYeoEYIQ5nBDG8Wx6TRbdGLvtf4Pf6200na1M6gEuJNXIBZ0ih8IGr2EnX39aH9PbZQo8x0dIZMnaIq7lyVZQ4%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 5f8320be4c3d062d-FRA
GET H2	404	sc_scode_switch.js www.gorakuten.shop/static/js/	0 0	546ms 544ms	Script text/html	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gorakuten.shop/static/js/sc_scode_switch.js Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:19 GMT content-encoding br cf-cache-status EXPIRED nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uyfY4YeTSZ27CPiiJ%2BqkYCR9eyTiFJOKUxFHsUT4L5xsA8JG%2F1kv5DhknxloBcyYULppS7CdlPTsAVg%2BGxf7Ch5aYz56e83I6fJujT%2BbOMPCiuV%2FrJX5AaQP0T5BChM%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 5f8320be4c31062d-FRA cf-request-id 06a5d2caf00000062dcf370000000001
GET H2	404	rat-main.js www.gorakuten.shop/static/js/	0 0	538ms 536ms	Script text/html	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gorakuten.shop/static/js/rat-main.js Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:19 GMT content-encoding br cf-cache-status EXPIRED nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lUZlkXT2ddkYAOtiHraTlyaxOHlrxBpWDjV9ckxgfI5%2BUbxhIjsR9xmtP1Vvw3vHMpCqNfv8ogB9KKG3vbal%2B41RFbVmkDdXTil8EsFrpov3hh0F2c3%2BQCZ1iVugBVE%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 5f8320be4c34062d-FRA cf-request-id 06a5d2caf00000062d16310000000001
GET H2	404	hint.js www.gorakuten.shop/static/js/	0 0	15ms 14ms	Script text/html	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gorakuten.shop/static/js/hint.js Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} server cloudflare age 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XKttL5piQizKN%2BoBOlH4cc6nODYSMvV3XkJ8Zpc%2BsrnkTE0NfjeZAEsjnbLIjtKqfQvSzpao4ebNDSqWwzDUqCDAOhJDEFnsE7xyEI5EkI%2B5HqWeJq2lXhWiEx0imXo%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 5f8320bdca69062d-FRA cf-request-id 06a5d2ca9f0000062dfaa62000000001
GET H2	404	id.js www.gorakuten.shop/static/js/	0 0	22ms 22ms	Script text/html	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gorakuten.shop/static/js/id.js Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} server cloudflare age 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Eb%2FkA1Z6uhfVxViiaymDUK2f1ukXHQPSza2AIa78vM3a218foeQGzSW57s4tli5pIjClsg4b8uhZf9j7dm%2Fql8SGiZDTCu7Xkrp36759GSD5s3jk2j0%2FfKWeUWQiO%2F4%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 5f8320bdeae0062d-FRA cf-request-id 06a5d2caba0000062d0e900000000001
GET H2	404	loginstyle.css www.gorakuten.shop/static/css/	0 0	32ms 30ms	Stylesheet text/html	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gorakuten.shop/static/css/loginstyle.css Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} server cloudflare age 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FC9wsPn2eQAroVeu8m6sNcFUA0Z7GyyAS6Sikz15sjnVrEfmOsxYa%2FZpC6F6YLsl1GMbFr%2B5qz9L6vdRBP5zuDsWwpMsMQMLZAopcODTRR997wmVh67F2S9MlYCGtRM%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 5f8320be1b63062d-FRA cf-request-id 06a5d2cadd0000062ddfb1e000000001
GET H2	404	tls_alert.js www.gorakuten.shop/static/js/	0 0	28ms 26ms	Script text/html	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gorakuten.shop/static/js/tls_alert.js Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} server cloudflare age 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=27Vhtoqnoohwt5rACJEH1NYJ0HNFbTbxOkP1c0STBODhmj3Yi%2FiBFJVqwgR2TYQNm4v97clY268uFTfdHWKhHCq4j2t4jA3Eu3C0obOXcKy8RcFAxM2Qx1ePyiiAY4g%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 5f8320be1bd7062d-FRA cf-request-id 06a5d2cade0000062dc733f000000001
GET H2	404	tls12.js www.gorakuten.shop/static/js/	0 0	21ms 20ms	Script text/html	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gorakuten.shop/static/js/tls12.js Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} server cloudflare age 1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cfm8mVc5n%2BxzZbDn8bXzcASbgywBcuggcH8djNURIbQfFO%2Bw3I6wYsJsfvkeD%2FyaCiTibuPE1F2WDwqUxy4TXtD7vFoV4DdvVb0L6mV0D0KNSLHvm32GI4YHIh1h5Oc%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 5f8320be4c2e062d-FRA cf-request-id 06a5d2caf00000062d1eac9000000001
GET H2	200	bg_btn_red_btm.gif www.gorakuten.shop/static/images/	442 B 796 B	17ms 16ms	Image image/gif	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.gorakuten.shop/static/images/bg_btn_red_btm.gif Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/static/css/common_login.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `175cf3a6b7549f715fffaddc3ec5c9f92717e7c5f63b7e36ea9592e091a80a67` Request headers Referer https://www.gorakuten.shop/static/css/common_login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:19 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 5402 content-length 442 cf-request-id 06a5d2cd090000062da70ef000000001 last-modified Sun, 31 May 2020 10:10:47 GMT server cloudflare etag "1ba-5a6eee458b7c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ahI8doz0V%2Foo0vJwZzSSYsfgorKzL1TjPICY%2F7iGAi7Lnk2wvNVw5NqY3Aci%2FJoz4xI629ha6Avy4apnFrr8sYPfCyMToOm19QaInFYOmAifVOFFCmbzsnfXI%2FfbmkI%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 5f8320c1ae75062d-FRA
GET H2	200	bg_btn_red_top.gif www.gorakuten.shop/static/images/	2 KB 2 KB	15ms 13ms	Image image/gif	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.gorakuten.shop/static/images/bg_btn_red_top.gif Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/static/css/common_login.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `849cd9d1c481a1b45559f5e833f40e13ee666842e6f8ba72c8e1cad9c8c15f6d` Request headers Referer https://www.gorakuten.shop/static/css/common_login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:19 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 5402 content-length 1885 cf-request-id 06a5d2cd090000062dae8b3000000001 last-modified Sun, 31 May 2020 10:10:49 GMT server cloudflare etag "75d-5a6eee4773c40" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ytEAFaBObeoHkCVZeB49%2BSLNnFFAXrsTHCG8ZDcv0frCOo0xZO7WoYBVbyywrsHyQMD4JTLosPVi%2Bu2dzxeYH6qQWTfoEE66mSZrxXOvSytL6zMiRhpYZp7CBIaWKaM%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 5f8320c1ae7b062d-FRA
GET H2	200	icon_btn_arrow.gif www.gorakuten.shop/static/images/	60 B 394 B	14ms 14ms	Image image/gif	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.gorakuten.shop/static/images/icon_btn_arrow.gif Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/static/css/common_login.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d8aac016132945bbe5a1f88a60206628c5d7c12e69917cb5fcbee4a7c24440c6` Request headers Referer https://www.gorakuten.shop/static/css/common_login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:19 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 5402 content-length 60 cf-request-id 06a5d2cd0a0000062de2036000000001 last-modified Sun, 31 May 2020 10:10:56 GMT server cloudflare etag "3c-5a6eee4e20c00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rTEVoLzKDn8FlJVfEbIMf%2FLmFpJ08vCMDQzXw%2FAP1qmH5GVXUbyqPHfHKbLRKCyTSVCPnA4GECuXx7omiWyGI3%2BLtZcnc9yE5j%2FwzU%2FMCZHzziu7FLABJHpfRJWJX4g%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 5f8320c1ae7d062d-FRA
GET H2	200	info.gif www.gorakuten.shop/static/images/	360 B 723 B	13ms 13ms	Image image/gif	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.gorakuten.shop/static/images/info.gif Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/static/css/common_login.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `33be38e33c8eb9aa13a4ed44c2e2813207bef13a5ba265818e485f0ebbc83f3b` Request headers Referer https://www.gorakuten.shop/static/css/common_login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:19 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 5402 content-length 360 cf-request-id 06a5d2cd0a0000062dd9aec000000001 last-modified Sun, 31 May 2020 10:10:57 GMT server cloudflare etag "168-5a6eee4f14e40" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xh6n93RmjEXdLRSEbXGJ7r2bZUclmuWG2LRrAKofaoMbXdx9%2Ba12tR%2FfXsZk4zb%2Brz0b6fFMbWAoVOxIK%2BnR7e5SLyIQadFdruun5m9OpQpnjjP3mPcuJVT1zul3J84%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 5f8320c1ae82062d-FRA
GET H2	404	rat-main.js www.gorakuten.shop/static/js/	0 0	11ms 11ms	Script text/html	2606:4700:3036::ac43:c1a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gorakuten.shop/static/js/rat-main.js Requested by Host: www.gorakuten.shop URL: https://www.gorakuten.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c1a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.gorakuten.shop/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:04:19 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} server cloudflare age 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ibgmNrbXwT%2F6r%2FpX3YRj1vPQHfU9lme3ZuyAO2ZT0ZdqeMSTWc0NFBRyHvqnzPQ%2BC%2Bf6sJ1Zrw5SGQ21ueRCS4uiL4Riol%2FUWgscearXs1XmRBPqMkRiRHyiEyr96sI%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 5f8320c1bedb062d-FRA cf-request-id 06a5d2cd150000062dec1ba000000001

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Rakuten (E-commerce)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.gorakuten.shop/	1970-01-19 14:56:20	Name: __cfduid Value: daa4cc4de66df69b7e36f0419651150351606388657

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.gorakuten.shop
2606:4700:3036::ac43:c1a9
175cf3a6b7549f715fffaddc3ec5c9f92717e7c5f63b7e36ea9592e091a80a67
33be38e33c8eb9aa13a4ed44c2e2813207bef13a5ba265818e485f0ebbc83f3b
62775ef2856f63d6399abc1d54077916df8d62b16414816012b9ff0fad4efada
6da28d7a134d543417892f859bad07f0ac729296d84618a57d30b31810cea58a
7ab9a4d7f597471f82e8ebc6019525cd45f81decff7853062056a3c3417eba59
849cd9d1c481a1b45559f5e833f40e13ee666842e6f8ba72c8e1cad9c8c15f6d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
d8aac016132945bbe5a1f88a60206628c5d7c12e69917cb5fcbee4a7c24440c6
df1043518a757a24eaa1f27921be681099fd063f8e1a670c1eff8fdd8cda74d7
e1039b942a52729c7bd4fe9427a4f8a86816142ef90dd2be9b6ffcd353145a02
e26ea0c1edffa91bca5fd97c33857d2bbf711d9794bd0dbe9faad887282f64a7
f365a802be08aa4a9933f1fe50df029702dbaae856458b4dfa27e22a53c84563

www.gorakuten.shop Open in urlscan Pro 2606:4700:3036::ac43:c1a9 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

29 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

75 kBTransfer

86 kBSize

1 Cookies

0 Outgoing links

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

www.gorakuten.shop Open in urlscan Pro
2606:4700:3036::ac43:c1a9 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

75 kB
Transfer

86 kB
Size

1
Cookies

29 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!