lrqqxdw.ml Open in urlscan Pro
2606:4700:3033::ac43:d68d Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gg.gg/rakoten
Effective URL:
http://lrqqxdw.ml/
Submission Tags: phishing rakuten Search All
Submission: On June 07 via api (June 7th 2022, 8:21:32 am UTC) from JP — Scanned from NL

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3033::ac43:d68d, located in United States and belongs to CLOUDFLARENET, US. The main domain is lrqqxdw.ml.

This is the only time lrqqxdw.ml was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Rakuten (E-commerce)

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.15.209.141 185.15.209.141	52000 (MIRHOSTING) (MIRHOSTING)
23	2606:4700:303... 2606:4700:3033::ac43:d68d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	1

1 185.15.209.141 (Dronten, Netherlands) 1 redirects

ASN52000 (MIRHOSTING, NL)
PTR: nbn.topsnursingschool.com

gg.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:3033::ac43:d68d (United States)

ASN13335 (CLOUDFLARENET, US)

lrqqxdw.ml	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	lrqqxdw.ml lrqqxdw.ml	81 KB
1	gg.gg 1 redirects gg.gg — Cisco Umbrella Rank: 317310	1 KB
23	2

	Domain	Requested by
23	lrqqxdw.ml	lrqqxdw.ml
1	gg.gg	1 redirects
23	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://lrqqxdw.ml/
Frame ID: 135122B0564C60441300EF20ACE7CCCC
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

【楽天】ログイン

Page URL History Show full URLs

http://gg.gg/rakoten HTTP 301
http://lrqqxdw.ml/ Page URL

Detected technologies

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

0 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

81 kB
Transfer

92 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gg.gg/rakoten HTTP 301
http://lrqqxdw.ml/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response lrqqxdw.ml/ Redirect Chain http://gg.gg/rakoten http://lrqqxdw.ml/	9 KB 4 KB	664ms 82ms	Document text/html	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lrqqxdw.ml/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0d09c071eb51ca856189b72351d499a97adc6afd90e36ff2cc753dfa6392b15b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 7177f970ae4f9b7d-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html Date Tue, 07 Jun 2022 08:21:27 GMT Last-Modified Sat, 05 Sep 2020 11:17:37 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRIugC0hmjr0LnbPBEc8%2FNdfx7Cu%2Fj9%2BPfSBFoIUdZK0J0A3BA1Ge5HHu4sM9uD9M5k25eUAXObALSttQ0XPF%2Bf4rNmonpo%2F8hm9L7Owcl2u4wwzlMzV%2BEfeXLzvJ9MM9KPuNc2DaG%2F9"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Redirect headers Cache-Control no-store, no-cache, must-revalidate post-check=0, pre-check=0 Connection close Content-Length 0 Content-Type text/html; charset=UTF-8 Date Tue, 07 Jun 2022 08:21:27 GMT Expires Mon, 26 Jul 1997 05:00:00 GMT Last-Modified Tue, 07 Jun 2022 08:21:27 GMT Location http://lrqqxdw.ml/ Pragma no-cache Server Apache/2.2.22 (@RELEASE@) X-Powered-By PHP/5.3.3
GET H/1.1	200 OK	ichiba_chat_appender_v1_0.css lrqqxdw.ml/static/css/	6 KB 2 KB	55ms 54ms	Stylesheet text/css	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lrqqxdw.ml/static/css/ichiba_chat_appender_v1_0.css Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2771191104d71c188d9dbdb97ce74cc190b1bd377275e0201bef4648bfc0f186` Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:27 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 1340 Last-Modified Wed, 08 Jan 2020 19:44:50 GMT Server cloudflare ETag "1956-59ba620293080-gzip" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3dCRLDam4hjkQh8%2FMWpivHHQUYLmmpYqCpzxZ2TrYE7Mpj3Zju0OyT%2BFWr%2FwJu3F0gSnAEuVZS9TpInNn9E9ccIklLdphmY2dXjG2bndJfoSR2YFEw%2B3qg%2Bkl6nu6wH00qfrUAfzHHn"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 7177f9713f669b7d-FRA
GET H/1.1	404 Not Found	jquery-1.12.4.min.js lrqqxdw.ml/static/js/	0 0	79ms 59ms	Script text/html	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lrqqxdw.ml/static/js/jquery-1.12.4.min.js Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:27 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7S5Eyu2PO2TnYx%2BI3wVF0lr2FwWFtW3qtbbU1adYWO0BmQHDuYU6pN0XBsP1Dcj5lOAmjzdFG6rDTybIxEebEtYWQmXYFF5whfVPUmIwvGb9LV9O30%2Bw8Dwg7tBZ9%2FNaABqcFRMX8uj"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 7177f97158dc9bda-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	hint.js lrqqxdw.ml/static/js/	0 0	74ms 52ms	Script text/html	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lrqqxdw.ml/static/js/hint.js Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:27 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWTnK%2BZXZy%2B8gPFs4Qc3ZDNKKivxNzYae2eR4I5zSlL1eeg189u00mdcMJDYDs0Tx8TYXlZ9QWIlhbGCBuW6vpYM8w%2FkYYQVP2ze2CQafwKuNZgkrhLM6yzdIlmqgMVb%2BNb6VN4bv2fR"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 7177f9715d899158-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	id.js lrqqxdw.ml/static/js/	0 0	175ms 153ms	Script text/html	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lrqqxdw.ml/static/js/id.js Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:28 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3QRtAEM2mtmgsQydjfVjIWeqKU9zXv06I6rDyDIWlMXjkgsBHe%2BWqZxcxHmD1a9YM7GSdY5MuLXVgxSVIkJxPOdHFtM2JJl3xmih98OGY8FJ3uVBe9GgkPydiWzZz6sx%2FF5U6fEUq%2F2"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 7177f9715be75ba4-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	common_login.css lrqqxdw.ml/static/css/	11 KB 3 KB	132ms 113ms	Stylesheet text/css	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lrqqxdw.ml/static/css/common_login.css Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `78cec57c09590cc44af8aa8213abe587e5d9afb78a3ca7dc1f5bc82c91d07e4a` Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:27 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 2767 Last-Modified Wed, 08 Jan 2020 19:44:50 GMT Server cloudflare ETag "2cc2-59ba620293080-gzip" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRx15GR1Zt4gYXtQwwkqj%2B2P3MVnhYBk9vR%2BR1qDs%2BCIJ1J62soeZ2E1c0FfKc9I57VYHfUQbLj5g4RCQn3sDJh2Cyq2VAfLEv7mwdFQm7D%2FwBZTQASI4uxgEbfDPWSK7Icl3ERtxccg"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 7177f9715c35906d-FRA
GET H/1.1	404 Not Found	loginstyle.css lrqqxdw.ml/static/css/	0 0	82ms 63ms	Stylesheet text/html	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lrqqxdw.ml/static/css/loginstyle.css Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:27 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wAWOyBIUcbp6wi2p9qcprG5nCIBACEAiWLCMqSH9z9gw5fPM%2Bi3nlRbx3WdddszNYJl85gixcjBmNa7EVtfz8jIIO9vws9LY1mY2Jepdj4YUehwFrQdVARjt3MtveCUJNhJ9dPJ9%2FGg"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 7177f9715bca9c04-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	tls_alert.js lrqqxdw.ml/static/js/	0 0	111ms 57ms	Script text/html	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lrqqxdw.ml/static/js/tls_alert.js Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:27 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IT4TLqCL5RUtFDypjd0cfuSiGRSTtHCgB5XiazGGIuH%2B1oqY%2B9eUfvSfqfUReWS%2B%2Bsz6S7%2FxdAyGjyNiocLR9Hxd2kO7Ff7F7XJBiRbskDJin5tySOy54XeAYOsA2iTWh9vg%2B94%2BwP%2Fm"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 7177f97188059b7d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	tls12.js lrqqxdw.ml/static/js/	0 0	120ms 47ms	Script text/html	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lrqqxdw.ml/static/js/tls12.js Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:27 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEfssUsslzPxw4ux3ankWxi1FcYUmbZO4%2ByEgpxMwGwLYS4IPPI9u2EWY%2FxSscvvQ0sydQAcmi2gFJ3VAkeUOq460RvEe4ZFvNW%2BbaTSUp7APOKZ4wh2KwmfifTF2S5xr%2FTRQM%2Bint4x"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 7177f971ae689158-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	rakuten_pc_32px@2x_wm.png lrqqxdw.ml/static/picture/	4 KB 4 KB	88ms 87ms	Image image/png	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://lrqqxdw.ml/static/picture/rakuten_pc_32px@2x_wm.png Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6da28d7a134d543417892f859bad07f0ac729296d84618a57d30b31810cea58a` Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:28 GMT CF-Cache-Status MISS Last-Modified Wed, 08 Jan 2020 19:44:52 GMT Server cloudflare ETag "ea2-59ba62047b500" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxTEMdmd1RREdyRQcUu3J8aDCnSlj45ipJ2RAHNYPJPmYNdGWr1i4d26FAU6WB7yBTHu58n8sk7m24OIn1QZiMqRqYSrFCa9v9lwmUvGq%2FL9n4FRmW%2FMAwwZRuQunqKNOnR%2FDTVXlW0M"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 7177f9726b689bda-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 3746
GET H/1.1	200 OK	t.gif lrqqxdw.ml/static/picture/	43 B 771 B	93ms 53ms	Image image/gif	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://lrqqxdw.ml/static/picture/t.gif Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b` Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:28 GMT CF-Cache-Status MISS Last-Modified Wed, 08 Jan 2020 19:44:52 GMT Server cloudflare ETag "2b-59ba62047b500" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAH0mcEhqiatii%2FvVKi76ilouRT1Oi6Y6HvkrLDQUtcQYokqAUf3ksVpGC%2FWkxnzZDaLwk2Tqep8Bgg2Lh9vqnJ7KzgoQXD0c2PgsjZRb4tJ7lSiwrD3vTUDmTQMYmbdA7cyaH5x8Ym9"}],"group":"cf-nel","max_age":604800} Content-Type image/gif Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 7177f972aee4906d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 43
GET H/1.1	404 Not Found	count.php lrqqxdw.ml/	0 0	98ms 98ms	Script text/html	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lrqqxdw.ml/count.php Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:28 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GAJjtGoqXvpV8F86VCFByZYdU7vPiXR0C7MhYeirvrqibToVDcOgVsSzKGAxEuiuyonzqUsHiVf0WH%2FLejrhxKuVSNx%2BlsiZqwhdmPgAYk3JQLf4LwCN0hAvhT5IAdRbdvxMy7VQPC8"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive CF-RAY 7177f9721daa906d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	stop_540x249.png lrqqxdw.ml/static/picture/	57 KB 57 KB	82ms 76ms	Image image/png	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://lrqqxdw.ml/static/picture/stop_540x249.png Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e1039b942a52729c7bd4fe9427a4f8a86816142ef90dd2be9b6ffcd353145a02` Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:28 GMT CF-Cache-Status MISS Last-Modified Wed, 08 Jan 2020 19:44:52 GMT Server cloudflare ETag "e2e0-59ba62047b500" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zebv9Ho89mx2VkbY80c9ZvzrRaQPIC8WvyjM%2F6A8g6Z0io666Y%2Bc4WsaUOg6ouyk9kQk%2BHgCA%2FlNN84hzHe5S4CkC%2BFvaKRDvcrmjTPqiiDlaLYxq1Z4UAhU1rTTp1pwR5tbFYN%2BWi08"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 7177f972cdc15ba4-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 58080
GET H/1.1	200 OK	rakuten_pc_20px@2x.png lrqqxdw.ml/static/picture/	2 KB 3 KB	85ms 73ms	Image image/png	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://lrqqxdw.ml/static/picture/rakuten_pc_20px@2x.png Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `62775ef2856f63d6399abc1d54077916df8d62b16414816012b9ff0fad4efada` Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:28 GMT CF-Cache-Status MISS Last-Modified Wed, 08 Jan 2020 19:44:50 GMT Server cloudflare ETag "9b4-59ba620293080" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpuaiAzO9ycgE8tIMG1UEcqQ%2F%2BvIvMWlVMBy3dM6LZtTrzAs1J4r2cSU6Z67cNRsLQdLn2OqoXkKp0rK1LOPU1kLG7wgGIqK5y9tmn%2BDxG7otawdmeb2FzKNwpx6NOs9Bj2hhAxQme6v"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 7177f972e8da9158-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 2484
GET H/1.1	404 Not Found	challenger.js lrqqxdw.ml/static/js/	0 0	64ms 64ms	Script text/html	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lrqqxdw.ml/static/js/challenger.js Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:28 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FlPv4w3xUiaYM2gwfTVgPBLfYzHlvL7H4e0ucetQGoX7Fs35Cn0CoK0cJJilTMB1YspsX9D04K%2F%2FYa3jtcZKeVz8FV9nF39ZMsCohfkKosdyqFIjqVp4uWC2s8wJrzS4vQVD%2FLGxKX9a"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 7177f9725d475ba4-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	challenger.css lrqqxdw.ml/static/css/	0 0	76ms 76ms	Stylesheet text/html	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lrqqxdw.ml/static/css/challenger.css Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:28 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Odb1Do8ILFQjYyTR84P95lsx4CJDzSQ3A46NmYr8XacCzzA095ZN0zBWHvS0%2F%2FycwvVN5%2BWhtIMMp8ivCSCuS2BSOGBWycthWUgH%2FqM1DBtXeR%2BADTZbHgFZWCX2Ff38Y0pxgedJByf8"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 7177f9725ffb9158-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	pop.gif lrqqxdw.ml/static/picture/	75 B 801 B	101ms 94ms	Image image/gif	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://lrqqxdw.ml/static/picture/pop.gif Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7ab9a4d7f597471f82e8ebc6019525cd45f81decff7853062056a3c3417eba59` Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:28 GMT CF-Cache-Status MISS Last-Modified Wed, 08 Jan 2020 19:44:52 GMT Server cloudflare ETag "4b-59ba62047b500" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCurf%2FrkX11uQ9s2M7YEIZJML3NkahugrOdWPTYCcnaRkadDk5ZTf5Q8I4dE3abnf5NiTuRSRofJCbUmBjUFhhRf2VwdXiSoZ4mL68VelUMTdxnhY9ByztRLfdAunizHeCxwysadvk7U"}],"group":"cf-nel","max_age":604800} Content-Type image/gif Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 7177f972ed265c2c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 75
GET H/1.1	404 Not Found	sc_scode_switch.js lrqqxdw.ml/static/js/	0 0	54ms 53ms	Script text/html	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lrqqxdw.ml/static/js/sc_scode_switch.js Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:28 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANEYxvav33dMk2853VYEjtG0aEpdRm66S9DdyrCpugqySZkDIbGrKZa4C3MUXiMZSIG76hcLJN4xrC%2FwK5wN%2FrcLrInL%2FXBeyiXCGdJZgykgJnD4XBlRqjPKXnJbn3IXhvhZ0N8s3Uxi"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 7177f972599f9b7d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	rat-main.js lrqqxdw.ml/static/js/	0 0	84ms 84ms	Script text/html	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lrqqxdw.ml/static/js/rat-main.js Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:28 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBoQDuOCElm10ghHI8Mcq%2FL44zsNmt9nXiTmEy8knRBdqAqoEydUvy%2FP790aFb0v0xvkzE3JSTTMDqWh7hba7p0J8gyvqmCx0w6nt3nTrpiNt8StvD63xl6Uug5Dtm8Lagi1LEVnR7H6"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 7177f9725e289c04-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	bg_btn_red_btm.gif lrqqxdw.ml/static/images/	442 B 1 KB	53ms 53ms	Image image/gif	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://lrqqxdw.ml/static/images/bg_btn_red_btm.gif Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/static/css/common_login.css Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `175cf3a6b7549f715fffaddc3ec5c9f92717e7c5f63b7e36ea9592e091a80a67` Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/static/css/common_login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:28 GMT CF-Cache-Status MISS Last-Modified Wed, 08 Jan 2020 19:44:52 GMT Server cloudflare ETag "1ba-59ba62047b500" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPZj3uDYLdljSxmpWyxNJa9JrPF11faa%2FXlVyDYT055tjz7Ek8USTQ4JNYMqvxzaXPnNGZjpl2o4W0xb7vbj5nNJdNHrT70EOT8g4UsCE7xOIU2VwlNNl2RAhg%2BjxAQD0AfcZjbJu67F"}],"group":"cf-nel","max_age":604800} Content-Type image/gif Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 7177f972ef309c04-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 442
GET H/1.1	200 OK	bg_btn_red_top.gif lrqqxdw.ml/static/images/	2 KB 3 KB	59ms 59ms	Image image/gif	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://lrqqxdw.ml/static/images/bg_btn_red_top.gif Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/static/css/common_login.css Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `849cd9d1c481a1b45559f5e833f40e13ee666842e6f8ba72c8e1cad9c8c15f6d` Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/static/css/common_login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:28 GMT CF-Cache-Status MISS Last-Modified Wed, 08 Jan 2020 19:44:50 GMT Server cloudflare ETag "75d-59ba620293080" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOndJAfEn%2BhSu4KY%2FsvWegVLnBBgWIv497eRXz%2FRm0P9e4Hb8pO%2Bmp61ungmPRGHOjfZy1zQSC17Lawf4MkhB4Y77Quq%2BneFi3iGE7hACuMIgGSwS1YNgbXsMeBKxh5B0znX%2Bu%2Fgkkal"}],"group":"cf-nel","max_age":604800} Content-Type image/gif Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 7177f972ecbb9bda-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 1885
GET H/1.1	200 OK	icon_btn_arrow.gif lrqqxdw.ml/static/images/	60 B 792 B	62ms 50ms	Image image/gif	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://lrqqxdw.ml/static/images/icon_btn_arrow.gif Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/static/css/common_login.css Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d8aac016132945bbe5a1f88a60206628c5d7c12e69917cb5fcbee4a7c24440c6` Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/static/css/common_login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:28 GMT CF-Cache-Status MISS Last-Modified Wed, 08 Jan 2020 19:44:50 GMT Server cloudflare ETag "3c-59ba620293080" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fi6mhQcnlT0vQ7neL2i00dszGgRG%2B31TsyWmDgXkAnVyPfK2WKCUJaG1zlNjFd1nu7yKvQRxGdCDhxDNNjUFXRicDg%2FhyGHNgENeMxAHW88n8bWT5CCH9sdf%2F2mWOL63TNEUTO4iudVx"}],"group":"cf-nel","max_age":604800} Content-Type image/gif Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 7177f9730f7f906d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 60
GET H/1.1	200 OK	info.gif lrqqxdw.ml/static/images/	360 B 1 KB	54ms 54ms	Image image/gif	2606:4700:3033::ac43:d68d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://lrqqxdw.ml/static/images/info.gif Requested by Host: lrqqxdw.ml URL: http://lrqqxdw.ml/static/css/common_login.css Protocol HTTP/1.1 Server 2606:4700:3033::ac43:d68d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `33be38e33c8eb9aa13a4ed44c2e2813207bef13a5ba265818e485f0ebbc83f3b` Request headers accept-language nl-NL,nl;q=0.9 Referer http://lrqqxdw.ml/static/css/common_login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Tue, 07 Jun 2022 08:21:28 GMT CF-Cache-Status MISS Last-Modified Wed, 08 Jan 2020 19:44:52 GMT Server cloudflare ETag "168-59ba62047b500" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDt%2BfVrkczsgHzMf00fmD%2FdbvKNrgqXDW8z2LQwG6ug%2FYkFqvd09VyXPciEyFWpapWkilIKvC0IZMU33FsPz3aglyZXBnx%2FRQTVTQ80%2BjeaclT%2Bmq3gB%2BIWT%2FIamVZkxpTurq8gDG1sw"}],"group":"cf-nel","max_age":604800} Content-Type image/gif Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 7177f9733fe89c04-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 360

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Rakuten (E-commerce)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gg.gg/	1970-01-20 03:36:37	Name: ci_session Value: a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22c4f5d2e7dac4a68ddff7ab30dcd80a05%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22212.7.210.170%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A115%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F102.0.5005.61+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1654590087%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Df91ca582647622f40a7bb0468e9d3c9c
			.gg.gg/	1970-01-20 05:46:06	Name: gg_token Value: 88185b288c31bfc0fb8818ce6c2d1377629f0a872ce896.39742778

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://lrqqxdw.ml/static/js/hint.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://lrqqxdw.ml/static/js/jquery-1.12.4.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://lrqqxdw.ml/static/css/loginstyle.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://lrqqxdw.ml/static/js/tls_alert.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://lrqqxdw.ml/static/js/tls12.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://lrqqxdw.ml/static/js/id.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://lrqqxdw.ml/count.php Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://lrqqxdw.ml/static/js/sc_scode_switch.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://lrqqxdw.ml/static/js/challenger.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://lrqqxdw.ml/static/css/challenger.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://lrqqxdw.ml/static/js/rat-main.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gg.gg
lrqqxdw.ml
185.15.209.141
2606:4700:3033::ac43:d68d
0d09c071eb51ca856189b72351d499a97adc6afd90e36ff2cc753dfa6392b15b
175cf3a6b7549f715fffaddc3ec5c9f92717e7c5f63b7e36ea9592e091a80a67
2771191104d71c188d9dbdb97ce74cc190b1bd377275e0201bef4648bfc0f186
33be38e33c8eb9aa13a4ed44c2e2813207bef13a5ba265818e485f0ebbc83f3b
62775ef2856f63d6399abc1d54077916df8d62b16414816012b9ff0fad4efada
6da28d7a134d543417892f859bad07f0ac729296d84618a57d30b31810cea58a
78cec57c09590cc44af8aa8213abe587e5d9afb78a3ca7dc1f5bc82c91d07e4a
7ab9a4d7f597471f82e8ebc6019525cd45f81decff7853062056a3c3417eba59
849cd9d1c481a1b45559f5e833f40e13ee666842e6f8ba72c8e1cad9c8c15f6d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
d8aac016132945bbe5a1f88a60206628c5d7c12e69917cb5fcbee4a7c24440c6
e1039b942a52729c7bd4fe9427a4f8a86816142ef90dd2be9b6ffcd353145a02

lrqqxdw.ml Open in urlscan Pro 2606:4700:3033::ac43:d68d Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

0 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

81 kBTransfer

92 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

2 Cookies

11 Console Messages

Indicators

lrqqxdw.ml Open in urlscan Pro
2606:4700:3033::ac43:d68d Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

0 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

81 kB
Transfer

92 kB
Size

2
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!