rukatenshofuquqik2.xyz Open in urlscan Pro
204.44.76.170  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response rukatenshofuquqik2.xyz/	7 KB 3 KB	1220ms 670ms	Document text/html	204.44.76.170 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://rukatenshofuquqik2.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.76.170 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.76.170.static.quadranet.com Software Apache / Resource Hash 220ff801d6d4cf5c0cfbcbb51780e89fa191c925950625a56217aab2676e5f7f Request headers Accept-Language de-DE,de;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers content-encoding gzip content-length 2706 content-type text/html; charset=UTF-8 date Wed, 30 Mar 2022 11:31:30 GMT server Apache vary Accept-Encoding
GET H2	200	import.css rukatenshofuquqik2.xyz/static/css/	85 B 187 B	153ms 153ms	Stylesheet text/css	204.44.76.170 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://rukatenshofuquqik2.xyz/static/css/import.css Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.76.170 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.76.170.static.quadranet.com Software Apache / Resource Hash 45ff09eeed361217294d000a3cec1a4d73cd8447b534bb8622381b7813aee78e Request headers Accept-Language de-DE,de;q=0.9 Referer https://rukatenshofuquqik2.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 11:31:31 GMT content-encoding gzip last-modified Wed, 19 May 2021 22:25:42 GMT server Apache etag "55-5c2b64e9d7257-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 77
GET H2	200	jquery-1.12.4.min.js Show response rukatenshofuquqik2.xyz/static/js/	95 KB 33 KB	159ms 158ms	Script application/javascript	204.44.76.170 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://rukatenshofuquqik2.xyz/static/js/jquery-1.12.4.min.js Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.76.170 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.76.170.static.quadranet.com Software Apache / Resource Hash 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18 Request headers Accept-Language de-DE,de;q=0.9 Referer https://rukatenshofuquqik2.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 11:31:31 GMT content-encoding gzip last-modified Wed, 19 May 2021 22:27:08 GMT server Apache etag "17b8a-5c2b653b8e0aa-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 33758
GET H2	200	common.js Show response rukatenshofuquqik2.xyz/static/js/	634 B 412 B	152ms 151ms	Script application/javascript	204.44.76.170 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://rukatenshofuquqik2.xyz/static/js/common.js Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.76.170 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.76.170.static.quadranet.com Software Apache / Resource Hash 266ecfb9ec67fc7bd0b5516ccb948562d3b313fcda712f8df2ef0cd6b7094ccd Request headers Accept-Language de-DE,de;q=0.9 Referer https://rukatenshofuquqik2.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 11:31:31 GMT content-encoding gzip last-modified Wed, 19 May 2021 22:26:36 GMT server Apache etag "27a-5c2b651d4bb96-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 318
GET H2	200	util.js Show response rukatenshofuquqik2.xyz/static/js/	2 KB 635 B	153ms 152ms	Script application/javascript	204.44.76.170 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://rukatenshofuquqik2.xyz/static/js/util.js Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.76.170 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.76.170.static.quadranet.com Software Apache / Resource Hash 7237b71f281b72c679bcaf7449b02370ef31050e1964208aa00d15c8b5a7eb5f Request headers Accept-Language de-DE,de;q=0.9 Referer https://rukatenshofuquqik2.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 11:31:31 GMT content-encoding gzip last-modified Wed, 19 May 2021 22:28:52 GMT server Apache etag "654-5c2b659eed1db-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 558
GET H2	200	id-dfp.js Show response rukatenshofuquqik2.xyz/static/js/	370 B 333 B	153ms 152ms	Script application/javascript	204.44.76.170 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://rukatenshofuquqik2.xyz/static/js/id-dfp.js Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.76.170 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.76.170.static.quadranet.com Software Apache / Resource Hash 5162f5fd43e99e6d3c405414465d35e44744e4c7094fe4f2ae88cf7f035414fb Request headers Accept-Language de-DE,de;q=0.9 Referer https://rukatenshofuquqik2.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 11:31:31 GMT content-encoding gzip last-modified Wed, 19 May 2021 22:26:51 GMT server Apache etag "172-5c2b652c43d50-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 256
GET H2	200	tls_alert.js Show response rukatenshofuquqik2.xyz/static/js/	3 KB 1 KB	153ms 152ms	Script application/javascript	204.44.76.170 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://rukatenshofuquqik2.xyz/static/js/tls_alert.js Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.76.170 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.76.170.static.quadranet.com Software Apache / Resource Hash bf223ae077078d99c48405ac4f7894b25d747291c2dc70b215c565dfba431183 Request headers Accept-Language de-DE,de;q=0.9 Referer https://rukatenshofuquqik2.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 11:31:31 GMT content-encoding gzip last-modified Wed, 19 May 2021 22:28:25 GMT server Apache etag "b17-5c2b65859c4cb-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1082
GET H2	200	tls12.js Show response rukatenshofuquqik2.xyz/static/js/	28 B 97 B	153ms 152ms	Script application/javascript	204.44.76.170 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://rukatenshofuquqik2.xyz/static/js/tls12.js Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.76.170 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.76.170.static.quadranet.com Software Apache / Resource Hash 767483ac6c4ff38731ddf4471b335354bb39bfc1a8c93ea3ecc2cc95bf2a5b8b Request headers Accept-Language de-DE,de;q=0.9 Referer https://rukatenshofuquqik2.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 11:31:31 GMT last-modified Wed, 19 May 2021 22:28:38 GMT server Apache accept-ranges bytes etag "1c-5c2b659252fc1" content-length 28 content-type application/javascript
GET H2	200	Rakuten_sp_28px@2x.png rukatenshofuquqik2.xyz/static/picture/	3 KB 3 KB	153ms 152ms	Image image/png	204.44.76.170 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://rukatenshofuquqik2.xyz/static/picture/Rakuten_sp_28px@2x.png Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.76.170 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.76.170.static.quadranet.com Software Apache / Resource Hash 3fd0410dcec09600f874b3e191a3d90a2ac5fa9bf12042ef14175419579db270 Request headers Accept-Language de-DE,de;q=0.9 Referer https://rukatenshofuquqik2.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 11:31:31 GMT last-modified Mon, 17 May 2021 03:57:30 GMT server Apache accept-ranges bytes etag "a64-5c27e97ae3e80" content-length 2660 content-type image/png
GET H2	200	challenger-ja-JP_1b7275d2-e5ab-4.js Show response rukatenshofuquqik2.xyz/static/js/	826 B 452 B	153ms 152ms	Script application/javascript	204.44.76.170 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://rukatenshofuquqik2.xyz/static/js/challenger-ja-JP_1b7275d2-e5ab-4.js Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.76.170 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.76.170.static.quadranet.com Software Apache / Resource Hash 34ef27e93ee6db0326bce29d67f0a0924a8960810fb6a421f3f1f0a805400ec3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://rukatenshofuquqik2.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 11:31:31 GMT content-encoding gzip last-modified Wed, 19 May 2021 22:26:22 GMT server Apache etag "33a-5c2b651023e43-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 375
GET H2	200	challenger-1b7275d2-e5ab-4f37-ac.css rukatenshofuquqik2.xyz/static/css/	2 KB 667 B	152ms 152ms	Stylesheet text/css	204.44.76.170 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://rukatenshofuquqik2.xyz/static/css/challenger-1b7275d2-e5ab-4f37-ac.css Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.76.170 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.76.170.static.quadranet.com Software Apache / Resource Hash 56beece8974f50096fc1c95ca93f1683b4ebaeb0d9cb54ed133c2dbbf9e5f2a1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://rukatenshofuquqik2.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 11:31:31 GMT content-encoding gzip last-modified Wed, 19 May 2021 22:24:58 GMT server Apache etag "724-5c2b64c00bebc-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 591
GET H2	200	pop.gif rukatenshofuquqik2.xyz/static/picture/	187 B 242 B	153ms 152ms	Image image/gif	204.44.76.170 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://rukatenshofuquqik2.xyz/static/picture/pop.gif Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.76.170 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.76.170.static.quadranet.com Software Apache / Resource Hash 7c0bda6422ac83de513ad3fcdd5304db074566a1871c70af3a628527def0b96d Request headers Accept-Language de-DE,de;q=0.9 Referer https://rukatenshofuquqik2.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 11:31:31 GMT last-modified Mon, 17 May 2021 03:57:30 GMT server Apache accept-ranges bytes etag "bb-5c27e97ae3e80" content-length 187 content-type image/gif
GET H2	200	stop_540x249.png rukatenshofuquqik2.xyz/static/picture/	57 KB 57 KB	153ms 153ms	Image image/png	204.44.76.170 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://rukatenshofuquqik2.xyz/static/picture/stop_540x249.png Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.76.170 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.76.170.static.quadranet.com Software Apache / Resource Hash fa9551c7bdd94718c80ef582fe808e6c8305b9324bc36ec2cdc83231c1254a9a Request headers Accept-Language de-DE,de;q=0.9 Referer https://rukatenshofuquqik2.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 11:31:31 GMT last-modified Mon, 17 May 2021 03:57:30 GMT server Apache accept-ranges bytes etag "e350-5c27e97ae3e80" content-length 58192 content-type image/png
GET H2	200	sc_scode_switch.js Show response rukatenshofuquqik2.xyz/static/js/	8 KB 2 KB	304ms 303ms	Script application/javascript	204.44.76.170 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://rukatenshofuquqik2.xyz/static/js/sc_scode_switch.js Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.76.170 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.76.170.static.quadranet.com Software Apache / Resource Hash b895d5b1abd9715e0190dc555e4c5e0998ee35d1d2abadea3376552f8978bdf8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://rukatenshofuquqik2.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 11:31:31 GMT content-encoding gzip last-modified Wed, 19 May 2021 22:28:02 GMT server Apache etag "1f25-5c2b656fe5ca4-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1755
GET H2	200	rat-main.js Show response rukatenshofuquqik2.xyz/static/js/	34 KB 9 KB	154ms 153ms	Script application/javascript	204.44.76.170 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://rukatenshofuquqik2.xyz/static/js/rat-main.js Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.76.170 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.76.170.static.quadranet.com Software Apache / Resource Hash d60f59e1543f12020a63cfc74ffc90af6b292722f91dee2bbd0d87a7487d432d Request headers Accept-Language de-DE,de;q=0.9 Referer https://rukatenshofuquqik2.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 11:31:31 GMT content-encoding gzip last-modified Wed, 19 May 2021 22:27:23 GMT server Apache etag "8741-5c2b654ac618a-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 9358
GET H2	200	common.css rukatenshofuquqik2.xyz/static/css/	2 KB 836 B	301ms 300ms	Stylesheet text/css	204.44.76.170 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://rukatenshofuquqik2.xyz/static/css/common.css Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/static/css/import.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.76.170 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.76.170.static.quadranet.com Software Apache / Resource Hash 27b168aec9b347a25cf18618d576c56a8f7c7d3dadf595f4f5c178fb79d8a614 Request headers Accept-Language de-DE,de;q=0.9 Referer https://rukatenshofuquqik2.xyz/static/css/import.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 11:31:31 GMT content-encoding gzip last-modified Wed, 19 May 2021 22:25:11 GMT server Apache etag "88e-5c2b64cc62d0f-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 759
GET H2	200	id.css rukatenshofuquqik2.xyz/static/css/	17 KB 3 KB	302ms 300ms	Stylesheet text/css	204.44.76.170 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://rukatenshofuquqik2.xyz/static/css/id.css Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/static/css/import.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.76.170 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.76.170.static.quadranet.com Software Apache / Resource Hash e4aaae06646fc1f50c4766ebca9e60d1c68c9f080de173153d83a160f6e50915 Request headers Accept-Language de-DE,de;q=0.9 Referer https://rukatenshofuquqik2.xyz/static/css/import.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 11:31:31 GMT content-encoding gzip last-modified Wed, 19 May 2021 22:25:29 GMT server Apache etag "42fe-5c2b64ddd4116-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 3307
GET H2	200	psm_style.css rukatenshofuquqik2.xyz/static/css/	3 KB 696 B	302ms 300ms	Stylesheet text/css	204.44.76.170 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://rukatenshofuquqik2.xyz/static/css/psm_style.css Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/static/css/import.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.76.170 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.76.170.static.quadranet.com Software Apache / Resource Hash 426e8dbc38d927afdb3986c495aee74ba6c883e8fac28d800fd39714d776315b Request headers Accept-Language de-DE,de;q=0.9 Referer https://rukatenshofuquqik2.xyz/static/css/import.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 11:31:31 GMT content-encoding gzip last-modified Wed, 19 May 2021 22:25:56 GMT server Apache etag "cf1-5c2b64f743ab8-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 620
GET H2	200	id173fe346f08f1be6ee139ee82913b43c.js Show response static.id.rakuten.co.jp/static/	36 KB 11 KB	87ms 7ms	Script text/javascript	23.205.234.224 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://static.id.rakuten.co.jp/static/id173fe346f08f1be6ee139ee82913b43c.js Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/static/js/id-dfp.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 23.205.234.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-234-224.deploy.static.akamaitechnologies.com Software capi / Resource Hash 2aaec607fb6e244cc257d6d4ba8ba797c9dd482bc38943cd65784de1725ab544 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://rukatenshofuquqik2.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Wed, 30 Mar 2022 11:31:31 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 28 Mar 2022 04:14:25 GMT server capi vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate accept-ranges bytes access-control-allow-headers Content-Type content-length 11044 x-xss-protection 1; mode=block expires Wed, 30 Mar 2022 11:31:31 GMT
GET H2	200	icon_circle.gif rukatenshofuquqik2.xyz/static/image/	454 B 524 B	153ms 153ms	Image image/gif	204.44.76.170 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://rukatenshofuquqik2.xyz/static/image/icon_circle.gif Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/static/css/id.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.76.170 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.76.170.static.quadranet.com Software Apache / Resource Hash d6fb85cb48ad6ab6fa72eee685537175fb78aac06b54e74fc42574d6b470d824 Request headers Accept-Language de-DE,de;q=0.9 Referer https://rukatenshofuquqik2.xyz/static/css/id.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 11:31:31 GMT last-modified Mon, 17 May 2021 03:57:32 GMT server Apache accept-ranges bytes etag "1c6-5c27e97ccc300" content-length 454 content-type image/gif
GET H/1.1	200 OK	challenger_ja-JP.js Show response challenger.api.global.rakuten.com/static/	23 KB 7 KB	140ms 22ms	Script application/javascript	52.232.41.74 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://challenger.api.global.rakuten.com/static/challenger_ja-JP.js?tracking_id=1b7275d2-e5ab-4f37-ac87-5e1ea2b62d26 Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/static/js/challenger-ja-JP_1b7275d2-e5ab-4.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.232.41.74 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software cgenerator / Resource Hash 2988252023931c1e863b94e3c491e99084035a8db0d1001ad24b414ca4225e4d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://rukatenshofuquqik2.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Pragma no-cache Date Wed, 30 Mar 2022 11:31:31 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cgenerator Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Headers Content-Type Content-Length 7120 X-Xss-Protection 1 X-Request-Id 531d2827-7766-4eed-a97e-5b0910a46c49 Expires 0
GET H2	200	chevron.png rukatenshofuquqik2.xyz/static/image/	371 B 419 B	156ms 155ms	Image image/png	204.44.76.170 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://rukatenshofuquqik2.xyz/static/image/chevron.png Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/static/css/id.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.44.76.170 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 204.44.76.170.static.quadranet.com Software Apache / Resource Hash 8be7ad5e4c0d0c99c5233ac8f847b77748c8611f9b87603664e133e1d85850aa Request headers Accept-Language de-DE,de;q=0.9 Referer https://rukatenshofuquqik2.xyz/static/css/id.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 11:31:31 GMT last-modified Mon, 17 May 2021 03:57:32 GMT server Apache accept-ranges bytes etag "173-5c27e97ccc300" content-length 371 content-type image/png
POST H/1.1	200 OK	c Show response challenger.api.global.rakuten.com/v1.0/	565 B 913 B	64ms 17ms	XHR application/json	52.232.41.74 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://challenger.api.global.rakuten.com/v1.0/c?tracking_id=1b7275d2-e5ab-4f37-ac87-5e1ea2b62d26 Requested by Host: challenger.api.global.rakuten.com URL: https://challenger.api.global.rakuten.com/static/challenger_ja-JP.js?tracking_id=1b7275d2-e5ab-4f37-ac87-5e1ea2b62d26 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.232.41.74 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software cgenerator / Resource Hash 6710129c295d3741430649ab7e46d44a7ba0bacd39cd94fc9f3c317499acf36a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Referer https://rukatenshofuquqik2.xyz/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers Pragma no-cache Date Wed, 30 Mar 2022 11:31:31 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cgenerator Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Headers Content-Type Content-Length 481 X-Xss-Protection 1 X-Request-Id acc9897b-413e-4bbb-85d4-80a6adab3471 Expires 0
GET H2	200	s_accountSetting.js Show response a.ichiba.jp.rakuten-static.com/com/rat/id.rakuten.co.jp/	4 KB 2 KB	177ms 19ms	Script application/javascript	104.111.218.187 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://a.ichiba.jp.rakuten-static.com/com/rat/id.rakuten.co.jp/s_accountSetting.js Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/static/js/sc_scode_switch.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.111.218.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-218-187.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 8fb7cdc74f080e32671ac12477ced49dc244282cce2cadaf1a0a72425a0b572e Request headers Referer https://rukatenshofuquqik2.xyz/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Wed, 30 Mar 2022 11:31:32 GMT content-encoding gzip last-modified Fri, 14 Jan 2022 05:00:00 GMT server nginx etag "61e10350-11e2" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 accept-ranges bytes x-cdn-served-from Akamai link <https://r.r10s.jp/com/rat/id.rakuten.co.jp/s_accountSetting.js>; rel="canonical" content-length 1332 expires Sat, 14 Jan 2023 14:00:53 GMT
GET H2	200	s_codeCommon.js Show response a.ichiba.jp.rakuten-static.com/com/rat/id.rakuten.co.jp/	2 KB 1013 B	181ms 24ms	Script application/javascript	104.111.218.187 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://a.ichiba.jp.rakuten-static.com/com/rat/id.rakuten.co.jp/s_codeCommon.js Requested by Host: rukatenshofuquqik2.xyz URL: https://rukatenshofuquqik2.xyz/static/js/sc_scode_switch.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.111.218.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-218-187.deploy.static.akamaitechnologies.com Software nginx / Resource Hash d102b360b1a140b65f9da4f27c99b41a7cd73f9208213739aaadb34887d88312 Request headers Referer https://rukatenshofuquqik2.xyz/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Wed, 30 Mar 2022 11:31:32 GMT content-encoding gzip last-modified Fri, 14 Jan 2022 05:00:00 GMT server nginx etag "61e10350-787" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 accept-ranges bytes x-cdn-served-from Akamai link <https://r.r10s.jp/com/rat/id.rakuten.co.jp/s_codeCommon.js>; rel="canonical" content-length 737 expires Sat, 14 Jan 2023 13:23:54 GMT
GET		s_customTracking.js www.rakuten.co.jp/com/rat/id.rakuten.co.jp/	0 0
GET H/1.1	200 OK	m Show response challenger.api.global.rakuten.com/v1.0/	44 B 450 B	17ms 17ms	XHR application/json	52.232.41.74 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://challenger.api.global.rakuten.com/v1.0/m?cid=eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.FAMbKH13iYdPrnqGYT-Y7rqJEl230VRONs-6t1hcuBmMntPM4Hiq7Q.MftXogSkOR3HcdK1.32D6vsfOl2KEOldhWJEjTSVXVObe4mgN8MA6F7Ryq56uf2BLWLx1dIoep3H6OKURiTDGd-q4Awb4FrFkjHR89SaeltnNpUKTrDJeAIdDWHsvVIsJBzPhZK0ngTT4KVbkskokV0EVcSlLmrLcQBStCzFid0tx6nQrJJ73ysvgrumDl9UHG5E-ZVJplDYXpW4cv-LGCFcJDoVpZCXtHD1cbytUkza_aHAi3OTgUcDXeDwNDTMFE2cuptawpTqpnBt9sXkTSiJxhN2cGZwE2GjlDnxpOVF04CnYbn4b9nLicMUCpkQrSXQaAhiVg0zZVcJz4B8gwJ5krsx3xr0RWKrjNQ.fJS2EdnW37yC1f7CDlz3EQ&mtype=0&tracking_id=1b7275d2-e5ab-4f37-ac87-5e1ea2b62d26 Requested by Host: challenger.api.global.rakuten.com URL: https://challenger.api.global.rakuten.com/static/challenger_ja-JP.js?tracking_id=1b7275d2-e5ab-4f37-ac87-5e1ea2b62d26 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.232.41.74 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software cgenerator / Resource Hash ac84140d203d95cfacd94c2cd5e26633a264a854f5fd5c2908ab8428ace3718e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Referer https://rukatenshofuquqik2.xyz/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Content-Type text/plain; charset=utf-8 Response headers Pragma no-cache Date Wed, 30 Mar 2022 11:31:31 GMT X-Content-Type-Options nosniff Server cgenerator Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Headers Content-Type Content-Length 44 X-Xss-Protection 1 X-Request-Id 22654a37-a9a9-489d-bdd2-b535d56b6ef3 Expires 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.rakuten.co.jp

URL

https://www.rakuten.co.jp/com/rat/id.rakuten.co.jp/s_customTracking.js

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Rakuten (E-commerce)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery function| doScroll object| __id_conf boolean| __id function| tls12Callback function| setLang function| setLangJa function| setLangEn function| setLangCn function| mkfpForms function| mkfp function| Fingerprint2 object| __challenger_conf object| Challenger object| __challenger object| __challenger_stats object| __challenger_events boolean| doRefresh function| Fingerprint2Shrinked object| trackingParam string| s object| accountSetting object| rakutenSC

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://rukatenshofuquqik2.xyz/static/js/sc_scode_switch.js(Line 139) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://a.ichiba.jp.rakuten-static.com/com/rat/id.rakuten.co.jp/s_accountSetting.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rukatenshofuquqik2.xyz/static/js/sc_scode_switch.js(Line 139) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://a.ichiba.jp.rakuten-static.com/com/rat/id.rakuten.co.jp/s_accountSetting.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rukatenshofuquqik2.xyz/static/js/sc_scode_switch.js(Line 139) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://a.ichiba.jp.rakuten-static.com/com/rat/id.rakuten.co.jp/s_codeCommon.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rukatenshofuquqik2.xyz/static/js/sc_scode_switch.js(Line 139) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.rakuten.co.jp/com/rat/id.rakuten.co.jp/s_customTracking.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ichiba.jp.rakuten-static.com
challenger.api.global.rakuten.com
rukatenshofuquqik2.xyz
static.id.rakuten.co.jp
www.rakuten.co.jp
www.rakuten.co.jp
104.111.218.187
204.44.76.170
23.205.234.224
52.232.41.74
220ff801d6d4cf5c0cfbcbb51780e89fa191c925950625a56217aab2676e5f7f
266ecfb9ec67fc7bd0b5516ccb948562d3b313fcda712f8df2ef0cd6b7094ccd
27b168aec9b347a25cf18618d576c56a8f7c7d3dadf595f4f5c178fb79d8a614
2988252023931c1e863b94e3c491e99084035a8db0d1001ad24b414ca4225e4d
2aaec607fb6e244cc257d6d4ba8ba797c9dd482bc38943cd65784de1725ab544
34ef27e93ee6db0326bce29d67f0a0924a8960810fb6a421f3f1f0a805400ec3
3fd0410dcec09600f874b3e191a3d90a2ac5fa9bf12042ef14175419579db270
426e8dbc38d927afdb3986c495aee74ba6c883e8fac28d800fd39714d776315b
45ff09eeed361217294d000a3cec1a4d73cd8447b534bb8622381b7813aee78e
5162f5fd43e99e6d3c405414465d35e44744e4c7094fe4f2ae88cf7f035414fb
56beece8974f50096fc1c95ca93f1683b4ebaeb0d9cb54ed133c2dbbf9e5f2a1
6710129c295d3741430649ab7e46d44a7ba0bacd39cd94fc9f3c317499acf36a
7237b71f281b72c679bcaf7449b02370ef31050e1964208aa00d15c8b5a7eb5f
767483ac6c4ff38731ddf4471b335354bb39bfc1a8c93ea3ecc2cc95bf2a5b8b
7c0bda6422ac83de513ad3fcdd5304db074566a1871c70af3a628527def0b96d
8be7ad5e4c0d0c99c5233ac8f847b77748c8611f9b87603664e133e1d85850aa
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
8fb7cdc74f080e32671ac12477ced49dc244282cce2cadaf1a0a72425a0b572e
ac84140d203d95cfacd94c2cd5e26633a264a854f5fd5c2908ab8428ace3718e
b895d5b1abd9715e0190dc555e4c5e0998ee35d1d2abadea3376552f8978bdf8
bf223ae077078d99c48405ac4f7894b25d747291c2dc70b215c565dfba431183
d102b360b1a140b65f9da4f27c99b41a7cd73f9208213739aaadb34887d88312
d60f59e1543f12020a63cfc74ffc90af6b292722f91dee2bbd0d87a7487d432d
d6fb85cb48ad6ab6fa72eee685537175fb78aac06b54e74fc42574d6b470d824
e4aaae06646fc1f50c4766ebca9e60d1c68c9f080de173153d83a160f6e50915
fa9551c7bdd94718c80ef582fe808e6c8305b9324bc36ec2cdc83231c1254a9a