pxdzdyhfy.thewfrlovehq.com Open in urlscan Pro
2606:4700:3037::ac43:ab5a Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pxdzdyhfy.thewfrlovehq.com/post-detail/webidufj/E4135197119DC239B13E5E8141328F06
Submission: On February 28 via manual (February 28th 2023, 11:58:22 pm UTC) from JP — Scanned from JP

Summary HTTP 14 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3037::ac43:ab5a, located in United States and belongs to CLOUDFLARENET, US. The main domain is pxdzdyhfy.thewfrlovehq.com.
TLS certificate: Issued by GTS CA 1P5 on February 25th 2023. Valid for: 3 months.

This is the only time pxdzdyhfy.thewfrlovehq.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: MUFG (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3037::ac43:ab5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
10	2600:9000:21d... 2600:9000:21d2:6c00:1b:d67:db80:93a1	16509 (AMAZON-02) (AMAZON-02)
14	3

1 2606:4700:3037::ac43:ab5a (United States)

ASN13335 (CLOUDFLARENET, US)

pxdzdyhfy.thewfrlovehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:21d2:6c00:1b:d67:db80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.cr.mufg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	mufg.jp www.cr.mufg.jp	23 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3674	75 KB
1	thewfrlovehq.com pxdzdyhfy.thewfrlovehq.com	4 KB
14	3

	Domain	Requested by
10	www.cr.mufg.jp	pxdzdyhfy.thewfrlovehq.com
4	mc.yandex.ru	1 redirects pxdzdyhfy.thewfrlovehq.com
1	pxdzdyhfy.thewfrlovehq.com
14	3

This site contains links to these domains. Also see Links.

Domain
www.cr.mufg.jp

Subject Issuer	Validity	Valid
*.thewfrlovehq.com GTS CA 1P5	`2023-02-25` - `2023-05-26`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
www.cr.mufg.jp DigiCert SHA2 Extended Validation Server CA	`2023-01-26` - `2024-02-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pxdzdyhfy.thewfrlovehq.com/post-detail/webidufj/E4135197119DC239B13E5E8141328F06
Frame ID: 50FDDAC8A899895FA7E06565FAB7CD37
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

カードの再発行・切替えをした場合は、WEBサービスに新規ID登録する必要がありますか？｜クレジットカードなら三菱UFJニコス

Detected technologies

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

14
Requests

93 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

101 kB
Transfer

247 kB
Size

8
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cr.mufg.jp/

Search URL Search Domain Scan URL

URL: https://www.cr.mufg.jp/dc/support/webs/id/index.html
Title: 新規ID登録

Search URL Search Domain Scan URL

URL: https://www.cr.mufg.jp/mufgcard/faq/index.html
Title: MUFGカード（三菱UFJカード含む）

Search URL Search Domain Scan URL

URL: https://www.cr.mufg.jp/dc/faq/index.html
Title: DCカード

Search URL Search Domain Scan URL

URL: https://www.cr.mufg.jp/nicos/faq/index.html
Title: NICOSカード

Search URL Search Domain Scan URL

URL: https://www.cr.mufg.jp/amex/faq/index.html
Title: MUFGカード・アメリカン・エキスプレス®・カード

Search URL Search Domain Scan URL

URL: https://www.cr.mufg.jp/ja/faq/index.html
Title: JAカード（NICOSカード）

Search URL Search Domain Scan URL

URL: https://www.cr.mufg.jp/apply/faq/index.html
Title: カードの新規お申込み

Search URL Search Domain Scan URL

URL: https://www.cr.mufg.jp/loan/faq/index.html
Title: ローンカード

Search URL Search Domain Scan URL

URL: https://www.cr.mufg.jp/member/contact/index.html
Title: お客さまサポートトップページに戻る

Search URL Search Domain Scan URL

URL: https://www.cr.mufg.jp/faq/detail/2420/index.html
Title: PC版

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://mc.yandex.ru/watch/92549391?wmode=7&page-url=https%3A%2F%2Fpxdzdyhfy.thewfrlovehq.com%2Fpost-detail%2Fwebidufj%2FE4135197119DC239B13E5E8141328F06&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24cmhk4ozkpnx0n%3Afp%3A1143%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A510625968985%3Ahid%3A130521151%3Az%3A0%3Ai%3A20230228235819%3Aet%3A1677628699%3Ac%3A1%3Arn%3A197166143%3Arqn%3A1%3Au%3A1677628699799026555%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A462%2C15%2C613%2C1%2C0%2C0%2C%2C46%2C0%2C%2C%2C%2C1139%3Aco%3A0%3Acpf%3A1%3Ans%3A1677628696732%3Arqnl%3A1%3Ast%3A1677628699%3At%3A%E3%82%AB%E3%83%BC%E3%83%89%E3%81%AE%E5%86%8D%E7%99%BA%E8%A1%8C%E3%83%BB%E5%88%87%E6%9B%BF%E3%81%88%E3%82%92%E3%81%97%E3%81%9F%E5%A0%B4%E5%90%88%E3%81%AF%E3%80%81WEB%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9%E3%81%AB%E6%96%B0%E8%A6%8FID%E7%99%BB%E9%8C%B2%E3%81%99%E3%82%8B%E5%BF%85%E8%A6%81%E3%81%8C%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99%E3%81%8B%EF%BC%9F%EF%BD%9C%E3%82%AF%E3%83%AC%E3%82%B8%E3%83%83%E3%83%88%E3%82%AB%E3%83%BC%E3%83%89%E3%81%AA%E3%82%89%E4%B8%89%E8%8F%B1UFJ%E3%83%8B%E3%82%B3%E3%82%B9&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/92549391/1?wmode=7&page-url=https%3A%2F%2Fpxdzdyhfy.thewfrlovehq.com%2Fpost-detail%2Fwebidufj%2FE4135197119DC239B13E5E8141328F06&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24cmhk4ozkpnx0n%3Afp%3A1143%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A510625968985%3Ahid%3A130521151%3Az%3A0%3Ai%3A20230228235819%3Aet%3A1677628699%3Ac%3A1%3Arn%3A197166143%3Arqn%3A1%3Au%3A1677628699799026555%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A462%2C15%2C613%2C1%2C0%2C0%2C%2C46%2C0%2C%2C%2C%2C1139%3Aco%3A0%3Acpf%3A1%3Ans%3A1677628696732%3Arqnl%3A1%3Ast%3A1677628699%3At%3A%E3%82%AB%E3%83%BC%E3%83%89%E3%81%AE%E5%86%8D%E7%99%BA%E8%A1%8C%E3%83%BB%E5%88%87%E6%9B%BF%E3%81%88%E3%82%92%E3%81%97%E3%81%9F%E5%A0%B4%E5%90%88%E3%81%AF%E3%80%81WEB%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9%E3%81%AB%E6%96%B0%E8%A6%8FID%E7%99%BB%E9%8C%B2%E3%81%99%E3%82%8B%E5%BF%85%E8%A6%81%E3%81%8C%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99%E3%81%8B%EF%BC%9F%EF%BD%9C%E3%82%AF%E3%83%AC%E3%82%B8%E3%83%83%E3%83%88%E3%82%AB%E3%83%BC%E3%83%89%E3%81%AA%E3%82%89%E4%B8%89%E8%8F%B1UFJ%E3%83%8B%E3%82%B3%E3%82%B9&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request E4135197119DC239B13E5E8141328F06 Show response
pxdzdyhfy.thewfrlovehq.com/post-detail/webidufj/ 17 KB
4 KB 1092ms
613ms Document
text/html 2606:4700:3037::ac43:ab5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pxdzdyhfy.thewfrlovehq.com/post-detail/webidufj/E4135197119DC239B13E5E8141328F06

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ab5a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0932c2edc336e7480a12aa5a5c5e0a2f1f03655eaeab2206ba4be3964e5ab8a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a0d1b7d986eaf72-NRT
content-encoding: br
content-language: jp-JP
content-type: text/html;charset=UTF-8
date: Tue, 28 Feb 2023 23:58:17 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWRkin%2Fkd3z%2Fz2qX8Hw1EfISIrt3IxsQZH5GDMLb3Jn4qruL0iVgyEVmO4ITQUYov9yv5B88hLjkcRx3hbCRJdvUn3CxGMgyRvZyS8SEOl2YaeEiJfxsVrakZ%2FV%2BnrowIXzwHK%2BZXFcPOoupEntseANVA7fYtJ371A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 211 KB
73 KB 1107ms
547ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: pxdzdyhfy.thewfrlovehq.com
URL: https://pxdzdyhfy.thewfrlovehq.com/post-detail/webidufj/E4135197119DC239B13E5E8141328F06

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

04afc90111de0665453b3f792bc1112feb5ee5bad24b9e206af915941da8c300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pxdzdyhfy.thewfrlovehq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 23:58:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 21 Feb 2023 11:11:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63f47caa-1203e"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73790
expires: Wed, 01 Mar 2023 00:58:18 GMT

GET
H/1.1 200
OK logoMUFG_ttl_006.png
www.cr.mufg.jp/cmn/img/ttl/ 2 KB
3 KB 95ms
17ms Image
image/png 2600:9000:21d2:6c00:1b:d67:db80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cr.mufg.jp/cmn/img/ttl/logoMUFG_ttl_006.png

Requested by

Host: pxdzdyhfy.thewfrlovehq.com
URL: https://pxdzdyhfy.thewfrlovehq.com/post-detail/webidufj/E4135197119DC239B13E5E8141328F06

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21d2:6c00:1b:d67:db80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2c4417958d8802c22cd4d7796c9c1b43d5949ea4f7cbd1c6b82d9292a485433e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 23:58:17 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 3f51d1d2797ea1f0c9e6fe6c5804e982.cloudfront.net (CloudFront)
Last-Modified: Sat, 26 Jun 2021 17:00:27 GMT
X-Amz-Cf-Pop: NRT12-C4
ETag: "965-5c5ae316259fd"
X-Cache: Miss from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2405
X-Amz-Cf-Id: HmG56zEmMTdDz52_GCR4sIH8hOCB-Y1IQzDNhsdVFKupV6rB2joeRA==

GET
H/1.1 200
OK logoMUFG_ttl_007.png
www.cr.mufg.jp/cmn/img/ttl/ 3 KB
3 KB 96ms
19ms Image
image/png 2600:9000:21d2:6c00:1b:d67:db80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cr.mufg.jp/cmn/img/ttl/logoMUFG_ttl_007.png

Requested by

Host: pxdzdyhfy.thewfrlovehq.com
URL: https://pxdzdyhfy.thewfrlovehq.com/post-detail/webidufj/E4135197119DC239B13E5E8141328F06

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21d2:6c00:1b:d67:db80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6346fba6edb44e68f469c88755aa971891c9ee1ea0f28277ecb404d8663b5c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 23:58:17 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 3bf59695cdf76e2abbc29f739085ab12.cloudfront.net (CloudFront)
Last-Modified: Sat, 26 Jun 2021 18:16:57 GMT
X-Amz-Cf-Pop: NRT12-C4
ETag: "b33-5c5af4303f13d"
X-Cache: Miss from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2867
X-Amz-Cf-Id: uBGt6WCJfVKkoJA2Um8UmkQE-QnFg0vJUZHrqqdNfSREwkBJgG6PSA==

GET
H/1.1 200
OK logo_corp_03.gif
www.cr.mufg.jp/common/img/ 2 KB
2 KB 92ms
14ms Image
image/gif 2600:9000:21d2:6c00:1b:d67:db80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cr.mufg.jp/common/img/logo_corp_03.gif

Requested by

Host: pxdzdyhfy.thewfrlovehq.com
URL: https://pxdzdyhfy.thewfrlovehq.com/post-detail/webidufj/E4135197119DC239B13E5E8141328F06

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21d2:6c00:1b:d67:db80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b0897161ba0a121ec590ee6674cbfdb361798cb452e711c648eb07871138fe18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 23:58:17 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 cc51b76e040548605afe90d69fcf6602.cloudfront.net (CloudFront)
Last-Modified: Sat, 26 Jun 2021 17:00:27 GMT
X-Amz-Cf-Pop: NRT12-C4
ETag: "773-5c5ae31624e45"
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1907
X-Amz-Cf-Id: v1TMqIYy5N3xMGDK4dwYDzOrDwyO5Rf9QktbxwiKBmKKfS0W_inRMQ==

GET
H/1.1 200
OK logo_dc.png
www.cr.mufg.jp/faq/img/ 2 KB
2 KB 93ms
15ms Image
image/png 2600:9000:21d2:6c00:1b:d67:db80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cr.mufg.jp/faq/img/logo_dc.png

Requested by

Host: pxdzdyhfy.thewfrlovehq.com
URL: https://pxdzdyhfy.thewfrlovehq.com/post-detail/webidufj/E4135197119DC239B13E5E8141328F06

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21d2:6c00:1b:d67:db80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

606335a3b457dd1d8ec02fe90a9afdf8889b1b485d6f27081dd4857ea5a6f79d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 23:58:17 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 3bf59695cdf76e2abbc29f739085ab12.cloudfront.net (CloudFront)
Last-Modified: Sat, 26 Jun 2021 18:26:07 GMT
X-Amz-Cf-Pop: NRT12-C4
ETag: "65b-5c5af63c87fe9"
X-Cache: Miss from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1627
X-Amz-Cf-Id: zXODsp9-x9WzZNHQYr8WUN27qT928rLAZjl_2IrG-107vNdM9e49dQ==

GET
H/1.1 200
OK cmn_ico_003.png
www.cr.mufg.jp/cmn/img/icon/ 1 KB
1 KB 94ms
16ms Image
image/png 2600:9000:21d2:6c00:1b:d67:db80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cr.mufg.jp/cmn/img/icon/cmn_ico_003.png

Requested by

Host: pxdzdyhfy.thewfrlovehq.com
URL: https://pxdzdyhfy.thewfrlovehq.com/post-detail/webidufj/E4135197119DC239B13E5E8141328F06

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21d2:6c00:1b:d67:db80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7a6324497a179a818660f2b019c0d00793702418c4a58eca9ed9e6bf81acfbd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 23:58:17 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 3f2661f781af01fc8c4d6e12e0b94afc.cloudfront.net (CloudFront)
Last-Modified: Sat, 26 Jun 2021 18:16:58 GMT
X-Amz-Cf-Pop: NRT12-C4
ETag: "412-5c5af430e650a"
X-Cache: Miss from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1042
X-Amz-Cf-Id: oa8HPQMkLUaTbUO6NAALM1LTg2XCYOCifTuEO5l1o4VnttczhGJ8Fg==

GET
H/1.1 200
OK logo_mufg.png
www.cr.mufg.jp/faq/img/ 2 KB
3 KB 88ms
18ms Image
image/png 2600:9000:21d2:6c00:1b:d67:db80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cr.mufg.jp/faq/img/logo_mufg.png

Requested by

Host: pxdzdyhfy.thewfrlovehq.com
URL: https://pxdzdyhfy.thewfrlovehq.com/post-detail/webidufj/E4135197119DC239B13E5E8141328F06

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21d2:6c00:1b:d67:db80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ca0ef3f97df3265e0b95d6e1fffec313da6584c82950b3320fa612b7e612eaf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 23:58:17 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 1a02cf1029d187677f4bb2a642904412.cloudfront.net (CloudFront)
Last-Modified: Sat, 26 Jun 2021 18:26:07 GMT
X-Amz-Cf-Pop: NRT12-C4
ETag: "892-5c5af63c9b6ad"
X-Cache: Miss from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2194
X-Amz-Cf-Id: P4Sa8iaUk_u-T1_bSYJZXnVVmVLwo_zPT7pAxDTPPBNKDCvY5_itlA==

GET
H/1.1 200
OK logo_nicos.png
www.cr.mufg.jp/faq/img/ 2 KB
3 KB 20ms
20ms Image
image/png 2600:9000:21d2:6c00:1b:d67:db80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cr.mufg.jp/faq/img/logo_nicos.png

Requested by

Host: pxdzdyhfy.thewfrlovehq.com
URL: https://pxdzdyhfy.thewfrlovehq.com/post-detail/webidufj/E4135197119DC239B13E5E8141328F06

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21d2:6c00:1b:d67:db80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a1aa0de8bf159516e6a619591e49810a73adaac17f8742c75ccee75a9e6bfe6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 23:58:17 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 cc51b76e040548605afe90d69fcf6602.cloudfront.net (CloudFront)
Last-Modified: Sat, 26 Jun 2021 18:26:07 GMT
X-Amz-Cf-Pop: NRT12-C4
ETag: "8d1-5c5af63c9d5ed"
X-Cache: Miss from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2257
X-Amz-Cf-Id: yokaI-8_wNiCfk4rDpgoDi9VBUf5QldJiXeGP7JQIp4nqVmfZnvK2g==

GET
H/1.1 200
OK logo_amex.png
www.cr.mufg.jp/faq/img/ 2 KB
2 KB 13ms
11ms Image
image/png 2600:9000:21d2:6c00:1b:d67:db80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cr.mufg.jp/faq/img/logo_amex.png

Requested by

Host: pxdzdyhfy.thewfrlovehq.com
URL: https://pxdzdyhfy.thewfrlovehq.com/post-detail/webidufj/E4135197119DC239B13E5E8141328F06

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21d2:6c00:1b:d67:db80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ec85d857bc02fff430d7341688a87d69b6aad708258a11c92f985353fc57532e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 23:58:17 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 3f2661f781af01fc8c4d6e12e0b94afc.cloudfront.net (CloudFront)
Last-Modified: Sat, 26 Jun 2021 18:26:32 GMT
X-Amz-Cf-Pop: NRT12-C4
ETag: "63d-5c5af653ed828"
X-Cache: Miss from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1597
X-Amz-Cf-Id: W1cuVJZ_VxkfKVmtTouHy66HreE3IC9K4Mrs59zC-WZ6F-mitbU6Pw==

GET
H/1.1 200
OK logo_ja.png
www.cr.mufg.jp/faq/img/ 2 KB
3 KB 18ms
18ms Image
image/png 2600:9000:21d2:6c00:1b:d67:db80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cr.mufg.jp/faq/img/logo_ja.png

Requested by

Host: pxdzdyhfy.thewfrlovehq.com
URL: https://pxdzdyhfy.thewfrlovehq.com/post-detail/webidufj/E4135197119DC239B13E5E8141328F06

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21d2:6c00:1b:d67:db80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c9d26af9a7ed722cfb0ae4da81d72a809bad5e8c94b984f36d02200269c1b1e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 23:58:17 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 3bf59695cdf76e2abbc29f739085ab12.cloudfront.net (CloudFront)
Last-Modified: Sat, 26 Jun 2021 18:28:55 GMT
X-Amz-Cf-Pop: NRT12-C4
ETag: "85e-5c5af6dc62eff"
X-Cache: Miss from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2142
X-Amz-Cf-Id: -Xwt0LbVHoR8akpHpJKHKWlOGYQogUeXuR3tPj5lTCBdl9F3WrJ8wQ==

GET
H/1.1 200
OK footer_btn_001.png
www.cr.mufg.jp/cmn/img/btn/ 1 KB
2 KB 20ms
20ms Image
image/png 2600:9000:21d2:6c00:1b:d67:db80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cr.mufg.jp/cmn/img/btn/footer_btn_001.png

Requested by

Host: pxdzdyhfy.thewfrlovehq.com
URL: https://pxdzdyhfy.thewfrlovehq.com/post-detail/webidufj/E4135197119DC239B13E5E8141328F06

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21d2:6c00:1b:d67:db80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

876ecc2306fba0aebd4773644ed6ed8dd48b99d53f56ece04cd903a032ed3e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 23:58:17 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 3f51d1d2797ea1f0c9e6fe6c5804e982.cloudfront.net (CloudFront)
Last-Modified: Sat, 26 Jun 2021 17:00:27 GMT
X-Amz-Cf-Pop: NRT12-C4
ETag: "4e2-5c5ae3163b655"
X-Cache: Miss from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1250
X-Amz-Cf-Id: sSUxvdPsRHS8nDJhAms14wZdchN7BtJVMOdzE--jCYS4jHzCosLY-g==

GET
H2

200

1 Show response
mc.yandex.ru/watch/92549391/
Redirect Chain

https://mc.yandex.ru/watch/92549391?wmode=7&page-url=https%3A%2F%2Fpxdzdyhfy.thewfrlovehq.com%2Fpost-detail%2Fwebidufj%2FE4135197119DC239B13E5E8141328F06&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm...
https://mc.yandex.ru/watch/92549391/1?wmode=7&page-url=https%3A%2F%2Fpxdzdyhfy.thewfrlovehq.com%2Fpost-detail%2Fwebidufj%2FE4135197119DC239B13E5E8141328F06&charset=utf-8&browser-info=pv%3A1%3Avf%3A...

435 B
518 B

283ms
282ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/92549391/1?wmode=7&page-url=https%3A%2F%2Fpxdzdyhfy.thewfrlovehq.com%2Fpost-detail%2Fwebidufj%2FE4135197119DC239B13E5E8141328F06&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24cmhk4ozkpnx0n%3Afp%3A1143%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A510625968985%3Ahid%3A130521151%3Az%3A0%3Ai%3A20230228235819%3Aet%3A1677628699%3Ac%3A1%3Arn%3A197166143%3Arqn%3A1%3Au%3A1677628699799026555%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A462%2C15%2C613%2C1%2C0%2C0%2C%2C46%2C0%2C%2C%2C%2C1139%3Aco%3A0%3Acpf%3A1%3Ans%3A1677628696732%3Arqnl%3A1%3Ast%3A1677628699%3At%3A%E3%82%AB%E3%83%BC%E3%83%89%E3%81%AE%E5%86%8D%E7%99%BA%E8%A1%8C%E3%83%BB%E5%88%87%E6%9B%BF%E3%81%88%E3%82%92%E3%81%97%E3%81%9F%E5%A0%B4%E5%90%88%E3%81%AF%E3%80%81WEB%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9%E3%81%AB%E6%96%B0%E8%A6%8FID%E7%99%BB%E9%8C%B2%E3%81%99%E3%82%8B%E5%BF%85%E8%A6%81%E3%81%8C%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99%E3%81%8B%EF%BC%9F%EF%BD%9C%E3%82%AF%E3%83%AC%E3%82%B8%E3%83%83%E3%83%88%E3%82%AB%E3%83%BC%E3%83%89%E3%81%AA%E3%82%89%E4%B8%89%E8%8F%B1UFJ%E3%83%8B%E3%82%B3%E3%82%B9&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: pxdzdyhfy.thewfrlovehq.com
URL: https://pxdzdyhfy.thewfrlovehq.com/post-detail/webidufj/E4135197119DC239B13E5E8141328F06

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8ece947e9d35df44552e0b915d14c3a88982714ea3d335f92b0167991c534a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pxdzdyhfy.thewfrlovehq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 23:58:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 28-Feb-2023 23:58:19 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pxdzdyhfy.thewfrlovehq.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Tue, 28-Feb-2023 23:58:19 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Feb 2023 23:58:19 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 28-Feb-2023 23:58:19 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/92549391/1?wmode=7&page-url=https%3A%2F%2Fpxdzdyhfy.thewfrlovehq.com%2Fpost-detail%2Fwebidufj%2FE4135197119DC239B13E5E8141328F06&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24cmhk4ozkpnx0n%3Afp%3A1143%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A510625968985%3Ahid%3A130521151%3Az%3A0%3Ai%3A20230228235819%3Aet%3A1677628699%3Ac%3A1%3Arn%3A197166143%3Arqn%3A1%3Au%3A1677628699799026555%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A462%2C15%2C613%2C1%2C0%2C0%2C%2C46%2C0%2C%2C%2C%2C1139%3Aco%3A0%3Acpf%3A1%3Ans%3A1677628696732%3Arqnl%3A1%3Ast%3A1677628699%3At%3A%E3%82%AB%E3%83%BC%E3%83%89%E3%81%AE%E5%86%8D%E7%99%BA%E8%A1%8C%E3%83%BB%E5%88%87%E6%9B%BF%E3%81%88%E3%82%92%E3%81%97%E3%81%9F%E5%A0%B4%E5%90%88%E3%81%AF%E3%80%81WEB%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9%E3%81%AB%E6%96%B0%E8%A6%8FID%E7%99%BB%E9%8C%B2%E3%81%99%E3%82%8B%E5%BF%85%E8%A6%81%E3%81%8C%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99%E3%81%8B%EF%BC%9F%EF%BD%9C%E3%82%AF%E3%83%AC%E3%82%B8%E3%83%83%E3%83%88%E3%82%AB%E3%83%BC%E3%83%89%E3%81%AA%E3%82%89%E4%B8%89%E8%8F%B1UFJ%E3%83%8B%E3%82%B3%E3%82%B9&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://pxdzdyhfy.thewfrlovehq.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 28-Feb-2023 23:58:19 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
161 B 274ms
274ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: pxdzdyhfy.thewfrlovehq.com
URL: https://pxdzdyhfy.thewfrlovehq.com/post-detail/webidufj/E4135197119DC239B13E5E8141328F06

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pxdzdyhfy.thewfrlovehq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 23:58:19 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 21 Feb 2023 11:11:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63f47caa-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Mar 2023 00:58:19 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: MUFG (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| ym object| Ya object| yaCounter92549391

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thewfrlovehq.com/	1970-01-20 18:46:04	Name: _ym_uid Value: 1677628699799026555
.thewfrlovehq.com/	1970-01-20 18:46:04	Name: _ym_d Value: 1677628699
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2487563791677628699
.yandex.ru/	1970-01-20 19:36:28	Name: i Value: eskG1KuL23GsfFUbFF45c044uWnji8RxqJ9cbjSO4ZqJYCVr+awhhw/UeuvwDjrAIqxHyYAp9o6vyweHlz5j13Xcqys=
.yandex.ru/	1970-01-20 19:36:28	Name: yandexuid Value: 6762137081677628699
.yandex.ru/	1970-01-20 19:36:28	Name: yuidss Value: 6762137081677628699
.yandex.ru/	1970-01-20 18:46:04	Name: ymex Value: 1992988699.yc.1677628699#1992988699.yrts.1677628699#1992988699.yrtsi.1677628699
.thewfrlovehq.com/	1970-01-20 10:01:40	Name: _ym_isad Value: 2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mc.yandex.ru
pxdzdyhfy.thewfrlovehq.com
www.cr.mufg.jp
2600:9000:21d2:6c00:1b:d67:db80:93a1
2606:4700:3037::ac43:ab5a
2a02:6b8::1:119
04afc90111de0665453b3f792bc1112feb5ee5bad24b9e206af915941da8c300
0932c2edc336e7480a12aa5a5c5e0a2f1f03655eaeab2206ba4be3964e5ab8a0
2c4417958d8802c22cd4d7796c9c1b43d5949ea4f7cbd1c6b82d9292a485433e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
606335a3b457dd1d8ec02fe90a9afdf8889b1b485d6f27081dd4857ea5a6f79d
6346fba6edb44e68f469c88755aa971891c9ee1ea0f28277ecb404d8663b5c24
7a6324497a179a818660f2b019c0d00793702418c4a58eca9ed9e6bf81acfbd3
876ecc2306fba0aebd4773644ed6ed8dd48b99d53f56ece04cd903a032ed3e20
8ece947e9d35df44552e0b915d14c3a88982714ea3d335f92b0167991c534a25
a1aa0de8bf159516e6a619591e49810a73adaac17f8742c75ccee75a9e6bfe6a
b0897161ba0a121ec590ee6674cbfdb361798cb452e711c648eb07871138fe18
c9d26af9a7ed722cfb0ae4da81d72a809bad5e8c94b984f36d02200269c1b1e0
ca0ef3f97df3265e0b95d6e1fffec313da6584c82950b3320fa612b7e612eaf9
ec85d857bc02fff430d7341688a87d69b6aad708258a11c92f985353fc57532e

pxdzdyhfy.thewfrlovehq.com Open in urlscan Pro 2606:4700:3037::ac43:ab5a Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

101 kBTransfer

247 kBSize

8 Cookies

11 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

8 Cookies

Security Headers

Indicators

pxdzdyhfy.thewfrlovehq.com Open in urlscan Pro
2606:4700:3037::ac43:ab5a Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

101 kB
Transfer

247 kB
Size

8
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!