urlscan.io logo urlscan.io
SecurityTrails logo

rapidlanders.com Open in urlscan Pro
163.171.128.172  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://qckrtr.com/cr.php?cid=458&ACT=68333&TRK=XMOD_click.964ddabcaed43b1.42136190&subaff=XMOD_click&ocode=NTg3LjE...
Effective URL: https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed4...
Submission: On August 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 6 domains to perform 20 HTTP transactions. The main IP is 163.171.128.172, located in Germany and belongs to QUANTILNETWORKS, CA. The main domain is rapidlanders.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on April 3rd 2023. Valid for: a year.
This is the only time rapidlanders.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 52.36.45.36 16509 (AMAZON-02)
16 163.171.128.172 54994 (QUANTILNE...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
20 3
2    52.36.45.36 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-45-36.us-west-2.compute.amazonaws.com
qckrtr.com
www.lnkaccess.com
16    163.171.128.172 (Germany)

ASN54994 (QUANTILNETWORKS, CA)
rapidlanders.com
geoip.entrsecre.com
2    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
15 rapidlanders.com
rapidlanders.com
3 MB
2 gstatic.com
fonts.gstatic.com
73 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
2 KB
1 entrsecre.com
geoip.entrsecre.com
834 B
1 lnkaccess.com
www.lnkaccess.com
568 B
1 qckrtr.com
qckrtr.com
745 B
20 6
Domain Requested by
15 rapidlanders.com rapidlanders.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com rapidlanders.com
1 geoip.entrsecre.com rapidlanders.com
1 www.lnkaccess.com 1 redirects
1 qckrtr.com 1 redirects
20 6

This site contains no links.

Subject Issuer Validity Valid
*.rapidlanders.com
AlphaSSL CA - SHA256 - G4		 2023-04-03 -
2024-05-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.entrsecre.com
AlphaSSL CA - SHA256 - G4		 2023-06-26 -
2024-07-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
Frame ID: 0E2EF23E4C88E58AD524E24B97F7076C
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

free-adult-games | Kostenlos Spielen

Page URL History Show full URLs

  1. https://qckrtr.com/cr.php?cid=458&ACT=68333&TRK=XMOD_click.964ddabcaed43b1.42136190&subaff=XMOD... HTTP 302
    https://www.lnkaccess.com/ep.php/prmagms:72654/68333:XMOD_click.964ddabcaed43b1.42136190?subaff=XMOD_c... HTTP 302
    https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMO... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

3
IPs

2
Countries

2669 kB
Transfer

2804 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://qckrtr.com/cr.php?cid=458&ACT=68333&TRK=XMOD_click.964ddabcaed43b1.42136190&subaff=XMOD_click&ocode=NTg3LjE4OTcuNjQ0LjEyNTguMC4wLjAuMC4wLjExMjc4MjEuMC4w HTTP 302
    https://www.lnkaccess.com/ep.php/prmagms:72654/68333:XMOD_click.964ddabcaed43b1.42136190?subaff=XMOD_click&ocode=NTg3LjE4OTcuNjQ0LjEyNTguMC4wLjAuMC4wLjExMjc4MjEuMC4w&crpx=9AGf081618654 HTTP 302
    https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rapidlanders.com/src/click19/
Redirect Chain
  • https://qckrtr.com/cr.php?cid=458&ACT=68333&TRK=XMOD_click.964ddabcaed43b1.42136190&subaff=XMOD_click&ocode=NTg3LjE4OTcuNjQ0LjEyNTguMC4wLjAuMC4wLjExMjc4MjEuMC4w
  • https://www.lnkaccess.com/ep.php/prmagms:72654/68333:XMOD_click.964ddabcaed43b1.42136190?subaff=XMOD_click&ocode=NTg3LjE4OTcuNjQ0LjEyNTguMC4wLjAuMC4wLjExMjc4MjEuMC4w&crpx=9AGf081618654
  • https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
184 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
95bab2047b2e75bb8549eff65942f9fbab5f350df192748864e56f5ae7312e7a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 17 Aug 2023 05:10:56 GMT
server
PWS/8.3.1.0.8
via
1.1 kf160:5 (W), 1.1 PSdgflkfFRA1vg90:1 (W)
x-px
ms PSdgflkfFRA1vg90FRA,ms kf160FRA(origin)
x-ws-request-id
64ddabdf_PSdgflkfFRA1vg90_10580-41927

Redirect headers

content-type
text/html; charset=UTF-8
date
Thu, 17 Aug 2023 05:10:55 GMT
location
https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
server
Apache
css
fonts.googleapis.com/ 		14 KB
819 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700,800,900&display=swap
Requested by
Host: rapidlanders.com
URL: https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
158e3d61a8890e618a6fad8f51287e170353d9bf8e4fa2ab8e0334ec95deaee4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rapidlanders.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Aug 2023 05:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 05:10:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Aug 2023 05:10:56 GMT
css
fonts.googleapis.com/ 		1 KB
874 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Sigmar+One&display=swap
Requested by
Host: rapidlanders.com
URL: https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1a7a8f876b6524f8eb06c8164ec6bfdb058924b7ba2961714f155535290b060f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rapidlanders.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Aug 2023 05:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 05:08:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Aug 2023 05:10:56 GMT
style.css
rapidlanders.com/src/click19/css/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rapidlanders.com/src/click19/css/style.css
Requested by
Host: rapidlanders.com
URL: https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
7884c53005dffbaa7ce62aa5c70044d3794cd625e9859590d3c4a98bef356d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 05:10:56 GMT
content-encoding
gzip
via
1.1 PSmglsjLAX2qg174:1 (W), 1.1 PSdgflkfFRA1vg90:16 (W)
last-modified
Fri, 12 Feb 2021 06:14:36 GMT
server
PWS/8.3.1.0.8
age
35360
etag
W/"60261ccc-2c95"
x-ws-request-id
64ddabe0_PSdgflkfFRA1vg90_10580-41940
content-type
text/css
x-px
ht PSdgflkfFRA1vg90FRA
/
geoip.entrsecre.com/ 		400 B
834 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geoip.entrsecre.com/
Requested by
Host: rapidlanders.com
URL: https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
c3365ae2177ff723446d648b15737009884b95b37fbe91daf7b5b2244c6b975b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rapidlanders.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 05:10:57 GMT
via
1.1 PSmglsjLAX2pp175:0 (W), 1.1 PSdgflkfFRA1je97:15 (W)
server
PWS/8.3.1.0.8
x-ws-request-id
64ddabe0_PSdgflkfFRA1vg90_11154-58307
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
x-px
ms PSdgflkfFRA1je97FRA,ms PSmglsjLAX2pp175LAX(origin)
expires
0
1.jpg
rapidlanders.com/src/click19/img/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rapidlanders.com/src/click19/img/1.jpg
Requested by
Host: rapidlanders.com
URL: https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
6789a536b3c8c6c4e7d026920bac21f7ba7a008739a0b70f7285c4d9c2ca30a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 05:10:56 GMT
via
1.1 PSmglsjLAX2qg174:1 (W), 1.1 PSdgflkfFRA1je97:14 (W)
last-modified
Wed, 03 Feb 2021 14:40:28 GMT
server
PWS/8.3.1.0.8
age
35358
etag
"601ab5dc-c3f2"
x-ws-request-id
64ddabe0_PSdgflkfFRA1vg90_10580-41941
content-type
image/jpeg
x-px
ht PSdgflkfFRA1je97FRA
accept-ranges
bytes
content-length
50162
male.svg
rapidlanders.com/src/click19/img/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rapidlanders.com/src/click19/img/male.svg
Requested by
Host: rapidlanders.com
URL: https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
6f705b5023210ee91f20a849c553bdf48116ae707b97f95e7e58ceb9cceee914

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 05:10:56 GMT
via
1.1 PSmglsjLAX2qg174:1 (W), 1.1 PSdgflkfFRA1je97:7 (W)
last-modified
Wed, 03 Feb 2021 14:40:28 GMT
server
PWS/8.3.1.0.8
age
35358
etag
"601ab5dc-8358"
x-ws-request-id
64ddabe0_PSdgflkfFRA1vg90_10580-41942
content-type
image/svg+xml
x-px
ht PSdgflkfFRA1je97FRA
accept-ranges
bytes
content-length
33624
heart.png
rapidlanders.com/src/click19/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rapidlanders.com/src/click19/img/heart.png
Requested by
Host: rapidlanders.com
URL: https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
935ce11d876526c1e31065fd25db4bbbac6a013bfe9ea49814a1fb8bbc6b1953

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 05:10:56 GMT
via
1.1 PSmglsjLAX2qg174:1 (W), 1.1 PSdgflkfFRA1gi91:12 (W)
last-modified
Mon, 08 Feb 2021 18:55:03 GMT
server
PWS/8.3.1.0.8
age
35357
etag
"60218907-967"
x-ws-request-id
64ddabe0_PSdgflkfFRA1vg90_10580-41944
content-type
image/png
x-px
ht PSdgflkfFRA1gi91FRA
accept-ranges
bytes
content-length
2407
g1.png
rapidlanders.com/src/click19/img/ 		230 KB
230 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rapidlanders.com/src/click19/img/g1.png
Requested by
Host: rapidlanders.com
URL: https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
dbb96d59d5332d513ab90e1cc1bb1a5c829322079e3cbce58ac1ed9095130abd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 05:10:56 GMT
via
1.1 PSmglsjLAX2qg174:1 (W), 1.1 PSdgflkfFRA1gi91:21 (W)
last-modified
Wed, 03 Feb 2021 14:40:28 GMT
server
PWS/8.3.1.0.8
age
35357
etag
"601ab5dc-39629"
x-ws-request-id
64ddabe0_PSdgflkfFRA1vg90_10580-41945
content-type
image/png
x-px
ht PSdgflkfFRA1gi91FRA
accept-ranges
bytes
content-length
235049
heart_stat.png
rapidlanders.com/src/click19/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rapidlanders.com/src/click19/img/heart_stat.png
Requested by
Host: rapidlanders.com
URL: https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
5a375d7d345be52b89a3073f6c10e6e727ae352684de93d80d4ab68f0e5c1cf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 05:10:56 GMT
via
1.1 PSmglsjLAX2qg174:1 (W), 1.1 PSdgflkfFRA1vg90:18 (W)
last-modified
Wed, 03 Feb 2021 14:40:28 GMT
server
PWS/8.3.1.0.8
age
35357
etag
"601ab5dc-e70"
x-ws-request-id
64ddabe0_PSdgflkfFRA1vg90_10580-41947
content-type
image/png
x-px
ht PSdgflkfFRA1vg90FRA
accept-ranges
bytes
content-length
3696
jquery.min.js
rapidlanders.com/src/common/js/ 		84 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rapidlanders.com/src/common/js/jquery.min.js
Requested by
Host: rapidlanders.com
URL: https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 05:10:56 GMT
via
1.1 PSmglsjLAX2qg174:7 (W), 1.1 PSdgflkfFRA1vg90:6 (W)
last-modified
Thu, 07 Jan 2021 16:10:13 GMT
server
PWS/8.3.1.0.8
age
35359
etag
"5ff73265-14e4a"
x-ws-request-id
64ddabe0_PSdgflkfFRA1vg90_10580-41951
content-type
application/javascript
x-px
ht PSdgflkfFRA1vg90FRA
accept-ranges
bytes
content-length
85578
arrow.png
rapidlanders.com/src/click19/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rapidlanders.com/src/click19/img/arrow.png
Requested by
Host: rapidlanders.com
URL: https://rapidlanders.com/src/click19/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
9f5da0e83bd9e906edcfb8da38c3bc53d5803e46206c3c3d862e0126a92dbe5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rapidlanders.com/src/click19/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 05:10:57 GMT
via
1.1 PSmglsjLAX2qg174:1 (W), 1.1 PSdgflkfFRA1gi91:14 (W)
last-modified
Wed, 03 Feb 2021 14:40:28 GMT
server
PWS/8.3.1.0.8
age
35358
etag
"601ab5dc-d29"
x-ws-request-id
64ddabe1_PSdgflkfFRA1vg90_10580-41961
content-type
image/png
x-px
ht PSdgflkfFRA1gi91FRA
accept-ranges
bytes
content-length
3369
pointer.png
rapidlanders.com/src/click19/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rapidlanders.com/src/click19/img/pointer.png
Requested by
Host: rapidlanders.com
URL: https://rapidlanders.com/src/click19/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
09a96807fc746932d21bf63ca57a6bf3ce2e9faa5db5b6cbe2d5eef38cd55416

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rapidlanders.com/src/click19/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 05:10:57 GMT
via
1.1 PSmglsjLAX2qg174:1 (W), 1.1 PSdgflkfFRA1vg90:1 (W)
last-modified
Wed, 03 Feb 2021 14:40:28 GMT
server
PWS/8.3.1.0.8
age
35358
etag
"601ab5dc-ebd"
x-ws-request-id
64ddabe1_PSdgflkfFRA1vg90_10580-41962
content-type
image/png
x-px
ht PSdgflkfFRA1vg90FRA
accept-ranges
bytes
content-length
3773
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rapidlanders.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 20:44:11 GMT
x-content-type-options
nosniff
age
203206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Aug 2024 20:44:11 GMT
co3DmWZ8kjZuErj9Ta3do6Tppg.woff2
fonts.gstatic.com/s/sigmarone/v16/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sigmarone/v16/co3DmWZ8kjZuErj9Ta3do6Tppg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Sigmar+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39e7f97482ae0d4ab6990d049c22c207d33578cbb81a52bc6aad349f8bbd6d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rapidlanders.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 21:31:52 GMT
x-content-type-options
nosniff
age
545945
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43360
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:10:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Aug 2024 21:31:52 GMT
1d.mp4
rapidlanders.com/src/click19/img/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rapidlanders.com/src/click19/img/1d.mp4
Requested by
Host: rapidlanders.com
URL: https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
c50ca67eab95fee2a531ce86a0170e70b7d9ee4f181dabc777cf5db32dcc0a61

Request headers

Referer
https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 17 Aug 2023 05:10:57 GMT
via
1.1 PSmglsjLAX2hu177:0 (W), 1.1 PSdgflkfFRA1gi91:15 (W)
last-modified
Fri, 26 Feb 2021 15:28:52 GMT
server
PWS/8.3.1.0.8
age
17070
etag
"603913b4-182b6d"
x-ws-request-id
64ddabe1_PSdgflkfFRA1vg90_10580-41966
content-type
video/mp4
Content-Range
bytes 0-1583980/1583981
x-px
ht PSdgflkfFRA1gi91FRA
accept-ranges
bytes
Content-Length
1583981
queen_stat.png
rapidlanders.com/src/click19/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rapidlanders.com/src/click19/img/queen_stat.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
0b73edaafa4588da197e82270138c46804ee311975dd58f2b64189b4de8088e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 05:11:03 GMT
via
1.1 PSmglsjLAX2qg174:10 (W), 1.1 PSdgflkfFRA1je97:16 (W)
last-modified
Wed, 03 Feb 2021 14:40:28 GMT
server
PWS/8.3.1.0.8
age
35358
etag
"601ab5dc-10ea"
x-ws-request-id
64ddabe7_PSdgflkfFRA1vg90_10580-42200
content-type
image/png
x-px
ht PSdgflkfFRA1je97FRA
accept-ranges
bytes
content-length
4330
g2.png
rapidlanders.com/src/click19/img/ 		268 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rapidlanders.com/src/click19/img/g2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
f5601deb7dcb257db569545f6651f7bbe277c08e01e1b71a1b30bcecd3c28e52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 05:11:03 GMT
via
1.1 PSmglsjLAX2qg174:10 (W), 1.1 PSdgflkfFRA1je97:7 (W)
last-modified
Wed, 03 Feb 2021 14:40:28 GMT
server
PWS/8.3.1.0.8
age
35358
etag
"601ab5dc-42f3d"
x-ws-request-id
64ddabe7_PSdgflkfFRA1vg90_10580-42201
content-type
image/png
x-px
ht PSdgflkfFRA1je97FRA
accept-ranges
bytes
content-length
274237
war_stat.png
rapidlanders.com/src/click19/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rapidlanders.com/src/click19/img/war_stat.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
056a760322d7881f2aad538561ca21802dd77a0c6cf5ab53b5dc412eaefc888b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 05:11:09 GMT
via
1.1 PSmglsjLAX2qg174:10 (W), 1.1 PSdgflkfFRA1vg90:18 (W)
last-modified
Wed, 03 Feb 2021 14:40:28 GMT
server
PWS/8.3.1.0.8
age
35346
etag
"601ab5dc-146e"
x-ws-request-id
64ddabed_PSdgflkfFRA1vg90_10580-42409
content-type
image/png
x-px
ht PSdgflkfFRA1vg90FRA
accept-ranges
bytes
content-length
5230
g3.png
rapidlanders.com/src/click19/img/ 		288 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rapidlanders.com/src/click19/img/g3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
348f86efb96e1387e48822e485b77a64e688765f9ed32c98d03b1ab489dbe6e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rapidlanders.com/src/click19/?epcVIP=48.1066.g47&email=&lang=de&act=epc68333.47627-806020.XMOD_click.964ddabcaed43b1.42136190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 05:11:09 GMT
via
1.1 PSmglsjLAX2qg174:10 (W), 1.1 PSdgflkfFRA1je97:11 (W)
last-modified
Wed, 03 Feb 2021 14:40:28 GMT
server
PWS/8.3.1.0.8
age
35346
etag
"601ab5dc-480ea"
x-ws-request-id
64ddabed_PSdgflkfFRA1vg90_10580-42410
content-type
image/png
x-px
ht PSdgflkfFRA1je97FRA
accept-ranges
bytes
content-length
295146

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| geoip_country_code function| geoip_country_name function| geoip_city function| geoip_region function| geoip_region_name function| geoip_latitude function| geoip_longitude function| geoip_postal_code function| geoip_resolved_ip function| $ function| jQuery function| setCountry function| checkName function| checkPassEmail function| checkZip function| validateZip function| goToJ2 function| nxtStp function| loader1 function| loader2 function| loader3 function| Browser function| girlCount

8 Cookies

Domain/Path Name / Value
qckrtr.com/ Name: AWSALB
Value: aYIRDduLV4O81WsGtCIoWnbmL7nDv/1sXBTmq6HFmUX8bLnQ1Z+ID3iLdCxRCE7XO0djVGjPI7MP8SsNj34VY+Jp/8nFQFNYErYeTVzmYAULrMtsKK4keRaiDKJp
qckrtr.com/ Name: AWSALBCORS
Value: aYIRDduLV4O81WsGtCIoWnbmL7nDv/1sXBTmq6HFmUX8bLnQ1Z+ID3iLdCxRCE7XO0djVGjPI7MP8SsNj34VY+Jp/8nFQFNYErYeTVzmYAULrMtsKK4keRaiDKJp
qckrtr.com/ Name: hskp
Value: 9AGf081618654%2C
qckrtr.com/ Name: skip
Value: -1692249054%2C1311
qckrtr.com/ Name: 458_1311_0
Value: 1692249054
www.lnkaccess.com/ Name: AWSALB
Value: UEadlaOCjR7dEPf7X3cSNXKckYHxjx8FoCx9cto57Y9KPBbFM3IH7Dnn9wt59kwFLAwyY2BjiuiBmgipEtignMg402jaeVO019KspJy9lHt1+SvKHA0innC9flhk
www.lnkaccess.com/ Name: AWSALBCORS
Value: UEadlaOCjR7dEPf7X3cSNXKckYHxjx8FoCx9cto57Y9KPBbFM3IH7Dnn9wt59kwFLAwyY2BjiuiBmgipEtignMg402jaeVO019KspJy9lHt1+SvKHA0innC9flhk
www.lnkaccess.com/ Name: vip_id
Value: 68333.47627-806020

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
geoip.entrsecre.com
qckrtr.com
rapidlanders.com
www.lnkaccess.com
163.171.128.172
2a00:1450:4001:81c::200a
2a00:1450:4001:82f::2003
52.36.45.36
056a760322d7881f2aad538561ca21802dd77a0c6cf5ab53b5dc412eaefc888b
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
09a96807fc746932d21bf63ca57a6bf3ce2e9faa5db5b6cbe2d5eef38cd55416
0b73edaafa4588da197e82270138c46804ee311975dd58f2b64189b4de8088e3
158e3d61a8890e618a6fad8f51287e170353d9bf8e4fa2ab8e0334ec95deaee4
1a7a8f876b6524f8eb06c8164ec6bfdb058924b7ba2961714f155535290b060f
348f86efb96e1387e48822e485b77a64e688765f9ed32c98d03b1ab489dbe6e8
39e7f97482ae0d4ab6990d049c22c207d33578cbb81a52bc6aad349f8bbd6d46
5a375d7d345be52b89a3073f6c10e6e727ae352684de93d80d4ab68f0e5c1cf8
6789a536b3c8c6c4e7d026920bac21f7ba7a008739a0b70f7285c4d9c2ca30a3
6f705b5023210ee91f20a849c553bdf48116ae707b97f95e7e58ceb9cceee914
7884c53005dffbaa7ce62aa5c70044d3794cd625e9859590d3c4a98bef356d51
935ce11d876526c1e31065fd25db4bbbac6a013bfe9ea49814a1fb8bbc6b1953
95bab2047b2e75bb8549eff65942f9fbab5f350df192748864e56f5ae7312e7a
9f5da0e83bd9e906edcfb8da38c3bc53d5803e46206c3c3d862e0126a92dbe5e
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
c3365ae2177ff723446d648b15737009884b95b37fbe91daf7b5b2244c6b975b
c50ca67eab95fee2a531ce86a0170e70b7d9ee4f181dabc777cf5db32dcc0a61
dbb96d59d5332d513ab90e1cc1bb1a5c829322079e3cbce58ac1ed9095130abd
f5601deb7dcb257db569545f6651f7bbe277c08e01e1b71a1b30bcecd3c28e52