thelittleredrestaurant.com Open in urlscan Pro
87.120.125.137 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://thelittleredrestaurant.com/
Effective URL:
https://thelittleredrestaurant.com/
Submission: On October 04 via api (October 4th 2024, 12:24:01 am UTC) from BE — Scanned from IT

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 87.120.125.137, located in Bulgaria and belongs to EKABI, US. The main domain is thelittleredrestaurant.com.
TLS certificate: Issued by R11 on October 1st 2024. Valid for: 3 months.

This is the only time thelittleredrestaurant.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: JCB (Financial)

Domain & IP information

	IP Address		AS Autonomous System
9	87.120.125.137 87.120.125.137		401115 (EKABI) (EKABI)
9	2

9 87.120.125.137 (Bulgaria)

ASN401115 (EKABI, US)

thelittleredrestaurant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	thelittleredrestaurant.com thelittleredrestaurant.com	151 KB
9	1

	Domain	Requested by
9	thelittleredrestaurant.com	thelittleredrestaurant.com
9	1

This site contains no links.

Subject Issuer	Validity	Valid
thelittleredrestaurant.com R11	`2024-10-01` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://thelittleredrestaurant.com/
Frame ID: 658C5133B7CC4A3043C571837CE72966
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

JCBの会員専用WEBサービス「MyJCB（マイジェーシービー）

Page URL History Show full URLs

http://thelittleredrestaurant.com/ HTTP 307
https://thelittleredrestaurant.com/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

151 kB
Transfer

781 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://thelittleredrestaurant.com/ HTTP 307
https://thelittleredrestaurant.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response thelittleredrestaurant.com/ Redirect Chain http://thelittleredrestaurant.com/ https://thelittleredrestaurant.com/	512 B 427 B	204ms 49ms	Document text/html	87.120.125.137 EKABI
General Check archive.org Show headers Download Go to Full URL https://thelittleredrestaurant.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.120.125.137 , Bulgaria, ASN401115 (EKABI, US), Reverse DNS Software Apache / Resource Hash `751f8190aaf643becedf45cb4835b659ba2d55bb313961cd6e7e34c88b272bf4` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-encoding gzip content-length 289 content-type text/html date Fri, 04 Oct 2024 00:23:56 GMT etag "200-6237f0effa7f6-gzip" last-modified Wed, 02 Oct 2024 14:14:39 GMT server Apache vary Accept-Encoding Redirect headers Location https://thelittleredrestaurant.com/ Non-Authoritative-Reason HttpsUpgrades
GET H2	200	main-D2GP-jpe1.js Show response thelittleredrestaurant.com/assets/	127 KB 45 KB	93ms 91ms	Script text/javascript	87.120.125.137 EKABI
General Check archive.org Show headers Download Go to Full URL https://thelittleredrestaurant.com/assets/main-D2GP-jpe1.js Requested by Host: thelittleredrestaurant.com URL: https://thelittleredrestaurant.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.120.125.137 , Bulgaria, ASN401115 (EKABI, US), Reverse DNS Software Apache / Resource Hash `269232dc959c8e12a14234f718c4554431cf876dccd6fae6fb747470c2269bc2` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://thelittleredrestaurant.com Referer https://thelittleredrestaurant.com/ Response headers content-encoding gzip etag "1fb1c-6223e38e8e5b1-gzip" accept-ranges bytes content-length 45578 date Fri, 04 Oct 2024 00:23:56 GMT last-modified Mon, 16 Sep 2024 15:28:18 GMT vary Accept-Encoding server Apache content-type text/javascript
GET H2	200	http-CgSNxvot.js Show response thelittleredrestaurant.com/assets/	435 B 411 B	91ms 90ms	Script text/javascript	87.120.125.137 EKABI
General Check archive.org Show headers Download Go to Full URL https://thelittleredrestaurant.com/assets/http-CgSNxvot.js Requested by Host: thelittleredrestaurant.com URL: https://thelittleredrestaurant.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.120.125.137 , Bulgaria, ASN401115 (EKABI, US), Reverse DNS Software Apache / Resource Hash `5972858e8631000f1abd53c96992e857665460aa343cf4f511f0dfcab3309ba3` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://thelittleredrestaurant.com Referer https://thelittleredrestaurant.com/ Response headers content-encoding gzip etag "1b3-620deac61d3ec-gzip" accept-ranges bytes content-length 323 date Fri, 04 Oct 2024 00:23:56 GMT last-modified Fri, 30 Aug 2024 04:03:27 GMT vary Accept-Encoding server Apache content-type text/javascript
GET H2	200	lang-DW9g7Brf1.js Show response thelittleredrestaurant.com/assets/	2 KB 914 B	92ms 91ms	Script text/javascript	87.120.125.137 EKABI
General Check archive.org Show headers Download Go to Full URL https://thelittleredrestaurant.com/assets/lang-DW9g7Brf1.js Requested by Host: thelittleredrestaurant.com URL: https://thelittleredrestaurant.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.120.125.137 , Bulgaria, ASN401115 (EKABI, US), Reverse DNS Software Apache / Resource Hash `3d3bbd3bf8f27a81af57e555916337914b91aa1803453c72f90085225c7cc8b9` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://thelittleredrestaurant.com Referer https://thelittleredrestaurant.com/ Response headers content-encoding gzip etag "641-62358623a1130-gzip" accept-ranges bytes content-length 837 date Fri, 04 Oct 2024 00:23:56 GMT last-modified Mon, 30 Sep 2024 16:06:12 GMT vary Accept-Encoding server Apache content-type text/javascript
GET H2	200	main-CQDif2hx.css thelittleredrestaurant.com/assets/	644 KB 99 KB	129ms 128ms	Stylesheet text/css	87.120.125.137 EKABI
General Check archive.org Show headers Download Go to Full URL https://thelittleredrestaurant.com/assets/main-CQDif2hx.css Requested by Host: thelittleredrestaurant.com URL: https://thelittleredrestaurant.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.120.125.137 , Bulgaria, ASN401115 (EKABI, US), Reverse DNS Software Apache / Resource Hash `e970a1d0b17c0beba2405084b3817034b96cf11d8ecff63aabfa8afd9e9f4cb1` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://thelittleredrestaurant.com Referer https://thelittleredrestaurant.com/ Response headers content-encoding gzip etag "a0f43-620deac61e771-gzip" accept-ranges bytes date Fri, 04 Oct 2024 00:23:56 GMT last-modified Fri, 30 Aug 2024 04:03:27 GMT vary Accept-Encoding server Apache content-type text/css
GET H2	200	lang-DW9g7Brf.js Show response thelittleredrestaurant.com/assets/	2 KB 914 B	53ms 52ms	Script text/javascript	87.120.125.137 EKABI
General Check archive.org Show headers Download Go to Full URL https://thelittleredrestaurant.com/assets/lang-DW9g7Brf.js Requested by Host: thelittleredrestaurant.com URL: https://thelittleredrestaurant.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.120.125.137 , Bulgaria, ASN401115 (EKABI, US), Reverse DNS Software Apache / Resource Hash `3d3bbd3bf8f27a81af57e555916337914b91aa1803453c72f90085225c7cc8b9` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://thelittleredrestaurant.com Referer https://thelittleredrestaurant.com/assets/main-D2GP-jpe1.js Response headers content-encoding gzip etag "641-6236071fb1d26-gzip" accept-ranges bytes content-length 837 date Fri, 04 Oct 2024 00:23:56 GMT last-modified Tue, 01 Oct 2024 01:43:16 GMT vary Accept-Encoding server Apache content-type text/javascript
GET H2	200	logo-CME16JSh.png thelittleredrestaurant.com/assets/	3 KB 3 KB	47ms 46ms	Image image/png	87.120.125.137 EKABI
General Check archive.org Show headers Download Go to Show image Full URL https://thelittleredrestaurant.com/assets/logo-CME16JSh.png Requested by Host: thelittleredrestaurant.com URL: https://thelittleredrestaurant.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.120.125.137 , Bulgaria, ASN401115 (EKABI, US), Reverse DNS Software Apache / Resource Hash `dd8e7c6375bd6ccc23582eec91b4f1417b6f582dfc48e40b7ae3a63d7b0ae949` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thelittleredrestaurant.com/ Response headers accept-ranges bytes content-length 3180 etag "c6c-620deac61d3ec" date Fri, 04 Oct 2024 00:23:57 GMT last-modified Fri, 30 Aug 2024 04:03:27 GMT content-type image/png server Apache
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6034aa1a5202485c861be5b8b5664b920a6ba8e02f65bea1ba7419ad736145c1` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	200	logo_footer-BLEAdAn1.png thelittleredrestaurant.com/assets/	2 KB 2 KB	47ms 47ms	Image image/png	87.120.125.137 EKABI
General Check archive.org Show headers Download Go to Show image Full URL https://thelittleredrestaurant.com/assets/logo_footer-BLEAdAn1.png Requested by Host: thelittleredrestaurant.com URL: https://thelittleredrestaurant.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.120.125.137 , Bulgaria, ASN401115 (EKABI, US), Reverse DNS Software Apache / Resource Hash `93b334e1a1d3b1f7ad60a247c93d72e8d3c03db8b81bc4c4184ad3a3d7ce5b62` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thelittleredrestaurant.com/ Response headers accept-ranges bytes content-length 1765 etag "6e5-620deac61cd6e" date Fri, 04 Oct 2024 00:23:57 GMT last-modified Fri, 30 Aug 2024 04:03:27 GMT content-type image/png server Apache
GET H2	404	favicon.ico thelittleredrestaurant.com/	273 B 323 B	43ms 43ms	Other text/html	87.120.125.137 EKABI
General Check archive.org Show headers Download Go to Full URL https://thelittleredrestaurant.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.120.125.137 , Bulgaria, ASN401115 (EKABI, US), Reverse DNS Software Apache / Resource Hash `cd2304d6e829e0151fbddf58c60e36df431989a763f78dbae182bef83f5610ec` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://thelittleredrestaurant.com/ Response headers content-length 273 date Fri, 04 Oct 2024 00:23:57 GMT content-type text/html; charset=iso-8859-1 server Apache

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: JCB (Financial)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __VUE__

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://thelittleredrestaurant.com/#/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://thelittleredrestaurant.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

thelittleredrestaurant.com
87.120.125.137
269232dc959c8e12a14234f718c4554431cf876dccd6fae6fb747470c2269bc2
3d3bbd3bf8f27a81af57e555916337914b91aa1803453c72f90085225c7cc8b9
5972858e8631000f1abd53c96992e857665460aa343cf4f511f0dfcab3309ba3
6034aa1a5202485c861be5b8b5664b920a6ba8e02f65bea1ba7419ad736145c1
751f8190aaf643becedf45cb4835b659ba2d55bb313961cd6e7e34c88b272bf4
93b334e1a1d3b1f7ad60a247c93d72e8d3c03db8b81bc4c4184ad3a3d7ce5b62
cd2304d6e829e0151fbddf58c60e36df431989a763f78dbae182bef83f5610ec
dd8e7c6375bd6ccc23582eec91b4f1417b6f582dfc48e40b7ae3a63d7b0ae949
e970a1d0b17c0beba2405084b3817034b96cf11d8ecff63aabfa8afd9e9f4cb1

thelittleredrestaurant.com Open in urlscan Pro 87.120.125.137 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

151 kBTransfer

781 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

thelittleredrestaurant.com Open in urlscan Pro
87.120.125.137 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

151 kB
Transfer

781 kB
Size

0
Cookies

9 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!