r-l.top Open in urlscan Pro
185.222.202.156 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://r-l.top/
Effective URL:
https://r-l.top/jp/
Submission: On November 19 via manual (November 19th 2019, 2:59:33 am UTC) from JP

Summary HTTP 22 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 22 HTTP transactions. The main IP is 185.222.202.156, located in Ukraine and belongs to UVL2-ASN -- PL --, UA. The main domain is r-l.top.
TLS certificate: Issued by TrustAsia TLS RSA CA on November 15th 2019. Valid for: a year.

This is the only time r-l.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Yamato Transport (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 21	185.222.202.156 185.222.202.156	204725 (UVL2-ASN ...) (UVL2-ASN -- PL --)
1	220.242.182.12 220.242.182.12	54994 (QUANTILNE...) (QUANTILNETWORKS - QUANTIL NETWORKS INC)
22	3

21 185.222.202.156 (Ukraine) 1 redirects

ASN204725 (UVL2-ASN -- PL --, UA)

r-l.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 220.242.182.12 (China)

ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	r-l.top 1 redirects r-l.top	765 KB
1	51.la js.users.51.la ia.51.la Failed	3 KB
22	2

	Domain	Requested by
21	r-l.top	1 redirects r-l.top
1	js.users.51.la	r-l.top
0	ia.51.la Failed	r-l.top
22	3

This site contains links to these domains. Also see Links.

Domain
www.kuronekoyamato.co.jp

Subject Issuer	Validity	Valid
r-l.top TrustAsia TLS RSA CA	`2019-11-15` - `2020-11-14`	a year	crt.sh
*.users.51.la GlobalSign Domain Validation CA - SHA256 - G2	`2018-01-15` - `2021-03-19`	3 years	crt.sh

This page contains 1 frames:

Primary Page: https://r-l.top/jp/
Frame ID: DCED86DEC13545E3569FC92054F8F174
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://r-l.top/ Page URL
https://r-l.top/jp HTTP 301
https://r-l.top/jp/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

22
Requests

95 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

768 kB
Transfer

1295 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.kuronekoyamato.co.jp/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://r-l.top/ Page URL
https://r-l.top/jp HTTP 301
https://r-l.top/jp/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response r-l.top/	427 B 544 B	441ms 42ms	Document text/html	185.222.202.156 UVL2-ASN -- PL --
General Check archive.org Show headers Download Go to Full URL https://r-l.top/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.222.202.156 , Ukraine, ASN204725 (UVL2-ASN -- PL --, UA), Reverse DNS Software nginx / Resource Hash `71156e3f4a9b95571713cf80c5a77b32b81347e3b68179edeaac62c027cf7357` Request headers :method GET :authority r-l.top :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none sec-fetch-mode navigate accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Sec-Fetch-User ?1 Response headers status 200 server nginx date Tue, 19 Nov 2019 02:59:05 GMT content-type text/html; charset=utf-8 vary Accept-Encoding set-cookie PHPSESSID=8g4567malefjkr5ck9egvqlpp5; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache content-encoding gzip
GET H/1.1	200 OK	20127435.js Show response js.users.51.la/	5 KB 3 KB	400ms 52ms	Script application/javascript	220.242.182.12 QUANTIL NETWORKS INC
General Check archive.org Show headers Download Go to Full URL https://js.users.51.la/20127435.js Requested by Host: r-l.top URL: https://r-l.top/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 220.242.182.12 , China, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US), Reverse DNS Software nginx/1.14.0 / Resource Hash `cd7fc61322d70224ff301fe914a3f2c07007a0ce11e54c12e56ca68e9e8854cb` Request headers Referer https://r-l.top/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers x-id 20127435 Date Tue, 19 Nov 2019 02:59:05 GMT Content-Encoding gzip Age 82668 Transfer-Encoding chunked X-Via 1.1 PSxgHKG8rt113:3 (Cdn Cache Server V2.0)[98 200 2], 1.1 ld83:5 (Cdn Cache Server V2.0)[551 200 2], 1.1 PSxbymdlMAD1ga70:8 (Cdn Cache Server V2.0)[1 200 0] Content-Disposition inline;filename=f.txt Connection keep-alive Request-Id 0000016E7CABFFE190178EAF1BEC8F58 x-reserved amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSW9rsQmdbMOphkaCuUqF0yDvd0fRLMk Last-Modified Thu Jun 20 12:01:57 CST 2019 Server nginx/1.14.0 ETag "5c3f0631efb39a56bd40b7b6dd53f89f" Vary Accept-Encoding Content-Type application/javascript;charset=UTF-8 version-id G001116B730C59C4FFFF9007002DBB36
GET		go1 ia.51.la/	0 0

GET H2	200	Primary Request / Show response r-l.top/jp/ Redirect Chain https://r-l.top/jp https://r-l.top/jp/	11 KB 4 KB	42ms 41ms	Document text/html	185.222.202.156 UVL2-ASN -- PL --
General Check archive.org Show headers Download Go to Full URL https://r-l.top/jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.222.202.156 , Ukraine, ASN204725 (UVL2-ASN -- PL --, UA), Reverse DNS Software nginx / Resource Hash `88a0116edae2d4d378844ba31a76f8bd8e9f84fff1463662baa1fa7b0b93a777` Request headers :method GET :authority r-l.top :scheme https :path /jp/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site same-origin sec-fetch-mode navigate referer https://r-l.top/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Referer https://r-l.top/ Response headers status 200 server nginx date Tue, 19 Nov 2019 02:59:17 GMT content-type text/html; charset=utf-8 vary Accept-Encoding set-cookie PHPSESSID=f2cmhfk11s3isj41qo5frub445; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache content-encoding gzip Redirect headers status 301 server nginx date Tue, 19 Nov 2019 02:59:17 GMT content-type text/html content-length 162 location https://r-l.top/jp/
GET H2	200	market.css r-l.top/jp/assets/css/	81 B 251 B	39ms 38ms	Stylesheet text/css	185.222.202.156 UVL2-ASN -- PL --
General Check archive.org Show headers Download Go to Full URL https://r-l.top/jp/assets/css/market.css Requested by Host: r-l.top URL: https://r-l.top/jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.222.202.156 , Ukraine, ASN204725 (UVL2-ASN -- PL --, UA), Reverse DNS Software nginx / Resource Hash `9edc5abc81de536194aa1986a03a219c5b581a050809f993987f99e1083f8511` Request headers Referer https://r-l.top/jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Tue, 19 Nov 2019 02:59:17 GMT last-modified Mon, 13 Mar 2017 23:42:36 GMT server nginx etag "58c72e6c-51" content-type text/css status 200 cache-control max-age=43200 accept-ranges bytes content-length 81 expires Tue, 19 Nov 2019 14:59:17 GMT
GET H2	200	jquery-2.0.3.min.js Show response r-l.top/jp/assets/js/	82 KB 32 KB	63ms 62ms	Script application/javascript	185.222.202.156 UVL2-ASN -- PL --
General Check archive.org Show headers Download Go to Full URL https://r-l.top/jp/assets/js/jquery-2.0.3.min.js Requested by Host: r-l.top URL: https://r-l.top/jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.222.202.156 , Ukraine, ASN204725 (UVL2-ASN -- PL --, UA), Reverse DNS Software nginx / Resource Hash `aeeb87a20c1e3f2c0a67b6c8d6f1c61aced271b04b86435471249e463852524a` Request headers Referer https://r-l.top/jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Tue, 19 Nov 2019 02:59:17 GMT content-encoding gzip last-modified Mon, 13 Mar 2017 23:43:58 GMT server nginx etag W/"58c72ebe-146a2" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=43200 expires Tue, 19 Nov 2019 14:59:17 GMT
GET H2	200	login.js Show response r-l.top/jp/assets/js/	127 KB 30 KB	86ms 85ms	Script application/javascript	185.222.202.156 UVL2-ASN -- PL --
General Check archive.org Show headers Download Go to Full URL https://r-l.top/jp/assets/js/login.js Requested by Host: r-l.top URL: https://r-l.top/jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.222.202.156 , Ukraine, ASN204725 (UVL2-ASN -- PL --, UA), Reverse DNS Software nginx / Resource Hash `86ede900489fe6b776dda8a56fa8b182c31c55b0548f45d4f28cd6ed462d903c` Request headers Referer https://r-l.top/jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Tue, 19 Nov 2019 02:59:17 GMT content-encoding gzip last-modified Thu, 11 May 2017 04:03:02 GMT server nginx etag W/"5913e276-1faf4" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=43200 expires Tue, 19 Nov 2019 14:59:17 GMT
GET H2	404	satelliteLib-a4445fd2af2e0c5b2734ffc8d58e4dcd9efa59a8.js r-l.top/jp/js/	0 0	91ms 90ms	Script text/html	185.222.202.156 UVL2-ASN -- PL --
General Check archive.org Show headers Download Go to Full URL https://r-l.top/jp/js/satelliteLib-a4445fd2af2e0c5b2734ffc8d58e4dcd9efa59a8.js Requested by Host: r-l.top URL: https://r-l.top/jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.222.202.156 , Ukraine, ASN204725 (UVL2-ASN -- PL --, UA), Reverse DNS Software nginx / Resource Hash Request headers Referer https://r-l.top/jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers status 404 date Tue, 19 Nov 2019 02:59:17 GMT server nginx content-length 548 content-type text/html
GET H2	200	common.js Show response r-l.top/jp/common/js/shared/	16 KB 5 KB	93ms 92ms	Script application/javascript	185.222.202.156 UVL2-ASN -- PL --
General Check archive.org Show headers Download Go to Full URL https://r-l.top/jp/common/js/shared/common.js Requested by Host: r-l.top URL: https://r-l.top/jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.222.202.156 , Ukraine, ASN204725 (UVL2-ASN -- PL --, UA), Reverse DNS Software nginx / Resource Hash `5f0255c4bc532863aa1928f25e15a1564815711445f2060faba66efa584da6fc` Request headers Referer https://r-l.top/jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Tue, 19 Nov 2019 02:59:17 GMT content-encoding gzip last-modified Tue, 22 Nov 2011 04:16:12 GMT server nginx etag W/"4ecb220c-3e4a" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=43200 expires Tue, 19 Nov 2019 14:59:17 GMT
GET H2	404	chk_submit.js r-l.top/jp/common/js/shared/	0 0	93ms 92ms	Script text/html	185.222.202.156 UVL2-ASN -- PL --
General Check archive.org Show headers Download Go to Full URL https://r-l.top/jp/common/js/shared/chk_submit.js Requested by Host: r-l.top URL: https://r-l.top/jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.222.202.156 , Ukraine, ASN204725 (UVL2-ASN -- PL --, UA), Reverse DNS Software nginx / Resource Hash Request headers Referer https://r-l.top/jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers status 404 date Tue, 19 Nov 2019 02:59:17 GMT server nginx content-length 548 content-type text/html
GET H2	404	nya24def.js r-l.top/jp/common/js/shared/	0 0	93ms 93ms	Script text/html	185.222.202.156 UVL2-ASN -- PL --
General Check archive.org Show headers Download Go to Full URL https://r-l.top/jp/common/js/shared/nya24def.js?20150330 Requested by Host: r-l.top URL: https://r-l.top/jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.222.202.156 , Ukraine, ASN204725 (UVL2-ASN -- PL --, UA), Reverse DNS Software nginx / Resource Hash Request headers Referer https://r-l.top/jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers status 404 date Tue, 19 Nov 2019 02:59:17 GMT server nginx content-length 548 content-type text/html
GET H2	200	img_site-logo_02.png r-l.top/jp/assets/img/img/	9 KB 10 KB	38ms 38ms	Image image/png	185.222.202.156 UVL2-ASN -- PL --
General Check archive.org Show headers Download Go to Show image Full URL https://r-l.top/jp/assets/img/img/img_site-logo_02.png Requested by Host: r-l.top URL: https://r-l.top/jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.222.202.156 , Ukraine, ASN204725 (UVL2-ASN -- PL --, UA), Reverse DNS Software nginx / Resource Hash `db6ef7f4f15f8023b680553d20adb4be2f46fc9d99b0f50c91300c2893b51e84` Request headers Referer https://r-l.top/jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Tue, 19 Nov 2019 02:59:17 GMT last-modified Tue, 27 Sep 2016 05:35:12 GMT server nginx etag "57ea0510-25cf" content-type image/png status 200 cache-control max-age=2592000 accept-ranges bytes content-length 9679 expires Thu, 19 Dec 2019 02:59:17 GMT
GET H2	200	base.css r-l.top/jp/assets/css/	51 KB 8 KB	57ms 56ms	Stylesheet text/css	185.222.202.156 UVL2-ASN -- PL --
General Check archive.org Show headers Download Go to Full URL https://r-l.top/jp/assets/css/base.css Requested by Host: r-l.top URL: https://r-l.top/jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.222.202.156 , Ukraine, ASN204725 (UVL2-ASN -- PL --, UA), Reverse DNS Software nginx / Resource Hash `dd5274a4867f8f2a8c52229894d0fe6493ffec45322977ffb5e07644c0ba6d65` Request headers Referer https://r-l.top/jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Tue, 19 Nov 2019 02:59:17 GMT content-encoding gzip last-modified Mon, 13 Mar 2017 23:42:36 GMT server nginx etag W/"58c72e6c-cace" vary Accept-Encoding content-type text/css status 200 cache-control max-age=43200 expires Tue, 19 Nov 2019 14:59:17 GMT
GET H2	200	structure.css r-l.top/jp/assets/css/	93 KB 13 KB	61ms 61ms	Stylesheet text/css	185.222.202.156 UVL2-ASN -- PL --
General Check archive.org Show headers Download Go to Full URL https://r-l.top/jp/assets/css/structure.css Requested by Host: r-l.top URL: https://r-l.top/jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.222.202.156 , Ukraine, ASN204725 (UVL2-ASN -- PL --, UA), Reverse DNS Software nginx / Resource Hash `e38336df41331087ef5f14fe290c4e735d9f64a40cbff4445e4b099c2bbc2c7a` Request headers Referer https://r-l.top/jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Tue, 19 Nov 2019 02:59:17 GMT content-encoding gzip last-modified Thu, 11 May 2017 04:02:18 GMT server nginx etag W/"5913e24a-175b6" vary Accept-Encoding content-type text/css status 200 cache-control max-age=43200 expires Tue, 19 Nov 2019 14:59:17 GMT
GET H2	200	components-market.css r-l.top/jp/assets/css/	283 KB 44 KB	68ms 68ms	Stylesheet text/css	185.222.202.156 UVL2-ASN -- PL --
General Check archive.org Show headers Download Go to Full URL https://r-l.top/jp/assets/css/components-market.css Requested by Host: r-l.top URL: https://r-l.top/jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.222.202.156 , Ukraine, ASN204725 (UVL2-ASN -- PL --, UA), Reverse DNS Software nginx / Resource Hash `eb0e00e917aaab148a4031aad2665ffb94defcf66513b483dc58aded3921907e` Request headers Referer https://r-l.top/jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Tue, 19 Nov 2019 02:59:17 GMT content-encoding gzip last-modified Thu, 11 May 2017 04:02:08 GMT server nginx etag W/"5913e240-46d44" vary Accept-Encoding content-type text/css status 200 cache-control max-age=43200 expires Tue, 19 Nov 2019 14:59:17 GMT
GET H2	404	satelliteLib-a4445fd2af2e0c5b2734ffc8d58e4dcd9efa59a8.js r-l.top/jp/js/	0 0	38ms 38ms	Script text/html	185.222.202.156 UVL2-ASN -- PL --
General Check archive.org Show headers Download Go to Full URL https://r-l.top/jp/js/satelliteLib-a4445fd2af2e0c5b2734ffc8d58e4dcd9efa59a8.js Requested by Host: r-l.top URL: https://r-l.top/jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.222.202.156 , Ukraine, ASN204725 (UVL2-ASN -- PL --, UA), Reverse DNS Software nginx / Resource Hash Request headers Referer https://r-l.top/jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers status 404 date Tue, 19 Nov 2019 02:59:17 GMT server nginx content-length 548 content-type text/html
GET H2	404	chk_submit.js r-l.top/jp/common/js/shared/	0 0	38ms 38ms	Script text/html	185.222.202.156 UVL2-ASN -- PL --
General Check archive.org Show headers Download Go to Full URL https://r-l.top/jp/common/js/shared/chk_submit.js Requested by Host: r-l.top URL: https://r-l.top/jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.222.202.156 , Ukraine, ASN204725 (UVL2-ASN -- PL --, UA), Reverse DNS Software nginx / Resource Hash Request headers Referer https://r-l.top/jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers status 404 date Tue, 19 Nov 2019 02:59:17 GMT server nginx content-length 548 content-type text/html
GET H2	404	nya24def.js r-l.top/jp/common/js/shared/	0 0	40ms 40ms	Script text/html	185.222.202.156 UVL2-ASN -- PL --
General Check archive.org Show headers Download Go to Full URL https://r-l.top/jp/common/js/shared/nya24def.js?20150330 Requested by Host: r-l.top URL: https://r-l.top/jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.222.202.156 , Ukraine, ASN204725 (UVL2-ASN -- PL --, UA), Reverse DNS Software nginx / Resource Hash Request headers Referer https://r-l.top/jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers status 404 date Tue, 19 Nov 2019 02:59:17 GMT server nginx content-length 548 content-type text/html
GET H2	200	NotoSansCJKjp-Regular.woff r-l.top/jp/assets/fonts/	546 KB 547 KB	39ms 39ms	Font font/woff	185.222.202.156 UVL2-ASN -- PL --
General Check archive.org Show headers Download Go to Full URL https://r-l.top/jp/assets/fonts/NotoSansCJKjp-Regular.woff Requested by Host: r-l.top URL: https://r-l.top/jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.222.202.156 , Ukraine, ASN204725 (UVL2-ASN -- PL --, UA), Reverse DNS Software nginx / Resource Hash `64307cff91b7506e6e5e93cacf0da17a847127bf4790f4e82e06fa718647cff0` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Referer https://r-l.top/jp/assets/css/base.css Origin https://r-l.top Response headers date Tue, 19 Nov 2019 02:59:17 GMT last-modified Wed, 24 Aug 2016 22:54:28 GMT server nginx etag "57be25a4-889ec" content-type font/woff status 200 accept-ranges bytes content-length 559596
GET H2	200	iconfont92d6.ttf r-l.top/jp/assets/fonts/	3 KB 4 KB	78ms 78ms	Font application/octet-stream	185.222.202.156 UVL2-ASN -- PL --
General Check archive.org Show headers Download Go to Full URL https://r-l.top/jp/assets/fonts/iconfont92d6.ttf?ssh4fq Requested by Host: r-l.top URL: https://r-l.top/jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.222.202.156 , Ukraine, ASN204725 (UVL2-ASN -- PL --, UA), Reverse DNS Software nginx / Resource Hash `ebd3eec5854f25f0446c9e5f7a8adf11ade00f06183403d0c3fb0f38fb79003a` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Referer https://r-l.top/jp/assets/css/base.css Origin https://r-l.top Response headers date Tue, 19 Nov 2019 02:59:17 GMT last-modified Wed, 24 Aug 2016 22:54:28 GMT server nginx etag "57be25a4-df4" content-type application/octet-stream status 200 accept-ranges bytes content-length 3572
GET H2	200	bg_hdg-level2-01_01.png r-l.top/jp/assets/img/bg/	93 B 265 B	67ms 67ms	Image image/png	185.222.202.156 UVL2-ASN -- PL --
General Check archive.org Show headers Download Go to Show image Full URL https://r-l.top/jp/assets/img/bg/bg_hdg-level2-01_01.png Requested by Host: r-l.top URL: https://r-l.top/jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.222.202.156 , Ukraine, ASN204725 (UVL2-ASN -- PL --, UA), Reverse DNS Software nginx / Resource Hash `f3f0895f9742c76af7271d99872de0c22a1bc7a1a2a8d0aec80fa421a3d8c4da` Request headers Referer https://r-l.top/jp/assets/css/components-market.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Tue, 19 Nov 2019 02:59:17 GMT last-modified Mon, 13 Mar 2017 23:43:28 GMT server nginx etag "58c72ea0-5d" content-type image/png status 200 cache-control max-age=2592000 accept-ranges bytes content-length 93 expires Thu, 19 Dec 2019 02:59:17 GMT
GET H2	200	icon_pagetop_01.png r-l.top/jp/assets/img/icon/	67 KB 67 KB	67ms 67ms	Image image/png	185.222.202.156 UVL2-ASN -- PL --
General Check archive.org Show headers Download Go to Show image Full URL https://r-l.top/jp/assets/img/icon/icon_pagetop_01.png Requested by Host: r-l.top URL: https://r-l.top/jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.222.202.156 , Ukraine, ASN204725 (UVL2-ASN -- PL --, UA), Reverse DNS Software nginx / Resource Hash `ec3675b1c19aab628da241dedb23e7408127ef19de900b2922a627e728424b9e` Request headers Referer https://r-l.top/jp/assets/css/components-market.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Tue, 19 Nov 2019 02:59:17 GMT last-modified Mon, 13 Mar 2017 23:43:36 GMT server nginx etag "58c72ea8-10bd5" content-type image/png status 200 cache-control max-age=2592000 accept-ranges bytes content-length 68565 expires Thu, 19 Dec 2019 02:59:17 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ia.51.la
URL: https://ia.51.la/go1?id=20127435&rt=1574132345482&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1574132345482&tt=......&kw=&cu=https%253A%252F%252Fr-l.top%252F&pu=

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Yamato Transport (Transportation)

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			r-l.top/	1969-12-31 23:59:59	Name: PHPSESSID Value: f2cmhfk11s3isj41qo5frub445

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ia.51.la
js.users.51.la
r-l.top
ia.51.la
185.222.202.156
220.242.182.12
5f0255c4bc532863aa1928f25e15a1564815711445f2060faba66efa584da6fc
64307cff91b7506e6e5e93cacf0da17a847127bf4790f4e82e06fa718647cff0
71156e3f4a9b95571713cf80c5a77b32b81347e3b68179edeaac62c027cf7357
86ede900489fe6b776dda8a56fa8b182c31c55b0548f45d4f28cd6ed462d903c
88a0116edae2d4d378844ba31a76f8bd8e9f84fff1463662baa1fa7b0b93a777
9edc5abc81de536194aa1986a03a219c5b581a050809f993987f99e1083f8511
aeeb87a20c1e3f2c0a67b6c8d6f1c61aced271b04b86435471249e463852524a
cd7fc61322d70224ff301fe914a3f2c07007a0ce11e54c12e56ca68e9e8854cb
db6ef7f4f15f8023b680553d20adb4be2f46fc9d99b0f50c91300c2893b51e84
dd5274a4867f8f2a8c52229894d0fe6493ffec45322977ffb5e07644c0ba6d65
e38336df41331087ef5f14fe290c4e735d9f64a40cbff4445e4b099c2bbc2c7a
eb0e00e917aaab148a4031aad2665ffb94defcf66513b483dc58aded3921907e
ebd3eec5854f25f0446c9e5f7a8adf11ade00f06183403d0c3fb0f38fb79003a
ec3675b1c19aab628da241dedb23e7408127ef19de900b2922a627e728424b9e
f3f0895f9742c76af7271d99872de0c22a1bc7a1a2a8d0aec80fa421a3d8c4da

r-l.top Open in urlscan Pro 185.222.202.156 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

95 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

768 kBTransfer

1295 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

34 JavaScript Global Variables

1 Cookies

Indicators

r-l.top Open in urlscan Pro
185.222.202.156 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

95 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

768 kB
Transfer

1295 kB
Size

1
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!