koroharuka.com - urlscan.io

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 7 HTTP transactions. The main IP is 163.44.185.199, located in Wako, Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is koroharuka.com.
TLS certificate: Issued by R3 on September 10th 2021. Valid for: 3 months.

This is the only time koroharuka.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	163.44.185.199 163.44.185.199	7506 (INTERQ GM...) (INTERQ GMO Internet)
1	150.95.250.159 150.95.250.159	7506 (INTERQ GM...) (INTERQ GMO Internet)
1 2	104.89.20.19 104.89.20.19	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:215... 2600:9000:2156:e000:6:bd5c:1300:93a1	16509 (AMAZON-02) (AMAZON-02)
7	5

1 163.44.185.199 (Wako, Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: 163-44-185-199.virt.lolipop.jp

koroharuka.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.95.250.159 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)

assets.lolipop.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.89.20.19 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-20-19.deploy.static.akamaitechnologies.com

j.microad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jgl.microad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:e000:6:bd5c:1300:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.minne.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	microad.net 1 redirects j.microad.net jgl.microad.net	20 KB
1	minne.com static.minne.com	79 KB
1	lolipop.jp assets.lolipop.jp	8 KB
1	koroharuka.com koroharuka.com	19 KB
0	microadinc.com Failed cache.send.microadinc.com Failed s-rtb.send.microadinc.com Failed
0	ad-stir.com Failed js.ad-stir.com Failed
7	6

	Domain	Requested by
1	static.minne.com	koroharuka.com
1	jgl.microad.net	koroharuka.com
1	j.microad.net	1 redirects
1	assets.lolipop.jp	koroharuka.com
1	koroharuka.com
0	s-rtb.send.microadinc.com Failed	j.microad.net
0	cache.send.microadinc.com Failed	j.microad.net
0	js.ad-stir.com Failed	koroharuka.com
7	8

This site contains links to these domains. Also see Links.

Domain
lolipop.jp
minne.com

Subject Issuer	Validity	Valid
koroharuka.com R3	`2021-09-10` - `2021-12-09`	3 months	crt.sh
*.lolipop.jp AlphaSSL CA - SHA256 - G2	`2021-08-18` - `2022-09-11`	a year	crt.sh
*.microad.net GeoTrust RSA CA 2018	`2021-06-30` - `2022-07-05`	a year	crt.sh
*.minne.com GlobalSign GCC R3 DV TLS CA 2020	`2020-11-10` - `2021-12-12`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://koroharuka.com/login.php
Frame ID: 8AE79CC0CAE1565FE3C304771DBF9A7C
Requests: 6 HTTP requests in this frame

Frame: https://cache.send.microadinc.com/js/cookie_loader.html
Frame ID: 8EA3A8482A508773D30E65D006E8821C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 Error - Not Found

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

7
Requests

57 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

5
IPs

3
Countries

126 kB
Transfer

190 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://lolipop.jp/support/
Title: サポート

Search URL Search Domain Scan URL

URL: https://lolipop.jp/

Search URL Search Domain Scan URL

URL: https://minne.com/?utm_source=lolipop&utm_medium=banner&utm_campaign=synergy&utm_content=404

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://j.microad.net/js/compass.js HTTP 302
https://jgl.microad.net/js/compass.js

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request login.php Show response koroharuka.com/	19 KB 19 KB	6349ms 537ms	Document text/html	163.44.185.199 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Full URL https://koroharuka.com/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 163.44.185.199 Wako, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS 163-44-185-199.virt.lolipop.jp Software Apache / Resource Hash `9ec7bd724896221982df1bfee78755c23566235ddce9cd85aa7e659b01214acd` Request headers :method GET :authority koroharuka.com :scheme https :path /login.php pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Sun, 12 Sep 2021 02:56:14 GMT content-type text/html content-length 19220 server Apache last-modified Wed, 11 Nov 2020 12:46:34 GMT
GET H2	200	bnr_lolipop_ad_001.gif assets.lolipop.jp/img/bnr/	8 KB 8 KB	6024ms 257ms	Image image/gif	150.95.250.159 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Show image Full URL https://assets.lolipop.jp/img/bnr/bnr_lolipop_ad_001.gif Requested by Host: koroharuka.com URL: https://koroharuka.com/login.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 150.95.250.159 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS Software Apache/2.4.6 (CentOS) PHP/7.2.1 OpenSSL/1.0.2k-fips / Resource Hash `701832f79b5f7aedd6f2f47d6b0397b72d4067ed45e5ce5d2b145c8b83a6fcf6` Request headers Accept-Language de-DE,de;q=0.9 Referer https://koroharuka.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 12 Sep 2021 02:56:21 GMT last-modified Fri, 10 Sep 2021 04:09:39 GMT server Apache/2.4.6 (CentOS) PHP/7.2.1 OpenSSL/1.0.2k-fips etag "1f5d-5cb9c48b966c0" front-end-https on content-type image/gif cache-control max-age=604800 x-whom lolipop.jp accept-ranges bytes content-length 8029 expires Fri, 17 Sep 2021 09:43:36 GMT
GET H/1.1	200 OK	compass.js Show response jgl.microad.net/js/ Redirect Chain https://j.microad.net/js/compass.js https://jgl.microad.net/js/compass.js	85 KB 20 KB	5180ms 10ms	Script application/javascript	104.89.20.19 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://jgl.microad.net/js/compass.js Requested by Host: koroharuka.com URL: https://koroharuka.com/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.89.20.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-89-20-19.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `e51648608b63240db3d85837cb7063b1a18e05d805d6f524f252318a89915702` Request headers Accept-Language de-DE,de;q=0.9 Referer https://koroharuka.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sun, 12 Sep 2021 02:56:25 GMT Content-Encoding gzip Last-Modified Wed, 25 Aug 2021 01:05:19 GMT Server Apache ETag "1525e-gzip" Vary Accept-Encoding P3P policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE Cache-Control public, max-age=131794 Connection keep-alive Accept-Ranges bytes Content-Type application/javascript Content-Length 20151 Expires Mon, 13 Sep 2021 15:32:59 GMT Redirect headers Location https://jgl.microad.net/js/compass.js Date Sun, 12 Sep 2021 02:56:20 GMT Server AkamaiGHost Connection keep-alive Content-Length 0
GET H2	200	minne_600x500@2x.jpg static.minne.com/files/banner/	79 KB 79 KB	5087ms 23ms	Image image/jpeg	2600:9000:2156:e000:6:bd5c:1300:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.minne.com/files/banner/minne_600x500@2x.jpg Requested by Host: koroharuka.com URL: https://koroharuka.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:e000:6:bd5c:1300:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `04864c259b74c0b5a75d4568296d64ba09eed6590011516974df99c734f933af` Request headers Accept-Language de-DE,de;q=0.9 Referer https://koroharuka.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-amz-version-id aMoTo.SIRQOqeXAMnxB00sF_XNYHdVRB via 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront) last-modified Fri, 27 Aug 2021 06:08:01 GMT server AmazonS3 age 2421 etag "80833bbb1164d5e509bb9e772e058a8e" x-cache Hit from cloudfront content-type image/jpeg date Sun, 12 Sep 2021 02:16:00 GMT x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 80450 x-amz-cf-id gzs9wQp6Bkh48BDh4FWQHR5t5EU39gp8mDRNdgKLaES7HNK3IzGrHQ==
GET		adstir.js js.ad-stir.com/js/	0 0

GET		cookie_loader.html cache.send.microadinc.com/js/ Frame 8EA3	0 0

GET		ad s-rtb.send.microadinc.com/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.ad-stir.com
URL: http://js.ad-stir.com/js/adstir.js?20130527

Domain: cache.send.microadinc.com
URL: https://cache.send.microadinc.com/js/cookie_loader.html

Domain: s-rtb.send.microadinc.com
URL: https://s-rtb.send.microadinc.com/ad?spot=c642b8b26ac8ecdb10bab5be2ed05ac4&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fkoroharuka.com%2Flogin.php&referrer=&cbt=c50fdcaa7d6000017bd7ef3d6a

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://koroharuka.com/login.php Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://koroharuka.com/login.php Message: Mixed Content: The page at 'https://koroharuka.com/login.php' was loaded over HTTPS, but requested an insecure element 'http://assets.lolipop.jp/img/bnr/bnr_lolipop_ad_001.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://koroharuka.com/login.php Message: Mixed Content: The page at 'https://koroharuka.com/login.php' was loaded over HTTPS, but requested an insecure script 'http://js.ad-stir.com/js/adstir.js?20130527'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://koroharuka.com/login.php(Line 219) Message: Mixed Content: The page at 'https://koroharuka.com/login.php' was loaded over HTTPS, but requested an insecure element 'http://assets.lolipop.jp/img/bnr/bnr_lolipop_ad_001.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.lolipop.jp
cache.send.microadinc.com
j.microad.net
jgl.microad.net
js.ad-stir.com
koroharuka.com
s-rtb.send.microadinc.com
static.minne.com
cache.send.microadinc.com
js.ad-stir.com
s-rtb.send.microadinc.com
104.89.20.19
150.95.250.159
163.44.185.199
2600:9000:2156:e000:6:bd5c:1300:93a1
04864c259b74c0b5a75d4568296d64ba09eed6590011516974df99c734f933af
701832f79b5f7aedd6f2f47d6b0397b72d4067ed45e5ce5d2b145c8b83a6fcf6
9ec7bd724896221982df1bfee78755c23566235ddce9cd85aa7e659b01214acd
e51648608b63240db3d85837cb7063b1a18e05d805d6f524f252318a89915702

koroharuka.com Open in urlscan Pro 163.44.185.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

7 Requests

57 %HTTPS

25 %IPv6

6 Domains

8 Subdomains

5 IPs

3 Countries

126 kBTransfer

190 kBSize

0 Cookies

3 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

koroharuka.com Open in urlscan Pro
163.44.185.199 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

57 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

5
IPs

3
Countries

126 kB
Transfer

190 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions