urlscan.io logo urlscan.io
SecurityTrails logo

bocchitherock.jp Open in urlscan Pro
104.21.9.135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cm.kingcountyhazwastewa.gov/?jumbo=apibet-rtp
Effective URL: https://bocchitherock.jp/tunnel/ddos888
Submission Tags: @phish_report
Submission: On December 20 via api from FI — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 4 HTTP transactions. The main IP is 104.21.9.135, located in and belongs to CLOUDFLARENET, US. The main domain is bocchitherock.jp.
TLS certificate: Issued by GTS CA 1P5 on December 16th 2023. Valid for: 3 months.
This is the only time bocchitherock.jp was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.187.36.104 8075 (MICROSOFT...)
1 104.21.9.135 13335 (CLOUDFLAR...)
1 138.199.46.68 60068 (CDN77 ^_^)
4 4
Apex Domain
Subdomains		 Transfer
1 cbrimages.com
static1.cbrimages.com — Cisco Umbrella Rank: 64769
66 KB
1 bocchitherock.jp
bocchitherock.jp
821 B
1 kingcountyhazwastewa.gov
cm.kingcountyhazwastewa.gov
602 B
0 bpglobal.com Failed
vendormanagement-tst.bpglobal.com Failed
4 4
Domain Requested by
1 static1.cbrimages.com bocchitherock.jp
1 bocchitherock.jp cm.kingcountyhazwastewa.gov
1 cm.kingcountyhazwastewa.gov
0 vendormanagement-tst.bpglobal.com Failed bocchitherock.jp
4 4

This site contains no links.

Subject Issuer Validity Valid
cm.kingcountyhazwastewa.gov
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-12-18 -
2024-06-18		 6 months crt.sh
bocchitherock.jp
GTS CA 1P5		 2023-12-16 -
2024-03-15		 3 months crt.sh
static1.cbrimages.com
R3		 2023-12-02 -
2024-03-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bocchitherock.jp/tunnel/ddos888
Frame ID: E2324D1A0FEB453D32298B9F834DAC60
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Perjalananmu Masih Panjang Kids.

Page URL History Show full URLs

  1. https://cm.kingcountyhazwastewa.gov/?jumbo=apibet-rtp Page URL
  2. https://bocchitherock.jp/tunnel/ddos888 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

4
Requests

75 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

68 kB
Transfer

66 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cm.kingcountyhazwastewa.gov/?jumbo=apibet-rtp Page URL
  2. https://bocchitherock.jp/tunnel/ddos888 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
cm.kingcountyhazwastewa.gov/ 		105 B
602 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.kingcountyhazwastewa.gov/?jumbo=apibet-rtp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.187.36.104 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 20 Dec 2023 03:11:00 GMT
ETag
W/"658193dd-69"
Last-Modified
Tue, 19 Dec 2023 13:00:13 GMT
Server
nginx/1.24.0
Transfer-Encoding
chunked
Primary Request ddos888
bocchitherock.jp/tunnel/ 		718 B
821 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bocchitherock.jp/tunnel/ddos888
Requested by
Host: cm.kingcountyhazwastewa.gov
URL: https://cm.kingcountyhazwastewa.gov/?jumbo=apibet-rtp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.9.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5691be3f51a8817ef1556a29b8fcd50f88fd4d6a2399605f404590e520ba08a

Request headers

Referer
https://cm.kingcountyhazwastewa.gov/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
8384b21028e640f4-SIN
content-encoding
br
content-type
text/html
date
Wed, 20 Dec 2023 03:11:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxchTVCQTN7ky2BaVyb3YhEIrtSXIYl5UIMtGRS21Ni%2FxeOaEivGiyWi7nZrg3zx9HjgcV7IQBqL1wb%2BJcOJjnXY0%2FDhEGiOTwc1TFYoVloiboKsdaXcCe2j%2F4KnR6nYse49"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Bocchi-The-Rock!-Episode-4-Hitori-Gotou-Loses-Her-Mind-Crunchyroll.jpg
static1.cbrimages.com/wordpress/wp-content/uploads/2022/10/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.cbrimages.com/wordpress/wp-content/uploads/2022/10/Bocchi-The-Rock!-Episode-4-Hitori-Gotou-Loses-Her-Mind-Crunchyroll.jpg
Requested by
Host: bocchitherock.jp
URL: https://bocchitherock.jp/tunnel/ddos888
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.46.68 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-46-68.bunnyinfra.net
Software
BunnyCDN-SG1-868 /
Resource Hash
b8d0040ac02b82825be9642658f58f962a8cefc4ba421559e4fb30297ece05f7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bocchitherock.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 03:11:02 GMT
cdn-edgestorageid
868
cdn-cachedat
01/28/2023 15:28:52
cdn-pullzone
1164669
content-disposition
inline; filename="Bocchi-The-Rock!-Episode-4-Hitori-Gotou-Loses-Her-Mind-Crunchyroll.avif"
content-length
67231
x-request-id
OBbCGyx6hY7RMn8ye1puN
server
BunnyCDN-SG1-868
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"9V2esB2Mx2NGhqGhi-IuyQo4FFLMyUL7u3wysjXZAFU/RIlVER2hCcmI4b2hqS2c1dXNmdmU3N3ci"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
488ac54c065617bb74203cbb305d2aed
cdn-requestcountrycode
SG
cdn-status
200
cdn-requestpullsuccess
True
ragnar.mp3
vendormanagement-tst.bpglobal.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vendormanagement-tst.bpglobal.com
URL
https://vendormanagement-tst.bpglobal.com/ragnar.mp3

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

2 Cookies

Domain/Path Name / Value
.cm.kingcountyhazwastewa.gov/ Name: TiPMix
Value: 89.92379725823184
.cm.kingcountyhazwastewa.gov/ Name: x-ms-routing-name
Value: self

3 Console Messages

Source Level URL
Text
network error URL: https://bocchitherock.jp/tunnel/ddos888
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning URL: https://bocchitherock.jp/tunnel/ddos888(Line 29)
Message:
Mixed Content: The page at 'https://bocchitherock.jp/tunnel/ddos888' was loaded over HTTPS, but requested an insecure element 'http://vendormanagement-tst.bpglobal.com/ragnar.mp3'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://vendormanagement-tst.bpglobal.com/ragnar.mp3
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED