windowsvista.jp Open in urlscan Pro
120.136.14.55 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://windowsvista.jp/
Submission Tags: @phishunt_io
Submission: On November 09 via api (November 9th 2020, 8:27:57 am UTC) from ES

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 9 HTTP transactions. The main IP is 120.136.14.55, located in Osaka, Japan and belongs to XSERVER Xserver Inc., JP. The main domain is windowsvista.jp.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 8th 2020. Valid for: 3 months.

This is the only time windowsvista.jp was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	120.136.14.55 120.136.14.55	131965 (XSERVER X...) (XSERVER Xserver Inc.)
1	43.253.36.32 43.253.36.32	17686 (ACCELIA A...) (ACCELIA ACCELIA)
9	2

8 120.136.14.55 (Osaka, Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv754.xserver.jp

windowsvista.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rum-diary.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.253.36.32 (Japan)

ASN17686 (ACCELIA ACCELIA, JP)
PTR: host36-32.accelia.net

www.ryutsuu.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	windowsvista.jp windowsvista.jp	62 KB
2	rum-diary.jp rum-diary.jp	337 KB
1	ryutsuu.biz www.ryutsuu.biz	163 KB
9	3

	Domain	Requested by
6	windowsvista.jp	windowsvista.jp
2	rum-diary.jp	windowsvista.jp
1	www.ryutsuu.biz	windowsvista.jp
9	3

This site contains no links.

Subject Issuer	Validity	Valid
www.windowsvista.jp Let's Encrypt Authority X3	`2020-11-08` - `2021-02-06`	3 months	crt.sh
www.ryutsuu.biz GlobalSign RSA DV SSL CA 2018	`2019-12-24` - `2021-02-14`	a year	crt.sh
www.rum-diary.jp Let's Encrypt Authority X3	`2020-09-30` - `2020-12-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://windowsvista.jp/
Frame ID: AE224865B44166AF34F0E31610AF732F
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

562 kB
Transfer

730 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response windowsvista.jp/	28 KB 10 KB	1360ms 530ms	Document text/html	120.136.14.55 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://windowsvista.jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 120.136.14.55 Osaka, Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv754.xserver.jp Software nginx / Resource Hash `33de94c5dae90f901bef5a1db5f080281738494df0a97486d42ec2b385fb4008` Request headers :method GET :authority windowsvista.jp :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 server nginx date Mon, 09 Nov 2020 08:27:37 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding link <https://windowsvista.jp/wp-json/>; rel="https://api.w.org/" content-encoding gzip
GET H2	200	style.css windowsvista.jp/wp-content/themes/cocoon-master/	166 KB 40 KB	278ms 277ms	Stylesheet text/css	120.136.14.55 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://windowsvista.jp/wp-content/themes/cocoon-master/style.css?ver=4.5.3&fver=20200508120218 Requested by Host: windowsvista.jp URL: https://windowsvista.jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 120.136.14.55 Osaka, Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv754.xserver.jp Software nginx / Resource Hash `816beef67a30b40800e5351205b469dea983ae482a83cd167daa684f0acf3448` Request headers Referer https://windowsvista.jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 09 Nov 2020 08:27:37 GMT content-encoding gzip last-modified Fri, 08 May 2020 00:02:18 GMT server nginx etag W/"299ac-5a517b5ee4f98" vary Accept-Encoding content-type text/css status 200 cache-control max-age=604800 expires Mon, 16 Nov 2020 08:27:37 GMT
GET H2	200	keyframes.css windowsvista.jp/wp-content/themes/cocoon-master/	468 B 653 B	278ms 277ms	Stylesheet text/css	120.136.14.55 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://windowsvista.jp/wp-content/themes/cocoon-master/keyframes.css?ver=4.5.3&fver=20200508120218 Requested by Host: windowsvista.jp URL: https://windowsvista.jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 120.136.14.55 Osaka, Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv754.xserver.jp Software nginx / Resource Hash `1e9a33cef94ae295f999c45a330478daec506c8b85e5dd257ca5e0610a8839c1` Request headers Referer https://windowsvista.jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 09 Nov 2020 08:27:37 GMT last-modified Fri, 08 May 2020 00:02:18 GMT server nginx etag "1d4-5a517b5ee4f98" content-type text/css status 200 cache-control max-age=604800 accept-ranges bytes content-length 468 expires Mon, 16 Nov 2020 08:27:37 GMT
GET H2	200	font-awesome.min.css windowsvista.jp/wp-content/themes/cocoon-master/webfonts/fontawesome/css/	30 KB 8 KB	282ms 281ms	Stylesheet text/css	120.136.14.55 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://windowsvista.jp/wp-content/themes/cocoon-master/webfonts/fontawesome/css/font-awesome.min.css?ver=4.5.3&fver=20200508120218 Requested by Host: windowsvista.jp URL: https://windowsvista.jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 120.136.14.55 Osaka, Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv754.xserver.jp Software nginx / Resource Hash `6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f` Request headers Referer https://windowsvista.jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 09 Nov 2020 08:27:37 GMT content-encoding gzip last-modified Fri, 08 May 2020 00:02:18 GMT server nginx etag W/"792a-5a517b5ee3ff7" vary Accept-Encoding content-type text/css status 200 cache-control max-age=604800 expires Mon, 16 Nov 2020 08:27:37 GMT
GET H2	200	style.css windowsvista.jp/wp-content/themes/cocoon-master/webfonts/icomoon/	3 KB 1021 B	282ms 281ms	Stylesheet text/css	120.136.14.55 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://windowsvista.jp/wp-content/themes/cocoon-master/webfonts/icomoon/style.css?ver=4.5.3&fver=20200508120218 Requested by Host: windowsvista.jp URL: https://windowsvista.jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 120.136.14.55 Osaka, Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv754.xserver.jp Software nginx / Resource Hash `d19eea1ba392e353238b267bf842f52467ba9a526c8b428cd884867feed1ee87` Request headers Referer https://windowsvista.jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 09 Nov 2020 08:27:37 GMT content-encoding gzip last-modified Fri, 08 May 2020 00:02:18 GMT server nginx etag W/"b55-5a517b5ee4f98" vary Accept-Encoding content-type text/css status 200 cache-control max-age=604800 expires Mon, 16 Nov 2020 08:27:37 GMT
GET H2	200	slick-theme.css windowsvista.jp/wp-content/themes/cocoon-master/plugins/slick/	3 KB 1 KB	282ms 282ms	Stylesheet text/css	120.136.14.55 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Full URL https://windowsvista.jp/wp-content/themes/cocoon-master/plugins/slick/slick-theme.css?ver=4.5.3&fver=20200508120218 Requested by Host: windowsvista.jp URL: https://windowsvista.jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 120.136.14.55 Osaka, Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv754.xserver.jp Software nginx / Resource Hash `e1d65a2fae5a2378f5366ccff9e4a0fb7be256358a4b0193cc2d6e5f169d345e` Request headers Referer https://windowsvista.jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 09 Nov 2020 08:27:37 GMT content-encoding gzip last-modified Fri, 08 May 2020 00:02:18 GMT server nginx etag W/"db8-5a517b5ed74d7" vary Accept-Encoding content-type text/css status 200 cache-control max-age=604800 expires Mon, 16 Nov 2020 08:27:37 GMT
GET H/1.1	200 OK	20190410loft1.jpg www.ryutsuu.biz/images/2019/04/	163 KB 163 KB	1134ms 305ms	Image image/jpeg	43.253.36.32 ACCELIA ACCELIA
General Check archive.org Show headers Download Go to Show image Full URL https://www.ryutsuu.biz/images/2019/04/20190410loft1.jpg Requested by Host: windowsvista.jp URL: https://windowsvista.jp/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.253.36.32 , Japan, ASN17686 (ACCELIA ACCELIA, JP), Reverse DNS host36-32.accelia.net Software Apache / Resource Hash `bee8744166e31acb7e0aedce5ef538efe47e9efddc3084373cef77aa73293a8a` Request headers Referer https://windowsvista.jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 09 Nov 2020 08:27:38 GMT Last-Modified Wed, 10 Apr 2019 01:57:46 GMT Server Apache Age 0 Content-Type image/jpeg Cache-Control max-age=600 Accept-Ranges bytes Content-Length 166676 Expires Thu, 19 Nov 2020 08:27:39 GMT
GET H2	200	img_5f3d4ce9c67ed.png rum-diary.jp/wp-content/uploads/2020/08/	22 KB 22 KB	1368ms 536ms	Image image/png	120.136.14.55 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://rum-diary.jp/wp-content/uploads/2020/08/img_5f3d4ce9c67ed.png Requested by Host: windowsvista.jp URL: https://windowsvista.jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 120.136.14.55 Osaka, Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv754.xserver.jp Software nginx / Resource Hash `45af0c294ffb781f8bfdd331089602df73c53c63915c66990d97a1c431b69abb` Request headers Referer https://windowsvista.jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 09 Nov 2020 08:27:39 GMT last-modified Wed, 19 Aug 2020 16:01:52 GMT server nginx etag "5875-5ad3d1f45a801" content-type image/png status 200 cache-control max-age=604800 accept-ranges bytes content-length 22645 expires Mon, 16 Nov 2020 08:27:39 GMT
GET H2	200	img_5f3d4d22cd807.png rum-diary.jp/wp-content/uploads/2020/08/	314 KB 315 KB	1361ms 536ms	Image image/png	120.136.14.55 XSERVER Xserver Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://rum-diary.jp/wp-content/uploads/2020/08/img_5f3d4d22cd807.png Requested by Host: windowsvista.jp URL: https://windowsvista.jp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 120.136.14.55 Osaka, Japan, ASN131965 (XSERVER Xserver Inc., JP), Reverse DNS sv754.xserver.jp Software nginx / Resource Hash `05f5c857e6a048b4d5ab42bd0c70a05c5d2c7cb32af0a023e111986e353f04a9` Request headers Referer https://windowsvista.jp/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 09 Nov 2020 08:27:39 GMT last-modified Wed, 19 Aug 2020 16:02:53 GMT server nginx etag "4e9b5-5ad3d22eaf647" content-type image/png status 200 cache-control max-age=604800 accept-ranges bytes content-length 321973 expires Mon, 16 Nov 2020 08:27:39 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rum-diary.jp
windowsvista.jp
www.ryutsuu.biz
120.136.14.55
43.253.36.32
05f5c857e6a048b4d5ab42bd0c70a05c5d2c7cb32af0a023e111986e353f04a9
1e9a33cef94ae295f999c45a330478daec506c8b85e5dd257ca5e0610a8839c1
33de94c5dae90f901bef5a1db5f080281738494df0a97486d42ec2b385fb4008
45af0c294ffb781f8bfdd331089602df73c53c63915c66990d97a1c431b69abb
6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f
816beef67a30b40800e5351205b469dea983ae482a83cd167daa684f0acf3448
bee8744166e31acb7e0aedce5ef538efe47e9efddc3084373cef77aa73293a8a
d19eea1ba392e353238b267bf842f52467ba9a526c8b428cd884867feed1ee87
e1d65a2fae5a2378f5366ccff9e4a0fb7be256358a4b0193cc2d6e5f169d345e

windowsvista.jp Open in urlscan Pro 120.136.14.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

562 kBTransfer

730 kBSize

0 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Indicators

windowsvista.jp Open in urlscan Pro
120.136.14.55 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

562 kB
Transfer

730 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions