bwindows.net Open in urlscan Pro
108.179.243.23 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bwindows.net/
Submission Tags: @phishunt_io
Submission: On November 08 via api (November 8th 2020, 4:22:09 pm UTC) from ES

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 11 HTTP transactions. The main IP is 108.179.243.23, located in Houston, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is bwindows.net.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 8th 2020. Valid for: 3 months.

This is the only time bwindows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	108.179.243.23 108.179.243.23	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2600:9000:20e... 2600:9000:20eb:d600:11:ae8:5a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:2190:2a00:11:20a2:4300:21	16509 (AMAZON-02) (AMAZON-02)
11	3

9 108.179.243.23 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: chainalytics.com

bwindows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:d600:11:ae8:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

mlpnool5yp5i.i.optimole.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:2a00:11:20a2:4300:21 (United States)

ASN16509 (AMAZON-02, US)

d5jmkjjpb7yfg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	bwindows.net bwindows.net	63 KB
1	cloudfront.net d5jmkjjpb7yfg.cloudfront.net	11 KB
1	optimole.com mlpnool5yp5i.i.optimole.com	9 KB
11	3

	Domain	Requested by
9	bwindows.net	bwindows.net
1	d5jmkjjpb7yfg.cloudfront.net	bwindows.net
1	mlpnool5yp5i.i.optimole.com	bwindows.net
11	3

This site contains no links.

Subject Issuer	Validity	Valid
www.bwindows.net Let's Encrypt Authority X3	`2020-11-08` - `2021-02-06`	3 months	crt.sh
*.i.optimole.com Amazon	`2020-06-10` - `2021-07-10`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bwindows.net/
Frame ID: C9726E8870BFFEB4D18288A776516F68
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

11
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

84 kB
Transfer

281 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bwindows.net/	29 KB 10 KB	1677ms 1206ms	Document text/html	108.179.243.23 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://bwindows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.243.23 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS chainalytics.com Software nginx/1.19.0 / Resource Hash `4cba922c0379de802a08151ded5f67c8dcdacb2d7a5d3a076b0f36edff2e8fdb` Request headers :method GET :authority bwindows.net :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Sun, 08 Nov 2020 16:21:52 GMT server nginx/1.19.0 content-type text/html; charset=UTF-8 content-length 9995 link <https://bwindows.net/wp-json/>; rel="https://api.w.org/" vary Accept-Encoding content-encoding gzip x-server-cache false x-accel-expires 10800
GET H2	200	style.min.css bwindows.net/wp-includes/css/dist/block-library/	53 KB 10 KB	445ms 444ms	Stylesheet text/css	108.179.243.23 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://bwindows.net/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3 Requested by Host: bwindows.net URL: https://bwindows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.243.23 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS chainalytics.com Software nginx/1.19.0 / Resource Hash `8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af` Request headers Referer https://bwindows.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-accel-expires 10800 date Sun, 08 Nov 2020 16:21:53 GMT content-encoding gzip last-modified Wed, 02 Sep 2020 04:03:09 GMT server nginx/1.19.0 x-server-cache false vary Accept-Encoding content-type text/css status 200 accept-ranges bytes content-length 10450
GET H2	200	all.min.css bwindows.net/wp-content/plugins/themeisle-companion/obfx_modules/gutenberg-blocks/assets/fontawesome/css/	57 KB 12 KB	452ms 451ms	Stylesheet text/css	108.179.243.23 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://bwindows.net/wp-content/plugins/themeisle-companion/obfx_modules/gutenberg-blocks/assets/fontawesome/css/all.min.css?ver=2.10.0 Requested by Host: bwindows.net URL: https://bwindows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.243.23 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS chainalytics.com Software nginx/1.19.0 / Resource Hash `876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84` Request headers Referer https://bwindows.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-accel-expires 10800 date Sun, 08 Nov 2020 16:21:53 GMT content-encoding gzip last-modified Mon, 12 Oct 2020 16:00:55 GMT server nginx/1.19.0 x-server-cache false vary Accept-Encoding content-type text/css status 200 accept-ranges bytes content-length 12646
GET H2	200	v4-shims.min.css bwindows.net/wp-content/plugins/themeisle-companion/obfx_modules/gutenberg-blocks/assets/fontawesome/css/	26 KB 4 KB	444ms 443ms	Stylesheet text/css	108.179.243.23 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://bwindows.net/wp-content/plugins/themeisle-companion/obfx_modules/gutenberg-blocks/assets/fontawesome/css/v4-shims.min.css?ver=2.10.0 Requested by Host: bwindows.net URL: https://bwindows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.243.23 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS chainalytics.com Software nginx/1.19.0 / Resource Hash `c0ded025aa80c10d37920521c8de04536a6145d0e42eb4186c57b412fa50eb45` Request headers Referer https://bwindows.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-accel-expires 10800 date Sun, 08 Nov 2020 16:21:53 GMT content-encoding gzip last-modified Mon, 12 Oct 2020 16:00:55 GMT server nginx/1.19.0 x-server-cache false vary Accept-Encoding content-type text/css status 200 accept-ranges bytes content-length 4436
GET H2	200	style.css bwindows.net/wp-content/plugins/themeisle-companion/vendor/codeinwp/gutenberg-blocks/build/	31 KB 5 KB	317ms 316ms	Stylesheet text/css	108.179.243.23 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://bwindows.net/wp-content/plugins/themeisle-companion/vendor/codeinwp/gutenberg-blocks/build/style.css?ver=1.5.7 Requested by Host: bwindows.net URL: https://bwindows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.243.23 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS chainalytics.com Software nginx/1.19.0 / Resource Hash `f4c44327fa58a585e81a1ba3751e72f38f0a5571d8adf3250b6ff7e6bfbe06df` Request headers Referer https://bwindows.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-accel-expires 10800 date Sun, 08 Nov 2020 16:21:53 GMT content-encoding gzip last-modified Mon, 12 Oct 2020 16:00:55 GMT server nginx/1.19.0 x-server-cache false vary Accept-Encoding content-type text/css status 200 accept-ranges bytes content-length 4878
GET H2	200	style.min.css bwindows.net/wp-content/themes/neve/	45 KB 13 KB	309ms 308ms	Stylesheet text/css	108.179.243.23 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://bwindows.net/wp-content/themes/neve/style.min.css?ver=2.8.4 Requested by Host: bwindows.net URL: https://bwindows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.243.23 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS chainalytics.com Software nginx/1.19.0 / Resource Hash `38fd679f4495fbcd0d787ad0082233bc05ac0e5e09c1067ce4841d72067f1f42` Request headers Referer https://bwindows.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-accel-expires 10800 date Sun, 08 Nov 2020 16:21:53 GMT content-encoding gzip last-modified Thu, 05 Nov 2020 16:01:37 GMT server nginx/1.19.0 x-server-cache false vary Accept-Encoding content-type text/css status 200 accept-ranges bytes content-length 13303
GET H2	200	Bobs-Logo-Colour-1.png mlpnool5yp5i.i.optimole.com/S7gDLKs-ucTeb9u1/w:auto/h:auto/q:auto/https://bwindows.net/wp-content/uploads/2020/04/	9 KB 9 KB	96ms 71ms	Image image/webp	2600:9000:20eb:d600:11:ae8:5a80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://mlpnool5yp5i.i.optimole.com/S7gDLKs-ucTeb9u1/w:auto/h:auto/q:auto/https://bwindows.net/wp-content/uploads/2020/04/Bobs-Logo-Colour-1.png Requested by Host: bwindows.net URL: https://bwindows.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:d600:11:ae8:5a80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `1504f92b11ab93a090874c81426c9afc241746f82411b010175e82dfc02165a9` Request headers Referer https://bwindows.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 08 Nov 2020 16:21:54 GMT via 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront) content-type image/webp x-amz-cf-pop FRA2-C1 x-cache Miss from cloudfront status 200 x-amz-replication-status REPLICA content-length 9008 x-amz-meta-etag f6ab754f0f81b4af87c2c2d1f572fc004a8c8ab557db308a34e39685cadb6510 last-modified Mon, 27 Apr 2020 13:17:05 GMT server AmazonS3 etag "aa602edf9ffeb02a419b37bc54fb2c43" x-amz-version-id nMYYhZRk7KESjfWRWd.0eeASDozeid__ cache-control immutable,max-age=31536000 accept-ranges bytes x-amz-meta-ex-size 14480 x-amz-cf-id F4QTyld_xzrIevNxvOdWQpdLPJib1RCyJE5duZDsHFksswFXExHnNw== x-amz-meta-link https://bwindows.net/wp-content/uploads/2020/04/Bobs-Logo-Colour-1.png
GET H2	200	frontend.js Show response bwindows.net/wp-content/themes/neve/assets/js/build/modern/	6 KB 2 KB	244ms 243ms	Script application/javascript	108.179.243.23 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://bwindows.net/wp-content/themes/neve/assets/js/build/modern/frontend.js?ver=2.8.4 Requested by Host: bwindows.net URL: https://bwindows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.243.23 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS chainalytics.com Software nginx/1.19.0 / Resource Hash `61f5b57b813eb8c3e80596627b793f2920ee9ea56cdc4df2d63972f72018c834` Request headers Referer https://bwindows.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-accel-expires 10800 date Sun, 08 Nov 2020 16:21:53 GMT content-encoding gzip last-modified Thu, 05 Nov 2020 16:01:36 GMT server nginx/1.19.0 x-server-cache false vary Accept-Encoding content-type application/javascript status 200 accept-ranges bytes content-length 2431
GET H2	200	wp-embed.min.js Show response bwindows.net/wp-includes/js/	1 KB 856 B	235ms 235ms	Script application/javascript	108.179.243.23 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://bwindows.net/wp-includes/js/wp-embed.min.js?ver=5.5.3 Requested by Host: bwindows.net URL: https://bwindows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.243.23 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS chainalytics.com Software nginx/1.19.0 / Resource Hash `6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0` Request headers Referer https://bwindows.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-accel-expires 10800 date Sun, 08 Nov 2020 16:21:53 GMT content-encoding gzip last-modified Sun, 26 Apr 2020 00:11:14 GMT server nginx/1.19.0 x-server-cache false vary Accept-Encoding content-type application/javascript status 200 accept-ranges bytes content-length 782
GET H2	200	wp-emoji-release.min.js Show response bwindows.net/wp-includes/js/	14 KB 5 KB	250ms 249ms	Script application/javascript	108.179.243.23 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://bwindows.net/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3 Requested by Host: bwindows.net URL: https://bwindows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.243.23 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS chainalytics.com Software nginx/1.19.0 / Resource Hash `8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e` Request headers Referer https://bwindows.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-accel-expires 10800 date Sun, 08 Nov 2020 16:21:53 GMT content-encoding gzip last-modified Sat, 15 Aug 2020 04:09:42 GMT server nginx/1.19.0 x-server-cache false vary Accept-Encoding content-type application/javascript status 200 accept-ranges bytes content-length 4950
GET H2	200	optimole_lib_no_poly.min.js Show response d5jmkjjpb7yfg.cloudfront.net/v2/latest/	11 KB 11 KB	42ms 15ms	Script application/javascript	2600:9000:2190:2a00:11:20a2:4300:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d5jmkjjpb7yfg.cloudfront.net/v2/latest/optimole_lib_no_poly.min.js Requested by Host: bwindows.net URL: https://bwindows.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:2a00:11:20a2:4300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `67178e50d5ccfe1d0411796d356fdff29aedb03c8e3c179b5ebbbe039a83c7d0` Request headers Referer https://bwindows.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 12 Sep 2020 01:00:13 GMT via 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront) last-modified Thu, 20 Aug 2020 15:24:56 GMT server AmazonS3 age 4980101 etag "39d74166238c759b817df17fa492e3ce" x-cache Hit from cloudfront x-amz-version-id lWiR6zQPDzWDFMdMHE_6vyLguzJPCnoP status 200 cache-control max-age=2628000, public x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type application/javascript content-length 11030 x-amz-cf-id VXwsWFqsjSqtjvuqzVEfShHmPkQ8iTkFNGmL038jup-0Fq3y9E17Uw==

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bwindows.net
d5jmkjjpb7yfg.cloudfront.net
mlpnool5yp5i.i.optimole.com
108.179.243.23
2600:9000:20eb:d600:11:ae8:5a80:93a1
2600:9000:2190:2a00:11:20a2:4300:21
1504f92b11ab93a090874c81426c9afc241746f82411b010175e82dfc02165a9
38fd679f4495fbcd0d787ad0082233bc05ac0e5e09c1067ce4841d72067f1f42
4cba922c0379de802a08151ded5f67c8dcdacb2d7a5d3a076b0f36edff2e8fdb
61f5b57b813eb8c3e80596627b793f2920ee9ea56cdc4df2d63972f72018c834
67178e50d5ccfe1d0411796d356fdff29aedb03c8e3c179b5ebbbe039a83c7d0
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
c0ded025aa80c10d37920521c8de04536a6145d0e42eb4186c57b412fa50eb45
f4c44327fa58a585e81a1ba3751e72f38f0a5571d8adf3250b6ff7e6bfbe06df

bwindows.net Open in urlscan Pro 108.179.243.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

84 kBTransfer

281 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

Indicators

bwindows.net Open in urlscan Pro
108.179.243.23 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

84 kB
Transfer

281 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions