tobacco.jp Open in urlscan Pro
153.127.224.90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://atctraffic.com.au/mail//?email=test%40test.com
Effective URL:
https://tobacco.jp/ios/invlinkhubs/?mail=test@test.com
Submission: On March 30 via manual (March 30th 2020, 10:11:14 pm UTC) from US

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 153.127.224.90, located in Kyoto, Japan and belongs to KIR KAGOYA JAPAN Inc., JP. The main domain is tobacco.jp.
TLS certificate: Issued by RapidSSL RSA CA 2018 on April 19th 2019. Valid for: a year.

This is the only time tobacco.jp was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	43.229.63.250 43.229.63.250	133159 (MAMMOTHME...) (MAMMOTHMEDIA-AS-AP Mammoth Media Pty Ltd)
1	153.127.224.90 153.127.224.90	24282 (KIR KAGOY...) (KIR KAGOYA JAPAN Inc.)
4	203.142.206.40 203.142.206.40	24282 (KIR KAGOY...) (KIR KAGOYA JAPAN Inc.)
8	4

2 43.229.63.250 (Australia)

ASN133159 (MAMMOTHMEDIA-AS-AP Mammoth Media Pty Ltd, AU)
PTR: s1.hostservers.com.au

atctraffic.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 153.127.224.90 (Kyoto, Japan)

ASN24282 (KIR KAGOYA JAPAN Inc., JP)
PTR: o4042-554.kagoya.net

tobacco.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 203.142.206.40 (Kyoto, Japan)

ASN24282 (KIR KAGOYA JAPAN Inc., JP)
PTR: err01.kagoya.net

err.kagoya.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	kagoya.net err.kagoya.net	53 KB
2	atctraffic.com.au atctraffic.com.au	30 KB
1	tobacco.jp tobacco.jp	3 KB
8	3

	Domain	Requested by
4	err.kagoya.net	tobacco.jp
2	atctraffic.com.au	atctraffic.com.au
1	tobacco.jp	atctraffic.com.au
8	3

This site contains no links.

Subject Issuer	Validity	Valid
atctraffic.com.au cPanel, Inc. Certification Authority	`2020-01-19` - `2020-04-18`	3 months	crt.sh
www.tobacco.jp RapidSSL RSA CA 2018	`2019-04-19` - `2020-05-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://tobacco.jp/ios/invlinkhubs/?mail=test@test.com
Frame ID: 36DFE20553670BA8F799C2ECD0891EBD
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://atctraffic.com.au/mail//?email=test%40test.com Page URL
https://tobacco.jp/ios/invlinkhubs/?mail=test@test.com Page URL

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

8
Requests

38 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

86 kB
Transfer

142 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://atctraffic.com.au/mail//?email=test%40test.com Page URL
https://tobacco.jp/ios/invlinkhubs/?mail=test@test.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response atctraffic.com.au/mail//	3 KB 1 KB	1146ms 303ms	Document text/html	43.229.63.250 MAMMOTHMEDIA-AS-A...
General Check archive.org Show headers Download Go to Full URL https://atctraffic.com.au/mail//?email=test%40test.com Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 43.229.63.250 , Australia, ASN133159 (MAMMOTHMEDIA-AS-AP Mammoth Media Pty Ltd, AU), Reverse DNS s1.hostservers.com.au Software LiteSpeed / PHP/5.5.38 Resource Hash `73856c7d9429b9ff08cc59cb68c44d182dca8b4e85c0964695aefdd9de11d92c` Request headers :method GET :authority atctraffic.com.au :scheme https :path /mail//?email=test%40test.com pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 x-powered-by PHP/5.5.38 content-type text/html content-length 866 content-encoding br vary Accept-Encoding date Mon, 30 Mar 2020 22:10:58 GMT server LiteSpeed alt-svc quic=":443"; ma=2592000; v="39,43,46,50", h3-Q039=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-23=":443"; ma=2592000, h3-24=":443"; ma=2592000
GET H2	200	jquery.min.js Show response atctraffic.com.au/mail//js/	85 KB 29 KB	511ms 510ms	Script application/javascript	43.229.63.250 MAMMOTHMEDIA-AS-A...
General Check archive.org Show headers Download Go to Full URL https://atctraffic.com.au/mail//js/jquery.min.js Requested by Host: atctraffic.com.au URL: https://atctraffic.com.au/mail//?email=test%40test.com Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 43.229.63.250 , Australia, ASN133159 (MAMMOTHMEDIA-AS-AP Mammoth Media Pty Ltd, AU), Reverse DNS s1.hostservers.com.au Software LiteSpeed / Resource Hash `160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef` Request headers Referer https://atctraffic.com.au/mail//?email=test%40test.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Mon, 30 Mar 2020 22:10:58 GMT content-encoding br last-modified Mon, 29 Jan 2018 20:48:02 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 29664 expires Mon, 06 Apr 2020 22:10:58 GMT
GET H/1.1	404 Not Found	Primary Request / Show response tobacco.jp/ios/invlinkhubs/	2 KB 3 KB	1488ms 300ms	Document text/html	153.127.224.90 KIR KAGOYA JAPAN ...
General Check archive.org Show headers Download Go to Full URL https://tobacco.jp/ios/invlinkhubs/?mail=test@test.com Requested by Host: atctraffic.com.au URL: https://atctraffic.com.au/mail//?email=test%40test.com Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 153.127.224.90 Kyoto, Japan, ASN24282 (KIR KAGOYA JAPAN Inc., JP), Reverse DNS o4042-554.kagoya.net Software Apache / Resource Hash `05d957d85e52d103d9ff39e666f4936295cbaddbc4bace1717b9e05f47ea6a9f` Request headers Host tobacco.jp Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Referer https://atctraffic.com.au/mail//?email=test%40test.com Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Referer https://atctraffic.com.au/mail//?email=test%40test.com Response headers Date Mon, 30 Mar 2020 22:11:06 GMT Server Apache Last-Modified Wed, 26 Mar 2014 02:45:29 GMT ETag "96d-4f5797627a440" Accept-Ranges bytes Content-Length 2413 MS-Author-Via DAV Connection close Content-Type text/html
GET H/1.1	200 OK	err_header.jpg err.kagoya.net/images/	615 B 868 B	1079ms 795ms	Image image/jpeg	203.142.206.40 KIR KAGOYA JAPAN ...
General Check archive.org Show headers Download Go to Show image Full URL http://err.kagoya.net/images/err_header.jpg Requested by Host: tobacco.jp URL: https://tobacco.jp/ios/invlinkhubs/?mail=test@test.com Protocol HTTP/1.1 Server 203.142.206.40 Kyoto, Japan, ASN24282 (KIR KAGOYA JAPAN Inc., JP), Reverse DNS err01.kagoya.net Software Apache / Resource Hash `df9d1417053cd4da71d0006f50e56eff79b745d4b5c290c81e57cfff06706c61` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Mar 2020 22:11:07 GMT MS-Author-Via DAV Last-Modified Mon, 17 Mar 2014 02:51:24 GMT Server Apache ETag "267-4f4c47ebe2300" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 615
GET H/1.1	200 OK	err_title404.jpg err.kagoya.net/images/	7 KB 8 KB	1066ms 782ms	Image image/jpeg	203.142.206.40 KIR KAGOYA JAPAN ...
General Check archive.org Show headers Download Go to Show image Full URL http://err.kagoya.net/images/err_title404.jpg Requested by Host: tobacco.jp URL: https://tobacco.jp/ios/invlinkhubs/?mail=test@test.com Protocol HTTP/1.1 Server 203.142.206.40 Kyoto, Japan, ASN24282 (KIR KAGOYA JAPAN Inc., JP), Reverse DNS err01.kagoya.net Software Apache / Resource Hash `537099654d024cf2c9d8bcf3ee6be50af37ea42034986b7361755e28552b8e8b` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Mar 2020 22:11:07 GMT MS-Author-Via DAV Last-Modified Mon, 17 Mar 2014 02:51:26 GMT Server Apache ETag "1d1d-4f4c47edca780" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 7453
GET H/1.1	200 OK	err_footer.jpg err.kagoya.net/images/	6 KB 6 KB	1042ms 758ms	Image image/jpeg	203.142.206.40 KIR KAGOYA JAPAN ...
General Check archive.org Show headers Download Go to Show image Full URL http://err.kagoya.net/images/err_footer.jpg Requested by Host: tobacco.jp URL: https://tobacco.jp/ios/invlinkhubs/?mail=test@test.com Protocol HTTP/1.1 Server 203.142.206.40 Kyoto, Japan, ASN24282 (KIR KAGOYA JAPAN Inc., JP), Reverse DNS err01.kagoya.net Software Apache / Resource Hash `aeb4c678bf7b8c27d621a4193dfe0c4f7c6c7ac473db43405e02980cfbb0e42f` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Mar 2020 22:11:07 GMT MS-Author-Via DAV Last-Modified Mon, 17 Mar 2014 02:51:24 GMT Server Apache ETag "1626-4f4c47ebe2300" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 5670
GET		err.css err.kagoya.net/	0 0

GET H/1.1	200 OK	err_img_404.jpg err.kagoya.net/images/	39 KB 39 KB	1059ms 776ms	Image image/jpeg	203.142.206.40 KIR KAGOYA JAPAN ...
General Check archive.org Show headers Download Go to Show image Full URL http://err.kagoya.net/images/err_img_404.jpg Requested by Host: tobacco.jp URL: https://tobacco.jp/ios/invlinkhubs/?mail=test@test.com Protocol HTTP/1.1 Server 203.142.206.40 Kyoto, Japan, ASN24282 (KIR KAGOYA JAPAN Inc., JP), Reverse DNS err01.kagoya.net Software Apache / Resource Hash `4672a0648d985d749a3e3a6aef09ce3da23f6f274f91b683a319a33d20223a0c` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Mar 2020 22:11:07 GMT MS-Author-Via DAV Last-Modified Mon, 17 Mar 2014 02:51:25 GMT Server Apache ETag "9a34-4f4c47ecd6540" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 39476

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: err.kagoya.net
URL: http://err.kagoya.net/err.css

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

atctraffic.com.au
err.kagoya.net
tobacco.jp
err.kagoya.net
153.127.224.90
203.142.206.40
43.229.63.250
05d957d85e52d103d9ff39e666f4936295cbaddbc4bace1717b9e05f47ea6a9f
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
4672a0648d985d749a3e3a6aef09ce3da23f6f274f91b683a319a33d20223a0c
537099654d024cf2c9d8bcf3ee6be50af37ea42034986b7361755e28552b8e8b
73856c7d9429b9ff08cc59cb68c44d182dca8b4e85c0964695aefdd9de11d92c
aeb4c678bf7b8c27d621a4193dfe0c4f7c6c7ac473db43405e02980cfbb0e42f
df9d1417053cd4da71d0006f50e56eff79b745d4b5c290c81e57cfff06706c61

tobacco.jp Open in urlscan Pro 153.127.224.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

38 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

86 kBTransfer

142 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

tobacco.jp Open in urlscan Pro
153.127.224.90 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

38 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

86 kB
Transfer

142 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions