urlscan.io logo urlscan.io
SecurityTrails logo

solar-lunar.xsrv.jp Open in urlscan Pro
202.226.39.181  Public Scan

Go To Rescan Add Verdict Report
URL: https://solar-lunar.xsrv.jp/
Submission Tags: phishingrod
Submission: On November 07 via api from DE — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 6 domains to perform 3 HTTP transactions. The main IP is 202.226.39.181, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is solar-lunar.xsrv.jp.
TLS certificate: Issued by R3 on November 6th 2023. Valid for: 3 months.
This is the only time solar-lunar.xsrv.jp was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 202.226.39.181 131965 (XSERVER X...)
4 4 142.132.202.70 24940 (HETZNER-AS)
2 2 193.176.1.9 24961 (MYLOC-AS ...)
1 23.44.52.231 20940 (AKAMAI-ASN1)
1 2600:140b:1a0... 20940 (AKAMAI-ASN1)
3 3
1    202.226.39.181 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv341.xserver.jp
solar-lunar.xsrv.jp
4    142.132.202.70 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.70.202.132.142.clients.your-server.de
www.xserverclient.net
korfo.org
2    193.176.1.9 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ip.stat.zevshost.net
ulyces.media
1    23.44.52.231 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-52-231.deploy.static.akamaitechnologies.com
www.expedia.co.uk
1    2600:140b:1a00:390::277d (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
uk.hotels.com
Apex Domain
Subdomains		 Transfer
2 korfo.org
korfo.org
1 KB
2 ulyces.media
ulyces.media
717 B
2 xserverclient.net
www.xserverclient.net
580 B
1 hotels.com
uk.hotels.com — Cisco Umbrella Rank: 43226
1 expedia.co.uk
www.expedia.co.uk — Cisco Umbrella Rank: 109460
1 xsrv.jp
solar-lunar.xsrv.jp
1 KB
3 6
Domain Requested by
2 korfo.org 2 redirects
2 ulyces.media 2 redirects
2 www.xserverclient.net 2 redirects
1 uk.hotels.com solar-lunar.xsrv.jp
1 www.expedia.co.uk solar-lunar.xsrv.jp
1 solar-lunar.xsrv.jp
3 6

This site contains links to these domains. Also see Links.

Domain
www.xserver.ne.jp
faq.xserver.jp
Subject Issuer Validity Valid
solar-lunar.xsrv.jp
R3		 2023-11-06 -
2024-02-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://solar-lunar.xsrv.jp/
Frame ID: 8A5D157561478C5855B200A0D1A25E14
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

エックスサーバー ホスティングサービス

Page Statistics

3
Requests

33 %
HTTPS

20 %
IPv6

6
Domains

6
Subdomains

3
IPs

2
Countries

1 kB
Transfer

2 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.xserverclient.net/skel/logo.gif HTTP 301
  • https://ulyces.media/w HTTP 302
  • https://korfo.org/to2/expedia.uk/ HTTP 307
  • https://www.expedia.co.uk/?clickref=1101lxVY53AT&affcid=UK.DIRECT.PHG.1100l95727.0&ref_id=1101lxVY53AT&my_ad=AFF.UK.DIRECT.PHG.1100l95727.0&afflid=1101lxVY53AT&original_destination=https://www.expedia.co.uk/?clickref=1101lxVY53AT&affcid=UK.DIRECT.PHG.1100l95727.0&ref_id=1101lxVY53AT&my_ad=AFF.UK.DIRECT.PHG.1100l95727.0&afflid=1101lxVY53AT
Request Chain 1
  • https://www.xserverclient.net/skel/back.gif HTTP 301
  • https://ulyces.media/w HTTP 302
  • https://korfo.org/to2/hotels.uk/ HTTP 307
  • https://uk.hotels.com/?locale=en_GB&pos=HCOM_UK&rffrid=aff.hcom.GB.038.000.1100l95727.kwrd=1011lxWpTSAg&affcid=HCOM-GB.DIRECT.PHG.1100l95727&afflid=1011lxWpTSAg&original_destination=https://uk.hotels.com/?locale=en_GB&pos=HCOM_UK&rffrid=aff.hcom.GB.038.000.1100l95727.kwrd=1011lxWpTSAg&affcid=HCOM-GB.DIRECT.PHG.1100l95727&afflid=1011lxWpTSAg

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
solar-lunar.xsrv.jp/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://solar-lunar.xsrv.jp/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.226.39.181 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv341.xserver.jp
Software
nginx /
Resource Hash
4f53fc896cd87fae57a8edd93a9bcfaebfb39296e31502dedfa76a517ca38b7e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
br
content-type
text/html
date
Tue, 07 Nov 2023 01:57:52 GMT
etag
W/"8b7-4926abb281ec0"
last-modified
Tue, 12 Oct 2010 12:36:51 GMT
server
nginx
vary
Accept-Encoding
/
www.expedia.co.uk/
Redirect Chain
  • https://www.xserverclient.net/skel/logo.gif
  • https://ulyces.media/w
  • https://korfo.org/to2/expedia.uk/
  • https://www.expedia.co.uk/?clickref=1101lxVY53AT&affcid=UK.DIRECT.PHG.1100l95727.0&ref_id=1101lxVY53AT&my_ad=AFF.UK.DIRECT.PHG.1100l95727.0&afflid=1101lxVY53AT&original_destination=https://www.expe...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.expedia.co.uk/?clickref=1101lxVY53AT&affcid=UK.DIRECT.PHG.1100l95727.0&ref_id=1101lxVY53AT&my_ad=AFF.UK.DIRECT.PHG.1100l95727.0&afflid=1101lxVY53AT&original_destination=https://www.expedia.co.uk/?clickref=1101lxVY53AT&affcid=UK.DIRECT.PHG.1100l95727.0&ref_id=1101lxVY53AT&my_ad=AFF.UK.DIRECT.PHG.1100l95727.0&afflid=1101lxVY53AT
Requested by
Host: solar-lunar.xsrv.jp
URL: https://solar-lunar.xsrv.jp/
Protocol
H2
Server
23.44.52.231 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-52-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Redirect headers

Location
https://www.expedia.co.uk/?clickref=1101lxVY53AT&affcid=UK.DIRECT.PHG.1100l95727.0&ref_id=1101lxVY53AT&my_ad=AFF.UK.DIRECT.PHG.1100l95727.0&afflid=1101lxVY53AT&original_destination=https://www.expedia.co.uk/?clickref=1101lxVY53AT&affcid=UK.DIRECT.PHG.1100l95727.0&ref_id=1101lxVY53AT&my_ad=AFF.UK.DIRECT.PHG.1100l95727.0&afflid=1101lxVY53AT
Date
Tue, 07 Nov 2023 01:57:56 GMT
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
uk.hotels.com/
Redirect Chain
  • https://www.xserverclient.net/skel/back.gif
  • https://ulyces.media/w
  • https://korfo.org/to2/hotels.uk/
  • https://uk.hotels.com/?locale=en_GB&pos=HCOM_UK&rffrid=aff.hcom.GB.038.000.1100l95727.kwrd=1011lxWpTSAg&affcid=HCOM-GB.DIRECT.PHG.1100l95727&afflid=1011lxWpTSAg&original_destination=https://uk.hote...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uk.hotels.com/?locale=en_GB&pos=HCOM_UK&rffrid=aff.hcom.GB.038.000.1100l95727.kwrd=1011lxWpTSAg&affcid=HCOM-GB.DIRECT.PHG.1100l95727&afflid=1011lxWpTSAg&original_destination=https://uk.hotels.com/?locale=en_GB&pos=HCOM_UK&rffrid=aff.hcom.GB.038.000.1100l95727.kwrd=1011lxWpTSAg&affcid=HCOM-GB.DIRECT.PHG.1100l95727&afflid=1011lxWpTSAg
Requested by
Host: solar-lunar.xsrv.jp
URL: https://solar-lunar.xsrv.jp/
Protocol
H2
Server
2600:140b:1a00:390::277d Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Redirect headers

Location
https://uk.hotels.com/?locale=en_GB&pos=HCOM_UK&rffrid=aff.hcom.GB.038.000.1100l95727.kwrd=1011lxWpTSAg&affcid=HCOM-GB.DIRECT.PHG.1100l95727&afflid=1011lxWpTSAg&original_destination=https://uk.hotels.com/?locale=en_GB&pos=HCOM_UK&rffrid=aff.hcom.GB.038.000.1100l95727.kwrd=1011lxWpTSAg&affcid=HCOM-GB.DIRECT.PHG.1100l95727&afflid=1011lxWpTSAg
Date
Tue, 07 Nov 2023 01:57:56 GMT
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

12 Cookies

Domain/Path Name / Value
.hotels.com/ Name: cesc
Value: %7B%22aff%22%3A%5B%22AFF.HCOM-GB.DIRECT.PHG.1100l95727.1011lxWpTSAg%22%2C1699322276441%5D%2C%22lpe%22%3A%5B%22ba3a4440-cf5c-4e24-ba8f-85be50e0ddd6%22%2C1699322276441%5D%2C%22marketingClick%22%3A%5B%22true%22%2C1699322276441%5D%2C%22lmc%22%3A%5B%22AFF.HCOM-GB.DIRECT.PHG.1100L95727%22%2C1699322276441%5D%2C%22hitNumber%22%3A%5B%221%22%2C1699322276441%5D%2C%22amc%22%3A%5B%22AFF.HCOM-GB.DIRECT.PHG.1100L95727%22%2C1699322276441%5D%2C%22visitNumber%22%3A%5B%221%22%2C1699322276441%5D%2C%22ape%22%3A%5B%22ba3a4440-cf5c-4e24-ba8f-85be50e0ddd6%22%2C1699322276441%5D%2C%22cidVisit%22%3A%5B%22AFF.HCOM-GB.DIRECT.PHG.1100l95727%22%2C1699322276441%5D%2C%22entryPage%22%3A%5B%22noonewillmatchthis%22%2C1699322276441%5D%2C%22rffrid%22%3A%5B%22AFF.HCOM.GB.038.000.1100L95727.KWRD%3D1011LXWPTSAG%22%2C1699322276441%5D%2C%22cid%22%3A%5B%22AFF.HCOM-GB.DIRECT.PHG.1100l95727%22%2C1699322276441%5D%7D
.hotels.com/ Name: HMS
Value: b97710e4-b744-4b0b-af12-e979c9091120
.hotels.com/ Name: MC1
Value: GUID=76e0ea963f6b4bb5b5960a7686db0cf1
.hotels.com/ Name: DUAID
Value: 76e0ea96-3f6b-4bb5-b596-0a7686db0cf1
.hotels.com/ Name: OIP
Value: gdpr|-1
.hotels.com/ Name: CRAS
Value: HCOM-GB.DIRECT.PHG.1100l95727
uk.hotels.com/ Name: akacd_pr_20
Value: 1704506276~rv=26~id=573575691bb8d66d85d1585898762640
.expedia.co.uk/ Name: HMS
Value: d724bf94-5835-4418-83bc-ba3dfd018842
.expedia.co.uk/ Name: MC1
Value: GUID=835315df56fd43d3b744e02054122877
.expedia.co.uk/ Name: DUAID
Value: 835315df-56fd-43d3-b744-e02054122877
.expedia.co.uk/ Name: OIP
Value: gdpr|-1
.expedia.co.uk/ Name: CRAS
Value: UK.DIRECT.PHG.1100l95727.0

5 Console Messages

Source Level URL
Text
security warning URL: https://solar-lunar.xsrv.jp/
Message:
Mixed Content: The page at 'https://solar-lunar.xsrv.jp/' was loaded over HTTPS, but requested an insecure element 'http://www.xserverclient.net/skel/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://solar-lunar.xsrv.jp/(Line 61)
Message:
Mixed Content: The page at 'https://solar-lunar.xsrv.jp/' was loaded over HTTPS, but requested an insecure element 'http://www.xserverclient.net/skel/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://solar-lunar.xsrv.jp/
Message:
Mixed Content: The page at 'https://solar-lunar.xsrv.jp/' was loaded over HTTPS, but requested an insecure element 'http://www.xserverclient.net/skel/back.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://uk.hotels.com/?locale=en_GB&pos=HCOM_UK&rffrid=aff.hcom.GB.038.000.1100l95727.kwrd=1011lxWpTSAg&affcid=HCOM-GB.DIRECT.PHG.1100l95727&afflid=1011lxWpTSAg&original_destination=https://uk.hotels.com/?locale=en_GB&pos=HCOM_UK&rffrid=aff.hcom.GB.038.000.1100l95727.kwrd=1011lxWpTSAg&affcid=HCOM-GB.DIRECT.PHG.1100l95727&afflid=1011lxWpTSAg
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://www.expedia.co.uk/?clickref=1101lxVY53AT&affcid=UK.DIRECT.PHG.1100l95727.0&ref_id=1101lxVY53AT&my_ad=AFF.UK.DIRECT.PHG.1100l95727.0&afflid=1101lxVY53AT&original_destination=https://www.expedia.co.uk/?clickref=1101lxVY53AT&affcid=UK.DIRECT.PHG.1100l95727.0&ref_id=1101lxVY53AT&my_ad=AFF.UK.DIRECT.PHG.1100l95727.0&afflid=1101lxVY53AT
Message:
Failed to load resource: the server responded with a status of 429 ()