erp.window.com.my Open in urlscan Pro
51.15.76.131 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://erp.window.com.my/
Submission Tags: @phishunt_io
Submission: On October 30 via api (October 30th 2020, 7:39:14 am UTC) from ES

Summary HTTP 10 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 51.15.76.131, located in Netherlands and belongs to Online SAS, FR. The main domain is erp.window.com.my.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 29th 2020. Valid for: 3 months.

This is the only time erp.window.com.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
10	51.15.76.131 51.15.76.131		12876 (Online SAS) (Online SAS)
10	1

10 51.15.76.131 (Netherlands)

ASN12876 (Online SAS, FR)
PTR: 131-76-15-51.instances.scw.cloud

erp.window.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	window.com.my erp.window.com.my	151 KB
10	1

	Domain	Requested by
10	erp.window.com.my	erp.window.com.my
10	1

This site contains links to these domains. Also see Links.

Domain
erpnext.com
earthianslive.com

Subject Issuer	Validity	Valid
erp.window.com.my Let's Encrypt Authority X3	`2020-08-29` - `2020-11-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://erp.window.com.my/
Frame ID: B2B2F65392892E146DA271BC912A4332
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

151 kB
Transfer

481 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://erpnext.com/?source=website_footer
Title: Powered by ERPNext,

Search URL Search Domain Scan URL

URL: http://earthianslive.com/
Title: Service Provider - earthians

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response erp.window.com.my/	17 KB 5 KB	1010ms 673ms	Document text/html	51.15.76.131 Online SAS
General Check archive.org Show headers Download Go to Full URL https://erp.window.com.my/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.15.76.131 , Netherlands, ASN12876 (Online SAS, FR), Reverse DNS 131-76-15-51.instances.scw.cloud Software nginx/1.10.2 / Resource Hash `8b762a3996ec37c5a185e0c7a8d6596f25670aabc45f613352269e0aba65ef72` Request headers Host erp.window.com.my Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server nginx/1.10.2 Date Fri, 30 Oct 2020 07:38:58 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding X-Page-Name login X-From-Cache False Set-Cookie user_image=; Path=/ user_id=Guest; Path=/ system_user=yes; Path=/ full_name=Guest; Path=/ sid=Guest; Expires=Mon, 02-Nov-2020 07:38:57 GMT; Path=/ Content-Encoding gzip
GET H/1.1	200 OK	bootstrap.css erp.window.com.my/assets/frappe/css/	140 KB 21 KB	87ms 86ms	Stylesheet text/css	51.15.76.131 Online SAS
General Check archive.org Show headers Download Go to Full URL https://erp.window.com.my/assets/frappe/css/bootstrap.css Requested by Host: erp.window.com.my URL: https://erp.window.com.my/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.15.76.131 , Netherlands, ASN12876 (Online SAS, FR), Reverse DNS 131-76-15-51.instances.scw.cloud Software nginx/1.10.2 / Resource Hash `b9894256c6ac04673a8615e0ed05841d2041b3645d69c84689e123b4083154e4` Request headers Referer https://erp.window.com.my/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 30 Oct 2020 07:38:58 GMT Content-Encoding gzip Last-Modified Mon, 16 Jul 2018 07:35:49 GMT Server nginx/1.10.2 ETag W/"5b4c4ad5-22e88" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	frappe-web.css erp.window.com.my/assets/css/	65 KB 14 KB	157ms 66ms	Stylesheet text/css	51.15.76.131 Online SAS
General Check archive.org Show headers Download Go to Full URL https://erp.window.com.my/assets/css/frappe-web.css Requested by Host: erp.window.com.my URL: https://erp.window.com.my/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.15.76.131 , Netherlands, ASN12876 (Online SAS, FR), Reverse DNS 131-76-15-51.instances.scw.cloud Software nginx/1.10.2 / Resource Hash `b80a51decb692f93b587e47575f2e426ea9de293968cfb67e77c227945a9c93f` Request headers Referer https://erp.window.com.my/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 30 Oct 2020 07:38:58 GMT Content-Encoding gzip Last-Modified Mon, 22 Oct 2018 13:26:57 GMT Server nginx/1.10.2 ETag W/"5bcdd021-10470" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	website.css erp.window.com.my/assets/erpnext/css/	5 KB 2 KB	161ms 54ms	Stylesheet text/css	51.15.76.131 Online SAS
General Check archive.org Show headers Download Go to Full URL https://erp.window.com.my/assets/erpnext/css/website.css Requested by Host: erp.window.com.my URL: https://erp.window.com.my/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.15.76.131 , Netherlands, ASN12876 (Online SAS, FR), Reverse DNS 131-76-15-51.instances.scw.cloud Software nginx/1.10.2 / Resource Hash `adc2281d2b6113064d4ecf7a39c3eca02969627113ad808eb756ddad24230223` Request headers Referer https://erp.window.com.my/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 30 Oct 2020 07:38:58 GMT Content-Encoding gzip Last-Modified Sun, 10 Sep 2017 07:19:50 GMT Server nginx/1.10.2 ETag W/"59b4e796-1469" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	website_theme.css erp.window.com.my/	0 425 B	372ms 264ms	Stylesheet text/css	51.15.76.131 Online SAS
General Check archive.org Show headers Download Go to Full URL https://erp.window.com.my/website_theme.css Requested by Host: erp.window.com.my URL: https://erp.window.com.my/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.15.76.131 , Netherlands, ASN12876 (Online SAS, FR), Reverse DNS 131-76-15-51.instances.scw.cloud Software nginx/1.10.2 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://erp.window.com.my/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers X-Page-Name website_theme.css X-From-Cache False Date Fri, 30 Oct 2020 07:38:58 GMT Server nginx/1.10.2 Connection keep-alive Content-Length 0 Content-Type text/css; charset=utf-8
GET H/1.1	200 OK	VW_Logo__horizontal_edit.png erp.window.com.my/files/	34 KB 34 KB	64ms 64ms	Image image/png	51.15.76.131 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://erp.window.com.my/files/VW_Logo__horizontal_edit.png Requested by Host: erp.window.com.my URL: https://erp.window.com.my/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.15.76.131 , Netherlands, ASN12876 (Online SAS, FR), Reverse DNS 131-76-15-51.instances.scw.cloud Software nginx/1.10.2 / Resource Hash `fea25e19e366272ed5925d581d100aebfd3f5ab0c7a6d7a4cf7f4cb272464dce` Request headers Referer https://erp.window.com.my/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 30 Oct 2020 07:38:58 GMT Last-Modified Tue, 17 Jul 2018 03:39:41 GMT Server nginx/1.10.2 ETag "5b4d64fd-87fc" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 34812
GET H/1.1	200 OK	jquery.min.js Show response erp.window.com.my/assets/frappe/js/lib/jquery/	84 KB 30 KB	89ms 88ms	Script application/javascript	51.15.76.131 Online SAS
General Check archive.org Show headers Download Go to Full URL https://erp.window.com.my/assets/frappe/js/lib/jquery/jquery.min.js Requested by Host: erp.window.com.my URL: https://erp.window.com.my/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.15.76.131 , Netherlands, ASN12876 (Online SAS, FR), Reverse DNS 131-76-15-51.instances.scw.cloud Software nginx/1.10.2 / Resource Hash `05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e` Request headers Referer https://erp.window.com.my/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 30 Oct 2020 07:38:58 GMT Content-Encoding gzip Last-Modified Sun, 21 May 2017 10:46:26 GMT Server nginx/1.10.2 ETag W/"59217002-14e4a" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	frappe-web.min.js Show response erp.window.com.my/assets/js/	133 KB 43 KB	66ms 66ms	Script application/javascript	51.15.76.131 Online SAS
General Check archive.org Show headers Download Go to Full URL https://erp.window.com.my/assets/js/frappe-web.min.js Requested by Host: erp.window.com.my URL: https://erp.window.com.my/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.15.76.131 , Netherlands, ASN12876 (Online SAS, FR), Reverse DNS 131-76-15-51.instances.scw.cloud Software nginx/1.10.2 / Resource Hash `cd193956d396cde761e82c87cf226849a33efae9e3b9767733a586525c301116` Request headers Referer https://erp.window.com.my/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 30 Oct 2020 07:38:58 GMT Content-Encoding gzip Last-Modified Mon, 22 Oct 2018 13:27:00 GMT Server nginx/1.10.2 ETag W/"5bcdd024-21319" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	website_script.js Show response erp.window.com.my/	23 B 447 B	76ms 75ms	Script application/javascript	51.15.76.131 Online SAS
General Check archive.org Show headers Download Go to Full URL https://erp.window.com.my/website_script.js Requested by Host: erp.window.com.my URL: https://erp.window.com.my/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.15.76.131 , Netherlands, ASN12876 (Online SAS, FR), Reverse DNS 131-76-15-51.instances.scw.cloud Software nginx/1.10.2 / Resource Hash `97c2ddfd5c0b33db8a0828bb0c0c9392275d840044bfaa5e24f699724aeb7336` Request headers Referer https://erp.window.com.my/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers X-Page-Name website_script.js X-From-Cache True Date Fri, 30 Oct 2020 07:38:58 GMT Server nginx/1.10.2 Connection keep-alive Content-Length 23 Content-Type application/javascript
GET H/1.1	200 OK	erpnext-web.min.js Show response erp.window.com.my/assets/js/	4 KB 2 KB	54ms 54ms	Script application/javascript	51.15.76.131 Online SAS
General Check archive.org Show headers Download Go to Full URL https://erp.window.com.my/assets/js/erpnext-web.min.js Requested by Host: erp.window.com.my URL: https://erp.window.com.my/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.15.76.131 , Netherlands, ASN12876 (Online SAS, FR), Reverse DNS 131-76-15-51.instances.scw.cloud Software nginx/1.10.2 / Resource Hash `4286ba3307d64d2c31c3011516e8d26d99da80c8975b35225f4ca238610b8c12` Request headers Referer https://erp.window.com.my/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 30 Oct 2020 07:38:58 GMT Content-Encoding gzip Last-Modified Mon, 22 Oct 2018 13:27:24 GMT Server nginx/1.10.2 ETag W/"5bcdd03c-f30" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
erp.window.com.my/	1970-01-19 13:38:22	Name: sid Value: Guest
erp.window.com.my/	1969-12-31 23:59:59	Name: system_user Value: yes
erp.window.com.my/	1969-12-31 23:59:59	Name: user_id Value: Guest
erp.window.com.my/	1969-12-31 23:59:59	Name: full_name Value: Guest
erp.window.com.my/	1969-12-31 23:59:59	Name: user_image Value:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

erp.window.com.my
51.15.76.131
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
4286ba3307d64d2c31c3011516e8d26d99da80c8975b35225f4ca238610b8c12
8b762a3996ec37c5a185e0c7a8d6596f25670aabc45f613352269e0aba65ef72
97c2ddfd5c0b33db8a0828bb0c0c9392275d840044bfaa5e24f699724aeb7336
adc2281d2b6113064d4ecf7a39c3eca02969627113ad808eb756ddad24230223
b80a51decb692f93b587e47575f2e426ea9de293968cfb67e77c227945a9c93f
b9894256c6ac04673a8615e0ed05841d2041b3645d69c84689e123b4083154e4
cd193956d396cde761e82c87cf226849a33efae9e3b9767733a586525c301116
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fea25e19e366272ed5925d581d100aebfd3f5ab0c7a6d7a4cf7f4cb272464dce

erp.window.com.my Open in urlscan Pro 51.15.76.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

151 kBTransfer

481 kBSize

5 Cookies

2 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

5 Cookies

Indicators

erp.window.com.my Open in urlscan Pro
51.15.76.131 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

151 kB
Transfer

481 kB
Size

5
Cookies

10 HTTP transactions
0 data transactions