blogs.jpcert.or.jp Open in urlscan Pro
52.199.127.131 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html
Submission: On July 22 via api (July 22nd 2024, 6:34:33 am UTC) from DE — Scanned from JP

Summary HTTP 46 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 7 domains to perform 46 HTTP transactions. The main IP is 52.199.127.131, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is blogs.jpcert.or.jp.
TLS certificate: Issued by Cybertrust Japan SureServer EV CA G3 on January 5th 2024. Valid for: a year.

This is the only time blogs.jpcert.or.jp was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	52.199.127.131 52.199.127.131	16509 (AMAZON-02) (AMAZON-02)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	210.231.184.214 210.231.184.214	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
46	4

20 52.199.127.131 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com

blogs.jpcert.or.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.231.184.214 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
PTR: 210-231-184-214.pro.static.arena.ne.jp

pro.ranklet4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	jpcert.or.jp blogs.jpcert.or.jp	27 KB
1	ranklet4.com pro.ranklet4.com	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	6 KB
0	google.com Failed cse.google.com Failed
0	twitter.com Failed platform.twitter.com Failed
0	movabletype.net Failed movabletype.net Failed
0	googletagmanager.com Failed www.googletagmanager.com Failed
46	7

	Domain	Requested by
20	blogs.jpcert.or.jp	blogs.jpcert.or.jp
1	pro.ranklet4.com	blogs.jpcert.or.jp
1	cdnjs.cloudflare.com	blogs.jpcert.or.jp
0	cse.google.com Failed	blogs.jpcert.or.jp
0	platform.twitter.com Failed	blogs.jpcert.or.jp
0	movabletype.net Failed	blogs.jpcert.or.jp
0	www.googletagmanager.com Failed	blogs.jpcert.or.jp
46	7

This site contains links to these domains. Also see Links.

Domain
www.jpcert.or.jp
twitter.com
github.com
jsac.jpcert.or.jp
blog.itochuci.co.jp
jpcertcc.github.io

Subject Issuer	Validity	Valid
blogs.jpcert.or.jp Cybertrust Japan SureServer EV CA G3	`2024-01-05` - `2025-01-31`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.ranklet4.com R3	`2024-06-03` - `2024-09-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html
Frame ID: E65419E2ED51E7FAA60D5CD7D8F5CE33
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MirrorFace Attack against Japanese Organisations - JPCERT/CC Eyes | JPCERT Coordination Center official Blog

Detected technologies

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

46
Requests

48 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

4
IPs

2
Countries

35 kB
Transfer

298 kB
Size

0
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.jpcert.or.jp/english/

Search URL Search Domain Scan URL

URL: https://twitter.com/share

Search URL Search Domain Scan URL

URL: https://www.jpcert.or.jp/at/2023/at230029.html
Title: a security alert (Japanese)

Search URL Search Domain Scan URL

URL: https://github.com/JPCERTCC/aa-tools/blob/master/Deob_NOOPLDR.py
Title: https://github.com/JPCERTCC/aa-tools/blob/master/Deob_NOOPLDR.py

Search URL Search Domain Scan URL

URL: https://github.com/ginuerzh/gost
Title: https://github.com/ginuerzh/gost

Search URL Search Domain Scan URL

URL: https://jsac.jpcert.or.jp/archive/2024/pdf/JSAC2024_2_7_hara_shoji_higashi_vickie-su_nick-dai_en.pdf
Title: https://jsac.jpcert.or.jp/archive/2024/pdf/JSAC2024_2_7_hara_shoji_higashi_vickie-su_nick-dai_en.pdf

Search URL Search Domain Scan URL

URL: https://blog.itochuci.co.jp/entry/2024/01/24/134047
Title: https://blog.itochuci.co.jp/entry/2024/01/24/134047

Search URL Search Domain Scan URL

URL: https://github.com/joydo/d810
Title: https://github.com/joydo/d810

Search URL Search Domain Scan URL

URL: https://jsac.jpcert.or.jp/archive/2024/pdf/JSAC2024_2_8_Breitenbacher_en.pdf
Title: https://jsac.jpcert.or.jp/archive/2024/pdf/JSAC2024_2_8_Breitenbacher_en.pdf

Search URL Search Domain Scan URL

URL: https://jpcertcc.github.io/ToolAnalysisResultSheet/details/ntdsutil.htm
Title: https://jpcertcc.github.io/ToolAnalysisResultSheet/details/ntdsutil.htm

Search URL Search Domain Scan URL

URL: https://jpcertcc.github.io/ToolAnalysisResultSheet/details/vssadmin.htm
Title: https://jpcertcc.github.io/ToolAnalysisResultSheet/details/vssadmin.htm

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request mirrorface-attack-against-japanese-organisations.html Show response
blogs.jpcert.or.jp/en/2024/07/ 69 KB
17 KB 49ms
12ms Document
text/html 52.199.127.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

55e0a52fbb9648e85e69d919049827db3eced91508a93967b78068d268924f4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 15993
content-encoding: gzip
content-length: 16783
content-type: text/html; charset=utf-8
date: Mon, 22 Jul 2024 06:34:02 GMT
expect-ct: enforce, max-age=3600
strict-transport-security: max-age=3600
vary: Accept-Encoding
x-content-type-options: nosniff
x-runtime: 1.806355
x-xss-protection: 1; mode=block

GET
H2 200 styles.css
blogs.jpcert.or.jp/en/common/css/ 37 KB
8 KB 12ms
8ms Stylesheet
text/css 52.199.127.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.jpcert.or.jp/en/common/css/styles.css

Requested by

Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

6f7505af235b3dec440dedfbc35698ffd35372032e9c0122afc003636ea894b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.045729
date: Mon, 22 Jul 2024 06:34:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=3600
age: 16042
expect-ct: enforce, max-age=3600
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 8161
x-xss-protection: 1; mode=block

GET
H3 200 font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 37 KB
6 KB 48ms
22ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css

Requested by

Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://blogs.jpcert.or.jp/
Origin: https://blogs.jpcert.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 06:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 385286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5884
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-9226"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Np%2F45%2Bsn6COiFCBQigJqFF2LKZf4ITEeazaOOSJ2hpTvycRpNfvwWixHS9FLyuWmgr38oZXv2B2eNu7KnDUCcrQHMXWxtBrk9GngFWL8R4COYHNBFFZNxh8r7tlLv79yAqKtGd4"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a716716ac7bf66d-NRT
expires: Sat, 12 Jul 2025 06:34:02 GMT

GET js
www.googletagmanager.com/gtag/ 0
0

GET
H2 200 header_logo.svg
blogs.jpcert.or.jp/en/common/images/ 3 KB
2 KB 13ms
9ms Image
image/svg+xml 52.199.127.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.jpcert.or.jp/en/common/images/header_logo.svg

Requested by

Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

a8063b32a2b02296dbcb861b81a209185ad876688835b12106bd04c7196342a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.022047
date: Mon, 22 Jul 2024 06:34:02 GMT
x-amz-version-id: 7PlhVPaL1XdtPVOkYQdVycFCOo3AsXaK
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Fri, 09 Oct 2020 02:20:14 GMT
content-encoding: gzip
age: 155075
etag: W/"470f7c2a7f953ad63a2f660ce00a9ef3"
expect-ct: enforce, max-age=3600
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1443
x-xss-protection: 1; mode=block

GET ENCORE_400x400.jpg
movabletype.net/users/shu_tom/ 0
0

GET
H2 200 mirrorface-fig1-640wri.png
blogs.jpcert.or.jp/en/.assets/thumbnail/ 79 KB
0 13ms
9ms Image
image/png 52.199.127.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.jpcert.or.jp/en/.assets/thumbnail/mirrorface-fig1-640wri.png

Requested by

Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.061721
date: Mon, 22 Jul 2024 06:34:02 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
x-amz-expiration: expiry-date="Tue, 20 Aug 2024 00:00:00 GMT", rule-id="RemoveOldData"
last-modified: Wed, 10 Jul 2024 08:28:27 GMT
age: 15993
etag: "f2452fabdff356d244edeb8cc0d32ff6"
x-amz-server-side-encryption: AES256
expect-ct: enforce, max-age=3600
content-type: image/png
accept-ranges: bytes
content-length: 93652
x-xss-protection: 1; mode=block

GET
H2 200 mirrorface-fig2-640wri.png
blogs.jpcert.or.jp/en/.assets/thumbnail/ 36 KB
0 20ms
20ms Image
image/png 52.199.127.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.jpcert.or.jp/en/.assets/thumbnail/mirrorface-fig2-640wri.png

Requested by

Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.049371
date: Mon, 22 Jul 2024 06:34:02 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
x-amz-expiration: expiry-date="Tue, 20 Aug 2024 00:00:00 GMT", rule-id="RemoveOldData"
last-modified: Wed, 10 Jul 2024 08:40:06 GMT
age: 15993
etag: "735d1bcfd0767b468434f1a048bf9b25"
x-amz-server-side-encryption: AES256
expect-ct: enforce, max-age=3600
content-type: image/png
accept-ranges: bytes
content-length: 106825
x-xss-protection: 1; mode=block

GET
H2 200 mirrorface-fig3-640wri.png
blogs.jpcert.or.jp/en/.assets/thumbnail/ 18 KB
0 22ms
8ms Image
image/png 52.199.127.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.jpcert.or.jp/en/.assets/thumbnail/mirrorface-fig3-640wri.png

Requested by

Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.068089
date: Mon, 22 Jul 2024 06:34:02 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
x-amz-expiration: expiry-date="Tue, 20 Aug 2024 00:00:00 GMT", rule-id="RemoveOldData"
last-modified: Wed, 10 Jul 2024 08:40:06 GMT
age: 15993
etag: "40b1fba9379f8429d72b72691b9cd537"
x-amz-server-side-encryption: AES256
expect-ct: enforce, max-age=3600
content-type: image/png
accept-ranges: bytes
content-length: 90215
x-xss-protection: 1; mode=block

GET
H2 200 mirrorface-fig4-640wri.png
blogs.jpcert.or.jp/en/.assets/thumbnail/ 13 KB
0 28ms
14ms Image
image/png 52.199.127.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.jpcert.or.jp/en/.assets/thumbnail/mirrorface-fig4-640wri.png

Requested by

Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.107989
date: Mon, 22 Jul 2024 06:34:02 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
x-amz-expiration: expiry-date="Tue, 20 Aug 2024 00:00:00 GMT", rule-id="RemoveOldData"
last-modified: Wed, 10 Jul 2024 08:40:07 GMT
age: 15993
etag: "da1ac5b3fd29a5dd96225740bd6add29"
x-amz-server-side-encryption: AES256
expect-ct: enforce, max-age=3600
content-type: image/png
accept-ranges: bytes
content-length: 377160
x-xss-protection: 1; mode=block

GET
H2 200 mirrorface-fig5-640wri.png
blogs.jpcert.or.jp/en/.assets/thumbnail/ 0
0 19900ms
19886ms Image
image/png 52.199.127.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.jpcert.or.jp/en/.assets/thumbnail/mirrorface-fig5-640wri.png

Requested by

Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.081089
date: Mon, 22 Jul 2024 06:34:02 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
x-amz-expiration: expiry-date="Tue, 20 Aug 2024 00:00:00 GMT", rule-id="RemoveOldData"
last-modified: Wed, 10 Jul 2024 09:01:49 GMT
age: 15993
etag: "8fae1c9175a0fb3043a9ae33755d178a"
x-amz-server-side-encryption: AES256
expect-ct: enforce, max-age=3600
content-type: image/png
accept-ranges: bytes
content-length: 406723
x-xss-protection: 1; mode=block

GET
H2 200 fb_loader.gif
blogs.jpcert.or.jp/en/common/images/ 0
0 19905ms
19890ms Image
image/gif 52.199.127.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.jpcert.or.jp/en/common/images/fb_loader.gif

Requested by

Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.049673
date: Mon, 22 Jul 2024 06:34:02 GMT
x-amz-version-id: teKMG5tddGNKpEgVSFdR5NGD.rr0iMNz
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Fri, 09 Oct 2020 02:03:45 GMT
age: 149305
etag: "86ca4d6e0539b88294cdf7e757b79455"
expect-ct: enforce, max-age=3600
content-type: image/gif
accept-ranges: bytes
content-length: 889
x-xss-protection: 1; mode=block

GET
H2 200 202310_domain_hijacking2_en-320wi.png
blogs.jpcert.or.jp/en/.assets/thumbnail/ 0
0 19900ms
19885ms Image
image/png 52.199.127.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.jpcert.or.jp/en/.assets/thumbnail/202310_domain_hijacking2_en-320wi.png

Requested by

Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.078316
date: Mon, 22 Jul 2024 06:34:02 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
x-amz-expiration: expiry-date="Mon, 19 Aug 2024 00:00:00 GMT", rule-id="RemoveOldData"
last-modified: Tue, 09 Jul 2024 13:10:17 GMT
age: 35540
etag: "4a3939ad634ba9afb83932ba910b109a"
x-amz-server-side-encryption: AES256
expect-ct: enforce, max-age=3600
content-type: image/png
accept-ranges: bytes
content-length: 39394
x-xss-protection: 1; mode=block

GET
H2 200 bigip-exploit-fig2-320wi.png
blogs.jpcert.or.jp/en/.assets/thumbnail/ 0
0 19900ms
19886ms Image
image/png 52.199.127.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.jpcert.or.jp/en/.assets/thumbnail/bigip-exploit-fig2-320wi.png

Requested by

Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.194750
date: Mon, 22 Jul 2024 06:34:02 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
x-amz-expiration: expiry-date="Fri, 30 Aug 2024 00:00:00 GMT", rule-id="RemoveOldData"
last-modified: Sat, 20 Jul 2024 19:14:13 GMT
age: 127190
etag: "b6e59a7c263f679c0e92bc52384570e6"
x-amz-server-side-encryption: AES256
expect-ct: enforce, max-age=3600
content-type: image/png
accept-ranges: bytes
content-length: 54966
x-xss-protection: 1; mode=block

GET
H2 200 phishurl-fig1-320wi.png
blogs.jpcert.or.jp/en/.assets/thumbnail/ 0
0 19902ms
19888ms Image
image/png 52.199.127.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.jpcert.or.jp/en/.assets/thumbnail/phishurl-fig1-320wi.png

Requested by

Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.057512
date: Mon, 22 Jul 2024 06:34:02 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
x-amz-expiration: expiry-date="Wed, 21 Aug 2024 00:00:00 GMT", rule-id="RemoveOldData"
last-modified: Thu, 11 Jul 2024 16:51:28 GMT
age: 127190
etag: "879c867c14245cb5c83d6c670ce422fc"
x-amz-server-side-encryption: AES256
expect-ct: enforce, max-age=3600
content-type: image/png
accept-ranges: bytes
content-length: 45744
x-xss-protection: 1; mode=block

GET
H2 200 2021report-320wi.png
blogs.jpcert.or.jp/en/.assets/thumbnail/ 0
0 19900ms
19886ms Image
image/png 52.199.127.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.jpcert.or.jp/en/.assets/thumbnail/2021report-320wi.png

Requested by

Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.074915
date: Mon, 22 Jul 2024 06:34:02 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
x-amz-expiration: expiry-date="Thu, 15 Aug 2024 00:00:00 GMT", rule-id="RemoveOldData"
last-modified: Fri, 05 Jul 2024 09:26:04 GMT
age: 141848
etag: "a96293efb8c36bae86b7557b4050224b"
x-amz-server-side-encryption: AES256
expect-ct: enforce, max-age=3600
content-type: image/png
accept-ranges: bytes
content-length: 15584
x-xss-protection: 1; mode=block

GET
H2 200 01_en-320wi.png
blogs.jpcert.or.jp/en/.assets/thumbnail/ 0
0 19901ms
19886ms Image
image/png 52.199.127.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.jpcert.or.jp/en/.assets/thumbnail/01_en-320wi.png

Requested by

Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.045960
date: Mon, 22 Jul 2024 06:34:02 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
x-amz-expiration: expiry-date="Sat, 03 Aug 2024 00:00:00 GMT", rule-id="RemoveOldData"
last-modified: Sun, 23 Jun 2024 01:02:32 GMT
age: 141848
etag: "d75cb6337c4dc6f1c96abee1b77253de"
x-amz-server-side-encryption: AES256
expect-ct: enforce, max-age=3600
content-type: image/png
accept-ranges: bytes
content-length: 28822
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK N2r04NQy9WPJiTSHTadz.js Show response
pro.ranklet4.com/widgets/ 7 KB
2 KB 30ms
5ms Script
text/javascript 210.231.184.214
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ranklet4.com/widgets/N2r04NQy9WPJiTSHTadz.js
Requested by: Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 210.231.184.214 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS: 210-231-184-214.pro.static.arena.ne.jp
Software: nginx/1.26.1 /
Resource Hash: 7d3bf1e56006821c24ecfe15d95cb803072e706b583d385f3e2d1f140b668ce6

Request headers

Referer: https://blogs.jpcert.or.jp/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 22 Jul 2024 06:34:02 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Jul 2024 03:10:42 GMT
Server: nginx/1.26.1
x-amz-request-id: 0FVF46PTNNSS94V3
ETag: "5d6fe4930730251473945e4824acac30"
x-amz-server-side-encryption: AES256
X-Cache: HIT
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1464
x-amz-id-2: 5wOMr/w3DI42f43F2aMa5bKn1fzus6jbpW4aGzVEMn7OAFDgyji/0W5xYOiPAfkFIAI5Az3WD/Y=

GET matsu.png
movabletype.net/users/SHIKAPON/ 0
0

GET
H2 200 default-userpic-90.jpg
blogs.jpcert.or.jp/en/common/images/ 0
0 19902ms
19889ms Image
image/jpeg 52.199.127.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.jpcert.or.jp/en/common/images/default-userpic-90.jpg

Requested by

Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.023296
date: Mon, 22 Jul 2024 06:34:02 GMT
x-amz-version-id: Hnbukdk4pnKX3_Jdrtqqb2JY3w31WOp_
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Fri, 09 Oct 2020 02:03:45 GMT
age: 155075
etag: "5a94d27506940168f6de59eb32f920dc"
expect-ct: enforce, max-age=3600
content-type: image/jpeg
accept-ranges: bytes
content-length: 634
x-xss-protection: 1; mode=block

GET picture.png
movabletype.net/users/t.koshiishi/ 0
0

GET Q6VN1jSR_400x400.jpg
movabletype.net/users/reto/ 0
0

GET profile_icon.png
movabletype.net/users/ikuya/ 0
0

GET photo_sparky_small.jpg
movabletype.net/users/kkomiyama/ 0
0

GET blog_image.png
movabletype.net/users/masubuchi/ 0
0

GET %E7%94%BB%E5%83%8F%E3%81%AE%E8%B2%BC%E3%82%8A%E4%BB%98%E3%81%91%E5%85%88_-2021-3-18-22-18.png
movabletype.net/users/hori-32tk/ 0
0

GET image-992ce083-832a-45c5-a3d8-5922b68506a7.jpg
movabletype.net/users/kino/ 0
0

GET 14190908.jpg
movabletype.net/users/uchida/ 0
0

GET Sajo0191031.jpg
movabletype.net/users/sajo/ 0
0

GET Tomotaka-Ito.jpg
movabletype.net/users/Tomotaka/ 0
0

GET default-userpic-90.jpg
movabletype.net/users/tnakano/ 0
0

GET DSCN1042-(2).png
movabletype.net/users/shoko/ 0
0

GET j_icon72_400x400.jpg
movabletype.net/users/retiree_blog/ 0
0

GET
H2 200 footer_logo.svg
blogs.jpcert.or.jp/en/common/images/ 0
0 19899ms
19883ms Image
image/svg+xml 52.199.127.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.jpcert.or.jp/en/common/images/footer_logo.svg

Requested by

Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.058134
date: Mon, 22 Jul 2024 06:34:02 GMT
x-amz-version-id: Cx1bNBQORdTZDbUNftTAcH.2LEt5sDW2
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Fri, 09 Oct 2020 02:03:45 GMT
content-encoding: gzip
age: 154121
etag: W/"470f7c2a7f953ad63a2f660ce00a9ef3"
expect-ct: enforce, max-age=3600
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1443
x-xss-protection: 1; mode=block

GET widgets.js
platform.twitter.com/ 0
0

GET
H2 200 prototype.js
blogs.jpcert.or.jp/en/common/js/ 0
0 19906ms
19891ms Script
application/javascript 52.199.127.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.jpcert.or.jp/en/common/js/prototype.js

Requested by

Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.020155
date: Mon, 22 Jul 2024 06:34:02 GMT
x-amz-version-id: N0KlEhkLkgpbiO2iNalwwcYGYXmQIPcc
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Fri, 09 Oct 2020 02:03:45 GMT
content-encoding: gzip
age: 160368
etag: W/"c052d39fe57096c11105495ae5eaa363"
expect-ct: enforce, max-age=3600
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 48311
x-xss-protection: 1; mode=block

GET
H2 200 script.js
blogs.jpcert.or.jp/en/common/feedback/ 0
0 19901ms
19886ms Script
application/javascript 52.199.127.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.jpcert.or.jp/en/common/feedback/script.js

Requested by

Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.jpcert.or.jp/en/2024/07/mirrorface-attack-against-japanese-organisations.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.047519
date: Mon, 22 Jul 2024 06:34:02 GMT
x-amz-version-id: WKblPiUK5m0VfpbMlZmR5cNpURSAe3r4
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Fri, 09 Oct 2020 02:03:45 GMT
content-encoding: gzip
age: 149307
etag: W/"95fc36ba90d76fcaacd9b49a254fd6a5"
expect-ct: enforce, max-age=3600
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 2527
x-xss-protection: 1; mode=block

GET cse.js
cse.google.com/ 0
0

GET
H2 200 bg_header.jpg
blogs.jpcert.or.jp/en/common/images/ 0
0 19898ms
19883ms Image
image/jpeg 52.199.127.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.jpcert.or.jp/en/common/images/bg_header.jpg

Requested by

Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/en/common/css/styles.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.jpcert.or.jp/en/common/css/styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.052302
date: Mon, 22 Jul 2024 06:34:02 GMT
x-amz-version-id: 1LYFnOgGMu3b7ap_0FNaHRLj.1SCoQ94
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Fri, 09 Oct 2020 02:03:45 GMT
age: 154762
etag: "36b8b54cd6c4d3cedb6f1fab7973bd13"
expect-ct: enforce, max-age=3600
content-type: image/jpeg
accept-ranges: bytes
content-length: 81378
x-xss-protection: 1; mode=block

GET
H2 200 icon-mail.svg
blogs.jpcert.or.jp/en/common/images/ 0
0 19897ms
19883ms Image
image/svg+xml 52.199.127.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.jpcert.or.jp/en/common/images/icon-mail.svg

Requested by

Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/en/common/css/styles.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.jpcert.or.jp/en/common/css/styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.023054
date: Mon, 22 Jul 2024 06:34:02 GMT
x-amz-version-id: iRtpKkMVBni00J5p7Fi1DUAc6G11sxXt
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Fri, 09 Oct 2020 02:03:45 GMT
content-encoding: gzip
age: 149305
etag: W/"cdfcff7746225765d03d1b1fe8135ca9"
expect-ct: enforce, max-age=3600
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 263
x-xss-protection: 1; mode=block

GET aHR0cHM6Ly9ibG9ncy5qcGNlcnQub3IuanAvZW4vLmFzc2V0cy90aHVtYm5haWwvbWlycm9yZmFjZS1maWcxLTgwMHdpLnBuZw.jpg
pro.ranklet4.com/imgproxy/dQDRCjESIOeYAq4K6x2_z-c5b2ArqDg79EY4gUFMTH8/rs:fit:160:160/q:75/sm:1/ 0
0

GET aHR0cHM6Ly9ibG9ncy5qcGNlcnQub3IuanAvZW4vLmFzc2V0cy90aHVtYm5haWwvSW5mb0tleS04MDB3aS5wbmc.jpg
pro.ranklet4.com/imgproxy/SNoqIVNVHyPzr8sqrUSqzReBeh4kidqIRjhzJonsTXA/rs:fit:160:160/q:75/sm:1/ 0
0

GET aHR0cHM6Ly9ibG9ncy5qcGNlcnQub3IuanAvZW4vLmFzc2V0cy90aHVtYm5haWwvdm9sYXRpbGl0eTMtODAwd2kucG5n.jpg
pro.ranklet4.com/imgproxy/E27DmGDKu1R0qbL8Iog33aY7Yd-klh4Hz9hW0FldE3k/rs:fit:160:160/q:75/sm:1/ 0
0

GET aHR0cHM6Ly9ibG9ncy5qcGNlcnQub3IuanAvZW4vLmFzc2V0cy90aHVtYm5haWwvMDMtODAwd2kuanBn.jpg
pro.ranklet4.com/imgproxy/6oKY2Hgudik94XC29C95P0i1NTZgDRecCbq1iFp4N9g/rs:fit:160:160/q:75/sm:1/ 0
0

GET aHR0cHM6Ly9ibG9ncy5qcGNlcnQub3IuanAvZW4vLmFzc2V0cy90aHVtYm5haWwvcHlwaS04MDB3aS5wbmc.jpg
pro.ranklet4.com/imgproxy/CsaXon7TTQo4DrrSOAJyvdq-pKuw1Na5nbOSUA9JZ5Q/rs:fit:160:160/q:75/sm:1/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-124034031-1

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6NX4WBMERX

Domain: movabletype.net
URL: https://movabletype.net/users/shu_tom/ENCORE_400x400.jpg

Domain: movabletype.net
URL: https://movabletype.net/users/SHIKAPON/matsu.png

Domain: movabletype.net
URL: https://movabletype.net/users/t.koshiishi/picture.png

Domain: movabletype.net
URL: https://movabletype.net/users/reto/Q6VN1jSR_400x400.jpg

Domain: movabletype.net
URL: https://movabletype.net/users/ikuya/profile_icon.png

Domain: movabletype.net
URL: https://movabletype.net/users/kkomiyama/photo_sparky_small.jpg

Domain: movabletype.net
URL: https://movabletype.net/users/masubuchi/blog_image.png

Domain: movabletype.net
URL: https://movabletype.net/users/hori-32tk/%E7%94%BB%E5%83%8F%E3%81%AE%E8%B2%BC%E3%82%8A%E4%BB%98%E3%81%91%E5%85%88_-2021-3-18-22-18.png

Domain: movabletype.net
URL: https://movabletype.net/users/kino/image-992ce083-832a-45c5-a3d8-5922b68506a7.jpg

Domain: movabletype.net
URL: https://movabletype.net/users/uchida/14190908.jpg

Domain: movabletype.net
URL: https://movabletype.net/users/sajo/Sajo0191031.jpg

Domain: movabletype.net
URL: https://movabletype.net/users/Tomotaka/Tomotaka-Ito.jpg

Domain: movabletype.net
URL: https://movabletype.net/users/tnakano/default-userpic-90.jpg

Domain: movabletype.net
URL: https://movabletype.net/users/shoko/DSCN1042-(2).png

Domain: movabletype.net
URL: https://movabletype.net/users/retiree_blog/j_icon72_400x400.jpg

Domain: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Domain: cse.google.com
URL: https://cse.google.com/cse.js?cx=004990004422359256493:nnhwqqlx864

Domain: pro.ranklet4.com
URL: https://pro.ranklet4.com/imgproxy/dQDRCjESIOeYAq4K6x2_z-c5b2ArqDg79EY4gUFMTH8/rs:fit:160:160/q:75/sm:1/aHR0cHM6Ly9ibG9ncy5qcGNlcnQub3IuanAvZW4vLmFzc2V0cy90aHVtYm5haWwvbWlycm9yZmFjZS1maWcxLTgwMHdpLnBuZw.jpg

Domain: pro.ranklet4.com
URL: https://pro.ranklet4.com/imgproxy/SNoqIVNVHyPzr8sqrUSqzReBeh4kidqIRjhzJonsTXA/rs:fit:160:160/q:75/sm:1/aHR0cHM6Ly9ibG9ncy5qcGNlcnQub3IuanAvZW4vLmFzc2V0cy90aHVtYm5haWwvSW5mb0tleS04MDB3aS5wbmc.jpg

Domain: pro.ranklet4.com
URL: https://pro.ranklet4.com/imgproxy/E27DmGDKu1R0qbL8Iog33aY7Yd-klh4Hz9hW0FldE3k/rs:fit:160:160/q:75/sm:1/aHR0cHM6Ly9ibG9ncy5qcGNlcnQub3IuanAvZW4vLmFzc2V0cy90aHVtYm5haWwvdm9sYXRpbGl0eTMtODAwd2kucG5n.jpg

Domain: pro.ranklet4.com
URL: https://pro.ranklet4.com/imgproxy/6oKY2Hgudik94XC29C95P0i1NTZgDRecCbq1iFp4N9g/rs:fit:160:160/q:75/sm:1/aHR0cHM6Ly9ibG9ncy5qcGNlcnQub3IuanAvZW4vLmFzc2V0cy90aHVtYm5haWwvMDMtODAwd2kuanBn.jpg

Domain: pro.ranklet4.com
URL: https://pro.ranklet4.com/imgproxy/CsaXon7TTQo4DrrSOAJyvdq-pKuw1Na5nbOSUA9JZ5Q/rs:fit:160:160/q:75/sm:1/aHR0cHM6Ly9ibG9ncy5qcGNlcnQub3IuanAvZW4vLmFzc2V0cy90aHVtYm5haWwvcHlwaS04MDB3aS5wbmc.jpg

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogs.jpcert.or.jp
cdnjs.cloudflare.com
cse.google.com
movabletype.net
platform.twitter.com
pro.ranklet4.com
www.googletagmanager.com
cse.google.com
movabletype.net
platform.twitter.com
pro.ranklet4.com
www.googletagmanager.com
104.17.24.14
210.231.184.214
52.199.127.131
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
55e0a52fbb9648e85e69d919049827db3eced91508a93967b78068d268924f4c
6f7505af235b3dec440dedfbc35698ffd35372032e9c0122afc003636ea894b4
7d3bf1e56006821c24ecfe15d95cb803072e706b583d385f3e2d1f140b668ce6
a8063b32a2b02296dbcb861b81a209185ad876688835b12106bd04c7196342a5

blogs.jpcert.or.jp Open in urlscan Pro 52.199.127.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

46 Requests

48 %HTTPS

0 %IPv6

7 Domains

7 Subdomains

4 IPs

2 Countries

35 kBTransfer

298 kBSize

0 Cookies

11 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

blogs.jpcert.or.jp Open in urlscan Pro
52.199.127.131 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

48 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

4
IPs

2
Countries

35 kB
Transfer

298 kB
Size

0
Cookies

46 HTTP transactions
0 data transactions