urlscan.io logo urlscan.io
SecurityTrails logo

euwinecn.com Open in urlscan Pro
103.125.232.88  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.portal.ventures/mn/office?email=juha.kostiainen@kvaerner.com&data=02|01|juha.kostiainen@kvaerner.com|6dbf30195fe...
Effective URL: https://euwinecn.com/offic1/5t87oe9hcczetk0jn9o6go5o.php?AD2LeK155654086121953ac46aa0e587ab7a878fc74fed2921953ac46aa0...
Submission: On April 29 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 103.125.232.88, located in and belongs to XTOM xTom, HK. The main domain is euwinecn.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 27th 2019. Valid for: 3 months.
This is the only time euwinecn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 209.59.154.250 32244 (LIQUIDWEB)
1 3 103.125.232.88 9312 (XTOM xTom)
2 1
Apex Domain
Subdomains		 Transfer
3 euwinecn.com
euwinecn.com
1 KB
2 portal.ventures
www.portal.ventures
929 B
2 2
Domain Requested by
3 euwinecn.com 1 redirects euwinecn.com
2 www.portal.ventures 2 redirects
2 2

This site contains links to these domains. Also see Links.

Domain
www.authenticpenguinsjersey.com
www.nygiantsofficialonlines.com
Subject Issuer Validity Valid
euwinecn.com
cPanel, Inc. Certification Authority		 2019-03-27 -
2019-06-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://euwinecn.com/offic1/5t87oe9hcczetk0jn9o6go5o.php?AD2LeK155654086121953ac46aa0e587ab7a878fc74fed2921953ac46aa0e587ab7a878fc74fed2921953ac46aa0e587ab7a878fc74fed2921953ac46aa0e587ab7a878fc74fed2921953ac46aa0e587ab7a878fc74fed29&data=juha.kostiainen@kvaerner.com
Frame ID: 2108246C1989E08B7691F40C82D22A5E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.portal.ventures/mn/office?email=juha.kostiainen@kvaerner.com&data=02|01|juha.kostiainen@kvae... HTTP 301
    https://www.portal.ventures/mn/office/?email=juha.kostiainen@kvaerner.com&data=02|01|juha.kostiainen@kva... HTTP 302
    https://euwinecn.com/offic1/?email=juha.kostiainen@kvaerner.com Page URL
  2. https://euwinecn.com/offic1/home.php?email=juha.kostiainen@kvaerner.com HTTP 302
    https://euwinecn.com/offic1/5t87oe9hcczetk0jn9o6go5o.php?AD2LeK155654086121953ac46aa0e587ab7a878f... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

1 kB
Transfer

0 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.portal.ventures/mn/office?email=juha.kostiainen@kvaerner.com&data=02|01|juha.kostiainen@kvaerner.com|6dbf30195fe64721a4a508d6ca6e94d9|20d4745c70614b6d84dc036d4d008aed|1|1|636918973635751423&sdata=xpy/o8jw3cXIvge7ggbxif4Wh5N7ZTzgddVhRIsq07o=&reserved=0 HTTP 301
    https://www.portal.ventures/mn/office/?email=juha.kostiainen@kvaerner.com&data=02|01|juha.kostiainen@kvaerner.com|6dbf30195fe64721a4a508d6ca6e94d9|20d4745c70614b6d84dc036d4d008aed|1|1|636918973635751423&sdata=xpy/o8jw3cXIvge7ggbxif4Wh5N7ZTzgddVhRIsq07o=&reserved=0 HTTP 302
    https://euwinecn.com/offic1/?email=juha.kostiainen@kvaerner.com Page URL
  2. https://euwinecn.com/offic1/home.php?email=juha.kostiainen@kvaerner.com HTTP 302
    https://euwinecn.com/offic1/5t87oe9hcczetk0jn9o6go5o.php?AD2LeK155654086121953ac46aa0e587ab7a878fc74fed2921953ac46aa0e587ab7a878fc74fed2921953ac46aa0e587ab7a878fc74fed2921953ac46aa0e587ab7a878fc74fed2921953ac46aa0e587ab7a878fc74fed29&data=juha.kostiainen@kvaerner.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.portal.ventures/mn/office?email=juha.kostiainen@kvaerner.com&data=02|01|juha.kostiainen@kvaerner.com|6dbf30195fe64721a4a508d6ca6e94d9|20d4745c70614b6d84dc036d4d008aed|1|1|636918973635751423&sdata=xpy/o8jw3cXIvge7ggbxif4Wh5N7ZTzgddVhRIsq07o=&reserved=0 HTTP 301
  • https://www.portal.ventures/mn/office/?email=juha.kostiainen@kvaerner.com&data=02|01|juha.kostiainen@kvaerner.com|6dbf30195fe64721a4a508d6ca6e94d9|20d4745c70614b6d84dc036d4d008aed|1|1|636918973635751423&sdata=xpy/o8jw3cXIvge7ggbxif4Wh5N7ZTzgddVhRIsq07o=&reserved=0 HTTP 302
  • https://euwinecn.com/offic1/?email=juha.kostiainen@kvaerner.com

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
euwinecn.com/offic1/
Redirect Chain
  • https://www.portal.ventures/mn/office?email=juha.kostiainen@kvaerner.com&data=02|01|juha.kostiainen@kvaerner.com|6dbf30195fe64721a4a508d6ca6e94d9|20d4745c70614b6d84dc036d4d008aed|1|1|63691897363575...
  • https://www.portal.ventures/mn/office/?email=juha.kostiainen@kvaerner.com&data=02|01|juha.kostiainen@kvaerner.com|6dbf30195fe64721a4a508d6ca6e94d9|20d4745c70614b6d84dc036d4d008aed|1|1|6369189736357...
  • https://euwinecn.com/offic1/?email=juha.kostiainen@kvaerner.com
111 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://euwinecn.com/offic1/?email=juha.kostiainen@kvaerner.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.125.232.88 -, , ASN9312 (XTOM xTom, HK),
Reverse DNS
Software
Apache /
Resource Hash
870ae5fa97e751bfd051f4c93b4568290f504e715f883dadd302135a52847e52

Request headers

Host
euwinecn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 29 Apr 2019 12:27:40 GMT
Server
Apache
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 29 Apr 2019 12:27:39 GMT
Server
Apache
X-Powered-By
PHP/7.0.33
location
https://euwinecn.com/offic1/?email=juha.kostiainen@kvaerner.com
Cache-Control
max-age=600
Expires
Mon, 29 Apr 2019 12:37:39 GMT
Vary
User-Agent
Content-Length
0
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Primary Request 5t87oe9hcczetk0jn9o6go5o.php
euwinecn.com/offic1/
Redirect Chain
  • https://euwinecn.com/offic1/home.php?email=juha.kostiainen@kvaerner.com
  • https://euwinecn.com/offic1/5t87oe9hcczetk0jn9o6go5o.php?AD2LeK155654086121953ac46aa0e587ab7a878fc74fed2921953ac46aa0e587ab7a878fc74fed2921953ac46aa0e587ab7a878fc74fed2921953ac46aa0e587ab7a878fc74f...
235 B
440 B 		Document
General
Check archive.org
Download Go to
Full URL
https://euwinecn.com/offic1/5t87oe9hcczetk0jn9o6go5o.php?AD2LeK155654086121953ac46aa0e587ab7a878fc74fed2921953ac46aa0e587ab7a878fc74fed2921953ac46aa0e587ab7a878fc74fed2921953ac46aa0e587ab7a878fc74fed2921953ac46aa0e587ab7a878fc74fed29&data=juha.kostiainen@kvaerner.com
Requested by
Host: euwinecn.com
URL: https://euwinecn.com/offic1/?email=juha.kostiainen@kvaerner.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.125.232.88 -, , ASN9312 (XTOM xTom, HK),
Reverse DNS
Software
Apache /
Resource Hash
2f4f5608c7aeaaa0e68c86785b02d309b661b2a7b1e21489e3e2b92d8c585e21

Request headers

Host
euwinecn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://euwinecn.com/offic1/?email=juha.kostiainen@kvaerner.com
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://euwinecn.com/offic1/?email=juha.kostiainen@kvaerner.com

Response headers

Date
Mon, 29 Apr 2019 12:27:41 GMT
Server
Apache
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html;charset=utf-8

Redirect headers

Date
Mon, 29 Apr 2019 12:27:41 GMT
Server
Apache
Location
5t87oe9hcczetk0jn9o6go5o.php?AD2LeK155654086121953ac46aa0e587ab7a878fc74fed2921953ac46aa0e587ab7a878fc74fed2921953ac46aa0e587ab7a878fc74fed2921953ac46aa0e587ab7a878fc74fed2921953ac46aa0e587ab7a878fc74fed29&data=juha.kostiainen@kvaerner.com
Content-Length
0
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

euwinecn.com
www.portal.ventures
103.125.232.88
209.59.154.250
2f4f5608c7aeaaa0e68c86785b02d309b661b2a7b1e21489e3e2b92d8c585e21
870ae5fa97e751bfd051f4c93b4568290f504e715f883dadd302135a52847e52