urlscan.io logo urlscan.io
SecurityTrails logo

wpn.eg-energy.jp Open in urlscan Pro
54.248.242.229  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://13.202.5.26/home.html
Effective URL: https://wpn.eg-energy.jp/wp-content/plugins/wp-multibyte-patch/includes/index.htm
Submission Tags: @phish_report
Submission: On May 03 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 2 domains to perform 10 HTTP transactions. The main IP is 54.248.242.229, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is wpn.eg-energy.jp.
TLS certificate: Issued by R3 on March 25th 2024. Valid for: 3 months.
This is the only time wpn.eg-energy.jp was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 13.202.5.26 16509 (AMAZON-02)
1 54.248.242.229 16509 (AMAZON-02)
7 137.248.1.76 680 (DFN Verei...)
10 3
Apex Domain
Subdomains		 Transfer
7 uni-marburg.de
home.staff.uni-marburg.de
241 KB
1 eg-energy.jp
wpn.eg-energy.jp
4 KB
10 2
Domain Requested by
7 home.staff.uni-marburg.de wpn.eg-energy.jp
home.staff.uni-marburg.de
1 wpn.eg-energy.jp
10 2
Subject Issuer Validity Valid
ieqprecisionmfg.com
R3		 2024-04-18 -
2024-07-17		 3 months crt.sh
wpn.eg-energy.jp
R3		 2024-03-25 -
2024-06-23		 3 months crt.sh
home.staff.uni-marburg.de
Sectigo RSA Organization Validation Secure Server CA		 2024-03-08 -
2025-03-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://wpn.eg-energy.jp/wp-content/plugins/wp-multibyte-patch/includes/index.htm
Frame ID: A36B7D2136792572CDB3ADF21121578A
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Horde :: Log in

Page URL History Show full URLs

  1. http://13.202.5.26/home.html HTTP 307
    https://13.202.5.26/home.html Page URL
  2. https://wpn.eg-energy.jp/wp-content/plugins/wp-multibyte-patch/includes/index.htm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

10
Requests

80 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

3
Countries

249 kB
Transfer

408 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://13.202.5.26/home.html HTTP 307
    https://13.202.5.26/home.html Page URL
  2. https://wpn.eg-energy.jp/wp-content/plugins/wp-multibyte-patch/includes/index.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://13.202.5.26/home.html HTTP 307
  • https://13.202.5.26/home.html
Request Chain 1
  • https://13.202.5.26/favicon.ico HTTP 302
  • https://13.202.5.26/wp-content/uploads/2024/04/Logo-New-1-2.png

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
home.html
13.202.5.26/
Redirect Chain
  • http://13.202.5.26/home.html
  • https://13.202.5.26/home.html
162 B
484 B 		Document
General
Check archive.org
Download Go to
Full URL
https://13.202.5.26/home.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.202.5.26 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-202-5-26.ap-south-1.compute.amazonaws.com
Software
Apache /
Resource Hash
d902c78b9499bd73f0dbbae535be870fe62d57526891ecddf436fb1204046a90

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
164
Content-Type
text/html
Date
Fri, 03 May 2024 09:46:31 GMT
ETag
"a2-61787cf4f5566-gzip"
Keep-Alive
timeout=2, max=100
Last-Modified
Fri, 03 May 2024 07:38:46 GMT
Server
Apache
Vary
Accept-Encoding

Redirect headers

Location
https://13.202.5.26/home.html
Non-Authoritative-Reason
HttpsUpgrades
Primary Request index.htm
wpn.eg-energy.jp/wp-content/plugins/wp-multibyte-patch/includes/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wpn.eg-energy.jp/wp-content/plugins/wp-multibyte-patch/includes/index.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.248.242.229 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-242-229.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
146278433d393f2cd1975b9a4af222fa421d48368280e7c1f5a8ea9d144ddcce

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://13.202.5.26/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3487
Content-Type
text/html
Date
Fri, 03 May 2024 09:46:32 GMT
ETag
"2a0f-61787bf4be79d-gzip"
Keep-Alive
timeout=2, max=100
Last-Modified
Fri, 03 May 2024 07:34:17 GMT
Server
Apache
Vary
Accept-Encoding
Logo-New-1-2.png
13.202.5.26/wp-content/uploads/2024/04/
Redirect Chain
  • https://13.202.5.26/favicon.ico
  • https://13.202.5.26/wp-content/uploads/2024/04/Logo-New-1-2.png
3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://13.202.5.26/wp-content/uploads/2024/04/Logo-New-1-2.png
Protocol
HTTP/1.1
Server
13.202.5.26 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-202-5-26.ap-south-1.compute.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://13.202.5.26/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Fri, 03 May 2024 09:46:32 GMT
Last-Modified
Tue, 23 Apr 2024 04:48:35 GMT
Server
Apache
ETag
"c87-616bc44463b14"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=98
Content-Length
3207

Redirect headers

Pragma
no-cache
Date
Fri, 03 May 2024 09:46:31 GMT
Server
Apache
X-Redirect-By
WordPress
Content-Type
text/html; charset=UTF-8
Location
https://13.202.5.26/wp-content/uploads/2024/04/Logo-New-1-2.png
Cache-Control
no-store, no-cache, must-revalidate
X-LiteSpeed-Tag
11f_HTTP.200,11f_HTTP.302
Connection
Keep-Alive
Link
<https://13.202.5.26/index.php/wp-json/>; rel="https://api.w.org/"
Content-Length
0
Keep-Alive
timeout=2, max=99
Expires
Thu, 19 Nov 1981 08:52:00 GMT
3e738f02c7bc8cdc.css
home.staff.uni-marburg.de/static/ 		54 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://home.staff.uni-marburg.de/static/3e738f02c7bc8cdc.css
Requested by
Host: wpn.eg-energy.jp
URL: https://wpn.eg-energy.jp/wp-content/plugins/wp-multibyte-patch/includes/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
137.248.1.76 Marburg, Germany, ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE),
Reverse DNS
vhrz2041.HRZ.Uni-Marburg.DE
Software
nginx/1.18.0 /
Resource Hash
cb779d9fbf5a71eeb7c2fea83f50debb522cc766b8741ffa73f441eb47607e45
Security Headers
Name Value
Strict-Transport-Security max-age=17280000;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://wpn.eg-energy.jp/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 03 May 2024 09:46:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=17280000;
Last-Modified
Thu, 02 May 2024 12:35:16 GMT
Server
nginx/1.18.0
ETag
"d925-61777d5d8e9ae-gzip"
Vary
Accept-Encoding
X-Frame-Options
sameorigin
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10552
43d4d33060d38c00.js
home.staff.uni-marburg.de/static/ 		149 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://home.staff.uni-marburg.de/static/43d4d33060d38c00.js
Requested by
Host: wpn.eg-energy.jp
URL: https://wpn.eg-energy.jp/wp-content/plugins/wp-multibyte-patch/includes/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
137.248.1.76 Marburg, Germany, ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE),
Reverse DNS
vhrz2041.HRZ.Uni-Marburg.DE
Software
nginx/1.18.0 /
Resource Hash
77de3f9e253f4b1a8807b5349a0909a13d0d2d405478414417f302291f20a6b3
Security Headers
Name Value
Strict-Transport-Security max-age=17280000;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://wpn.eg-energy.jp/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 03 May 2024 09:46:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=17280000;
Last-Modified
Thu, 02 May 2024 09:57:41 GMT
Server
nginx/1.18.0
ETag
"2523d-61775a248238e-gzip"
Vary
Accept-Encoding
X-Frame-Options
sameorigin
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39307
ce285feec108e867.js
home.staff.uni-marburg.de/static/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://home.staff.uni-marburg.de/static/ce285feec108e867.js
Requested by
Host: wpn.eg-energy.jp
URL: https://wpn.eg-energy.jp/wp-content/plugins/wp-multibyte-patch/includes/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
137.248.1.76 Marburg, Germany, ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE),
Reverse DNS
vhrz2041.HRZ.Uni-Marburg.DE
Software
nginx/1.18.0 /
Resource Hash
bf671a195b130569f25121bc1456bc24cdfeafd521176e960ff51c3aedd6db66
Security Headers
Name Value
Strict-Transport-Security max-age=17280000;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://wpn.eg-energy.jp/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 03 May 2024 09:46:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=17280000;
Last-Modified
Thu, 02 May 2024 09:57:41 GMT
Server
nginx/1.18.0
ETag
"c06-61775a248526f-gzip"
Vary
Accept-Encoding
X-Frame-Options
sameorigin
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1294
emoflaeche-hrz2013.jpg
home.staff.uni-marburg.de/themes/uni-marburg/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.staff.uni-marburg.de/themes/uni-marburg/emoflaeche-hrz2013.jpg
Requested by
Host: home.staff.uni-marburg.de
URL: https://home.staff.uni-marburg.de/static/3e738f02c7bc8cdc.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
137.248.1.76 Marburg, Germany, ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE),
Reverse DNS
vhrz2041.HRZ.Uni-Marburg.DE
Software
nginx/1.18.0 /
Resource Hash
7126f2789cd891fbf1d3ca06b610e2eef0fd2945d8f936bcb1033b5db5296a89
Security Headers
Name Value
Strict-Transport-Security max-age=17280000;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://home.staff.uni-marburg.de/static/3e738f02c7bc8cdc.css
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 03 May 2024 09:46:33 GMT
Strict-Transport-Security
max-age=17280000;
X-Content-Type-Options
nosniff
Last-Modified
Fri, 12 May 2023 14:15:15 GMT
Server
nginx/1.18.0
ETag
"a642-5fb7fbbeef72d"
X-Frame-Options
sameorigin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42562
umr_logo_4c_trans.gif
home.staff.uni-marburg.de/themes/uni-marburg/graphics/ 		146 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.staff.uni-marburg.de/themes/uni-marburg/graphics/umr_logo_4c_trans.gif
Requested by
Host: home.staff.uni-marburg.de
URL: https://home.staff.uni-marburg.de/static/3e738f02c7bc8cdc.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
137.248.1.76 Marburg, Germany, ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE),
Reverse DNS
vhrz2041.HRZ.Uni-Marburg.DE
Software
nginx/1.18.0 /
Resource Hash
24cbb8aad9452f2fb232e312190f370a459f77a45c8b89a31f589b6e5425dbaf
Security Headers
Name Value
Strict-Transport-Security max-age=17280000;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://home.staff.uni-marburg.de/static/3e738f02c7bc8cdc.css
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 03 May 2024 09:46:33 GMT
Strict-Transport-Security
max-age=17280000;
X-Content-Type-Options
nosniff
Last-Modified
Fri, 12 May 2023 14:15:15 GMT
Server
nginx/1.18.0
ETag
"2485f-5fb7fbbeef72d"
X-Frame-Options
sameorigin
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
149599
button-default.png
home.staff.uni-marburg.de/themes/default/graphics/ 		87 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.staff.uni-marburg.de/themes/default/graphics/button-default.png
Requested by
Host: home.staff.uni-marburg.de
URL: https://home.staff.uni-marburg.de/static/3e738f02c7bc8cdc.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
137.248.1.76 Marburg, Germany, ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE),
Reverse DNS
vhrz2041.HRZ.Uni-Marburg.DE
Software
nginx/1.18.0 /
Resource Hash
66d26930f75f18c4c1880eef974e444857e7ff1e9e74fb34860fa2e7f7d3ba13
Security Headers
Name Value
Strict-Transport-Security max-age=17280000;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://home.staff.uni-marburg.de/static/3e738f02c7bc8cdc.css
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 03 May 2024 09:46:33 GMT
Strict-Transport-Security
max-age=17280000;
X-Content-Type-Options
nosniff
Last-Modified
Fri, 12 May 2023 14:15:15 GMT
Server
nginx/1.18.0
ETag
"57-5fb7fbbeec84c"
X-Frame-Options
sameorigin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
87
favicon.ico
home.staff.uni-marburg.de/themes/default/graphics/ 		918 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://home.staff.uni-marburg.de/themes/default/graphics/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
137.248.1.76 Marburg, Germany, ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE),
Reverse DNS
vhrz2041.HRZ.Uni-Marburg.DE
Software
nginx/1.18.0 /
Resource Hash
1d2369a3986f4a0f1853c0e700a45e42e2d5901f8b1f6219005ec6e94e7f7b55
Security Headers
Name Value
Strict-Transport-Security max-age=17280000;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://wpn.eg-energy.jp/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 03 May 2024 09:46:33 GMT
Strict-Transport-Security
max-age=17280000;
X-Content-Type-Options
nosniff
Last-Modified
Fri, 12 May 2023 14:15:15 GMT
Server
nginx/1.18.0
ETag
"396-5fb7fbbeec84c"
X-Frame-Options
sameorigin
Content-Type
image/vnd.microsoft.icon
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
918

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| openLink object| Prototype object| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $A function| $w function| $H function| Hash function| $R function| ObjectRange object| Abstract object| Try object| Ajax object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position function| $ function| $$ undefined| Sizzle function| Selector object| HordeLogin object| AccessKeys string| umrai_formid function| umrai_submit string| umrai_usernameid string| umrai_passwdid

1 Cookies

Domain/Path Name / Value
13.202.5.26/ Name: PHPSESSID
Value: okmh1gn9m2lg94v63smaaqb2sp

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://wpn.eg-energy.jp/wp-content/plugins/wp-multibyte-patch/includes/index.htm
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o