urlscan.io logo urlscan.io
SecurityTrails logo

portlandvale.com Open in urlscan Pro
92.52.217.194  Public Scan

Go To Rescan Add Verdict Report
URL: https://portlandvale.com/qy/owl.php
Submission Tags: @ecarlesi threat spam Search All
Submission: On October 16 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 92.52.217.194, located in Hungary and belongs to MAXKO, HR. The main domain is portlandvale.com.
TLS certificate: Issued by R11 on October 16th 2024. Valid for: 3 months.
This is the only time portlandvale.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 92.52.217.194 211619 (MAXKO)
3 198.54.116.86 22612 (NAMECHEAP...)
1 142.250.74.202 15169 (GOOGLE)
3 142.250.185.67 15169 (GOOGLE)
10 5
Apex Domain
Subdomains		 Transfer
3 gstatic.com
fonts.gstatic.com
44 KB
3 owlmailer.io
owlmailer.io
57 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
1 portlandvale.com
portlandvale.com
12 KB
10 4
Domain Requested by
3 fonts.gstatic.com fonts.googleapis.com
3 owlmailer.io portlandvale.com
1 fonts.googleapis.com owlmailer.io
1 portlandvale.com
10 4

This site contains links to these domains. Also see Links.

Domain
owlmailer.io
Subject Issuer Validity Valid
*.portlandvale.com
R11		 2024-10-16 -
2025-01-14		 3 months crt.sh
owlmailer.io
Sectigo RSA Domain Validation Secure Server CA		 2024-04-16 -
2024-12-18		 8 months crt.sh
upload.video.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://portlandvale.com/qy/owl.php
Frame ID: 3758B7AA8005754CB1E829EA5FE19D06
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Owl PHPMailer 2.1

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

80 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

114 kB
Transfer

304 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request owl.php
portlandvale.com/qy/ 		11 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portlandvale.com/qy/owl.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
92.52.217.194 , Hungary, ASN211619 (MAXKO, HR),
Reverse DNS
Software
Apache /
Resource Hash
2e914fe8b379e3863f9bf0c16ea1fc5559eb399e2e31092df4b11dafc5bc0837

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Oct 2024 22:19:41 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
3.3.6bootstrap.min.css
owlmailer.io/css/ 		123 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://owlmailer.io/css/3.3.6bootstrap.min.css
Requested by
Host: portlandvale.com
URL: https://portlandvale.com/qy/owl.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.86 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server86-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
61014111763bb1fe3bceab6bdd091a9641679743f272f88a94c90886b674930c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portlandvale.com/

Response headers

cache-control
public, max-age=604800
content-encoding
br
expires
Wed, 23 Oct 2024 22:19:41 GMT
accept-ranges
bytes
content-length
18853
date
Wed, 16 Oct 2024 22:19:41 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/css
last-modified
Mon, 22 Apr 2024 13:18:40 GMT
vary
Accept-Encoding
server
LiteSpeed
jquery.min.js
owlmailer.io/css/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://owlmailer.io/css/jquery.min.js
Requested by
Host: portlandvale.com
URL: https://portlandvale.com/qy/owl.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.86 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server86-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portlandvale.com/

Response headers

content-encoding
br
accept-ranges
bytes
content-length
29658
date
Wed, 16 Oct 2024 22:19:41 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/javascript
last-modified
Mon, 22 Apr 2024 12:42:02 GMT
vary
Accept-Encoding
server
LiteSpeed
owl.php
owlmailer.io//qy/ 		0
0
3.3.1bootstrap.min.js
owlmailer.io/css/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://owlmailer.io/css/3.3.1bootstrap.min.js
Requested by
Host: portlandvale.com
URL: https://portlandvale.com/qy/owl.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.86 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server86-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
6d0c489d9ab712d6670a54b4e665a39072926d309b001e179ccd721102b558df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portlandvale.com/

Response headers

content-encoding
br
accept-ranges
bytes
content-length
9103
date
Wed, 16 Oct 2024 22:19:41 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/javascript
last-modified
Mon, 22 Apr 2024 12:41:20 GMT
vary
Accept-Encoding
server
LiteSpeed
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700
Requested by
Host: owlmailer.io
URL: https://owlmailer.io/css/3.3.6bootstrap.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.202 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f10.1e100.net
Software
ESF /
Resource Hash
55cb4df4b517a838340cdff1e9c871e2fb97ea1ff0b36490f8f8ba588619083a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://owlmailer.io/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 22:19:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 22:19:42 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 16 Oct 2024 21:49:58 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://portlandvale.com
Referer
https://fonts.googleapis.com/

Response headers

age
104225
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 17:22:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 17:22:38 GMT
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14892
x-xss-protection
0
server
sffe
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://portlandvale.com
Referer
https://fonts.googleapis.com/

Response headers

age
80271
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 00:01:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 00:01:52 GMT
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14712
x-xss-protection
0
server
sffe
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://portlandvale.com
Referer
https://fonts.googleapis.com/

Response headers

age
67425
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:35:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:35:58 GMT
last-modified
Thu, 01 Jun 2023 22:52:58 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14780
x-xss-protection
0
server
sffe
favicon.ico
owlmailer.io/img/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
owlmailer.io
URL
https://owlmailer.io//qy/owl.php
Domain
owlmailer.io
URL
https://owlmailer.io/img/favicon.ico

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| stopSending function| handleSendingResponse function| startSending

1 Cookies

Domain/Path Name / Value
portlandvale.com/ Name: PHPSESSID
Value: a17b1e2c2d0dac1528c621cdef0515ee