mail.winline-cupis.com

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 4 HTTP transactions. The main IP is 45.82.71.17, located in Netherlands and belongs to ON-LINE-DATA Server location - Netherlands, Dronten, NL. The main domain is mail.winline-cupis.com.

This is the only time mail.winline-cupis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	45.82.71.17 45.82.71.17	204601 (ON-LINE-D...) (ON-LINE-DATA Server location - Netherlands)
1 1	178.253.34.136 178.253.34.136	202492 (SGHL1-AS) (SGHL1-AS)
1 1	178.253.35.11 178.253.35.11	202492 (SGHL1-AS) (SGHL1-AS)
2 3	178.253.35.225 178.253.35.225	() ()
4	2

3 45.82.71.17 (Netherlands)

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: romario.sites

mail.winline-cupis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.253.34.136 (Iran, Islamic Republic Of) 1 redirects

ASN202492 (SGHL1-AS, NL)

refpa9406700.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.253.35.11 (Iran, Islamic Republic Of) 1 redirects

ASN202492 (SGHL1-AS, NL)

1x-xredbet910487.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.253.35.225 (None, ) 2 redirects

ASN- ()

lite-1x732673.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	lite-1x732673.top 2 redirects lite-1x732673.top	542 B
3	winline-cupis.com mail.winline-cupis.com	7 KB
1	1x-xredbet910487.top 1 redirects 1x-xredbet910487.top	549 B
1	refpa9406700.top 1 redirects refpa9406700.top	181 B
4	4

	Domain	Requested by
3	lite-1x732673.top	2 redirects mail.winline-cupis.com
3	mail.winline-cupis.com	mail.winline-cupis.com
1	1x-xredbet910487.top	1 redirects
1	refpa9406700.top	1 redirects
4	4

This site contains no links.

Subject Issuer	Validity	Valid
*.lite-1x732673.top R3	`2022-05-10` - `2022-08-08`	3 months	crt.sh

This page contains 1 frames:

Frame: https://lite-1x732673.top/en/block
Frame ID: E0D9703369BE99083AF04F0E0D921B63
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

4
Requests

25 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

7 kB
Transfer

31 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://refpa9406700.top/L?tag=s_2762m_355c_&site=2762&ad=355 HTTP 303
https://1x-xredbet910487.top/?tag=s_2762m_355c_ HTTP 308
https://lite-1x732673.top/?tag=s_2762m_355c_ HTTP 302
https://lite-1x732673.top/en?tag=s_2762m_355c_ HTTP 302
https://lite-1x732673.top/en/block

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
mail.winline-cupis.com/ 192 B
422 B 704ms
151ms Document
text/html 45.82.71.17
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.winline-cupis.com/
Protocol: HTTP/1.1
Server: 45.82.71.17 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: romario.sites
Software: nginx /
Resource Hash: a5f801e8db08f9cb42e1d240869226332e2449f6de54548bfb754782532213ba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 192
Content-Type: text/html
Date: Mon, 16 May 2022 16:47:06 GMT
ETag: "61b314b1-c0"
Last-Modified: Fri, 10 Dec 2021 08:49:53 GMT
Server: nginx

GET
H/1.1 200
OK api.js Show response
mail.winline-cupis.com/1x_dom/ 1 KB
849 B 152ms
152ms Script
application/javascript 45.82.71.17
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.winline-cupis.com/1x_dom/api.js
Requested by: Host: mail.winline-cupis.com
URL: http://mail.winline-cupis.com/
Protocol: HTTP/1.1
Server: 45.82.71.17 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: romario.sites
Software: nginx /
Resource Hash: 66f6ee60fff3b2de82f69ad50b17e8cff44dbf776a57470d90611e7a1cfa14ce

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.winline-cupis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 16 May 2022 16:47:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Dec 2021 08:49:53 GMT
Server: nginx
ETag: W/"61b314b1-46d"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK api.php
mail.winline-cupis.com/1x_dom/ 30 KB
6 KB 273ms
273ms XHR
text/html 45.82.71.17
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.winline-cupis.com/1x_dom/api.php
Requested by: Host: mail.winline-cupis.com
URL: http://mail.winline-cupis.com/1x_dom/api.js
Protocol: HTTP/1.1
Server: 45.82.71.17 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: romario.sites
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.winline-cupis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 16 May 2022 16:47:07 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2

200

block
lite-1x732673.top/en/
Redirect Chain

https://refpa9406700.top/L?tag=s_2762m_355c_&site=2762&ad=355
https://1x-xredbet910487.top/?tag=s_2762m_355c_
https://lite-1x732673.top/?tag=s_2762m_355c_
https://lite-1x732673.top/en?tag=s_2762m_355c_
https://lite-1x732673.top/en/block

0
0

540ms
539ms

Document
text/html

178.253.35.225

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x732673.top/en/block

Requested by

Host: mail.winline-cupis.com
URL: http://mail.winline-cupis.com/1x_dom/api.js

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

178.253.35.225 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://mail.winline-cupis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: none
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 16 May 2022 16:47:12 GMT
etag: "28fbb-P5p0h9kYR8BBwpRBzFsOzJQqjFo"
server: nginx
server-timing: total;dur=212;desc="Nuxt Server Time" dt_285;dur=221
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: User-Agent, Accept-Encoding

Redirect headers

date: Mon, 16 May 2022 16:47:11 GMT
location: /en/block
server: nginx
server-timing: total;dur=705;desc="Nuxt Server Time" dt_285;dur=764
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: User-Agent

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1x-xredbet910487.top/	1969-12-31 23:59:59	Name: SESSION Value: df2c75764a37aa68149c4a09dc85bda7
1x-xredbet910487.top/	1970-01-20 03:48:31	Name: lng Value: en
1x-xredbet910487.top/	1970-01-20 03:48:31	Name: flaglng Value: en
1x-xredbet910487.top/	1970-01-20 03:05:23	Name: _glhf Value: 1652737405
lite-1x732673.top/	1970-01-20 03:09:38	Name: platform_type Value: desktop
lite-1x732673.top/	1970-01-20 11:50:55	Name: auid Value: sv0j4WKCgA5gwRLaA0sNAg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x-xredbet910487.top
lite-1x732673.top
mail.winline-cupis.com
refpa9406700.top
178.253.34.136
178.253.35.11
178.253.35.225
45.82.71.17
66f6ee60fff3b2de82f69ad50b17e8cff44dbf776a57470d90611e7a1cfa14ce
a5f801e8db08f9cb42e1d240869226332e2449f6de54548bfb754782532213ba

mail.winline-cupis.com Open in urlscan Pro 45.82.71.17 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

4 Requests

25 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

2 IPs

2 Countries

7 kBTransfer

31 kBSize

6 Cookies

0 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

6 Cookies

Indicators

mail.winline-cupis.com Open in urlscan Pro
45.82.71.17 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

25 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

7 kB
Transfer

31 kB
Size

6
Cookies

4 HTTP transactions
0 data transactions