gmail-alias.sieu.win

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 139.99.56.146, located in Singapore, Singapore and belongs to OVH, FR. The main domain is gmail-alias.sieu.win.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 15th 2019. Valid for: 3 months.

This is the only time gmail-alias.sieu.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	139.99.56.146 139.99.56.146	16276 (OVH) (OVH)
1	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
3	23.111.9.35 23.111.9.35	12989 (HWNG) (HWNG)
7	3

3 139.99.56.146 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: 146.ip-139-99-56.eu

gmail-alias.sieu.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.9.35 (Phoenix, United States)

ASN12989 (HWNG, NL)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	fontawesome.com use.fontawesome.com	120 KB
3	sieu.win gmail-alias.sieu.win	4 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	20 KB
7	3

	Domain	Requested by
3	use.fontawesome.com	gmail-alias.sieu.win
3	gmail-alias.sieu.win	gmail-alias.sieu.win
1	maxcdn.bootstrapcdn.com	gmail-alias.sieu.win
7	3

This site contains links to these domains. Also see Links.

Domain
sieu.win

Subject Issuer	Validity	Valid
gmail-alias.sieu.win Let's Encrypt Authority X3	`2019-02-15` - `2019-05-16`	3 months	crt.sh
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-10-03` - `2019-10-12`	a year	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2018-09-17` - `2019-11-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://gmail-alias.sieu.win/
Frame ID: 3296A4F67FD4DBB06E2198A384DDA2E8
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

144 kB
Transfer

297 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://sieu.win/
Title: Sieu.Win

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response gmail-alias.sieu.win/	2 KB 1 KB	693ms 166ms	Document text/html	139.99.56.146 OVH
General Check archive.org Show headers Download Go to Full URL https://gmail-alias.sieu.win/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.56.146 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS 146.ip-139-99-56.eu Software nginx / PHP/5.6.38 Resource Hash `a5a5676a297a1037d4c0c4d4802c56e6598df033e7217cbdaf1c918c0a3eb529` Request headers Host gmail-alias.sieu.win Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Server nginx Date Fri, 15 Feb 2019 06:12:25 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=60 X-Powered-By PHP/5.6.38 Content-Encoding gzip
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/	141 KB 20 KB	142ms 97ms	Stylesheet text/css	209.197.3.15 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css Requested by Host: gmail-alias.sieu.win URL: https://gmail-alias.sieu.win/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS vip0x00f.map2.ssl.hwcdn.net Software / Resource Hash `2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://gmail-alias.sieu.win/ Origin https://gmail-alias.sieu.win Response headers date Fri, 15 Feb 2019 06:12:26 GMT content-encoding gzip last-modified Wed, 12 Dec 2018 18:34:10 GMT access-control-allow-origin * etag "1544639650" vary Accept-Encoding x-cache HIT content-type text/css; charset=utf-8 status 200 cache-control public, max-age=31536000 x-hello-human Say hello back! @getBootstrapCDN on Twitter accept-ranges bytes timing-allow-origin * content-length 20563
GET H2	200	all.css use.fontawesome.com/releases/v5.0.13/css/	40 KB 10 KB	36ms 11ms	Stylesheet text/css	23.111.9.35 HWNG
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.0.13/css/all.css Requested by Host: gmail-alias.sieu.win URL: https://gmail-alias.sieu.win/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.9.35 Phoenix, United States, ASN12989 (HWNG, NL), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash `43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://gmail-alias.sieu.win/ Origin https://gmail-alias.sieu.win Response headers date Fri, 15 Feb 2019 06:12:25 GMT content-encoding gzip last-modified Thu, 10 May 2018 15:10:14 GMT server NetDNA-cache/2.2 access-control-allow-origin * etag W/"d61bfe9b56c13ecff5313ee3abb45e8b" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type text/css status 200 access-control-max-age 3000 cache-control max-age=31556926 x-cache HIT
GET H/1.1	200 OK	FileSaver.js Show response gmail-alias.sieu.win/	4 KB 2 KB	160ms 158ms	Script application/javascript	139.99.56.146 OVH
General Check archive.org Show headers Download Go to Full URL https://gmail-alias.sieu.win/FileSaver.js Requested by Host: gmail-alias.sieu.win URL: https://gmail-alias.sieu.win/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.56.146 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS 146.ip-139-99-56.eu Software nginx / Resource Hash `8887a97317955b3f0d7837138d6325dda85b65dbb77a3daaf690d435b61f31cc` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host gmail-alias.sieu.win User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://gmail-alias.sieu.win/ Connection keep-alive Cache-Control no-cache Referer https://gmail-alias.sieu.win/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 15 Feb 2019 06:12:25 GMT Content-Encoding gzip Last-Modified Fri, 15 Feb 2019 04:21:46 GMT Server nginx ETag W/"5c663e5a-f13" Transfer-Encoding chunked Content-Type application/javascript Cache-Control max-age=315360000 Connection keep-alive Keep-Alive timeout=60 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	trick.js Show response gmail-alias.sieu.win/	1 KB 881 B	317ms 157ms	Script application/javascript	139.99.56.146 OVH
General Check archive.org Show headers Download Go to Full URL https://gmail-alias.sieu.win/trick.js Requested by Host: gmail-alias.sieu.win URL: https://gmail-alias.sieu.win/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 139.99.56.146 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS 146.ip-139-99-56.eu Software nginx / Resource Hash `ebdd4f21e68d36cbf24f68b85e0dd5ff048385edb476870e6d2a03175a63eb01` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host gmail-alias.sieu.win User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://gmail-alias.sieu.win/ Connection keep-alive Cache-Control no-cache Referer https://gmail-alias.sieu.win/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 15 Feb 2019 06:12:25 GMT Content-Encoding gzip Last-Modified Fri, 15 Feb 2019 04:21:46 GMT Server nginx ETag W/"5c663e5a-4e6" Transfer-Encoding chunked Content-Type application/javascript Cache-Control max-age=315360000 Connection keep-alive Keep-Alive timeout=60 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	fa-brands-400.woff2 use.fontawesome.com/releases/v5.0.13/webfonts/	60 KB 60 KB	9ms 8ms	Font font/woff2	23.111.9.35 HWNG
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-brands-400.woff2 Requested by Host: gmail-alias.sieu.win URL: https://gmail-alias.sieu.win/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.9.35 Phoenix, United States, ASN12989 (HWNG, NL), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash `1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://use.fontawesome.com/releases/v5.0.13/css/all.css Origin https://gmail-alias.sieu.win Response headers date Fri, 15 Feb 2019 06:12:26 GMT last-modified Thu, 10 May 2018 15:10:25 GMT server NetDNA-cache/2.2 access-control-allow-origin * etag "3654744dc6d6c37c9b3582b57622df5e" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type font/woff2 status 200 access-control-max-age 3000 cache-control max-age=31556926 x-cache HIT accept-ranges bytes content-length 61336
GET H2	200	fa-solid-900.woff2 use.fontawesome.com/releases/v5.0.13/webfonts/	49 KB 50 KB	22ms 21ms	Font font/woff2	23.111.9.35 HWNG
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-solid-900.woff2 Requested by Host: gmail-alias.sieu.win URL: https://gmail-alias.sieu.win/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.9.35 Phoenix, United States, ASN12989 (HWNG, NL), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash `cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://use.fontawesome.com/releases/v5.0.13/css/all.css Origin https://gmail-alias.sieu.win Response headers date Fri, 15 Feb 2019 06:12:26 GMT last-modified Thu, 10 May 2018 15:10:31 GMT server NetDNA-cache/2.2 access-control-allow-origin * etag "8a8c0474283e0d9ef41743e5e486bf05" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type font/woff2 status 200 access-control-max-age 3000 cache-control max-age=31556926 x-cache HIT accept-ranges bytes content-length 50372

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gmail-alias.sieu.win
maxcdn.bootstrapcdn.com
use.fontawesome.com
139.99.56.146
209.197.3.15
23.111.9.35
1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
8887a97317955b3f0d7837138d6325dda85b65dbb77a3daaf690d435b61f31cc
a5a5676a297a1037d4c0c4d4802c56e6598df033e7217cbdaf1c918c0a3eb529
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
ebdd4f21e68d36cbf24f68b85e0dd5ff048385edb476870e6d2a03175a63eb01

gmail-alias.sieu.win Open in urlscan Pro 139.99.56.146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

144 kBTransfer

297 kBSize

0 Cookies

1 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

Indicators

gmail-alias.sieu.win Open in urlscan Pro
139.99.56.146 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

144 kB
Transfer

297 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions