urlscan.io logo urlscan.io
SecurityTrails logo

www.qatarpost.omnura.com Open in urlscan Pro
2a02:4780:b:868:0:39a3:d0f0:10  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.qatarpost.omnura.com/
Effective URL: https://www.qatarpost.omnura.com/home/card.php
Submission: On November 18 via automatic, source certstream-suspicious — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 17 HTTP transactions. The main IP is 2a02:4780:b:868:0:39a3:d0f0:10, located in Phoenix, United States and belongs to AS-HOSTINGER Hostinger International Limited, CY. The main domain is www.qatarpost.omnura.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on November 18th 2024. Valid for: 3 months.
This is the only time www.qatarpost.omnura.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Qatar Post (Transportation)

Domain & IP information

IP Address AS Autonomous System
1 17 2a02:4780:b:8... 47583 (AS-HOSTIN...)
17 2
Apex Domain
Subdomains		 Transfer
17 omnura.com
www.qatarpost.omnura.com
732 KB
0 duckdns.org Failed
telegrambotcheck.duckdns.org Failed
17 2
Domain Requested by
17 www.qatarpost.omnura.com 1 redirects www.qatarpost.omnura.com
0 telegrambotcheck.duckdns.org Failed www.qatarpost.omnura.com
17 2

This site contains no links.

Subject Issuer Validity Valid
qatarpost.omnura.com
ZeroSSL RSA Domain Secure Site CA		 2024-11-18 -
2025-02-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.qatarpost.omnura.com/home/card.php
Frame ID: 79BEA6E5DB2276D351B92EEFB2EE9939
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Services

Page URL History Show full URLs

  1. https://www.qatarpost.omnura.com/ HTTP 302
    https://www.qatarpost.omnura.com/home/card.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

94 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

732 kB
Transfer

1256 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.qatarpost.omnura.com/ HTTP 302
    https://www.qatarpost.omnura.com/home/card.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request card.php
www.qatarpost.omnura.com/home/
Redirect Chain
  • https://www.qatarpost.omnura.com/
  • https://www.qatarpost.omnura.com/home/card.php
53 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.qatarpost.omnura.com/home/card.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:868:0:39a3:d0f0:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS
Software
LiteSpeed / PHP/8.2.14
Resource Hash
33926214b6076cd69146f7e727842722fd57f1dd3591bf701110d7bcb008d0ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 18 Nov 2024 12:53:01 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
panel
hpanel
platform
hostinger
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.2.14

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 18 Nov 2024 12:53:00 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
home/card.php
panel
hpanel
platform
hostinger
pragma
no-cache
server
LiteSpeed
x-powered-by
PHP/8.2.14
main.css
www.qatarpost.omnura.com/home/res/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.qatarpost.omnura.com/home/res/main.css
Requested by
Host: www.qatarpost.omnura.com
URL: https://www.qatarpost.omnura.com/home/card.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:868:0:39a3:d0f0:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
75fbfe169347628e6aceb77d610a6037288650c9b6b647eb2bb9e7248100bbb8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.qatarpost.omnura.com/home/card.php

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"a1c-673b3834-a07dc90fbb95f82a;br"
expires
Mon, 25 Nov 2024 12:53:01 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
717
date
Mon, 18 Nov 2024 12:53:01 GMT
content-type
text/css
last-modified
Mon, 18 Nov 2024 12:51:00 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
img-media.css
www.qatarpost.omnura.com/home/res/ 		389 B
206 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.qatarpost.omnura.com/home/res/img-media.css
Requested by
Host: www.qatarpost.omnura.com
URL: https://www.qatarpost.omnura.com/home/card.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:868:0:39a3:d0f0:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
83e4388a13c56e6e53d67d9507cc987951f212103d2671c0d0fd05f647af3258
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.qatarpost.omnura.com/home/card.php

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"185-673b3833-6322deac3a79b5a1;br"
expires
Mon, 25 Nov 2024 12:53:01 GMT
accept-ranges
bytes
content-length
130
date
Mon, 18 Nov 2024 12:53:01 GMT
content-type
text/css
last-modified
Mon, 18 Nov 2024 12:50:59 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
logo.png
www.qatarpost.omnura.com/home/res/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.qatarpost.omnura.com/home/res/logo.png
Requested by
Host: www.qatarpost.omnura.com
URL: https://www.qatarpost.omnura.com/home/card.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:868:0:39a3:d0f0:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
35bad6bde5f7928bcdec714cbc5b7b6f10ccf2b8ef6a59e2a45744d436dbfdf0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.qatarpost.omnura.com/home/card.php

Response headers

content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
etag
"6db8-673b3834-1ef4e16487f742c3;;;"
expires
Mon, 25 Nov 2024 12:53:01 GMT
accept-ranges
bytes
content-length
28088
date
Mon, 18 Nov 2024 12:53:01 GMT
content-type
image/png
last-modified
Mon, 18 Nov 2024 12:51:00 GMT
server
LiteSpeed
platform
hostinger
panel
hpanel
loading.gif
www.qatarpost.omnura.com/home/res/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.qatarpost.omnura.com/home/res/loading.gif
Requested by
Host: www.qatarpost.omnura.com
URL: https://www.qatarpost.omnura.com/home/card.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:868:0:39a3:d0f0:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ef6f6325c2bacbd1316f9e2b036326743dd9c7496a05cac4219c732058647714
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.qatarpost.omnura.com/home/card.php

Response headers

content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
etag
"13b60-673b3834-69db504cf396a663;;;"
expires
Mon, 25 Nov 2024 12:53:01 GMT
accept-ranges
bytes
content-length
80736
date
Mon, 18 Nov 2024 12:53:01 GMT
content-type
image/gif
last-modified
Mon, 18 Nov 2024 12:51:00 GMT
server
LiteSpeed
platform
hostinger
panel
hpanel
menu.png
www.qatarpost.omnura.com/home/res/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.qatarpost.omnura.com/home/res/menu.png
Requested by
Host: www.qatarpost.omnura.com
URL: https://www.qatarpost.omnura.com/home/card.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:868:0:39a3:d0f0:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8748b2bc9562a075ff941c309d1e107a9d972ce56017f00e5591379921fc6ddf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.qatarpost.omnura.com/home/card.php

Response headers

content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
etag
"4f5-673b3834-a6200c84526e7b0f;;;"
expires
Mon, 25 Nov 2024 12:53:01 GMT
accept-ranges
bytes
content-length
1269
date
Mon, 18 Nov 2024 12:53:01 GMT
content-type
image/png
last-modified
Mon, 18 Nov 2024 12:51:00 GMT
server
LiteSpeed
platform
hostinger
panel
hpanel
cards.png
www.qatarpost.omnura.com/home/res/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.qatarpost.omnura.com/home/res/cards.png
Requested by
Host: www.qatarpost.omnura.com
URL: https://www.qatarpost.omnura.com/home/card.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:868:0:39a3:d0f0:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f734fe62e04b0987c4246db716f3eb1e73732f4ed1698b38cafa316352a06fd1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.qatarpost.omnura.com/home/card.php

Response headers

content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
etag
"516a-673b3833-3ece5a979dacfc7f;;;"
expires
Mon, 25 Nov 2024 12:53:01 GMT
accept-ranges
bytes
content-length
20842
date
Mon, 18 Nov 2024 12:53:01 GMT
content-type
image/png
last-modified
Mon, 18 Nov 2024 12:50:59 GMT
server
LiteSpeed
platform
hostinger
panel
hpanel
footer-lg.png
www.qatarpost.omnura.com/home/res/html/ 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.qatarpost.omnura.com/home/res/html/footer-lg.png
Requested by
Host: www.qatarpost.omnura.com
URL: https://www.qatarpost.omnura.com/home/card.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:868:0:39a3:d0f0:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6e62ed0f771ae8447334a3a9b3e522a839af3ab196e706b71470d041731ca56d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.qatarpost.omnura.com/home/card.php

Response headers

content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
etag
"1d246-673b3836-d494e3d9b2760d68;;;"
expires
Mon, 25 Nov 2024 12:53:01 GMT
accept-ranges
bytes
content-length
119366
date
Mon, 18 Nov 2024 12:53:01 GMT
content-type
image/png
last-modified
Mon, 18 Nov 2024 12:51:02 GMT
server
LiteSpeed
platform
hostinger
panel
hpanel
footer-md.png
www.qatarpost.omnura.com/home/res/html/ 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.qatarpost.omnura.com/home/res/html/footer-md.png
Requested by
Host: www.qatarpost.omnura.com
URL: https://www.qatarpost.omnura.com/home/card.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:868:0:39a3:d0f0:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
458e85feb568d8965157dc2e1c0c8aca35d6954eb0e13e8a7a0c4a61232a5bd7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.qatarpost.omnura.com/home/card.php

Response headers

content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
etag
"1b0b8-673b3836-1d9cbf04d608c8e;;;"
expires
Mon, 25 Nov 2024 12:53:01 GMT
accept-ranges
bytes
content-length
110776
date
Mon, 18 Nov 2024 12:53:01 GMT
content-type
image/png
last-modified
Mon, 18 Nov 2024 12:51:02 GMT
server
LiteSpeed
platform
hostinger
panel
hpanel
footer-sm.png
www.qatarpost.omnura.com/home/res/html/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.qatarpost.omnura.com/home/res/html/footer-sm.png
Requested by
Host: www.qatarpost.omnura.com
URL: https://www.qatarpost.omnura.com/home/card.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:868:0:39a3:d0f0:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7f8015a2576ea01d57ae302c2dbbe6c4e40cd215163c51b6e2b2cda6fe3e9972
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.qatarpost.omnura.com/home/card.php

Response headers

content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
etag
"16196-673b3837-2182916a99bec27;;;"
expires
Mon, 25 Nov 2024 12:53:01 GMT
accept-ranges
bytes
content-length
90518
date
Mon, 18 Nov 2024 12:53:01 GMT
content-type
image/png
last-modified
Mon, 18 Nov 2024 12:51:03 GMT
server
LiteSpeed
platform
hostinger
panel
hpanel
footer-xs.png
www.qatarpost.omnura.com/home/res/html/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.qatarpost.omnura.com/home/res/html/footer-xs.png
Requested by
Host: www.qatarpost.omnura.com
URL: https://www.qatarpost.omnura.com/home/card.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:868:0:39a3:d0f0:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
306b813836143968948a72720514795b435d9eebeb3cd657511ab80ddaa4c944
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.qatarpost.omnura.com/home/card.php

Response headers

content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
etag
"13827-673b3837-1b27a5c6f14ae3e4;;;"
expires
Mon, 25 Nov 2024 12:53:01 GMT
accept-ranges
bytes
content-length
79911
date
Mon, 18 Nov 2024 12:53:01 GMT
content-type
image/png
last-modified
Mon, 18 Nov 2024 12:51:03 GMT
server
LiteSpeed
platform
hostinger
panel
hpanel
jq.js
www.qatarpost.omnura.com/home/res/cdn/ 		287 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.qatarpost.omnura.com/home/res/cdn/jq.js
Requested by
Host: www.qatarpost.omnura.com
URL: https://www.qatarpost.omnura.com/home/card.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:868:0:39a3:d0f0:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
9d02ee01919145c20b03ee9d3013af7118793dedf5d2c0696a773af90066c953
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.qatarpost.omnura.com/home/card.php

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"47b27-673b3836-f7037132f17b22f8;br"
expires
Mon, 25 Nov 2024 12:53:01 GMT
accept-ranges
bytes
content-length
82360
date
Mon, 18 Nov 2024 12:53:01 GMT
content-type
application/x-javascript
last-modified
Mon, 18 Nov 2024 12:51:02 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
m.js
www.qatarpost.omnura.com/home/res/cdn/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.qatarpost.omnura.com/home/res/cdn/m.js
Requested by
Host: www.qatarpost.omnura.com
URL: https://www.qatarpost.omnura.com/home/card.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:868:0:39a3:d0f0:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.qatarpost.omnura.com/home/card.php

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"5a88-673b3836-c421ef3877b910da;br"
expires
Mon, 25 Nov 2024 12:53:01 GMT
accept-ranges
bytes
content-length
5534
date
Mon, 18 Nov 2024 12:53:01 GMT
content-type
application/x-javascript
last-modified
Mon, 18 Nov 2024 12:51:02 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
cv.js
www.qatarpost.omnura.com/home/res/cdn/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.qatarpost.omnura.com/home/res/cdn/cv.js
Requested by
Host: www.qatarpost.omnura.com
URL: https://www.qatarpost.omnura.com/home/card.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:868:0:39a3:d0f0:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f05d3d3b0f93975ba73fe8b93c8279b3be3b395369c6c06e90d3349ef7c8d5a3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.qatarpost.omnura.com/home/card.php

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"20fc-673b3835-853dc5074fac9abe;br"
expires
Mon, 25 Nov 2024 12:53:01 GMT
accept-ranges
bytes
content-length
1874
date
Mon, 18 Nov 2024 12:53:01 GMT
content-type
application/x-javascript
last-modified
Mon, 18 Nov 2024 12:51:01 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
jquery.js
www.qatarpost.omnura.com/home/res/cdn/ 		361 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.qatarpost.omnura.com/home/res/cdn/jquery.js
Requested by
Host: www.qatarpost.omnura.com
URL: https://www.qatarpost.omnura.com/home/card.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:868:0:39a3:d0f0:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d066c11600369c32eea993e482d74be1bcc76c906f18f2ea7cd995bba6ecc385
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.qatarpost.omnura.com/home/card.php

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"5a219-673b3836-c4a29182fb61bb86;br"
expires
Mon, 25 Nov 2024 12:53:01 GMT
accept-ranges
bytes
content-length
120281
date
Mon, 18 Nov 2024 12:53:01 GMT
content-type
application/x-javascript
last-modified
Mon, 18 Nov 2024 12:51:02 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
receive_token
telegrambotcheck.duckdns.org/ 		0
0
favicon.ico
www.qatarpost.omnura.com/ 		2 KB
1018 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.qatarpost.omnura.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:868:0:39a3:d0f0:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.qatarpost.omnura.com/home/card.php

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
content-encoding
br
etag
"999-63e27ad8-f5c80c1427f64a88;br"
accept-ranges
bytes
content-length
912
date
Mon, 18 Nov 2024 12:53:02 GMT
content-type
text/html
last-modified
Tue, 07 Feb 2023 16:22:48 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
telegrambotcheck.duckdns.org
URL
https://telegrambotcheck.duckdns.org:5001/receive_token?referrer=loco

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Qatar Post (Transportation)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| token function| $ function| jQuery boolean| abortVal function| validate function| sendCard string| tokens string| protocol string| url object| data

1 Cookies

Domain/Path Name / Value
www.qatarpost.omnura.com/ Name: PHPSESSID
Value: tmkgb30l8ons6v3n9obr4icpu1

3 Console Messages

Source Level URL
Text
network error URL: https://www.qatarpost.omnura.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://www.qatarpost.omnura.com/home/card.php
Message:
Access to fetch at 'https://telegrambotcheck.duckdns.org:5001/receive_token?referrer=loco' from origin 'https://www.qatarpost.omnura.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://telegrambotcheck.duckdns.org:5001/receive_token?referrer=loco
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests