urlscan.io logo urlscan.io
SecurityTrails logo

www.xnlqs.mhaii.com Open in urlscan Pro
195.26.245.165  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.xnlqs.mhaii.com/
Submission: On June 09 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 19 HTTP transactions. The main IP is 195.26.245.165, located in Germany and belongs to NL-811-40021, US. The main domain is www.xnlqs.mhaii.com.
TLS certificate: Issued by R3 on May 23rd 2024. Valid for: 3 months.
This is the only time www.xnlqs.mhaii.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 195.26.245.165 40021 (NL-811-40021)
3 104.17.25.14 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 167.172.15.237 14061 (DIGITALOC...)
19 7
9    195.26.245.165 (Germany)

ASN40021 (NL-811-40021, US)
PTR: mhaii.com
www.xnlqs.mhaii.com
3    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700::6811:f5cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    167.172.15.237 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
location.rhapsodyofrealities.org
Apex Domain
Subdomains		 Transfer
9 mhaii.com
www.xnlqs.mhaii.com
220 KB
3 gstatic.com
fonts.gstatic.com
37 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 260
109 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1007
16 KB
1 rhapsodyofrealities.org
location.rhapsodyofrealities.org
635 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 354
20 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
861 B
19 7
Domain Requested by
9 www.xnlqs.mhaii.com www.xnlqs.mhaii.com
3 fonts.gstatic.com fonts.googleapis.com
3 cdnjs.cloudflare.com www.xnlqs.mhaii.com
cdnjs.cloudflare.com
2 unpkg.com 1 redirects www.xnlqs.mhaii.com
1 location.rhapsodyofrealities.org www.xnlqs.mhaii.com
1 cdn.jsdelivr.net www.xnlqs.mhaii.com
1 fonts.googleapis.com www.xnlqs.mhaii.com
19 7

This site contains no links.

Subject Issuer Validity Valid
xnlqs.mhaii.com
R3		 2024-05-23 -
2024-08-21		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
*.gstatic.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.rhapsodyofrealities.org
Go Daddy Secure Certificate Authority - G2		 2024-05-12 -
2025-06-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.xnlqs.mhaii.com/
Frame ID: 772819A116B7BB1847A05348C52325FC
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

xNLQs | Login/Registration

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • sweet(?:-)?alert(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /npm/sweetalert2@([\d.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

19
Requests

95 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

402 kB
Transfer

603 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://unpkg.com/sweetalert/dist/sweetalert.min.js HTTP 302
  • https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.xnlqs.mhaii.com/ 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xnlqs.mhaii.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.26.245.165 , Germany, ASN40021 (NL-811-40021, US),
Reverse DNS
mhaii.com
Software
Apache/2 /
Resource Hash
670467e5d770df8635fa1c1c330e8655064895709b1a1993872b1ef3cd75f891

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
2359
content-type
text/html; charset=UTF-8
date
Sun, 09 Jun 2024 07:29:29 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache/2
vary
Accept-Encoding,User-Agent
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.xnlqs.mhaii.com
URL: https://www.xnlqs.mhaii.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.xnlqs.mhaii.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 07:29:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
217369
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zZ0AMYc56cHjlZ6mkW0lfjC2%2BiMzS1yDqdcmZzwUorMvH4yN2H9Th%2BhetByJDuX2%2F2aTl45dvUGx%2FgtlQF6CR33GGIlpHjG%2FgrEFitTJnQS6ZWFXhu%2Bh1AobHLc33hQgknuryArJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
890f69333b1d386d-LHR
expires
Fri, 30 May 2025 07:29:30 GMT
css
fonts.googleapis.com/ 		2 KB
861 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,300,600
Requested by
Host: www.xnlqs.mhaii.com
URL: https://www.xnlqs.mhaii.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad20bd4a89727385f22a0be5ead5a8eafb97c9db6c8e63dcec2f60e1d3ba69b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.xnlqs.mhaii.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 09 Jun 2024 07:29:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 09 Jun 2024 07:29:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 09 Jun 2024 07:29:30 GMT
style.css
www.xnlqs.mhaii.com/views/login/assets/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xnlqs.mhaii.com/views/login/assets/css/style.css?v=0.92268800%201717918169
Requested by
Host: www.xnlqs.mhaii.com
URL: https://www.xnlqs.mhaii.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.26.245.165 , Germany, ASN40021 (NL-811-40021, US),
Reverse DNS
mhaii.com
Software
Apache/2 /
Resource Hash
03d377252a7b380c6cce7678f22bd7699049f2aa7823acb4f05ce71d68139035

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.xnlqs.mhaii.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 07:29:30 GMT
content-encoding
gzip
last-modified
Fri, 08 Dec 2023 10:19:15 GMT
server
Apache/2
etag
"1164-60bfcea8c6ec0-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
1372
logo.png
www.xnlqs.mhaii.com/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xnlqs.mhaii.com/logo.png?=%20microtime()%20?%3E
Requested by
Host: www.xnlqs.mhaii.com
URL: https://www.xnlqs.mhaii.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.26.245.165 , Germany, ASN40021 (NL-811-40021, US),
Reverse DNS
mhaii.com
Software
Apache/2 /
Resource Hash
2df0d714fca32775338d5fc26bc31658851211c649751f85b301ee3c128d65db

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.xnlqs.mhaii.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 07:29:30 GMT
last-modified
Wed, 06 Dec 2023 10:34:17 GMT
server
Apache/2
etag
"13d64-60bd4e4a11c40"
vary
User-Agent
content-type
image/png
accept-ranges
bytes
content-length
81252
loading-2.gif
www.xnlqs.mhaii.com/views/login/assets/images/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xnlqs.mhaii.com/views/login/assets/images/loading-2.gif
Requested by
Host: www.xnlqs.mhaii.com
URL: https://www.xnlqs.mhaii.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.26.245.165 , Germany, ASN40021 (NL-811-40021, US),
Reverse DNS
mhaii.com
Software
Apache/2 /
Resource Hash
2800b30e936037e0d68368b017574fcb147d64f5900059ae7812a86a49482ae4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.xnlqs.mhaii.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 07:29:30 GMT
last-modified
Wed, 22 Nov 2023 00:23:42 GMT
server
Apache/2
etag
"1f2ee-60ab2bb3c1f80"
vary
User-Agent
content-type
image/gif
accept-ranges
bytes
content-length
127726
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: www.xnlqs.mhaii.com
URL: https://www.xnlqs.mhaii.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.xnlqs.mhaii.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 07:29:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
212949
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
26660
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-14983"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aR1%2BB5WYbZuMaz0hSpAQ%2BU8o5OrfoCEC7y3iIwF85vRBZ8XqrbWFdKUMGIo%2F0S9pkh0qzf1%2Flxbmf9DHUvRIN6BcCDfkYNVdJ4iA1acjbk%2BF8I59sFGQDG1arcrUfKOewwcZaffP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
890f69333b20386d-LHR
expires
Fri, 30 May 2025 07:29:30 GMT
control.js
www.xnlqs.mhaii.com/views/login/assets/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xnlqs.mhaii.com/views/login/assets/js/control.js?v=0.92271800%201717918169
Requested by
Host: www.xnlqs.mhaii.com
URL: https://www.xnlqs.mhaii.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.26.245.165 , Germany, ASN40021 (NL-811-40021, US),
Reverse DNS
mhaii.com
Software
Apache/2 /
Resource Hash
9962a1d46846ee8e3f5c638e4c73dd724769667dce0089141cc8c396d2b21112

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.xnlqs.mhaii.com/
Origin
https://www.xnlqs.mhaii.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 07:29:30 GMT
content-encoding
gzip
last-modified
Thu, 21 Dec 2023 19:16:15 GMT
server
Apache/2
etag
"2006-60d09eef27dc0-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
1496
main.js
www.xnlqs.mhaii.com/views/login/assets/js/ 		19 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xnlqs.mhaii.com/views/login/assets/js/main.js?v=0.92271900%201717918169
Requested by
Host: www.xnlqs.mhaii.com
URL: https://www.xnlqs.mhaii.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.26.245.165 , Germany, ASN40021 (NL-811-40021, US),
Reverse DNS
mhaii.com
Software
Apache/2 /
Resource Hash
597623ce3600f64dc7d9ed28bfb9e2f6e3b7ce350d4ea00d446f9b4efd0315c9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.xnlqs.mhaii.com/
Origin
https://www.xnlqs.mhaii.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 07:29:30 GMT
content-encoding
gzip
last-modified
Tue, 28 May 2024 21:24:55 GMT
server
Apache/2
etag
"4bd1-6198a43e071be-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
3427
sweetalert2@10
cdn.jsdelivr.net/npm/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@10
Requested by
Host: www.xnlqs.mhaii.com
URL: https://www.xnlqs.mhaii.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5fa531e30ac3debad673003128f1ca9ad3c964ef17b547377e7ed09bd4504f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.xnlqs.mhaii.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 07:29:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
21770
x-jsd-version
10.16.11
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19321
x-served-by
cache-fra-etou8220022-FRA, cache-lga21923-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"11dc8-k2jefS6LDTNa26qxcRQ+MH7V+1Q"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U69zMbxtlPPVPivXORW11XwW5%2F1Oh21BH46ZJDsUNhMofIwQv%2Bqa9R1DX1SlsK%2FR0gJodNgBz2qOUYG8Tvgl%2FGM8j7%2Bl02TZlqSpF1rvg%2BmaiKPTWJnxfcTNTAOisosNKVyaDV5hxoey715hMGE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
890f6933afe5d178-LHR
sweetalert.min.js
unpkg.com/sweetalert@2.1.2/dist/
Redirect Chain
  • https://unpkg.com/sweetalert/dist/sweetalert.min.js
  • https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js
40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js
Requested by
Host: www.xnlqs.mhaii.com
URL: https://www.xnlqs.mhaii.com/
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.xnlqs.mhaii.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sun, 09 Jun 2024 07:29:30 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
6840361
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HSJ2YMWRGNN94DR1122P536Y-lhr
server
cloudflare
etag
"9f68-Kj2qvHAjLGNQq0jTJgXcSmrB8fo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
890f69340e4f7192-LHR

Redirect headers

date
Sun, 09 Jun 2024 07:29:30 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01HZXY2QPPDBNHWW87E9KZ95A7-lhr
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
368
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/sweetalert@2.1.2/dist/sweetalert.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
890f6933ae0e7192-LHR
NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v17/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v17/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,300,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.xnlqs.mhaii.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 20:54:43 GMT
x-content-type-options
nosniff
age
470087
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12372
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:30:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Jun 2025 20:54:43 GMT
NaPDcZTIAOhVxoMyOr9n_E7ffGjEGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v17/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v17/NaPDcZTIAOhVxoMyOr9n_E7ffGjEGItzYw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,300,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d14d732f8caf915919ff661157edc3456a85f408b7a3c5ee1e21357e7df07e1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.xnlqs.mhaii.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 18:52:53 GMT
x-content-type-options
nosniff
age
131797
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12384
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:03:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 18:52:53 GMT
NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v17/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v17/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,300,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://www.xnlqs.mhaii.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:18:27 GMT
x-content-type-options
nosniff
age
205863
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12136
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:07:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Jun 2025 22:18:27 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.xnlqs.mhaii.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 07:29:30 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
221226
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3EWmZsSG7oj6EfEv7Pd0Ht1Rt%2BUIS%2FZL4FBZ%2BLP%2BWb0oXxaEeCJcbNbPkFvm6eZDVFIks99kDxy6YfMAj%2F3EAHNo8kaYbTlRZ9Y6Iw9GOETLvs6NRMxjoBIjOfzFOuGnbfLY%2FJBM"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
890f69364b508868-LHR
expires
Fri, 30 May 2025 07:29:30 GMT
config.js
www.xnlqs.mhaii.com/views/login/assets/js/ 		979 B
527 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xnlqs.mhaii.com/views/login/assets/js/config.js?v=0.1.1
Requested by
Host: www.xnlqs.mhaii.com
URL: https://www.xnlqs.mhaii.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.26.245.165 , Germany, ASN40021 (NL-811-40021, US),
Reverse DNS
mhaii.com
Software
Apache/2 /
Resource Hash
c9974d08c7173d4c8f10f082f92e353686e854a08aab45db2382b7eadff8ef47

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.xnlqs.mhaii.com/views/login/assets/js/main.js?v=0.92271900%201717918169
Origin
https://www.xnlqs.mhaii.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 07:29:30 GMT
content-encoding
gzip
last-modified
Fri, 15 Dec 2023 09:45:52 GMT
server
Apache/2
etag
"3d3-60c89440cb400-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
450
utilities.js
www.xnlqs.mhaii.com/views/login/assets/js/ 		2 KB
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xnlqs.mhaii.com/views/login/assets/js/utilities.js?v=1.1.7
Requested by
Host: www.xnlqs.mhaii.com
URL: https://www.xnlqs.mhaii.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.26.245.165 , Germany, ASN40021 (NL-811-40021, US),
Reverse DNS
mhaii.com
Software
Apache/2 /
Resource Hash
38796b91c8480dc8d80833dd1b64a50725abe435b52924bc73f69effc4101f03

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.xnlqs.mhaii.com/views/login/assets/js/main.js?v=0.92271900%201717918169
Origin
https://www.xnlqs.mhaii.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 07:29:30 GMT
content-encoding
gzip
last-modified
Thu, 02 Nov 2023 09:38:06 GMT
server
Apache/2
etag
"811-609282518fb80-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
890
82.199.130.37
location.rhapsodyofrealities.org/ 		214 B
635 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://location.rhapsodyofrealities.org/82.199.130.37
Requested by
Host: www.xnlqs.mhaii.com
URL: https://www.xnlqs.mhaii.com/views/login/assets/js/main.js?v=0.92271900%201717918169
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.172.15.237 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/7.2.34 /
Resource Hash
3b7f2534a1ae99dd35277f9647ba4904a5060476dac09d242ab2fe914b33387f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.xnlqs.mhaii.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 07:29:31 GMT
server
Apache/2.4.6 (CentOS) PHP/7.2.34
access-control-max-age
86400
vary
User-Agent
content-type
application/json
access-control-allow-origin
https://www.xnlqs.mhaii.com
cache-control
private
access-control-allow-credentials
true
content-length
214
favicon.ico
www.xnlqs.mhaii.com/ 		15 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.xnlqs.mhaii.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.26.245.165 , Germany, ASN40021 (NL-811-40021, US),
Reverse DNS
mhaii.com
Software
Apache/2 /
Resource Hash
a22acbfa64eedef84d5acfcce7566bf27c558b27054991f6186db8620827b8bd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.xnlqs.mhaii.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 07:29:30 GMT
content-encoding
gzip
last-modified
Wed, 06 Dec 2023 10:34:19 GMT
server
Apache/2
etag
"3aee-60bd4e4bfa0c0-gzip"
vary
Accept-Encoding,User-Agent
content-type
image/x-icon
accept-ranges
bytes
content-length
5062

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| setImmediate function| clearImmediate string| loc string| locale

3 Cookies

Domain/Path Name / Value
www.xnlqs.mhaii.com/ Name: PHPSESSID
Value: 18f2jbsqoestj5vm2ksl65a97b
www.xnlqs.mhaii.com/ Name: _BIOGPT_IPAUTH
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE3MTc5MTgxNjksImp0aSI6ImNNam5qYlhMdWNGdzQwUmJQM2ZEMlE9PSIsImlzcyI6ImJpb25scXMuZGVsbGF0b3JyZWZvb3RiYWxsYWNhZGVteS5jb20iLCJuYmYiOjE3MTc5MTgxNjksImV4cCI6MTcxNzkyMDg2OSwiZGF0YSI6eyJ2YWx1ZSI6IjgyLjE5OS4xMzAuMzcifX0.OOJOf5gzJiZyI1UktgURwDkTt77hXJ02fKn9mOnCTiE
www.xnlqs.mhaii.com/ Name: locale
Value: United Kingdom of Great Britain and Northern Ireland

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://www.xnlqs.mhaii.com/
Message:
[DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
location.rhapsodyofrealities.org
unpkg.com
www.xnlqs.mhaii.com
104.17.25.14
167.172.15.237
195.26.245.165
2606:4700::6811:f5cb
2606:4700::6812:bb1f
2a00:1450:4001:803::200a
2a00:1450:4001:81d::2003
03d377252a7b380c6cce7678f22bd7699049f2aa7823acb4f05ce71d68139035
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
2800b30e936037e0d68368b017574fcb147d64f5900059ae7812a86a49482ae4
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d5fa531e30ac3debad673003128f1ca9ad3c964ef17b547377e7ed09bd4504f
2df0d714fca32775338d5fc26bc31658851211c649751f85b301ee3c128d65db
38796b91c8480dc8d80833dd1b64a50725abe435b52924bc73f69effc4101f03
3b7f2534a1ae99dd35277f9647ba4904a5060476dac09d242ab2fe914b33387f
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
597623ce3600f64dc7d9ed28bfb9e2f6e3b7ce350d4ea00d446f9b4efd0315c9
670467e5d770df8635fa1c1c330e8655064895709b1a1993872b1ef3cd75f891
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
9962a1d46846ee8e3f5c638e4c73dd724769667dce0089141cc8c396d2b21112
a22acbfa64eedef84d5acfcce7566bf27c558b27054991f6186db8620827b8bd
ad20bd4a89727385f22a0be5ead5a8eafb97c9db6c8e63dcec2f60e1d3ba69b2
c9974d08c7173d4c8f10f082f92e353686e854a08aab45db2382b7eadff8ef47
d14d732f8caf915919ff661157edc3456a85f408b7a3c5ee1e21357e7df07e1a
dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c