app-qmail.top Open in urlscan Pro
104.21.81.228 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app-qmail.top/en-us/?desktop==&ip=2001:550:1d05:1::8&key=KSbBMpRdsSvMcCmTRHSEHfVRnCpamTBnYbbPzEcMvRuouelTLRKHg...
Submission: On March 25 via api (March 25th 2024, 3:15:24 pm UTC) from US — Scanned from US

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 21 HTTP transactions. The main IP is 104.21.81.228, located in and belongs to CLOUDFLARENET, US. The main domain is app-qmail.top.
TLS certificate: Issued by GTS CA 1P5 on March 24th 2024. Valid for: 3 months.

This is the only time app-qmail.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 8	104.21.81.228 104.21.81.228	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80b::200a	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
6	2606:4700:303... 2606:4700:3032::ac43:a568	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	7

8 104.21.81.228 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

app-qmail.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3032::ac43:a568 (United States)

ASN13335 (CLOUDFLARENET, US)

app-qmail.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	app-qmail.top 1 redirects app-qmail.top	16 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 437	76 KB
2	gstatic.com fonts.gstatic.com	32 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1217	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
21	5

	Domain	Requested by
14	app-qmail.top	1 redirects app-qmail.top code.jquery.com
3	cdn.jsdelivr.net	app-qmail.top
2	fonts.gstatic.com	fonts.googleapis.com
1	code.jquery.com	app-qmail.top
1	fonts.googleapis.com	app-qmail.top
21	5

This site contains no links.

Subject Issuer	Validity	Valid
app-qmail.top GTS CA 1P5	`2024-03-24` - `2024-06-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://app-qmail.top/en-us/?desktop==&ip=2001:550:1d05:1::8&key=KSbBMpRdsSvMcCmTRHSEHfVRnCpamTBnYbbPzEcMvRuouelTLRKHgoVeawYR
Frame ID: 6E8567C0C86D4B0093958BDBFC528264
Requests: 19 HTTP requests in this frame

Frame: https://app-qmail.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Frame ID: B923BBB91EF0944A090B80E93D1B4919
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gmail

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

21
Requests

90 %
HTTPS

83 %
IPv6

5
Domains

5
Subdomains

7
IPs

2
Countries

155 kB
Transfer

519 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://app-qmail.top/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://app-qmail.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
app-qmail.top/en-us/ 17 KB
6 KB 2579ms
258ms Document
text/html 104.21.81.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app-qmail.top/en-us/?desktop==&ip=2001:550:1d05:1::8&key=KSbBMpRdsSvMcCmTRHSEHfVRnCpamTBnYbbPzEcMvRuouelTLRKHgoVeawYR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d61bb88ccef60190391f456c9afd2270667d82c2f020a9511aa3cbc54179370

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 869fdb019bc536b5-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 25 Mar 2024 15:15:17 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IBGVNB7gyTdPjBD%2BJWL3ql72Wb42K0z71u%2F36ShTme5tGPk3JIlzMKH7rK6LszD%2BYRtLfQhTuncJTSeeL3dKAJKJYxScQPdaP6IAUQ9UZawrIeOYgHl1mQfGtPy8Z27M"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 154ms
58ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: app-qmail.top
URL: https://app-qmail.top/en-us/?desktop==&ip=2001:550:1d05:1::8&key=KSbBMpRdsSvMcCmTRHSEHfVRnCpamTBnYbbPzEcMvRuouelTLRKHgoVeawYR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://app-qmail.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Mar 2024 15:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Mar 2024 14:04:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Mar 2024 15:15:17 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/ 227 KB
35 KB 115ms
30ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css

Requested by

Host: app-qmail.top
URL: https://app-qmail.top/en-us/?desktop==&ip=2001:550:1d05:1::8&key=KSbBMpRdsSvMcCmTRHSEHfVRnCpamTBnYbbPzEcMvRuouelTLRKHgoVeawYR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app-qmail.top/
Origin: https://app-qmail.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Mar 2024 15:15:17 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2500845
x-jsd-version: 5.3.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 34902
x-served-by: cache-fra-etou8220083-FRA, cache-lga21968-LGA
x-jsd-version-type: version
etag: W/"38df4-HxOZgbm0enZu+gphu3ito1HxbEs"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/ 59 KB
17 KB 126ms
41ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.min.js

Requested by

Host: app-qmail.top
URL: https://app-qmail.top/en-us/?desktop==&ip=2001:550:1d05:1::8&key=KSbBMpRdsSvMcCmTRHSEHfVRnCpamTBnYbbPzEcMvRuouelTLRKHgoVeawYR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9bcd4d0f29dc6556ebeeff44eaa0965f0c7f7308ee58394708cce2f698cca1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app-qmail.top/
Origin: https://app-qmail.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Mar 2024 15:15:17 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4786748
x-jsd-version: 5.2.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17319
x-served-by: cache-fra-eddf8230041-FRA, cache-lga21968-LGA
x-jsd-version-type: version
etag: W/"ebf4-hH3/iZtbz47kNOOJ4qkQuh26128"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery-3.6.4.min.js Show response
code.jquery.com/ 88 KB
31 KB 125ms
30ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.4.min.js
Requested by: Host: app-qmail.top
URL: https://app-qmail.top/en-us/?desktop==&ip=2001:550:1d05:1::8&key=KSbBMpRdsSvMcCmTRHSEHfVRnCpamTBnYbbPzEcMvRuouelTLRKHgoVeawYR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

Referer: https://app-qmail.top/
Origin: https://app-qmail.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 15:15:17 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 16577518
x-cache: HIT, HIT
content-length: 31011
x-served-by: cache-lga21953-LGA, cache-nyc-kteb1890036-NYC
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1711379718.743129,VS0,VE0
etag: W/"28feccc0-15ec3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 140, 31951

GET
H2 200 dados_comando.js Show response
app-qmail.top/en-us/ 3 KB
1 KB 261ms
256ms Script
text/javascript 104.21.81.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app-qmail.top/en-us/dados_comando.js
Requested by: Host: app-qmail.top
URL: https://app-qmail.top/en-us/?desktop==&ip=2001:550:1d05:1::8&key=KSbBMpRdsSvMcCmTRHSEHfVRnCpamTBnYbbPzEcMvRuouelTLRKHgoVeawYR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbebc2926067f298fd3ee167e5c2ab3523dfecb46c65a160161083efb14f19d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://app-qmail.top/en-us/?desktop==&ip=2001:550:1d05:1::8&key=KSbBMpRdsSvMcCmTRHSEHfVRnCpamTBnYbbPzEcMvRuouelTLRKHgoVeawYR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 15:15:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 17:54:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bxzt2GbV0FRSTHwNREKUkecnxLhRZOWd6rS%2BQUBJYOGZaXx6q63DJ1txcjNBPgi%2FGR9RRD7n%2FXFaKL8%2B3agELhnXPhIAawCA9GBXiyvH027EDifUMYp4d%2F0XiaJjXjgk"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 869fdb035ef036b5-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 email-decode.min.js Show response
app-qmail.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 44ms
40ms Script
application/javascript 104.21.81.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-qmail.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: app-qmail.top
URL: https://app-qmail.top/en-us/?desktop==&ip=2001:550:1d05:1::8&key=KSbBMpRdsSvMcCmTRHSEHfVRnCpamTBnYbbPzEcMvRuouelTLRKHgoVeawYR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.228 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://app-qmail.top/en-us/?desktop==&ip=2001:550:1d05:1::8&key=KSbBMpRdsSvMcCmTRHSEHfVRnCpamTBnYbbPzEcMvRuouelTLRKHgoVeawYR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 15:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Mar 2024 10:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65fc0d6b-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ufxYrM9ijzFlmzCY%2F%2BO2vDUhFvY1jXY732qCmCBqX6yLNcj6o4iG%2F%2FHjvdXS3LTYsZho4OI5%2FiHBaBMPVKY4s%2B8g6X88dYZw669sjv915SdYRAzPVb8F4XVFV3Yy4STo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 869fdb035ef336b5-YYZ
expires: Wed, 27 Mar 2024 15:15:17 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/ 79 KB
25 KB 141ms
58ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js

Requested by

Host: app-qmail.top
URL: https://app-qmail.top/en-us/?desktop==&ip=2001:550:1d05:1::8&key=KSbBMpRdsSvMcCmTRHSEHfVRnCpamTBnYbbPzEcMvRuouelTLRKHgoVeawYR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app-qmail.top/
Origin: https://app-qmail.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Mar 2024 15:15:17 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4000332
x-jsd-version: 5.3.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25109
x-served-by: cache-fra-etou8220085-FRA, cache-lga21968-LGA
x-jsd-version-type: version
etag: W/"13b17-9/0PPchLLPk7+B6DJQWmc/NU4KM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 163ms
44ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app-qmail.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:04:28 GMT
x-content-type-options: nosniff
age: 454250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 09:04:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 162ms
45ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app-qmail.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:57:26 GMT
x-content-type-options: nosniff
age: 458272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:57:26 GMT

GET
H2

200

main.js Show response
app-qmail.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/ Frame B923
Redirect Chain

https://app-qmail.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://app-qmail.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

8 KB
4 KB

33ms
33ms

Script
application/javascript

104.21.81.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-qmail.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

Requested by

Host: app-qmail.top
URL: https://app-qmail.top/en-us/?desktop==&ip=2001:550:1d05:1::8&key=KSbBMpRdsSvMcCmTRHSEHfVRnCpamTBnYbbPzEcMvRuouelTLRKHgoVeawYR

Protocol

Server

104.21.81.228 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b37a67a6f8561162ca094c5f088d91ef6ea68a50fffe0e1874352fe5c3c85252

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 15:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T7DrPxVr69EnC7xsA%2FB5a5wpQ1%2F9gC3hngIXfKPzXnryhvXeN4qvUQh9jRdBg6nsXixfjOCKCw%2Fcks1Gf4RYNPG9MwvHsM9%2FeMb0jcsbUzifhOwBa6o49qwwCEY52ya9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 869fdb05bb7f36b5-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 25 Mar 2024 15:15:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KXNOiL6AzgXZXQXMBHq4%2BTHh7RZggp752f4hy8PRzPAW6%2B3Sl7lQgp%2FCDmV21cE7SOS0DGmqXYS505irS1n%2BL8Pe3bgDQyC4N8qufXV8sW0ifkdVhh9AYR4GdFY%2BdLAF"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 869fdb054a8f36b5-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 main_.php Show response
app-qmail.top/en-us/ 14 B
363 B 248ms
248ms XHR
text/html 104.21.81.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app-qmail.top/en-us/main_.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51cfe512b8f87774e3f8e6f3c490e946e3603b642a6209803da89893edfc159f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app-qmail.top/en-us/?desktop==&ip=2001:550:1d05:1::8&key=KSbBMpRdsSvMcCmTRHSEHfVRnCpamTBnYbbPzEcMvRuouelTLRKHgoVeawYR
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 15:15:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2BzmgWx4shfffEEeJjSVnxbI3QRLDUOcUZ2Yl3iraDt4RGTG3nCKAuDQ03XE6CrJudLnjHKWjbRVhO2LC%2BUb9RhtYtKUgKi7T18hvbPOUm0Ddg%2BPgrU0HnmNdAVGlKXa"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 869fdb054a9336b5-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ver_online.php Show response
app-qmail.top/en-us/ 0
261 B 135ms
135ms XHR
text/html 104.21.81.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app-qmail.top/en-us/ver_online.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://app-qmail.top/en-us/?desktop==&ip=2001:550:1d05:1::8&key=KSbBMpRdsSvMcCmTRHSEHfVRnCpamTBnYbbPzEcMvRuouelTLRKHgoVeawYR
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 15:15:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2CZVLO6AsCOm1S%2FUANVo3ZVTFe7%2BBK4iIsEw2sqv9Ij9riKe9DpnSpeYE0kAUwbWAR2tI6nBBUDdKS8JHNdvrxIJTLh2d5KXRYEnD8bDEKXUWPE1t84aqnMG3rX2QX40"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 869fdb054a9736b5-YYZ
alt-svc: h3=":443"; ma=86400

POST
H2 200 869fdb019bc536b5 Show response
app-qmail.top/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame B923 0
576 B 108ms
71ms XHR
text/plain 104.21.81.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app-qmail.top/cdn-cgi/challenge-platform/h/g/jsd/r/869fdb019bc536b5
Requested by: Host: app-qmail.top
URL: https://app-qmail.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Mar 2024 15:15:18 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LZc0sJQRPMgubLMpaIwyX0bhPB7cFANZ0cvkMAZVuuBJNhOzGLyESs8%2FuVhVlzAjTSYoqOUlhQjAuWxj%2FR7Jk%2BjBJ8ETGtujQOgn1rIa8J9axuT9ruPsTzMBZ%2BzvJIqp"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 869fdb08588036b5-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 ver_online.php Show response
app-qmail.top/en-us/ 0
448 B 265ms
265ms XHR
text/html 2606:4700:3032::ac43:a568
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app-qmail.top/en-us/ver_online.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.4.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a568 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://app-qmail.top/en-us/?desktop==&ip=2001:550:1d05:1::8&key=KSbBMpRdsSvMcCmTRHSEHfVRnCpamTBnYbbPzEcMvRuouelTLRKHgoVeawYR
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 15:15:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KIDW4qafLH2khI6YDwv4T%2BsyW5GI3qeRRO7gPlpPTt3ak4Kl8EK3j1toSV%2FKoXO4J7w%2B%2FyKw2Mr%2BRvW6SbHTlTs%2F9nRLLIHsDaeGWSJ8tBAlwTRdLfpDeJ6dIu4IHOBdiclstOEdgOoMwGoe"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 869fdb0d2d6b4bcf-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 main_.php Show response
app-qmail.top/en-us/ 14 B
493 B 142ms
141ms XHR
text/html 2606:4700:3032::ac43:a568
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app-qmail.top/en-us/main_.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.4.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a568 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51cfe512b8f87774e3f8e6f3c490e946e3603b642a6209803da89893edfc159f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app-qmail.top/en-us/?desktop==&ip=2001:550:1d05:1::8&key=KSbBMpRdsSvMcCmTRHSEHfVRnCpamTBnYbbPzEcMvRuouelTLRKHgoVeawYR
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 15:15:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4WC5HHHLU3%2BsZ7wx9BHoTUOdEgKuBb6mP5VcbFI9eCdc9VCqFOvk4u0uG6OOKTQzyrm4svVi6UL9eqi3YFwxOcEJFh2wVR1HyAinKoxvu7jIt7cwFPf2bG3X30hiAToFWQQouyslO8lZx8l6"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 869fdb11d8aa4bcf-BUF
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 ver_online.php Show response
app-qmail.top/en-us/ 0
409 B 139ms
138ms XHR
text/html 2606:4700:3032::ac43:a568
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app-qmail.top/en-us/ver_online.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.4.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a568 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://app-qmail.top/en-us/?desktop==&ip=2001:550:1d05:1::8&key=KSbBMpRdsSvMcCmTRHSEHfVRnCpamTBnYbbPzEcMvRuouelTLRKHgoVeawYR
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 15:15:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2B7Qb29OKF5OkEpEr6qQUUQ1q7eBXIDsN2IZ7ZfhwbDgqIsKocMs0OASOC4tHY4dnQjUxhbftHV8CKU7LYjxbAGBjM%2BaaksKZbC%2B6C5UIgnkLRCm7oH%2FFgMOBEZC8e9eP1bZPcDkfssIet0Y"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 869fdb14fa764bcf-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 ver_online.php Show response
app-qmail.top/en-us/ 0
408 B 141ms
141ms XHR
text/html 2606:4700:3032::ac43:a568
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app-qmail.top/en-us/ver_online.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.4.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a568 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://app-qmail.top/en-us/?desktop==&ip=2001:550:1d05:1::8&key=KSbBMpRdsSvMcCmTRHSEHfVRnCpamTBnYbbPzEcMvRuouelTLRKHgoVeawYR
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 15:15:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Ec0eJjiqr4c4kCn6gpc19%2BQ2VQjZa8oNYnCHUOfb%2BWEFlmCaNJsvixmJgDlWbmF6uz6rjKpgxlgjn9GAHOfj7aN3UlFc4CggQa8rqUphgEKhYoQlI2MAR%2Fg0FT99OfK8%2BII9P6WUJo9hESb"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 869fdb1cced24bcf-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 main_.php Show response
app-qmail.top/en-us/ 14 B
498 B 141ms
141ms XHR
text/html 2606:4700:3032::ac43:a568
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app-qmail.top/en-us/main_.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.4.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a568 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51cfe512b8f87774e3f8e6f3c490e946e3603b642a6209803da89893edfc159f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app-qmail.top/en-us/?desktop==&ip=2001:550:1d05:1::8&key=KSbBMpRdsSvMcCmTRHSEHfVRnCpamTBnYbbPzEcMvRuouelTLRKHgoVeawYR
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 15:15:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zSKWzA5PDw5qtLQlrBEJlXmDP35%2Bw%2Fc4EWXQB4R8Zamoj60eG75C4uKvqxOppHq1hHtShaYGr0Zd87GBU6U1WY0bqK9Cn3AyWKNdfmL6wOe4ml4HkarQ2nPplt5QLoQtUxBIhp19eX%2FgS%2Fk6"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 869fdb1e5f9b4bcf-BUF
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 ver_online.php Show response
app-qmail.top/en-us/ 0
405 B 138ms
138ms XHR
text/html 2606:4700:3032::ac43:a568
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app-qmail.top/en-us/ver_online.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.4.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a568 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://app-qmail.top/en-us/?desktop==&ip=2001:550:1d05:1::8&key=KSbBMpRdsSvMcCmTRHSEHfVRnCpamTBnYbbPzEcMvRuouelTLRKHgoVeawYR
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 15:15:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BGEnmOCDxsqB5BpCpZc6Vy41bRsXvJdUVSS8NzM%2F2pzha1DuTdZcxNj86dxtz9VWdg0baOIWEHicnk2fxs9pNqLLUVtbU1a2isPwggw8bydp9LzkKmViBYoFG2e8O7s8kk9RGWZjBlfZIY5s"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 869fdb249bac4bcf-BUF
alt-svc: h3=":443"; ma=86400

GET main_.php
app-qmail.top/en-us/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app-qmail.top
URL: https://app-qmail.top/en-us/main_.php

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			app-qmail.top/	1969-12-31 23:59:59	Name: PHPSESSID Value: cb897e9f2f64288c80876d25b3bdb7ed
			.app-qmail.top/	1970-01-21 04:08:35	Name: cf_clearance Value: .quyhAxMIy9dFrjyH6d1gn19kVk4xV51N5PT0dfAhvc-1711379718-1.0.1.1-kuYQPCyfY8e0MoaxD84HoVKd1BqPbMfSqBAWPEw39X5gvosB4Gi2Vj9Y4R2_ZTSWp2v1T56rKc3ochyGdgymMg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-qmail.top
cdn.jsdelivr.net
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
app-qmail.top
104.21.81.228
2606:4700:3032::ac43:a568
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80f::2003
2a04:4e42:400::485
2a04:4e42:600::649
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2d61bb88ccef60190391f456c9afd2270667d82c2f020a9511aa3cbc54179370
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2
51cfe512b8f87774e3f8e6f3c490e946e3603b642a6209803da89893edfc159f
82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd
9bcd4d0f29dc6556ebeeff44eaa0965f0c7f7308ee58394708cce2f698cca1b0
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b37a67a6f8561162ca094c5f088d91ef6ea68a50fffe0e1874352fe5c3c85252
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fbebc2926067f298fd3ee167e5c2ab3523dfecb46c65a160161083efb14f19d4

app-qmail.top Open in urlscan Pro 104.21.81.228 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

21 Requests

90 %HTTPS

83 %IPv6

5 Domains

5 Subdomains

7 IPs

2 Countries

155 kBTransfer

519 kBSize

2 Cookies

0 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

2 Cookies

Indicators

app-qmail.top Open in urlscan Pro
104.21.81.228 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

90 %
HTTPS

83 %
IPv6

5
Domains

5
Subdomains

7
IPs

2
Countries

155 kB
Transfer

519 kB
Size

2
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!