Submitted URL: http://www.xndlcz.com/os/index.php?email=haha@yahoo.com
Effective URL: https://mailserverarea.32-b.it/spool/?id=aGFoYUB5YWhvby5jb20=
Submission: On September 18 via manual from SG

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 3.209.44.129, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is mailserverarea.32-b.it.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 17th 2019. Valid for: 3 months.
This is the only time mailserverarea.32-b.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 43.224.154.130 132719 (CWDDTCL-A...)
5 3.209.44.129 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
6 2
Apex Domain
Subdomains
Transfer
5 32-b.it
mailserverarea.32-b.it
313 KB
2 unpkg.com
unpkg.com
12 KB
1 xndlcz.com
www.xndlcz.com
465 B
6 3
Domain Requested by
5 mailserverarea.32-b.it mailserverarea.32-b.it
2 unpkg.com 1 redirects mailserverarea.32-b.it
1 www.xndlcz.com 1 redirects
6 3

This site contains no links.

Subject Issuer Validity Valid
mailserverarea.32-b.it
cPanel, Inc. Certification Authority
2019-09-17 -
2019-12-16
3 months crt.sh
ssl714328.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-09-10 -
2020-03-18
6 months crt.sh

This page contains 1 frames:

Primary Page: https://mailserverarea.32-b.it/spool/?id=aGFoYUB5YWhvby5jb20=
Frame ID: 11B5B1ABEA97E2D57FAA4ECB1CD4DA97
Requests: 6 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.xndlcz.com/os/index.php?email=haha@yahoo.com HTTP 302
    https://mailserverarea.32-b.it/index.php?email=haha@yahoo.com Page URL
  2. https://mailserverarea.32-b.it/spool/?id=aGFoYUB5YWhvby5jb20= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

6
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

325 kB
Transfer

352 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.xndlcz.com/os/index.php?email=haha@yahoo.com HTTP 302
    https://mailserverarea.32-b.it/index.php?email=haha@yahoo.com Page URL
  2. https://mailserverarea.32-b.it/spool/?id=aGFoYUB5YWhvby5jb20= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.xndlcz.com/os/index.php?email=haha@yahoo.com HTTP 302
  • https://mailserverarea.32-b.it/index.php?email=haha@yahoo.com
Request Chain 4
  • https://unpkg.com/sweetalert/dist/sweetalert.min.js HTTP 302
  • https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set index.php
mailserverarea.32-b.it/
Redirect Chain
  • http://www.xndlcz.com/os/index.php?email=haha@yahoo.com
  • https://mailserverarea.32-b.it/index.php?email=haha@yahoo.com
68 B
430 B
Document
General
Full URL
https://mailserverarea.32-b.it/index.php?email=haha@yahoo.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.44.129 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-209-44-129.compute-1.amazonaws.com
Software
Apache /
Resource Hash
7104ccb7e76f2e604145395f9eb2ac6ce13534fa639a1654d026d933004001c1

Request headers

Host
mailserverarea.32-b.it
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 08:51:08 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
PHPSESSID=8b04096ba1f32a28f988d15a0b412847; path=/
Content-Length
68
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Server
wts/1.5
Date
Wed, 18 Sep 2019 08:51:07 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.0.33
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
PHPSESSID=in547tupbt1c1fnrudtlbfiut4; path=/; HttpOnly
location
https://mailserverarea.32-b.it/index.php?email=haha@yahoo.com
X-Cache
from WTS
Primary Request /
mailserverarea.32-b.it/spool/
3 KB
3 KB
Document
General
Full URL
https://mailserverarea.32-b.it/spool/?id=aGFoYUB5YWhvby5jb20=
Requested by
Host: mailserverarea.32-b.it
URL: https://mailserverarea.32-b.it/index.php?email=haha@yahoo.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.44.129 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-209-44-129.compute-1.amazonaws.com
Software
Apache /
Resource Hash
64c7b0cc3a40c26b1f5c47534c920075479cac81f03682bf224f86c0e0f99f3f

Request headers

Host
mailserverarea.32-b.it
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
same-origin
Referer
https://mailserverarea.32-b.it/index.php?email=haha@yahoo.com
Accept-Encoding
gzip, deflate, br
Cookie
PHPSESSID=8b04096ba1f32a28f988d15a0b412847
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://mailserverarea.32-b.it/index.php?email=haha@yahoo.com

Response headers

Date
Wed, 18 Sep 2019 08:51:08 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Length
3061
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
bootstrap.css
mailserverarea.32-b.it/spool/
169 KB
169 KB
Stylesheet
General
Full URL
https://mailserverarea.32-b.it/spool/bootstrap.css
Requested by
Host: mailserverarea.32-b.it
URL: https://mailserverarea.32-b.it/spool/?id=aGFoYUB5YWhvby5jb20=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.44.129 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-209-44-129.compute-1.amazonaws.com
Software
Apache /
Resource Hash
0ce7fbe215cdf921ed87d00a374404681d5d24898589a7fe60e068d09289b4ba

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://mailserverarea.32-b.it/spool/?id=aGFoYUB5YWhvby5jb20=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 08:51:08 GMT
Last-Modified
Mon, 14 Jan 2019 06:15:52 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
172839
jquery.min.js
mailserverarea.32-b.it/spool/
90 KB
91 KB
Script
General
Full URL
https://mailserverarea.32-b.it/spool/jquery.min.js
Requested by
Host: mailserverarea.32-b.it
URL: https://mailserverarea.32-b.it/spool/?id=aGFoYUB5YWhvby5jb20=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.44.129 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-209-44-129.compute-1.amazonaws.com
Software
Apache /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://mailserverarea.32-b.it/spool/?id=aGFoYUB5YWhvby5jb20=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 08:51:09 GMT
Last-Modified
Mon, 14 Jan 2019 06:14:44 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
92629
bootstrap.min.js
mailserverarea.32-b.it/spool/
49 KB
50 KB
Script
General
Full URL
https://mailserverarea.32-b.it/spool/bootstrap.min.js
Requested by
Host: mailserverarea.32-b.it
URL: https://mailserverarea.32-b.it/spool/?id=aGFoYUB5YWhvby5jb20=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.44.129 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-209-44-129.compute-1.amazonaws.com
Software
Apache /
Resource Hash
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://mailserverarea.32-b.it/spool/?id=aGFoYUB5YWhvby5jb20=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 08:51:09 GMT
Last-Modified
Mon, 14 Jan 2019 06:15:38 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
50676
sweetalert.min.js
unpkg.com/sweetalert@2.1.2/dist/
Redirect Chain
  • https://unpkg.com/sweetalert/dist/sweetalert.min.js
  • https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js
40 KB
11 KB
Script
General
Full URL
https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js
Requested by
Host: mailserverarea.32-b.it
URL: https://mailserverarea.32-b.it/spool/?id=aGFoYUB5YWhvby5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mailserverarea.32-b.it/spool/?id=aGFoYUB5YWhvby5jb20=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 08:51:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3809894
status
200
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"9f68-Kj2qvHAjLGNQq0jTJgXcSmrB8fo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
84c0d9535b131bd284309bc9638822f9
cache-control
public, max-age=31536000
cf-ray
5182138cdaf7cba0-VIE

Redirect headers

date
Wed, 18 Sep 2019 08:51:08 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
511
status
302
vary
Accept, Accept-Encoding
content-length
62
access-control-allow-origin
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
location
/sweetalert@2.1.2/dist/sweetalert.min.js
x-cloud-trace-context
29696097c900fd49c4a9827157a5b30c
cache-control
public, s-maxage=600, max-age=60
cf-ray
5182138cba69cba0-VIE

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| bootstrap object| jQuery19105110951946860167 function| setImmediate function| clearImmediate function| swal function| sweetAlert

1 Cookies

Domain/Path Name / Value
mailserverarea.32-b.it/ Name: PHPSESSID
Value: 8b04096ba1f32a28f988d15a0b412847