www.ihotmails.com Open in urlscan Pro
104.168.87.70 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ihotmails.com/
Submission Tags: @phishunt_io
Submission: On March 17 via api (March 17th 2023, 1:25:50 am UTC) from DE — Scanned from DE

Summary HTTP 20 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 20 HTTP transactions. The main IP is 104.168.87.70, located in United States and belongs to AS-COLOCROSSING, US. The main domain is www.ihotmails.com.
TLS certificate: Issued by R3 on March 16th 2023. Valid for: 3 months.

This is the only time www.ihotmails.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
11	104.168.87.70 104.168.87.70		36352 (AS-COLOCR...) (AS-COLOCROSSING)
6	2600:9000:249... 2600:9000:2491:aa00:1d:80d9:9400:93a1		16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200a		15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003		15169 (GOOGLE) (GOOGLE)
20	4

11 104.168.87.70 (United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 104-168-87-70-host.colocrossing.com

www.ihotmails.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2491:aa00:1d:80d9:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)

lib.baomitu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	ihotmails.com www.ihotmails.com	96 KB
6	baomitu.com lib.baomitu.com — Cisco Umbrella Rank: 177733	982 KB
2	gstatic.com fonts.gstatic.com	46 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	868 B
20	4

	Domain	Requested by
11	www.ihotmails.com	www.ihotmails.com lib.baomitu.com
6	lib.baomitu.com	www.ihotmails.com lib.baomitu.com
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	lib.baomitu.com
20	4

This site contains links to these domains. Also see Links.

Domain
t.me

Subject Issuer	Validity	Valid
www.ihotmails.com R3	`2023-03-16` - `2023-06-14`	3 months	crt.sh
*.baomitu.com WoTrus DV Server CA [Run by the Issuer]	`2022-04-26` - `2023-04-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.ihotmails.com/
Frame ID: A70B0461FB4FBB1EFB49E04750935AFA
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IHotmails Mail

Detected technologies

Semantic UI (UI frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+semantic(?:\.min)\.css"
/semantic(?:-([\d.]+))?(?:\.min)?\.js

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Prism (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

prism\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

1125 kB
Transfer

1131 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/ihotmails
Title: @ihotmails

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.ihotmails.com/ 5 KB
2 KB 473ms
154ms Document
text/html 104.168.87.70
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ihotmails.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.168.87.70 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 104-168-87-70-host.colocrossing.com
Software: nginx /
Resource Hash: ed8bdba023d59fd4dd59d2694ac2055c4347e546085413c6ffda5cbf2de4aef1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=3600
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 17 Mar 2023 01:25:45 GMT
etag: W/"134f-18485fca958"
last-modified: Thu, 17 Nov 2022 14:27:19 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 semantic.min.css
lib.baomitu.com/semantic-ui/2.1.7/ 512 KB
513 KB 563ms
8ms Stylesheet
text/css 2600:9000:2491:aa00:1d:80d9:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.baomitu.com/semantic-ui/2.1.7/semantic.min.css
Requested by: Host: www.ihotmails.com
URL: https://www.ihotmails.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:aa00:1d:80d9:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0ee2a7881a1c95f6ea07464b7152691020bbf7a5f91479940eeda3471395482d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihotmails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 08 May 2022 02:34:36 GMT
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
kcs-via: MISS from w-fc01.lato;MISS from w-sc02.lato
x-qstatic-hit: 1
x-amz-cf-pop: FRA56-P7
age: 27039069
x-cache: Hit from cloudfront
content-length: 524360
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"adb27d158d044496"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
accept-ranges: bytes
x-amz-cf-id: uYcpZFNUOSsAz8UvQkRIWUpNIMtEJAVoDzgIhg-SrflEBT8cm9EPdA==
expires: Wed, 05 May 2032 02:34:36 GMT

GET
H2 200 app.css
www.ihotmails.com/css/ 646 B
817 B 170ms
166ms Stylesheet
text/css 104.168.87.70
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ihotmails.com/css/app.css
Requested by: Host: www.ihotmails.com
URL: https://www.ihotmails.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.168.87.70 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 104-168-87-70-host.colocrossing.com
Software: nginx /
Resource Hash: 12633f9f53d7905ad31b4223680adb2b663ef13f2b526239304d906e1c8d4236

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihotmails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 01:25:45 GMT
last-modified: Sat, 02 Oct 2021 05:10:50 GMT
server: nginx
etag: W/"286-17c3f697b90"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 646

GET
H2 200 prism.css
www.ihotmails.com/css/ 4 KB
1 KB 170ms
167ms Stylesheet
text/css 104.168.87.70
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ihotmails.com/css/prism.css
Requested by: Host: www.ihotmails.com
URL: https://www.ihotmails.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.168.87.70 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 104-168-87-70-host.colocrossing.com
Software: nginx /
Resource Hash: 0f7aedf87c95988f4bb46f939f2bc76642bb819fc0482097c1dc077305c0f4db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihotmails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 01:25:45 GMT
content-encoding: gzip
last-modified: Sat, 02 Oct 2021 04:34:42 GMT
server: nginx
etag: W/"e4d-17c3f4866d0"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=3600

GET
H2 200 favicon.jpg
www.ihotmails.com/ 86 KB
86 KB 158ms
157ms Image
image/jpeg 104.168.87.70
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ihotmails.com/favicon.jpg
Requested by: Host: www.ihotmails.com
URL: https://www.ihotmails.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.168.87.70 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 104-168-87-70-host.colocrossing.com
Software: nginx /
Resource Hash: 830c0a853e892a081edaa3939cf45cdcfe76e56736770d8d18477ee3fa3085ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihotmails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 01:25:45 GMT
last-modified: Sat, 02 Oct 2021 05:18:35 GMT
server: nginx
etag: W/"1586d-17c3f7093f8"
content-type: image/jpeg
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 88173

GET
H2 200 jquery.min.js Show response
lib.baomitu.com/jquery/2.1.4/ 82 KB
83 KB 546ms
12ms Script
application/javascript 2600:9000:2491:aa00:1d:80d9:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.baomitu.com/jquery/2.1.4/jquery.min.js
Requested by: Host: www.ihotmails.com
URL: https://www.ihotmails.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:aa00:1d:80d9:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihotmails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 11:32:46 GMT
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
kcs-via: MISS from w-fc03.lato;MISS from w-sc01.lato
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
x-qstatic-hit: 1
x-amz-cf-pop: FRA56-P7
etag: W/"ba784ae237eb064d"
age: 29080379
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
x-amz-cf-id: 4vqnk4HZCRnPMdezFXaLblJ_6kFFKP4Wn2ryMw7HdjKbQzSRDWYsMw==
expires: Sun, 11 Apr 2032 11:32:46 GMT

GET
H2 200 semantic.min.js Show response
lib.baomitu.com/semantic-ui/2.1.7/ 256 KB
256 KB 545ms
12ms Script
application/javascript 2600:9000:2491:aa00:1d:80d9:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.baomitu.com/semantic-ui/2.1.7/semantic.min.js
Requested by: Host: www.ihotmails.com
URL: https://www.ihotmails.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:aa00:1d:80d9:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2e5c2989d47f6fcdd4a354be8ead44a319838d9acfebb3cbe3699b2fc3dcfa37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihotmails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 04:46:54 GMT
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
kcs-via: HIT from w-fc01.lato;MISS from w-sc01.lato
x-qstatic-hit: 1
x-amz-cf-pop: FRA56-P7
age: 26080731
x-cache: Hit from cloudfront
content-length: 261851
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"44c9477eda5b588f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
accept-ranges: bytes
x-amz-cf-id: 2WYp2IddXpxhU0uIGMDPPzwbv9SVhLotqBkUddVcxJA1dVbn5FLorw==
expires: Sun, 16 May 2032 04:46:54 GMT

GET
H2 200 socket.io.min.js Show response
lib.baomitu.com/socket.io/1.3.7/ 64 KB
64 KB 545ms
12ms Script
application/javascript 2600:9000:2491:aa00:1d:80d9:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.baomitu.com/socket.io/1.3.7/socket.io.min.js
Requested by: Host: www.ihotmails.com
URL: https://www.ihotmails.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:aa00:1d:80d9:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2acea7e1a972709e4c463eabc05eca6676b9895e841e21f4b8f14f9617bbcb24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihotmails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 27 May 2022 03:01:28 GMT
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
kcs-via: HIT from w-fc03.lato;HIT from w-sc01.lato
x-qstatic-hit: 1
x-amz-cf-pop: FRA56-P7
age: 25395857
x-cache: Hit from cloudfront
content-length: 65041
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"8bf065b2c64bd775"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
accept-ranges: bytes
x-amz-cf-id: 8fejQY7_L6130A0vFIZmrtaqRYWkNjVQRT9gCu9BHE5bFmr7J1u6ig==
expires: Mon, 24 May 2032 03:01:28 GMT

GET
H2 200 clipboard.min.js Show response
lib.baomitu.com/clipboard.js/1.5.5/ 9 KB
9 KB 545ms
12ms Script
application/javascript 2600:9000:2491:aa00:1d:80d9:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.baomitu.com/clipboard.js/1.5.5/clipboard.min.js
Requested by: Host: www.ihotmails.com
URL: https://www.ihotmails.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:aa00:1d:80d9:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 404b016f5c9a369726eec56a280c93478da17a52ed0f1fee116838330772ec70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihotmails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 30 May 2022 04:45:57 GMT
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
kcs-via: HIT from w-fc03.lato;MISS from w-sc02.lato
x-qstatic-hit: 1
x-amz-cf-pop: FRA56-P7
age: 25130388
x-cache: Hit from cloudfront
content-length: 8854
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"389b544b6805dbe3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
accept-ranges: bytes
x-amz-cf-id: m5w7w_HKmS4Dd8sE8t7cK8v2FphkRRBDcEZvaW616yzbB71f8O5Rcg==
expires: Thu, 27 May 2032 04:45:57 GMT

GET
H2 200 app.js Show response
www.ihotmails.com/js/ 3 KB
1 KB 177ms
176ms Script
application/javascript 104.168.87.70
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ihotmails.com/js/app.js
Requested by: Host: www.ihotmails.com
URL: https://www.ihotmails.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.168.87.70 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 104-168-87-70-host.colocrossing.com
Software: nginx /
Resource Hash: 599a4496e6670493761c05ed1d28aef986a33c27596f2386507072a4cfc6312d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihotmails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 01:25:45 GMT
content-encoding: gzip
last-modified: Sat, 02 Oct 2021 04:34:42 GMT
server: nginx
etag: W/"c20-17c3f4866d0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600

GET
H2 200 prism.js Show response
www.ihotmails.com/js/ 7 KB
3 KB 173ms
172ms Script
application/javascript 104.168.87.70
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ihotmails.com/js/prism.js
Requested by: Host: www.ihotmails.com
URL: https://www.ihotmails.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.168.87.70 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 104-168-87-70-host.colocrossing.com
Software: nginx /
Resource Hash: 7bdfca616a8f4161471d4525c9b724678f89a47abf387182cb4999855878ab2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihotmails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 01:25:45 GMT
content-encoding: gzip
last-modified: Sat, 02 Oct 2021 04:34:42 GMT
server: nginx
etag: W/"1b99-17c3f4866d0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600

GET
H2 200 css
fonts.googleapis.com/ 3 KB
868 B 127ms
47ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Requested by

Host: lib.baomitu.com
URL: https://lib.baomitu.com/semantic-ui/2.1.7/semantic.min.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aed5ccd9a1464ec082338fd88b0b73b810af66c72b4adffe270607212d4693a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lib.baomitu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Mar 2023 01:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Mar 2023 23:31:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Mar 2023 01:25:45 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 151ms
70ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ihotmails.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 10:49:32 GMT
x-content-type-options: nosniff
age: 570974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 10:49:32 GMT

GET
H2 200 icons.woff2
lib.baomitu.com/semantic-ui/2.1.7/themes/default/assets/fonts/ 55 KB
56 KB 24ms
8ms Font
font/woff2 2600:9000:2491:aa00:1d:80d9:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.baomitu.com/semantic-ui/2.1.7/themes/default/assets/fonts/icons.woff2
Requested by: Host: lib.baomitu.com
URL: https://lib.baomitu.com/semantic-ui/2.1.7/semantic.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:aa00:1d:80d9:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://lib.baomitu.com/semantic-ui/2.1.7/semantic.min.css
Origin: https://www.ihotmails.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 09:57:38 GMT
via: 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
kcs-via: MISS from w-fc01.lato;MISS from w-sc02.bjyt
x-qstatic-hit: 1
x-amz-cf-pop: FRA56-P7
age: 487688
x-cache: Hit from cloudfront
content-length: 56780
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"b6846024af78f4c0"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
accept-ranges: bytes
x-amz-cf-id: LxuBdAu-OgDYfhAGB2elOzE8E2nvtfGCriPG-3MiecJ7H3wF2y2mIQ==
expires: Tue, 08 Mar 2033 09:57:38 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 116ms
36ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ihotmails.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 22:41:28 GMT
x-content-type-options: nosniff
age: 9858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 22:41:28 GMT

GET
H2 200 / Show response
www.ihotmails.com/socket.io/ 101 B
238 B 154ms
154ms XHR
application/octet-stream 104.168.87.70
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ihotmails.com/socket.io/?EIO=3&transport=polling&t=1679016346082-0
Requested by: Host: lib.baomitu.com
URL: https://lib.baomitu.com/socket.io/1.3.7/socket.io.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.168.87.70 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 104-168-87-70-host.colocrossing.com
Software: nginx /
Resource Hash: 1ea8f8d44688c6f5bf91d67714134bae3a0e192e4970b81b794187ad0881e9ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihotmails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 17 Mar 2023 01:25:46 GMT
server: nginx
content-length: 101
content-type: application/octet-stream

GET
H2 200 / Show response
www.ihotmails.com/socket.io/ 5 B
140 B 158ms
157ms XHR
application/octet-stream 104.168.87.70
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ihotmails.com/socket.io/?EIO=3&transport=polling&t=1679016346241-1&sid=plv4s_0MO6YMlja5AjJz
Requested by: Host: lib.baomitu.com
URL: https://lib.baomitu.com/socket.io/1.3.7/socket.io.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.168.87.70 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 104-168-87-70-host.colocrossing.com
Software: nginx /
Resource Hash: 25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihotmails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 17 Mar 2023 01:25:46 GMT
server: nginx
content-length: 5
content-type: application/octet-stream

POST
H2 200 / Show response
www.ihotmails.com/socket.io/ 2 B
173 B 155ms
154ms XHR
text/html 104.168.87.70
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ihotmails.com/socket.io/?EIO=3&transport=polling&t=1679016346411-2&sid=plv4s_0MO6YMlja5AjJz
Requested by: Host: lib.baomitu.com
URL: https://lib.baomitu.com/socket.io/1.3.7/socket.io.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.168.87.70 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 104-168-87-70-host.colocrossing.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.ihotmails.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.ihotmails.com
date: Fri, 17 Mar 2023 01:25:46 GMT
access-control-allow-credentials: true
server: nginx
content-length: 2
content-type: text/html

GET
H2 200 / Show response
www.ihotmails.com/socket.io/ 29 B
165 B 156ms
155ms XHR
application/octet-stream 104.168.87.70
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ihotmails.com/socket.io/?EIO=3&transport=polling&t=1679016346411-3&sid=plv4s_0MO6YMlja5AjJz
Requested by: Host: lib.baomitu.com
URL: https://lib.baomitu.com/socket.io/1.3.7/socket.io.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.168.87.70 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 104-168-87-70-host.colocrossing.com
Software: nginx /
Resource Hash: 02992616a6fcc02670eefe03c140a7845c43cc0a46d29bdbd06db9187a6c1bfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihotmails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 17 Mar 2023 01:25:46 GMT
server: nginx
content-length: 29
content-type: application/octet-stream

GET
H2 200 / Show response
www.ihotmails.com/socket.io/ 4 B
139 B 400ms
399ms XHR
application/octet-stream 104.168.87.70
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ihotmails.com/socket.io/?EIO=3&transport=polling&t=1679016346570-4&sid=plv4s_0MO6YMlja5AjJz
Requested by: Host: lib.baomitu.com
URL: https://lib.baomitu.com/socket.io/1.3.7/socket.io.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.168.87.70 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 104-168-87-70-host.colocrossing.com
Software: nginx /
Resource Hash: a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihotmails.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 17 Mar 2023 01:25:46 GMT
server: nginx
content-length: 4
content-type: application/octet-stream

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery function| io object| _self object| Prism object| $customShortId object| $shortId string| $customTheme string| $placeholder_old string| $placeholder_new object| $maillist

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.ihotmails.com/	1969-12-31 23:59:59	Name: io Value: plv4s_0MO6YMlja5AjJz

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
lib.baomitu.com
www.ihotmails.com
104.168.87.70
2600:9000:2491:aa00:1d:80d9:9400:93a1
2a00:1450:4001:80f::2003
2a00:1450:4001:82f::200a
02992616a6fcc02670eefe03c140a7845c43cc0a46d29bdbd06db9187a6c1bfe
0ee2a7881a1c95f6ea07464b7152691020bbf7a5f91479940eeda3471395482d
0f7aedf87c95988f4bb46f939f2bc76642bb819fc0482097c1dc077305c0f4db
12633f9f53d7905ad31b4223680adb2b663ef13f2b526239304d906e1c8d4236
1ea8f8d44688c6f5bf91d67714134bae3a0e192e4970b81b794187ad0881e9ad
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2acea7e1a972709e4c463eabc05eca6676b9895e841e21f4b8f14f9617bbcb24
2e5c2989d47f6fcdd4a354be8ead44a319838d9acfebb3cbe3699b2fc3dcfa37
404b016f5c9a369726eec56a280c93478da17a52ed0f1fee116838330772ec70
599a4496e6670493761c05ed1d28aef986a33c27596f2386507072a4cfc6312d
7bdfca616a8f4161471d4525c9b724678f89a47abf387182cb4999855878ab2e
830c0a853e892a081edaa3939cf45cdcfe76e56736770d8d18477ee3fa3085ec
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
aed5ccd9a1464ec082338fd88b0b73b810af66c72b4adffe270607212d4693a2
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ed8bdba023d59fd4dd59d2694ac2055c4347e546085413c6ffda5cbf2de4aef1