inftax-servmail9.work.gd Open in urlscan Pro
159.89.118.2 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.kingdomsites.co.uk/free/deskapp1/mailhome
Effective URL:
https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
Submission: On August 21 via api (August 21st 2023, 8:03:15 pm UTC) from JP — Scanned from JP

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 40 HTTP transactions. The main IP is 159.89.118.2, located in Toronto, Canada and belongs to DIGITALOCEAN-ASN, US. The main domain is inftax-servmail9.work.gd.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 4th 2023. Valid for: 3 months.

This is the only time inftax-servmail9.work.gd was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: IRS (Government)

Domain & IP information

	IP Address	AS Autonomous System
8	142.251.222.51 142.251.222.51	15169 (GOOGLE) (GOOGLE)
2	172.217.175.238 172.217.175.238	15169 (GOOGLE) (GOOGLE)
1	142.251.42.148 142.251.42.148	15169 (GOOGLE) (GOOGLE)
1 2	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
4	142.251.42.129 142.251.42.129	15169 (GOOGLE) (GOOGLE)
7	142.251.222.10 142.251.222.10	15169 (GOOGLE) (GOOGLE)
1 13	159.89.118.2 159.89.118.2	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
40	8

8 142.251.222.51 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s72-in-f19.1e100.net

www.kingdomsites.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.imcreator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.175.238 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s29-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.42.148 (Marriottsville, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f20.1e100.net

imos006-dot-im--os.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.42 (United States) 1 redirects

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
releases.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.42.129 (Marriottsville, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f1.1e100.net

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.222.10 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 159.89.118.2 (Toronto, Canada) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

inftax-servmail9.work.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	work.gd 1 redirects inftax-servmail9.work.gd	164 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	10 KB
7	imcreator.com www.imcreator.com — Cisco Umbrella Rank: 931653	57 KB
4	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 84	2 KB
2	jquery.com 1 redirects code.jquery.com — Cisco Umbrella Rank: 985 releases.jquery.com — Cisco Umbrella Rank: 60426	30 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	67 KB
1	appspot.com imos006-dot-im--os.appspot.com — Cisco Umbrella Rank: 470001	2 KB
1	kingdomsites.co.uk www.kingdomsites.co.uk	17 KB
40	8

	Domain	Requested by
13	inftax-servmail9.work.gd	1 redirects www.kingdomsites.co.uk inftax-servmail9.work.gd
7	fonts.googleapis.com	www.imcreator.com
7	www.imcreator.com	www.kingdomsites.co.uk
4	lh3.googleusercontent.com	www.kingdomsites.co.uk
2	www.youtube.com	www.kingdomsites.co.uk www.youtube.com
1	releases.jquery.com	www.kingdomsites.co.uk
1	code.jquery.com	1 redirects
1	imos006-dot-im--os.appspot.com	www.kingdomsites.co.uk
1	www.kingdomsites.co.uk
40	9

This site contains no links.

Subject Issuer	Validity	Valid
www.kingdomsites.co.uk GTS CA 1D4	`2023-08-15` - `2023-11-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.imcreator.com GTS CA 1D4	`2023-07-09` - `2023-10-07`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
inftax-servmail9.work.gd cPanel, Inc. Certification Authority	`2023-08-04` - `2023-11-02`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
Frame ID: 2CAA696888F89C7476A8D3ED3A0961F9
Requests: 39 HTTP requests in this frame

Frame: https://inftax-servmail9.work.gd/public/assets/main/saved_resource.html
Frame ID: 304DCCD87C5AC08521D4AA16B7ABD3F1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Get My Payment

Page URL History Show full URLs

https://www.kingdomsites.co.uk/free/deskapp1/mailhome Page URL
https://inftax-servmail9.work.gd/?takos HTTP 302
https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

85 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

8
IPs

2
Countries

348 kB
Transfer

924 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.kingdomsites.co.uk/free/deskapp1/mailhome Page URL
https://inftax-servmail9.work.gd/?takos HTTP 302
https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://code.jquery.com/jquery-2.x-git.min.js HTTP 301
https://releases.jquery.com/git/jquery-2.x-git.min.js

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 mailhome Show response
www.kingdomsites.co.uk/free/deskapp1/ 112 KB
17 KB 739ms
352ms Document
text/html 142.251.222.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kingdomsites.co.uk/free/deskapp1/mailhome
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.222.51 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s72-in-f19.1e100.net
Software: Google Frontend /
Resource Hash: 5435c1bcec9297d8fad976c9562c32abcc7f6e99171ac56702b25660f5dd4a53

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-length: 17688
content-type: text/html; charset=utf-8
date: Mon, 21 Aug 2023 20:03:06 GMT
server: Google Frontend
vary: Accept-Encoding
x-cloud-trace-context: 9223bc9070351c34cf6b2cc1d2fc2e4b

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 500ms
75ms Script
text/javascript 172.217.175.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.kingdomsites.co.uk
URL: https://www.kingdomsites.co.uk/free/deskapp1/mailhome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s29-in-f14.1e100.net

Software

ESF /

Resource Hash

911fb8f3c9457ef89d35dd21dedfc00e7dd2eb1c64406567f5523a60e2d4ab16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.kingdomsites.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:03:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ja for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 21 Aug 2023 20:03:07 GMT

GET
H2 200 imos.js Show response
imos006-dot-im--os.appspot.com/js/ 6 KB
2 KB 408ms
26ms Script
application/javascript 142.251.42.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://imos006-dot-im--os.appspot.com/js/imos.js?v=1.5.9b
Requested by: Host: www.kingdomsites.co.uk
URL: https://www.kingdomsites.co.uk/free/deskapp1/mailhome
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.148 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s45-in-f20.1e100.net
Software: Google Frontend /
Resource Hash: 884663c1137f80922a8e50d96df7b23ba59ea46caf3bf6cd89b38e231decf4e5

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.kingdomsites.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 19:57:28 GMT
content-encoding: gzip
server: Google Frontend
age: 339
etag: "NjoVCA"
content-type: application/javascript
x-cloud-trace-context: 8878e6f8956ed4025104bf4882cf4b7c
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2035
expires: Mon, 21 Aug 2023 20:07:28 GMT

GET
H2 200 fonts.css
www.imcreator.com/css/ 5 KB
2 KB 446ms
64ms Stylesheet
text/css 142.251.222.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imcreator.com/css/fonts.css?v=1.5.9b
Requested by: Host: www.kingdomsites.co.uk
URL: https://www.kingdomsites.co.uk/free/deskapp1/mailhome
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.222.51 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s72-in-f19.1e100.net
Software: Google Frontend /
Resource Hash: 1fb80c911f6c0155d116db0531d0a3114966d53a6edb0b56dd239f6c0539f5c3

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.kingdomsites.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 18:55:52 GMT
content-encoding: gzip
server: Google Frontend
age: 4035
etag: "4D83JA"
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 8ec4f4bd68b059dce0c872aa4100815e
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-length: 1644
expires: Tue, 20 Aug 2024 18:55:52 GMT

GET
H2 200 static_style
www.imcreator.com/ 16 KB
2 KB 662ms
288ms Stylesheet
text/css 142.251.222.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imcreator.com/static_style?v=1.5.9b&vbid=vbid-53255dcc-omsttuer&caller=static
Requested by: Host: www.kingdomsites.co.uk
URL: https://www.kingdomsites.co.uk/free/deskapp1/mailhome
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.222.51 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s72-in-f19.1e100.net
Software: Google Frontend /
Resource Hash: 09771723d084890f674b8f637c83ba4afc5cd334f96d5a030a53d6453b1a83b1

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.kingdomsites.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:03:07 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: text/css; charset=utf-8
x-cloud-trace-context: 0f4548b8a1f3a8efe45e42d6a1d2a6d2
cache-control: no-cache
content-length: 1993

GET
H2

200

jquery-2.x-git.min.js Show response
releases.jquery.com/git/
Redirect Chain

https://code.jquery.com/jquery-2.x-git.min.js
https://releases.jquery.com/git/jquery-2.x-git.min.js

84 KB
29 KB

243ms
237ms

Script
application/javascript

69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://releases.jquery.com/git/jquery-2.x-git.min.js
Requested by: Host: www.kingdomsites.co.uk
URL: https://www.kingdomsites.co.uk/free/deskapp1/mailhome
Protocol: H2
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 22af5bc82c5abf9d2d53d5252b2ae15c04c39b2e67d39d9150ace8b3b9fe6809

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.kingdomsites.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:03:07 GMT
content-encoding: gzip
last-modified: Wed, 22 Jun 2016 11:41:26 GMT
server: nginx
etag: "576a7966-14e1f"
x-hw: 1692648187.dop024.la3.t,1692648187.cds237.la3.hn,1692648187.cds032.la3.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300, public
accept-ranges: bytes
content-length: 29834

Redirect headers

date: Mon, 21 Aug 2023 20:03:07 GMT
content-encoding: gzip
server: nginx
x-hw: 1692648187.dop024.la3.t,1692648187.cds237.la3.hn,1692648187.cds239.la3.c
content-type: text/html
location: https://releases.jquery.com/git/jquery-2.x-git.min.js
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 131

GET
H2 200 xprs_helper.js Show response
www.imcreator.com/js/ 34 KB
11 KB 444ms
71ms Script
application/javascript 142.251.222.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imcreator.com/js/xprs_helper.js?v=1.5.9b
Requested by: Host: www.kingdomsites.co.uk
URL: https://www.kingdomsites.co.uk/free/deskapp1/mailhome
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.222.51 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s72-in-f19.1e100.net
Software: Google Frontend /
Resource Hash: 9d10d9068a48b1fe597c16a229367139750d4de1eeb584a23361d5dab3f26fec

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.kingdomsites.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 19:19:23 GMT
content-encoding: gzip
server: Google Frontend
age: 2624
etag: "4D83JA"
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: d3566bbb60d26be2bee7ddf72be6820f
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-length: 10721
expires: Tue, 20 Aug 2024 19:19:23 GMT

GET
H2 200 all_js.js Show response
www.imcreator.com/ 89 KB
14 KB 677ms
305ms Script
text/javascript 142.251.222.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imcreator.com/all_js.js?v=1.5.9b
Requested by: Host: www.kingdomsites.co.uk
URL: https://www.kingdomsites.co.uk/free/deskapp1/mailhome
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.222.51 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s72-in-f19.1e100.net
Software: Google Frontend /
Resource Hash: 2745e2ed489679d0772d69f9054c330fdbbe80d7ffa55574dddc983029e82564

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.kingdomsites.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:03:07 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: a0abd793585f42022ef84ea4d996255c
cache-control: no-cache
content-length: 14390

GET
H2 200 jquery.mobile.custom.min.js Show response
www.imcreator.com/js/lib/touchswipe/ 8 KB
3 KB 439ms
67ms Script
application/javascript 142.251.222.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imcreator.com/js/lib/touchswipe/jquery.mobile.custom.min.js
Requested by: Host: www.kingdomsites.co.uk
URL: https://www.kingdomsites.co.uk/free/deskapp1/mailhome
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.222.51 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s72-in-f19.1e100.net
Software: Google Frontend /
Resource Hash: 5c2f6c5d5cd0fe0ecfa24b844f841c8a73d8baaafb827ec413afa41335aa1c47

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.kingdomsites.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 20:06:58 GMT
content-encoding: gzip
server: Google Frontend
age: 258969
etag: "4D83JA"
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: a62aff8ee0cde5ae35c18c054ce421dc
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-length: 3096
expires: Sat, 17 Aug 2024 20:06:58 GMT

GET
H2 200 EWqW7DEI4kOTRMLjK2-ObFHp-EYBt5apFYZ1LVFAhLtTLjigCRfx5hCCTKbIjIm68VQ00p9twloHJ9w8=s50
lh3.googleusercontent.com/ 688 B
751 B 439ms
16ms Image
image/png 142.251.42.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/EWqW7DEI4kOTRMLjK2-ObFHp-EYBt5apFYZ1LVFAhLtTLjigCRfx5hCCTKbIjIm68VQ00p9twloHJ9w8=s50

Requested by

Host: www.kingdomsites.co.uk
URL: https://www.kingdomsites.co.uk/free/deskapp1/mailhome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.129 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f1.1e100.net

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.kingdomsites.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 19:02:34 GMT
x-content-type-options: nosniff
age: 3634
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 688
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 22 Aug 2023 19:02:34 GMT

GET
H2 200 TgRyMQvJ3_h9RmOnu7AlhIE7NLOOBsRoBounARrs8fQv8HCRPaFtpBneSqJOSZpI6l7He_bAZKN179JBig=s50
lh3.googleusercontent.com/ 206 B
503 B 285ms
16ms Image
image/png 142.251.42.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/TgRyMQvJ3_h9RmOnu7AlhIE7NLOOBsRoBounARrs8fQv8HCRPaFtpBneSqJOSZpI6l7He_bAZKN179JBig=s50

Requested by

Host: www.kingdomsites.co.uk
URL: https://www.kingdomsites.co.uk/free/deskapp1/mailhome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.129 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f1.1e100.net

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.kingdomsites.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 19:02:34 GMT
x-content-type-options: nosniff
age: 3634
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 22 Aug 2023 19:02:34 GMT

GET
H2 200 43-pXHjwrpmVO8Oean-6BD0uzARvcqUQrpdi7Yw2bxaXwEoP21UdN5kW6Ks9pdOxf7ropMUrh0djgYPwYPU=s50
lh3.googleusercontent.com/ 265 B
355 B 27ms
26ms Image
image/png 142.251.42.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/43-pXHjwrpmVO8Oean-6BD0uzARvcqUQrpdi7Yw2bxaXwEoP21UdN5kW6Ks9pdOxf7ropMUrh0djgYPwYPU=s50

Requested by

Host: www.kingdomsites.co.uk
URL: https://www.kingdomsites.co.uk/free/deskapp1/mailhome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.129 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f1.1e100.net

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.kingdomsites.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 18:12:14 GMT
x-content-type-options: nosniff
age: 6654
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 265
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 22 Aug 2023 18:12:14 GMT

GET
H2 200 9rwgVnDglPdPFugSu98fhDmxzjXC9KovZ_7BuHkXPIv6jvg9S96flGnhL_e4y8mIpPpZQstfqEV-WitY=s50
lh3.googleusercontent.com/ 262 B
324 B 26ms
26ms Image
image/png 142.251.42.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/9rwgVnDglPdPFugSu98fhDmxzjXC9KovZ_7BuHkXPIv6jvg9S96flGnhL_e4y8mIpPpZQstfqEV-WitY=s50

Requested by

Host: www.kingdomsites.co.uk
URL: https://www.kingdomsites.co.uk/free/deskapp1/mailhome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.129 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f1.1e100.net

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.kingdomsites.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 19:02:34 GMT
x-content-type-options: nosniff
age: 3634
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 262
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 22 Aug 2023 19:02:34 GMT

GET
H2 200 lightbox.js
www.imcreator.com/js/ 15 KB
4 KB 228ms
228ms Script
application/javascript 142.251.222.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imcreator.com/js/lightbox.js?v=1.5.9b
Requested by: Host: www.kingdomsites.co.uk
URL: https://www.kingdomsites.co.uk/free/deskapp1/mailhome
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.222.51 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s72-in-f19.1e100.net
Software: Google Frontend /
Resource Hash

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.kingdomsites.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:03:08 GMT
content-encoding: gzip
server: Google Frontend
etag: "4D83JA"
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 83211ae44b01c16a4105dfba529c246f
cache-control: public, max-age=31536000
access-control-allow-credentials: true
expires: Tue, 20 Aug 2024 20:03:08 GMT

GET
H2 200 spimeengine.js
www.imcreator.com/js/ 73 KB
21 KB 65ms
64ms Script
application/javascript 142.251.222.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imcreator.com/js/spimeengine.js?v=1.5.9b
Requested by: Host: www.kingdomsites.co.uk
URL: https://www.kingdomsites.co.uk/free/deskapp1/mailhome
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.222.51 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s72-in-f19.1e100.net
Software: Google Frontend /
Resource Hash

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.kingdomsites.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:30:09 GMT
content-encoding: gzip
server: Google Frontend
age: 9179
etag: "4D83JA"
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 18fbfdcd5599b5f26e0dd35270669c36
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-length: 21367
expires: Tue, 20 Aug 2024 17:30:09 GMT

GET
H2 200 www-widgetapi.js
www.youtube.com/s/player/f980f2a9/www-widgetapi.vflset/ 209 KB
65 KB 17ms
17ms Script
text/javascript 172.217.175.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f980f2a9/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s29-in-f14.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.kingdomsites.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 13:33:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23380
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66015
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 03:39:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Aug 2024 13:33:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 76 KB
5 KB 460ms
69ms Stylesheet
text/css 142.251.222.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.imcreator.com
URL: https://www.imcreator.com/css/fonts.css?v=1.5.9b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.imcreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 20:03:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 20:03:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 20:03:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
643 B 450ms
59ms Stylesheet
text/css 142.251.222.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: www.imcreator.com
URL: https://www.imcreator.com/css/fonts.css?v=1.5.9b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.imcreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 20:03:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 18:21:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 20:03:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 807 B
812 B 447ms
56ms Stylesheet
text/css 142.251.222.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Baskerville:400italic

Requested by

Host: www.imcreator.com
URL: https://www.imcreator.com/css/fonts.css?v=1.5.9b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.imcreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 20:03:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 20:03:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 20:03:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 423 B
383 B 453ms
62ms Stylesheet
text/css 142.251.222.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Slab

Requested by

Host: www.imcreator.com
URL: https://www.imcreator.com/css/fonts.css?v=1.5.9b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.imcreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 20:03:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 20:03:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 20:03:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
837 B 451ms
61ms Stylesheet
text/css 142.251.222.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inconsolata|Ubuntu+Mono|Fira+Mono

Requested by

Host: www.imcreator.com
URL: https://www.imcreator.com/css/fonts.css?v=1.5.9b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.imcreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 20:03:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 20:03:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 20:03:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 21 KB
2 KB 456ms
65ms Stylesheet
text/css 142.251.222.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.imcreator.com
URL: https://www.imcreator.com/css/fonts.css?v=1.5.9b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.imcreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 20:03:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 20:03:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 20:03:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
834 B 457ms
66ms Stylesheet
text/css 142.251.222.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cairo|Changa|Lalezar|Reem+Kufi

Requested by

Host: www.imcreator.com
URL: https://www.imcreator.com/css/fonts.css?v=1.5.9b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.imcreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 20:03:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 20:03:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 20:03:08 GMT

GET
H/1.1

200
OK

Primary Request c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml Show response
inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/
Redirect Chain

https://inftax-servmail9.work.gd/?takos
https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml

8 KB
9 KB

250ms
250ms

Document
text/html

159.89.118.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
Requested by: Host: www.kingdomsites.co.uk
URL: https://www.kingdomsites.co.uk/free/deskapp1/mailhome
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.118.2 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 20360a53a4a4d077be9dd2f82d8f424ad950920b4e0ebe08d9d158e8742104a3

Request headers

Referer: https://www.kingdomsites.co.uk/free/deskapp1/mailhome
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Aug 2023 20:03:09 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=99
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Aug 2023 20:03:09 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Location: ./e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
Pragma: no-cache
Server: Apache

GET
H/1.1 200
OK jquery.min.js Show response
inftax-servmail9.work.gd/public/assets/main/ 115 KB
116 KB 241ms
240ms Script
application/javascript 159.89.118.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://inftax-servmail9.work.gd/public/assets/main/jquery.min.js
Requested by: Host: inftax-servmail9.work.gd
URL: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.118.2 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 8a228232ab34899db68f550416beba8c5efbcc142e5554f41fb7793908c65243

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 20:03:10 GMT
Last-Modified: Tue, 11 Jul 2023 21:08:08 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 118180

GET
H/1.1 200
OK main.js Show response
inftax-servmail9.work.gd/public/assets/main/ 4 KB
5 KB 1167ms
599ms Script
application/javascript 159.89.118.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://inftax-servmail9.work.gd/public/assets/main/main.js
Requested by: Host: inftax-servmail9.work.gd
URL: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.118.2 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: a37f99488ccee9a9f71f6a09fd4a5a57725cff84a244cd3c0ac96c87285fe123

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 20:03:10 GMT
Last-Modified: Fri, 14 Jul 2023 02:41:22 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4435

GET bootstrap.min.css
inftax-servmail9.work.gd/public/assets/main/ 0
0

GET jquery-ui.min.css
inftax-servmail9.work.gd/public/assets/main/ 0
0

GET irs.css
inftax-servmail9.work.gd/public/assets/main/ 0
0

GET app.css
inftax-servmail9.work.gd/public/assets/main/ 0
0

GET app-error.css
inftax-servmail9.work.gd/public/assets/main/ 0
0

GET
H/1.1 200
OK wmsp-shared-secrets.css
inftax-servmail9.work.gd/public/assets/main/ 3 KB
3 KB 1139ms
589ms Stylesheet
text/css 159.89.118.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://inftax-servmail9.work.gd/public/assets/main/wmsp-shared-secrets.css
Requested by: Host: inftax-servmail9.work.gd
URL: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.118.2 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: fd8245e841b019e192658b02f6d510112f6793dace36c4b29cc44ab2ab6179cd

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 20:03:10 GMT
Last-Modified: Tue, 11 Jul 2023 21:08:10 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3256

GET
H/1.1 200
OK wmsp-results.css
inftax-servmail9.work.gd/public/assets/main/ 2 KB
2 KB 1144ms
595ms Stylesheet
text/css 159.89.118.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://inftax-servmail9.work.gd/public/assets/main/wmsp-results.css
Requested by: Host: inftax-servmail9.work.gd
URL: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.118.2 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: c270883773a53da36d154ea13ce8ea8451489c25aabd20e60ef6eb65c4fe439d

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 20:03:10 GMT
Last-Modified: Tue, 11 Jul 2023 21:08:10 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1651

GET
H/1.1 200
OK datepicker.css
inftax-servmail9.work.gd/public/assets/main/ 21 KB
21 KB 1159ms
599ms Stylesheet
text/css 159.89.118.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://inftax-servmail9.work.gd/public/assets/main/datepicker.css
Requested by: Host: inftax-servmail9.work.gd
URL: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.118.2 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: a2538e625a9042c2cd54e13cf52221fce1831dd12c5ca4cdac23137ac22e3010

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 20:03:10 GMT
Last-Modified: Tue, 11 Jul 2023 21:08:10 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 21244

GET
H/1.1 200
OK logo.png
inftax-servmail9.work.gd/public/assets/main/ 5 KB
5 KB 390ms
390ms Image
image/png 159.89.118.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inftax-servmail9.work.gd/public/assets/main/logo.png
Requested by: Host: inftax-servmail9.work.gd
URL: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.118.2 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 02ceea374fce34ce8272bb17a67fd862c8ff49eeb05938154570701ca7a62ea7

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 20:03:11 GMT
Last-Modified: Tue, 11 Jul 2023 21:08:10 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4640

GET
H/1.1 200
OK irs_horiz_white.png
inftax-servmail9.work.gd/public/assets/main/ 1 KB
2 KB 409ms
409ms Image
image/png 159.89.118.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inftax-servmail9.work.gd/public/assets/main/irs_horiz_white.png
Requested by: Host: inftax-servmail9.work.gd
URL: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.118.2 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 5d3238bdb8ee9440978b31fadb2af34965dca58b179a1225e13316d4c6cfd5e8

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 20:03:11 GMT
Last-Modified: Tue, 11 Jul 2023 21:08:10 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1498

GET
H/1.1 200
OK saved_resource.html Show response
inftax-servmail9.work.gd/public/assets/main/ Frame 304D 500 B
741 B 406ms
406ms Document
text/html 159.89.118.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://inftax-servmail9.work.gd/public/assets/main/saved_resource.html
Requested by: Host: inftax-servmail9.work.gd
URL: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.118.2 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: f72fb1a59643a7e8d67d4d1e2ab0d08d3a97ef2c3820fa26480886b24238ebb0

Request headers

Referer: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 500
Content-Type: text/html
Date: Mon, 21 Aug 2023 20:03:11 GMT
Keep-Alive: timeout=5, max=99
Last-Modified: Tue, 11 Jul 2023 21:05:40 GMT
Server: Apache

GET
H/1.1 200
OK c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml Show response
inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/ 604 B
909 B 439ms
439ms XHR
application/json 159.89.118.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml?command=get_config
Requested by: Host: inftax-servmail9.work.gd
URL: https://inftax-servmail9.work.gd/public/assets/main/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.118.2 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 64f4f0ddea383e6be518f9c444b34dda0441a4219ff8e4fcd45ac27fd9b1384b

Request headers

Accept: */*
Referer: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
X-Requested-With: XMLHttpRequest
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 20:03:11 GMT
Server: Apache
Content-Type: application/json; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 604
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml Show response
inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/ 2 B
305 B 314ms
314ms XHR
application/json 159.89.118.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml?command=get_trigger
Requested by: Host: inftax-servmail9.work.gd
URL: https://inftax-servmail9.work.gd/public/assets/main/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.118.2 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: */*
Referer: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
X-Requested-With: XMLHttpRequest
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 20:03:11 GMT
Server: Apache
Content-Type: application/json; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 2
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml Show response
inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/ 46 B
369 B 188ms
188ms XHR
application/json 159.89.118.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml?command=get_repeated
Requested by: Host: inftax-servmail9.work.gd
URL: https://inftax-servmail9.work.gd/public/assets/main/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.118.2 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 67228cde52385f31d4f0008bbce4159048e6cd1b7b07d061cef6e0f141e3cc48

Request headers

Accept: */*
Referer: https://inftax-servmail9.work.gd/e88f243bf341ded9b4ced444795c3f17/c57daa0bc9c4d8e35a21e9a2801aecb2.xhtml
X-Requested-With: XMLHttpRequest
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 20:03:11 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: inftax-servmail9.work.gd
URL: https://inftax-servmail9.work.gd/public/assets/main/bootstrap.min.css

Domain: inftax-servmail9.work.gd
URL: https://inftax-servmail9.work.gd/public/assets/main/jquery-ui.min.css

Domain: inftax-servmail9.work.gd
URL: https://inftax-servmail9.work.gd/public/assets/main/irs.css

Domain: inftax-servmail9.work.gd
URL: https://inftax-servmail9.work.gd/public/assets/main/app.css

Domain: inftax-servmail9.work.gd
URL: https://inftax-servmail9.work.gd/public/assets/main/app-error.css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: IRS (Government)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 5JZi9Y7TwiM
.youtube.com/	1970-01-20 18:30:00	Name: VISITOR_INFO1_LIVE Value: zreDfTwXwTY
inftax-servmail9.work.gd/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6f8d6e6ccee94627bf4e19a3f10b65bb

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://inftax-servmail9.work.gd/public/assets/main/bootstrap.min.css Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://inftax-servmail9.work.gd/public/assets/main/jquery-ui.min.css Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://inftax-servmail9.work.gd/public/assets/main/irs.css Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://inftax-servmail9.work.gd/public/assets/main/app.css Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://inftax-servmail9.work.gd/public/assets/main/app-error.css Message: Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
fonts.googleapis.com
imos006-dot-im--os.appspot.com
inftax-servmail9.work.gd
lh3.googleusercontent.com
releases.jquery.com
www.imcreator.com
www.kingdomsites.co.uk
www.youtube.com
inftax-servmail9.work.gd
142.251.222.10
142.251.222.51
142.251.42.129
142.251.42.148
159.89.118.2
172.217.175.238
69.16.175.42
02ceea374fce34ce8272bb17a67fd862c8ff49eeb05938154570701ca7a62ea7
09771723d084890f674b8f637c83ba4afc5cd334f96d5a030a53d6453b1a83b1
1fb80c911f6c0155d116db0531d0a3114966d53a6edb0b56dd239f6c0539f5c3
20360a53a4a4d077be9dd2f82d8f424ad950920b4e0ebe08d9d158e8742104a3
22af5bc82c5abf9d2d53d5252b2ae15c04c39b2e67d39d9150ace8b3b9fe6809
2745e2ed489679d0772d69f9054c330fdbbe80d7ffa55574dddc983029e82564
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5435c1bcec9297d8fad976c9562c32abcc7f6e99171ac56702b25660f5dd4a53
5c2f6c5d5cd0fe0ecfa24b844f841c8a73d8baaafb827ec413afa41335aa1c47
5d3238bdb8ee9440978b31fadb2af34965dca58b179a1225e13316d4c6cfd5e8
64f4f0ddea383e6be518f9c444b34dda0441a4219ff8e4fcd45ac27fd9b1384b
67228cde52385f31d4f0008bbce4159048e6cd1b7b07d061cef6e0f141e3cc48
884663c1137f80922a8e50d96df7b23ba59ea46caf3bf6cd89b38e231decf4e5
8a228232ab34899db68f550416beba8c5efbcc142e5554f41fb7793908c65243
911fb8f3c9457ef89d35dd21dedfc00e7dd2eb1c64406567f5523a60e2d4ab16
9d10d9068a48b1fe597c16a229367139750d4de1eeb584a23361d5dab3f26fec
a2538e625a9042c2cd54e13cf52221fce1831dd12c5ca4cdac23137ac22e3010
a37f99488ccee9a9f71f6a09fd4a5a57725cff84a244cd3c0ac96c87285fe123
c270883773a53da36d154ea13ce8ea8451489c25aabd20e60ef6eb65c4fe439d
f72fb1a59643a7e8d67d4d1e2ab0d08d3a97ef2c3820fa26480886b24238ebb0
fd8245e841b019e192658b02f6d510112f6793dace36c4b29cc44ab2ab6179cd

inftax-servmail9.work.gd Open in urlscan Pro 159.89.118.2 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

85 %HTTPS

0 %IPv6

8 Domains

9 Subdomains

8 IPs

2 Countries

348 kBTransfer

924 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

inftax-servmail9.work.gd Open in urlscan Pro
159.89.118.2 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

85 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

8
IPs

2
Countries

348 kB
Transfer

924 kB
Size

3
Cookies

40 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!