urlscan.io logo urlscan.io
SecurityTrails logo

mailservices.xyz Open in urlscan Pro
199.188.201.146  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_Sig...
Submission Tags: @jcybersec_
Submission: On June 12 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 26 HTTP transactions. The main IP is 199.188.201.146, located in Los Angeles, United States and belongs to NAMECHEAP-NET, US. The main domain is mailservices.xyz.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 10th 2020. Valid for: a year.
This is the only time mailservices.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: 1&1 Ionos (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
2 199.188.201.146 22612 (NAMECHEAP...)
10 63.250.38.73 22612 (NAMECHEAP...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
10 213.165.66.58 8560 (ONEANDONE...)
26 5
2    199.188.201.146 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium110-2.web-hosting.com
mailservices.xyz
10    63.250.38.73 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium92-3.web-hosting.com
youmustlast.website
2    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
10    213.165.66.58 (Germany)

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: ce1.uicdn.net
ce1.uicdn.net
Domain Requested by
10 ce1.uicdn.net mailservices.xyz
10 youmustlast.website mailservices.xyz
2 code.jquery.com mailservices.xyz
2 ajax.googleapis.com mailservices.xyz
2 mailservices.xyz mailservices.xyz
26 5

This site contains no links.

Subject Issuer Validity Valid
mailservices.xyz
Sectigo RSA Domain Validation Secure Server CA		 2020-06-10 -
2021-06-10		 a year crt.sh
youmustlast.website
Sectigo RSA Domain Validation Secure Server CA		 2020-01-16 -
2021-01-15		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
ce1.uicdn.net
GeoTrust RSA CA 2018		 2020-03-03 -
2022-03-08		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Frame ID: C353B548E91B61436A6B074FDD95A9DF
Requests: 13 HTTP requests in this frame

Frame: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Frame ID: 7FD86F7337C754AD18AE7E5FAA9CF60B
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

26
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

725 kB
Transfer

1355 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php
mailservices.xyz/ 		32 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.188.201.146 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium110-2.web-hosting.com
Software
Apache / PHP/5.6.40
Resource Hash
fd8a9cef8bfc6c31dd6dc5745fc3061099aec648d910d0f846f932a999fb869d

Request headers

:method
GET
:authority
mailservices.xyz
:scheme
https
:path
/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 12 Jun 2020 20:12:24 GMT
server
Apache
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
content-encoding
gzip
content-length
6522
content-type
text/html; charset=UTF-8
ionos.min.css
youmustlast.website/wassets/ 		167 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://youmustlast.website/wassets/ionos.min.css
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.73 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium92-3.web-hosting.com
Software
Apache /
Resource Hash
36becb1b57147f7262c14936640663bdff570ed6104933bd9b0a0ab930f96f8d

Request headers

Referer
https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 20:12:24 GMT
content-encoding
gzip
last-modified
Wed, 20 May 2020 09:05:51 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
24751
initial.css
youmustlast.website/wassets/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://youmustlast.website/wassets/initial.css
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.73 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium92-3.web-hosting.com
Software
Apache /
Resource Hash
c94fea6295e7333355c46296dad3f71b18e5e079b81a2e9e78587ee7718c4af4

Request headers

Referer
https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 20:12:24 GMT
content-encoding
gzip
last-modified
Wed, 20 May 2020 09:05:46 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
2753
statuspage.css
youmustlast.website/wassets/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://youmustlast.website/wassets/statuspage.css
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.73 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium92-3.web-hosting.com
Software
Apache /
Resource Hash
a2324d78fa23878b6ad03de16af33e37576a1b76e1d722c3822f8099ea17f9c0

Request headers

Referer
https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 20:12:24 GMT
content-encoding
gzip
last-modified
Wed, 20 May 2020 09:06:02 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
1177
ionos.min.js
youmustlast.website/wassets/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://youmustlast.website/wassets/ionos.min.js
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.73 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium92-3.web-hosting.com
Software
Apache /
Resource Hash
25b15027286b25d5b9fe68d4dc3cfa1622dee857dfe288b7cdf29755fd84ee7d

Request headers

Referer
https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 20:12:24 GMT
content-encoding
gzip
last-modified
Wed, 20 May 2020 09:05:56 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
6909
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 10 Jun 2020 08:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216341
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jun 2021 08:06:43 GMT
jquery-3.1.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.1.1.min.js
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Referer
https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Fri, 12 Jun 2020 20:12:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Sep 2016 22:32:34 GMT
Server
nginx
ETag
W/"57e45c02-152b5"
Vary
Accept-Encoding
X-HW
1591992744.dop033.fr8.t,1591992744.cds014.fr8.shn,1591992744.cds014.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30070
MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php
mailservices.xyz/ Frame 7FD8 		32 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.188.201.146 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium110-2.web-hosting.com
Software
Apache / PHP/5.6.40
Resource Hash
fd8a9cef8bfc6c31dd6dc5745fc3061099aec648d910d0f846f932a999fb869d

Request headers

:method
GET
:authority
mailservices.xyz
:scheme
https
:path
/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com

Response headers

status
200
date
Fri, 12 Jun 2020 20:12:25 GMT
server
Apache
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
content-encoding
gzip
content-length
6522
content-type
text/html; charset=UTF-8
windows.png
youmustlast.website/wassets/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://youmustlast.website/wassets/windows.png
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.73 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium92-3.web-hosting.com
Software
Apache /
Resource Hash
d0bdfe91c0ef1663d6f5c91f71bc5d92e44fc8359221fa6ace4fad96672e1c1d

Request headers

Referer
https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 12 Jun 2020 20:12:25 GMT
last-modified
Wed, 20 May 2020 09:06:07 GMT
server
Apache
accept-ranges
bytes
content-length
5617
content-type
image/png
overpass-regular.woff
ce1.uicdn.net/exos/fonts/overpass/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ce1.uicdn.net/exos/fonts/overpass/overpass-regular.woff
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.165.66.58 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
ce1.uicdn.net
Software
Apache /
Resource Hash
d78e7ad4838a9fb4db11451b1db78ccd0b0c7b28f5787684ce2870918ce27bb5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://youmustlast.website/wassets/ionos.min.css
Origin
https://mailservices.xyz

Response headers

date
Fri, 12 Jun 2020 20:12:25 GMT
last-modified
Tue, 12 Jun 2018 09:26:06 GMT
server
Apache
status
200
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
42580
expires
Sat, 12 Jun 2021 20:12:25 GMT
opensans-regular.woff
ce1.uicdn.net/exos/fonts/open-sans/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ce1.uicdn.net/exos/fonts/open-sans/opensans-regular.woff
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.165.66.58 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
ce1.uicdn.net
Software
Apache /
Resource Hash
2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://youmustlast.website/wassets/ionos.min.css
Origin
https://mailservices.xyz

Response headers

date
Fri, 12 Jun 2020 20:12:25 GMT
last-modified
Tue, 12 Jun 2018 09:26:07 GMT
server
Apache
status
200
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
63712
expires
Sat, 12 Jun 2021 20:12:25 GMT
exos-icon-font.woff
ce1.uicdn.net/exos/icons/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ce1.uicdn.net/exos/icons/exos-icon-font.woff?v=5
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.165.66.58 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
ce1.uicdn.net
Software
Apache /
Resource Hash
b2c8697ee2d90ad32dc069c43694ca9143c109e5aa354a0fdec686dcaa50bd2e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://youmustlast.website/wassets/ionos.min.css
Origin
https://mailservices.xyz

Response headers

date
Fri, 12 Jun 2020 20:12:25 GMT
last-modified
Fri, 07 Feb 2020 11:21:22 GMT
server
Apache
status
200
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
48128
expires
Sat, 12 Jun 2021 20:12:25 GMT
opensans-bold.woff
ce1.uicdn.net/exos/fonts/open-sans/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ce1.uicdn.net/exos/fonts/open-sans/opensans-bold.woff
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.165.66.58 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
ce1.uicdn.net
Software
Apache /
Resource Hash
7d7a1a8ec55f31a6674fd2e2c41bcc6421a9aeb5cf161c6e93363f31347160f9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://youmustlast.website/wassets/ionos.min.css
Origin
https://mailservices.xyz

Response headers

date
Fri, 12 Jun 2020 20:12:25 GMT
last-modified
Tue, 12 Jun 2018 09:26:07 GMT
server
Apache
status
200
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
63564
expires
Sat, 12 Jun 2021 20:12:25 GMT
overpass-bold.woff
ce1.uicdn.net/exos/fonts/overpass/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ce1.uicdn.net/exos/fonts/overpass/overpass-bold.woff
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.165.66.58 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
ce1.uicdn.net
Software
Apache /
Resource Hash
7afccd9150b0fcbf1a1056e6cc6051c9b6d85a55da7bf1a7fb0f475c0b22facc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://youmustlast.website/wassets/ionos.min.css
Origin
https://mailservices.xyz

Response headers

date
Fri, 12 Jun 2020 20:12:25 GMT
last-modified
Tue, 12 Jun 2018 09:26:06 GMT
server
Apache
status
200
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
42092
expires
Sat, 12 Jun 2021 20:12:25 GMT
ionos.min.css
youmustlast.website/wassets/ Frame 7FD8 		167 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://youmustlast.website/wassets/ionos.min.css
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.73 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium92-3.web-hosting.com
Software
Apache /
Resource Hash
36becb1b57147f7262c14936640663bdff570ed6104933bd9b0a0ab930f96f8d

Request headers

Referer
https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 20:12:25 GMT
content-encoding
gzip
last-modified
Wed, 20 May 2020 09:05:51 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
24751
initial.css
youmustlast.website/wassets/ Frame 7FD8 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://youmustlast.website/wassets/initial.css
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.73 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium92-3.web-hosting.com
Software
Apache /
Resource Hash
c94fea6295e7333355c46296dad3f71b18e5e079b81a2e9e78587ee7718c4af4

Request headers

Referer
https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 20:12:25 GMT
content-encoding
gzip
last-modified
Wed, 20 May 2020 09:05:46 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
2753
statuspage.css
youmustlast.website/wassets/ Frame 7FD8 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://youmustlast.website/wassets/statuspage.css
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.73 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium92-3.web-hosting.com
Software
Apache /
Resource Hash
a2324d78fa23878b6ad03de16af33e37576a1b76e1d722c3822f8099ea17f9c0

Request headers

Referer
https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 20:12:25 GMT
content-encoding
gzip
last-modified
Wed, 20 May 2020 09:06:02 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
1177
ionos.min.js
youmustlast.website/wassets/ Frame 7FD8 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://youmustlast.website/wassets/ionos.min.js
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.73 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium92-3.web-hosting.com
Software
Apache /
Resource Hash
25b15027286b25d5b9fe68d4dc3cfa1622dee857dfe288b7cdf29755fd84ee7d

Request headers

Referer
https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 20:12:25 GMT
content-encoding
gzip
last-modified
Wed, 20 May 2020 09:05:56 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
6909
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame 7FD8 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 08:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216342
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jun 2021 08:06:43 GMT
jquery-3.1.1.min.js
code.jquery.com/ Frame 7FD8 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.1.1.min.js
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Referer
https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Jun 2020 20:12:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Sep 2016 22:32:34 GMT
Server
nginx
ETag
W/"57e45c02-152b5"
Vary
Accept-Encoding
X-HW
1591992744.dop033.fr8.t,1591992745.cds014.fr8.shn,1591992745.cds014.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30070
windows.png
youmustlast.website/wassets/ Frame 7FD8 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://youmustlast.website/wassets/windows.png
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.73 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium92-3.web-hosting.com
Software
Apache /
Resource Hash
d0bdfe91c0ef1663d6f5c91f71bc5d92e44fc8359221fa6ace4fad96672e1c1d

Request headers

Referer
https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 12 Jun 2020 20:12:25 GMT
last-modified
Wed, 20 May 2020 09:06:07 GMT
server
Apache
accept-ranges
bytes
content-length
5617
content-type
image/png
overpass-regular.woff
ce1.uicdn.net/exos/fonts/overpass/ Frame 7FD8 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ce1.uicdn.net/exos/fonts/overpass/overpass-regular.woff
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.165.66.58 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
ce1.uicdn.net
Software
Apache /
Resource Hash
d78e7ad4838a9fb4db11451b1db78ccd0b0c7b28f5787684ce2870918ce27bb5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://youmustlast.website/wassets/ionos.min.css
Origin
https://mailservices.xyz

Response headers

date
Fri, 12 Jun 2020 20:12:25 GMT
last-modified
Tue, 12 Jun 2018 09:26:06 GMT
server
Apache
status
200
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
42580
expires
Sat, 12 Jun 2021 20:12:25 GMT
opensans-regular.woff
ce1.uicdn.net/exos/fonts/open-sans/ Frame 7FD8 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ce1.uicdn.net/exos/fonts/open-sans/opensans-regular.woff
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.165.66.58 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
ce1.uicdn.net
Software
Apache /
Resource Hash
2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://youmustlast.website/wassets/ionos.min.css
Origin
https://mailservices.xyz

Response headers

date
Fri, 12 Jun 2020 20:12:25 GMT
last-modified
Tue, 12 Jun 2018 09:26:07 GMT
server
Apache
status
200
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
63712
expires
Sat, 12 Jun 2021 20:12:25 GMT
exos-icon-font.woff
ce1.uicdn.net/exos/icons/ Frame 7FD8 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ce1.uicdn.net/exos/icons/exos-icon-font.woff?v=5
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.165.66.58 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
ce1.uicdn.net
Software
Apache /
Resource Hash
b2c8697ee2d90ad32dc069c43694ca9143c109e5aa354a0fdec686dcaa50bd2e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://youmustlast.website/wassets/ionos.min.css
Origin
https://mailservices.xyz

Response headers

date
Fri, 12 Jun 2020 20:12:25 GMT
last-modified
Fri, 07 Feb 2020 11:21:22 GMT
server
Apache
status
200
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
48128
expires
Sat, 12 Jun 2021 20:12:25 GMT
opensans-bold.woff
ce1.uicdn.net/exos/fonts/open-sans/ Frame 7FD8 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ce1.uicdn.net/exos/fonts/open-sans/opensans-bold.woff
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.165.66.58 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
ce1.uicdn.net
Software
Apache /
Resource Hash
7d7a1a8ec55f31a6674fd2e2c41bcc6421a9aeb5cf161c6e93363f31347160f9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://youmustlast.website/wassets/ionos.min.css
Origin
https://mailservices.xyz

Response headers

date
Fri, 12 Jun 2020 20:12:25 GMT
last-modified
Tue, 12 Jun 2018 09:26:07 GMT
server
Apache
status
200
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
63564
expires
Sat, 12 Jun 2021 20:12:25 GMT
overpass-bold.woff
ce1.uicdn.net/exos/fonts/overpass/ Frame 7FD8 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ce1.uicdn.net/exos/fonts/overpass/overpass-bold.woff
Requested by
Host: mailservices.xyz
URL: https://mailservices.xyz/MIME-content-Your-University-of-Virginia-payment-plan-reminder-notification.php?l=Onboarding_SignOn==c43a8adeeed0230c2cbd3658436b88c4&DocPreview=c43a8adeeed0230c2cbd3658436b88c4&HosYkssJi=c43a8adeeed0230c2cbd3658436b88c4&dXdid=c43a8adeeed0230c2cbd3658436b88c4&IYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMH=c43a8adeeed0230c2cbd3658436b88c4&osYkssJidXdidIYnMxmwo=c43a8adeeed0230c2cbd3658436b88c4&fLodmAkNOueMHosYkssJidXdidIY&cmd=login_submit&id=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&session=c43a8adeeed0230c2cbd3658436b88c4c43a8adeeed0230c2cbd3658436b88c4&email=esilverman@sossecurity.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.165.66.58 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
ce1.uicdn.net
Software
Apache /
Resource Hash
7afccd9150b0fcbf1a1056e6cc6051c9b6d85a55da7bf1a7fb0f475c0b22facc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://youmustlast.website/wassets/ionos.min.css
Origin
https://mailservices.xyz

Response headers

date
Fri, 12 Jun 2020 20:12:25 GMT
last-modified
Tue, 12 Jun 2018 09:26:06 GMT
server
Apache
status
200
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
42092
expires
Sat, 12 Jun 2021 20:12:25 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: 1&1 Ionos (Telecommunication)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| html string| d function| $ function| jQuery object| Tap object| EXOS

0 Cookies