mail.raiznitrox4.online Open in urlscan Pro
172.67.197.187 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mail.raiznitrox4.online/
Submission Tags: phishingrod
Submission: On August 10 via api (August 10th 2024, 12:36:02 am UTC) from DE — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 17 HTTP transactions. The main IP is 172.67.197.187, located in United States and belongs to CLOUDFLARENET, US. The main domain is mail.raiznitrox4.online.
TLS certificate: Issued by WE1 on August 8th 2024. Valid for: 3 months.

This is the only time mail.raiznitrox4.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	172.67.197.187 172.67.197.187	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2400:52e0:1e0... 2400:52e0:1e00::1080:1	60068 (CDN77 _) (CDN77 _)
1	104.18.187.31 104.18.187.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
17	9

3 172.67.197.187 (United States)

ASN13335 (CLOUDFLARENET, US)

mail.raiznitrox4.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1080:1 (Germany)

ASN60068 (CDN77 _, GB)

media.atomicatpages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.187.31 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	raiznitrox4.online mail.raiznitrox4.online	19 KB
2	gstatic.com fonts.gstatic.com	61 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 84
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	154 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	123 KB
1	atomicatpages.com media.atomicatpages.com — Cisco Umbrella Rank: 277676 cdn.atomicatpages.com Failed	25 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
17	7

	Domain	Requested by
3	mail.raiznitrox4.online	mail.raiznitrox4.online
2	fonts.gstatic.com	fonts.googleapis.com
2	www.youtube.com	mail.raiznitrox4.online
2	cdnjs.cloudflare.com	mail.raiznitrox4.online
2	cdn.jsdelivr.net	mail.raiznitrox4.online cdn.jsdelivr.net
1	media.atomicatpages.com	mail.raiznitrox4.online
1	fonts.googleapis.com	mail.raiznitrox4.online
0	cdn.atomicatpages.com Failed	mail.raiznitrox4.online
17	8

This site contains no links.

Subject Issuer	Validity	Valid
raiznitrox4.online WE1	`2024-08-08` - `2024-11-06`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
media.atomicatpages.com R10	`2024-08-05` - `2024-11-03`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://mail.raiznitrox4.online/
Frame ID: 815ACB6447E1836869D9EFC81605B8C8
Requests: 15 HTTP requests in this frame

Frame: https://www.youtube.com/embed/SPBcDqLaO94&t?controls=0&autoplay=1&rel=0&controls=0&showinfo=0&playsinline=1&&enablejsapi=1
Frame ID: 1E48881127A1F957BA22E7763817D098
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/b9VimjG1TTQ?controls=0&rel=0&controls=0&showinfo=0&playsinline=1&&enablejsapi=1
Frame ID: 8D704BAD638AB54AA4D3AA8A79B9A6CA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

17
Requests

76 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

383 kB
Transfer

1026 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
mail.raiznitrox4.online/ 94 KB
13 KB 288ms
255ms Document
text/html 172.67.197.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.raiznitrox4.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.197.187 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aabf85ee1ca1642a618179c375fbc0f91e4dd8469b282ad57f35a03602cbce68

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b0be8af1bb05d88-FRA
content-encoding: br
content-type: text/html
date: Sat, 10 Aug 2024 00:35:58 GMT
last-modified: Mon, 10 Jun 2024 19:42:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JaXxy6yjHiV1n4tWUzlD6oLGK3l5yxwBmwqszNNtFHGITcVTzaGXpOT3AdSFGbE%2Fy0NokdP1xSbBHQTNsBjPLUfo1msDYvPlFVqptLMd%2BYrZkVXOEPdC7MGv11R%2Fp7EUI6njeC1CLec03A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/ 87 KB
12 KB 44ms
17ms Stylesheet
text/css 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/bootstrap-icons.css

Requested by

Host: mail.raiznitrox4.online
URL: https://mail.raiznitrox4.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0cf9bd878febf2ff6279b59f696031deb8f0f9f4ab1a1199f55d78f7c558638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mail.raiznitrox4.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 00:35:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8408074
x-jsd-version: 1.9.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11979
x-served-by: cache-fra-eddf8230111-FRA, cache-lga21937-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"15a09-bhLh682YP4SOXCgKt3ZJ7rROdLw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RpH8wZ10eTUFTt%2By4UstEyneNcdI%2FpnmEKTrOht9Vx%2BWvzVeUGZbUh6EhBku4w8i07Eu5hRdkfPaMJvMk0L1oZSGEr0mWW1jF7jzM3iZMun0L9ZsZmESaMKbwzy182%2BA7upvPITi%2FzMj2IgRF%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b0be8b0dea04d61-FRA

GET
H3 200 video.min.js Show response
cdnjs.cloudflare.com/ajax/libs/video.js/8.5.2/ 582 KB
143 KB 40ms
16ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/8.5.2/video.min.js

Requested by

Host: mail.raiznitrox4.online
URL: https://mail.raiznitrox4.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae02049b08cb94f5288b8f912cbe32dc1eeb4247a02208985b03210688140708

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://mail.raiznitrox4.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 00:35:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 619472
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 145467
last-modified: Tue, 15 Aug 2023 10:08:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64db4e99-2383b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=noxhPM78%2FjHSy%2B96uhMoecmFp%2FJ7xuey1LSdRegFu4iGTEI4XBZNARftlPhd0RxST6sj9mXUC3xgvg0ASpmHg2BPPdLpLG2Fo4GlG6pG9S%2FoyS81Pz8IaBg6ZmdNx%2FNZtbRQyP3o"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b0be8b0d968362c-FRA
expires: Thu, 31 Jul 2025 00:35:58 GMT

GET
H3 200 video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/8.5.2/ 45 KB
11 KB 30ms
23ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/8.5.2/video-js.min.css

Requested by

Host: mail.raiznitrox4.online
URL: https://mail.raiznitrox4.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f8971ab91aad6e51d4d9a6a1fdf8819d0a2bbd28e40b00d27026d4098d5c990

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://mail.raiznitrox4.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 00:35:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 105988
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10789
last-modified: Tue, 15 Aug 2023 10:08:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64db4e99-2a25"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zQwcoUgLWH5ytVJFeyo6hKD1eRXGHuYjXy8Rl9Jke4qncLHynjfiHRYACVNjV24kQ44hiyqAiQHN5FvJGMaFa8xTMxbOASIsyeeRfV4Q5ME%2FXWqllq%2BQkmeUfu5fm2qjlTqN%2BVFx"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b0be8b0d967362c-FRA
expires: Thu, 31 Jul 2025 00:35:58 GMT

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 70ms
26ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:wght@300;400;500;600;700;800&family=Pathway+Gothic%20One:wght@300;400;500;600;700;800&family=Pathway+Gothic%20One:wght@300;400;500;600;700;800&display=swap

Requested by

Host: mail.raiznitrox4.online
URL: https://mail.raiznitrox4.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d18cc08b3190b624e1a20e49b31e2cd6bf1e8f4afd0e85ef16025bd61f1c312

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mail.raiznitrox4.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 10 Aug 2024 00:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 10 Aug 2024 00:35:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Aug 2024 00:35:58 GMT

GET
H2 200 SPBcDqLaO94&t
www.youtube.com/embed/ Frame 1E48 0
0 99ms
52ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/SPBcDqLaO94&t?controls=0&autoplay=1&rel=0&controls=0&showinfo=0&playsinline=1&&enablejsapi=1

Requested by

Host: mail.raiznitrox4.online
URL: https://mail.raiznitrox4.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.raiznitrox4.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Aug 2024 00:35:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 b9VimjG1TTQ
www.youtube.com/embed/ Frame 8D70 0
0 184ms
139ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/b9VimjG1TTQ?controls=0&rel=0&controls=0&showinfo=0&playsinline=1&&enablejsapi=1

Requested by

Host: mail.raiznitrox4.online
URL: https://mail.raiznitrox4.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.raiznitrox4.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-SyyYSj9dl3Hv1A_07Oa_nQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Aug 2024 00:35:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 email-decode.min.js Show response
mail.raiznitrox4.online/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
9ms Script
application/javascript 172.67.197.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.raiznitrox4.online/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: mail.raiznitrox4.online
URL: https://mail.raiznitrox4.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.197.187 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mail.raiznitrox4.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 00:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Aug 2024 10:21:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b1f945-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zHTZlMJncRgyPfpxrguvj5xsqZZ2dgmwnpxghzj7sewzJIX82ZN%2BJft3MIVPNWH1UWxQoUyUIJK1rg2hBZiX9td1LdxByo7y0SYAZTWDGJtLdb6PcJP0tv8SnIm9AUUP0Rf%2Fot26j5PvIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8b0be8b0dcab5d88-FRA
expires: Mon, 12 Aug 2024 00:35:58 GMT

GET
H3 200 ExSPMJ4175711.js Show response
mail.raiznitrox4.online/js/ 12 KB
5 KB 260ms
259ms Script
application/javascript 172.67.197.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.raiznitrox4.online/js/ExSPMJ4175711.js
Requested by: Host: mail.raiznitrox4.online
URL: https://mail.raiznitrox4.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.197.187 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daa0637128d71157047e90ac6903b97a7446f71fc89e5c05eff7a51765ada174

Request headers

Referer: https://mail.raiznitrox4.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 00:35:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 10 Jun 2024 19:42:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2BAa7HTgqXvob%2FOnCATXRruBvlvpMRFPvzRMzkf3eQ4Lvx9WAJ%2F31qGXMlp3gnUeTWizYGoKUOO7se%2FwyTstjSd0m1m24iZ3Gj4Z%2FhAuuA5irsnbJF7NyNaq0dmYzNta%2FORLntdbUH87dA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8b0be8b0dcad5d88-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 17 Aug 2024 00:35:58 GMT

GET
H2 200 whEBoI9172551.jpeg
media.atomicatpages.com/u/YgiEC5vhUfWYWr7NeVpiT0q6yFJ3/l/ 25 KB
25 KB 79ms
28ms Image
image/webp 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.atomicatpages.com/u/YgiEC5vhUfWYWr7NeVpiT0q6yFJ3/l/whEBoI9172551.jpeg
Requested by: Host: mail.raiznitrox4.online
URL: https://mail.raiznitrox4.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 4576fdc9228b55c14689732c714b72c41c95cc1ae579fc26d276e2df67600fa1

Request headers

Referer: https://mail.raiznitrox4.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 00:35:58 GMT
x-downloadsize: 549520
cdn-edgestorageid: 1082
x-bo-processingtime: 77
x-bo-version: 1.0.24
cdn-cachedat: 07/31/2024 03:47:37
cdn-pullzone: 1770958
content-length: 25118
x-bo-server: DE-262
last-modified: Wed, 31 Jul 2024 03:47:37 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 18
content-type: image/webp
cdn-cache: HIT
cdn-uid: 79663dcb-f1ac-47d2-a40f-a1b818ddf98f
cache-control: public, max-age=31919000
x-bo-compressionratio: 95.43%
cdn-requestid: e0fbee0ea96303e79c145e483ea41ce3
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET zQroCy5422757.svg+xml
media.atomicatpages.com/u/YgiEC5vhUfWYWr7NeVpiT0q6yFJ3/l/ 0
0

GET
H3 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/fonts/ 110 KB
111 KB 35ms
19ms Font
font/woff2 104.18.187.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/fonts/bootstrap-icons.woff2?8d200481aa7f02a2d63a331fc782cfaf

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/bootstrap-icons.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.187.31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c69bf1ccae5f13b5aa4345dcfeb209a8148ad0bfa1e0678b93792aae0429c764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/bootstrap-icons.css
Origin: https://mail.raiznitrox4.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 00:35:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5127666
x-jsd-version: 1.9.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 112440
x-served-by: cache-fra-eddf8230095-FRA, cache-lga21920-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"1b738-OihLBhh3Hynajra+kA6ZQ5JT3OA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OGuzmwKd2hJq%2Bu66de1u%2BUmp9PotXPDXh0hcfUNgoFydO4Pq4XSoATbd6cqXZO8AwhukDJ5GV4tlVu1cw4OuHGK73g97pKvTZfIzNVMJgY6dYIICDT2cWM4LanW1S5YjpPk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b0be8b159955d8d-FRA

GET YYGAJA8121922.svg+xml
media.atomicatpages.com/u/YgiEC5vhUfWYWr7NeVpiT0q6yFJ3/l/ 0
0

GET KPoICX0094027.svg+xml
media.atomicatpages.com/u/YgiEC5vhUfWYWr7NeVpiT0q6yFJ3/l/ 0
0

GET
H2 200 MwQrbgD32-KAvjkYGNUUxAtW7pEBwx-tS1Zf.woff2
fonts.gstatic.com/s/pathwaygothicone/v15/ 14 KB
14 KB 80ms
36ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/pathwaygothicone/v15/MwQrbgD32-KAvjkYGNUUxAtW7pEBwx-tS1Zf.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:wght@300;400;500;600;700;800&family=Pathway+Gothic%20One:wght@300;400;500;600;700;800&family=Pathway+Gothic%20One:wght@300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

021641f5d569e5139c323e6b304146005220ffb45dfc9381ea010324f729c8d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.raiznitrox4.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 13:14:11 GMT
x-content-type-options: nosniff
age: 213707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13968
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:01:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Aug 2025 13:14:11 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 47 KB
48 KB 57ms
13ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.raiznitrox4.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:51:50 GMT
x-content-type-options: nosniff
age: 305048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48336
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:31:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Aug 2025 11:51:50 GMT

GET a.js
cdn.atomicatpages.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: media.atomicatpages.com
URL: https://media.atomicatpages.com/u/YgiEC5vhUfWYWr7NeVpiT0q6yFJ3/l/zQroCy5422757.svg+xml

Domain: media.atomicatpages.com
URL: https://media.atomicatpages.com/u/YgiEC5vhUfWYWr7NeVpiT0q6yFJ3/l/YYGAJA8121922.svg+xml

Domain: media.atomicatpages.com
URL: https://media.atomicatpages.com/u/YgiEC5vhUfWYWr7NeVpiT0q6yFJ3/l/KPoICX0094027.svg+xml

Domain: cdn.atomicatpages.com
URL: https://cdn.atomicatpages.com/a.js?cache=34671

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: G7A7f88716A
.youtube.com/	1970-01-21 03:00:02	Name: VISITOR_INFO1_LIVE Value: P2DJ0A3q8HU
.youtube.com/	1970-01-21 03:00:02	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgaw%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.atomicatpages.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
mail.raiznitrox4.online
media.atomicatpages.com
www.youtube.com
cdn.atomicatpages.com
media.atomicatpages.com
104.17.25.14
104.18.187.31
172.67.197.187
2400:52e0:1e00::1080:1
2606:4700::6812:bb1f
2a00:1450:4001:812::2003
2a00:1450:4001:827::200e
2a00:1450:4001:830::200a
021641f5d569e5139c323e6b304146005220ffb45dfc9381ea010324f729c8d1
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2f8971ab91aad6e51d4d9a6a1fdf8819d0a2bbd28e40b00d27026d4098d5c990
4576fdc9228b55c14689732c714b72c41c95cc1ae579fc26d276e2df67600fa1
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
5d18cc08b3190b624e1a20e49b31e2cd6bf1e8f4afd0e85ef16025bd61f1c312
aabf85ee1ca1642a618179c375fbc0f91e4dd8469b282ad57f35a03602cbce68
ae02049b08cb94f5288b8f912cbe32dc1eeb4247a02208985b03210688140708
c69bf1ccae5f13b5aa4345dcfeb209a8148ad0bfa1e0678b93792aae0429c764
daa0637128d71157047e90ac6903b97a7446f71fc89e5c05eff7a51765ada174
f0cf9bd878febf2ff6279b59f696031deb8f0f9f4ab1a1199f55d78f7c558638

mail.raiznitrox4.online Open in urlscan Pro 172.67.197.187 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

17 Requests

76 %HTTPS

63 %IPv6

7 Domains

8 Subdomains

9 IPs

3 Countries

383 kBTransfer

1026 kBSize

3 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

3 Cookies

Indicators

mail.raiznitrox4.online Open in urlscan Pro
172.67.197.187 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

76 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

383 kB
Transfer

1026 kB
Size

3
Cookies

17 HTTP transactions
0 data transactions