mail.raiznitrox.online Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mail.raiznitrox.online/
Submission Tags: phishingrod
Submission: On September 06 via api (September 6th 2024, 9:25:33 am UTC) from DE — Scanned from NL

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 18 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is mail.raiznitrox.online.
TLS certificate: Issued by WE1 on July 20th 2024. Valid for: 3 months.

This is the only time mail.raiznitrox.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:5600:b:b1b5:b9c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
18	9

3 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

mail.raiznitrox.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:5600:b:b1b5:b9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

img.imageboss.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	raiznitrox.online mail.raiznitrox.online	19 KB
2	gstatic.com fonts.gstatic.com	14 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	122 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	154 KB
1	imageboss.me img.imageboss.me — Cisco Umbrella Rank: 532707
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 84
0	atomicatpages.com Failed cdn.atomicatpages.com Failed
18	8

	Domain	Requested by
3	mail.raiznitrox.online	mail.raiznitrox.online
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	mail.raiznitrox.online
2	cdn.jsdelivr.net	mail.raiznitrox.online cdn.jsdelivr.net
2	cdnjs.cloudflare.com	mail.raiznitrox.online
1	img.imageboss.me	mail.raiznitrox.online
1	www.youtube.com	mail.raiznitrox.online
0	cdn.atomicatpages.com Failed	mail.raiznitrox.online
18	8

This site contains no links.

Subject Issuer	Validity	Valid
raiznitrox.online WE1	`2024-07-20` - `2024-10-18`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
imageboss.io Amazon RSA 2048 M02	`2024-02-08` - `2025-03-08`	a year	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://mail.raiznitrox.online/
Frame ID: EF0DD0D5DC8C0B65699F67064BC40A56
Requests: 16 HTTP requests in this frame

Frame: https://www.youtube.com/embed/SPBcDqLaO94&t?controls=0&autoplay=1&rel=0&controls=0&showinfo=0&playsinline=1&&enablejsapi=1
Frame ID: 4AC5FB86C181BA7767B9C0711F6EA198
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/b9VimjG1TTQ?controls=0&rel=0&controls=0&showinfo=0&playsinline=1&&enablejsapi=1
Frame ID: B2066B39C6FF7DF99FE9047DF7080827
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

18
Requests

72 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

9
IPs

4
Countries

310 kB
Transfer

991 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
mail.raiznitrox.online/ 94 KB
13 KB 323ms
269ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.raiznitrox.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49600cd497a6f2f5b4b93e528df04feafa0ee09e69ea3bf352bd84dede44d678

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8bed6974cdc3b8a2-AMS
content-encoding: br
content-type: text/html
date: Fri, 06 Sep 2024 09:25:28 GMT
last-modified: Thu, 23 May 2024 04:21:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HiWVASnX0jutiFhPtDXGP4SMWqzAO0%2FOOaoScWo6qCErkos5voYb2oMyudQS12SvJ0OJnRvSD7uHjwYg3IOnOr4OMEh1AQSSFeWyzRpZNmMsomA%2F7ggxRpeB9rQ2I4QnRnHstD23j8PQ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed

GET
H3 200 video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/8.5.2/ 45 KB
11 KB 74ms
34ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/8.5.2/video-js.min.css

Requested by

Host: mail.raiznitrox.online
URL: https://mail.raiznitrox.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f8971ab91aad6e51d4d9a6a1fdf8819d0a2bbd28e40b00d27026d4098d5c990

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://mail.raiznitrox.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:25:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 118082
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10789
last-modified: Tue, 15 Aug 2023 10:08:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64db4e99-2a25"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xm5ljE7AxZtOwmZSAGA8JJPHlE5PoSpON57zr9lMl9tQ4V5bQQqfqogSRcFLN1CIAsxLNAYTAdvln6xfcexXAEazLFK%2BvgOGi312MTkzHR54HFz7oSu7luLq51qM%2FAJOgYfgUCT9"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8bed6976d8c666ac-AMS
expires: Wed, 27 Aug 2025 09:25:28 GMT

GET
H3 200 video.min.js Show response
cdnjs.cloudflare.com/ajax/libs/video.js/8.5.2/ 582 KB
143 KB 89ms
49ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/8.5.2/video.min.js

Requested by

Host: mail.raiznitrox.online
URL: https://mail.raiznitrox.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae02049b08cb94f5288b8f912cbe32dc1eeb4247a02208985b03210688140708

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://mail.raiznitrox.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:25:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 694545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 145467
last-modified: Tue, 15 Aug 2023 10:08:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64db4e99-2383b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CYZQ%2FJNY7HQY2sw1zv5E0nDD01pTQKI83V5tcIWY24ZOdP7BlPOJY17IPffpwMEZq4Z1BS%2BrHPHX8iNafmEJeBuZNuAfsQE%2FYn3BXMBYbXgjWhRaHisirtkrUrHmkh3gstySFK%2B4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8bed6976d8cc66ac-AMS
expires: Wed, 27 Aug 2025 09:25:28 GMT

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/ 87 KB
12 KB 75ms
18ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/bootstrap-icons.css

Requested by

Host: mail.raiznitrox.online
URL: https://mail.raiznitrox.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f0cf9bd878febf2ff6279b59f696031deb8f0f9f4ab1a1199f55d78f7c558638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mail.raiznitrox.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 06 Sep 2024 09:25:28 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4522685
x-jsd-version: 1.9.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11979
x-served-by: cache-fra-eddf8230111-FRA, cache-ams21044-AMS
x-jsd-version-type: version
etag: W/"15a09-bhLh682YP4SOXCgKt3ZJ7rROdLw"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 86ms
32ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:wght@300;400;500;600;700;800&family=Pathway+Gothic%20One:wght@300;400;500;600;700;800&family=Pathway+Gothic%20One:wght@300;400;500;600;700;800&display=swap

Requested by

Host: mail.raiznitrox.online
URL: https://mail.raiznitrox.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d18cc08b3190b624e1a20e49b31e2cd6bf1e8f4afd0e85ef16025bd61f1c312

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mail.raiznitrox.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 06 Sep 2024 09:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 06 Sep 2024 09:25:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Sep 2024 09:25:28 GMT

GET
H2 200 SPBcDqLaO94&t
www.youtube.com/embed/ Frame 4AC5 0
0 135ms
85ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/SPBcDqLaO94&t?controls=0&autoplay=1&rel=0&controls=0&showinfo=0&playsinline=1&&enablejsapi=1

Requested by

Host: mail.raiznitrox.online
URL: https://mail.raiznitrox.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.raiznitrox.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Sep 2024 09:25:28 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET b9VimjG1TTQ
www.youtube.com/embed/ Frame B206 0
0

GET
H3 200 email-decode.min.js Show response
mail.raiznitrox.online/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 20ms
19ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.raiznitrox.online/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: mail.raiznitrox.online
URL: https://mail.raiznitrox.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mail.raiznitrox.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Sep 2024 18:15:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66d8a3c5-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sMtP%2BtaUn86xLgXPS9O9C9ZbvdMRUE%2F%2F1zokscmZ9aXHOuhZC%2FxKpPtyvyTKhCjRbtDchDMNXmIr01GibXQS4IxvUqdexNV55LyZmOhE9lgsPhT0ipXaktIbGDHxH6UBb30eUBrikmSu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8bed6976f886b8a2-AMS
expires: Sun, 08 Sep 2024 09:25:28 GMT

GET
H3 200 gAeXsv3714477.js Show response
mail.raiznitrox.online/js/ 12 KB
5 KB 271ms
270ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.raiznitrox.online/js/gAeXsv3714477.js
Requested by: Host: mail.raiznitrox.online
URL: https://mail.raiznitrox.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 138b18a2971f33cef3ccdfa053866dc5df1184ce3b6768317ca61808facfba74

Request headers

Referer: https://mail.raiznitrox.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:25:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 May 2024 04:21:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i9KFfuKZZSO47wOl03gH2L2ULekcIw9%2BMS%2B0Ryy5%2BLHAcXCNHdPlu6vhzFTKyjanOoao92RZu9Xy2hjb3pSNqdZJu4AVKsA9uwaRVhcw8gesGc1%2BTd2w0x6UQXhwQew2qL1M8u2Pf%2F9j"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8bed6976f88ab8a2-AMS
alt-svc: h3=":443"; ma=86400
expires: Fri, 13 Sep 2024 09:25:28 GMT

GET
H2 200 whEBoI9172551.jpeg
img.imageboss.me/atm/cdn/format:auto/u/YgiEC5vhUfWYWr7NeVpiT0q6yFJ3/l/ 16 KB
0 284ms
27ms Image
image/avif 2600:9000:223c:5600:b:b1b5:b9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.imageboss.me/atm/cdn/format:auto/u/YgiEC5vhUfWYWr7NeVpiT0q6yFJ3/l/whEBoI9172551.jpeg
Requested by: Host: mail.raiznitrox.online
URL: https://mail.raiznitrox.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5600:b:b1b5:b9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mail.raiznitrox.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 14:27:26 GMT
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 3178683
vary: Accept
x-cache: Hit from cloudfront
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: NHoETy6ofhDSeBtZpqjhrDqG-U6pMkV_u6NmSpeILG5-K0ALJs0MVw==

GET zQroCy5422757.svg+xml
img.imageboss.me/atm/cdn/format:auto/u/YgiEC5vhUfWYWr7NeVpiT0q6yFJ3/l/ 0
0

GET
H3 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/fonts/ 110 KB
110 KB 45ms
23ms Font
font/woff2 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/fonts/bootstrap-icons.woff2?8d200481aa7f02a2d63a331fc782cfaf

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/bootstrap-icons.css

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c69bf1ccae5f13b5aa4345dcfeb209a8148ad0bfa1e0678b93792aae0429c764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/bootstrap-icons.css
Origin: https://mail.raiznitrox.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 06 Sep 2024 09:25:28 GMT
x-content-type-options: nosniff
age: 1840226
x-jsd-version: 1.9.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 112440
x-served-by: cache-fra-eddf8230095-FRA, cache-bru1480022-BRU
x-jsd-version-type: version
etag: W/"1b738-OihLBhh3Hynajra+kA6ZQ5JT3OA"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET YYGAJA8121922.svg+xml
img.imageboss.me/atm/cdn/format:auto/u/YgiEC5vhUfWYWr7NeVpiT0q6yFJ3/l/ 0
0

GET KPoICX0094027.svg+xml
img.imageboss.me/atm/cdn/format:auto/u/YgiEC5vhUfWYWr7NeVpiT0q6yFJ3/l/ 0
0

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
0 0ms
0ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: mail.raiznitrox.online
URL: https://mail.raiznitrox.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d18cc08b3190b624e1a20e49b31e2cd6bf1e8f4afd0e85ef16025bd61f1c312

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mail.raiznitrox.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 06 Sep 2024 09:25:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Sep 2024 09:25:28 GMT

GET
H2 200 MwQrbgD32-KAvjkYGNUUxAtW7pEBwx-tS1Zf.woff2
fonts.gstatic.com/s/pathwaygothicone/v15/ 14 KB
14 KB 129ms
56ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/pathwaygothicone/v15/MwQrbgD32-KAvjkYGNUUxAtW7pEBwx-tS1Zf.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:wght@300;400;500;600;700;800&family=Pathway+Gothic%20One:wght@300;400;500;600;700;800&family=Pathway+Gothic%20One:wght@300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

021641f5d569e5139c323e6b304146005220ffb45dfc9381ea010324f729c8d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.raiznitrox.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:16:31 GMT
x-content-type-options: nosniff
age: 482938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13968
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:01:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Aug 2025 19:16:31 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 9 KB
0 135ms
62ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.raiznitrox.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 23:17:21 GMT
x-content-type-options: nosniff
age: 468488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48336
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:31:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Aug 2025 23:17:21 GMT

GET a.js
cdn.atomicatpages.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/embed/b9VimjG1TTQ?controls=0&rel=0&controls=0&showinfo=0&playsinline=1&&enablejsapi=1

Domain: img.imageboss.me
URL: https://img.imageboss.me/atm/cdn/format:auto/u/YgiEC5vhUfWYWr7NeVpiT0q6yFJ3/l/zQroCy5422757.svg+xml

Domain: img.imageboss.me
URL: https://img.imageboss.me/atm/cdn/format:auto/u/YgiEC5vhUfWYWr7NeVpiT0q6yFJ3/l/YYGAJA8121922.svg+xml

Domain: img.imageboss.me
URL: https://img.imageboss.me/atm/cdn/format:auto/u/YgiEC5vhUfWYWr7NeVpiT0q6yFJ3/l/KPoICX0094027.svg+xml

Domain: cdn.atomicatpages.com
URL: https://cdn.atomicatpages.com/a.js?cache=38257

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: X9qTZ2gQOO8
.youtube.com/	1970-01-21 03:39:26	Name: VISITOR_INFO1_LIVE Value: WA5Lw9b8C4s
.youtube.com/	1970-01-21 03:39:26	Name: VISITOR_PRIVACY_METADATA Value: CgJOTBIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgIg%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.atomicatpages.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
img.imageboss.me
mail.raiznitrox.online
www.youtube.com
cdn.atomicatpages.com
img.imageboss.me
www.youtube.com
104.17.24.14
151.101.129.229
188.114.97.3
2600:9000:223c:5600:b:b1b5:b9c0:93a1
2a00:1450:4001:80e::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:828::200a
2a04:4e42::485
021641f5d569e5139c323e6b304146005220ffb45dfc9381ea010324f729c8d1
138b18a2971f33cef3ccdfa053866dc5df1184ce3b6768317ca61808facfba74
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2f8971ab91aad6e51d4d9a6a1fdf8819d0a2bbd28e40b00d27026d4098d5c990
49600cd497a6f2f5b4b93e528df04feafa0ee09e69ea3bf352bd84dede44d678
5d18cc08b3190b624e1a20e49b31e2cd6bf1e8f4afd0e85ef16025bd61f1c312
ae02049b08cb94f5288b8f912cbe32dc1eeb4247a02208985b03210688140708
c69bf1ccae5f13b5aa4345dcfeb209a8148ad0bfa1e0678b93792aae0429c764
f0cf9bd878febf2ff6279b59f696031deb8f0f9f4ab1a1199f55d78f7c558638

mail.raiznitrox.online Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

18 Requests

72 %HTTPS

63 %IPv6

8 Domains

8 Subdomains

9 IPs

4 Countries

310 kBTransfer

991 kBSize

3 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

3 Cookies

Indicators

mail.raiznitrox.online Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

72 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

9
IPs

4
Countries

310 kB
Transfer

991 kB
Size

3
Cookies

18 HTTP transactions
0 data transactions