Submitted URL: https://hrva.cc/reswertion
Effective URL: https://mail.antisnoringdevicesonline.com/template/castro/refnr.htm
Submission: On January 24 via api from NL — Scanned from DE

Summary

This website contacted 2 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 108.179.242.143, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is mail.antisnoringdevicesonline.com.
TLS certificate: Issued by R3 on January 17th 2023. Valid for: 3 months.
This is the only time mail.antisnoringdevicesonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 195.210.46.30 48716 (PSKZ-ALA)
8 108.179.242.143 19871 (NETWORK-S...)
2 2.18.36.158 16625 (AKAMAI-AS)
10 2
Apex Domain
Subdomains
Transfer
8 antisnoringdevicesonline.com
mail.antisnoringdevicesonline.com
103 KB
2 ui-portal.de
img.ui-portal.de — Cisco Umbrella Rank: 23171
43 KB
1 n9.kz
n9.kz
732 B
1 hrva.cc
hrva.cc
735 B
10 4
Domain Requested by
8 mail.antisnoringdevicesonline.com mail.antisnoringdevicesonline.com
2 img.ui-portal.de mail.antisnoringdevicesonline.com
1 n9.kz 1 redirects
1 hrva.cc 1 redirects
10 4

This site contains links to these domains. Also see Links.

Domain
www.gmx.net
agb-server.gmx.net
hilfe.gmx.net
Subject Issuer Validity Valid
www.vladimirmesic.easyemaillistbuilding.com
R3
2023-01-17 -
2023-04-17
3 months crt.sh
img.ui-portal.de
GeoTrust RSA CA 2018
2022-07-25 -
2023-07-25
a year crt.sh

This page contains 1 frames:

Primary Page: https://mail.antisnoringdevicesonline.com/template/castro/refnr.htm
Frame ID: 91F8F158D799A7E87B59DB5EF06C5765
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

GMX Login

Page URL History Show full URLs

  1. https://hrva.cc/reswertion HTTP 302
    https://n9.kz/djkc HTTP 301
    https://mail.antisnoringdevicesonline.com/template/castro/refnr.htm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

2
IPs

3
Countries

146 kB
Transfer

308 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hrva.cc/reswertion HTTP 302
    https://n9.kz/djkc HTTP 301
    https://mail.antisnoringdevicesonline.com/template/castro/refnr.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request refnr.htm
mail.antisnoringdevicesonline.com/template/castro/
Redirect Chain
  • https://hrva.cc/reswertion
  • https://n9.kz/djkc
  • https://mail.antisnoringdevicesonline.com/template/castro/refnr.htm
8 KB
3 KB
Document
General
Full URL
https://mail.antisnoringdevicesonline.com/template/castro/refnr.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.242.143 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-242-143.unifiedlayer.com
Software
Apache /
Resource Hash
6acd7e101accd66d9ee98d44eaeaadd24f33e226ce472df7c622c841d1b96ba9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
2733
content-type
text/html
date
Tue, 24 Jan 2023 12:56:49 GMT
last-modified
Fri, 20 Jan 2023 15:31:10 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=UTF-8
date
Tue, 24 Jan 2023 12:56:48 GMT
location
https://mail.antisnoringdevicesonline.com/template/castro/refnr.htm
server
nginx
x-content-type-options
nosniff
x-powered-by
PleskLin
jquery-3.6.0-ver-8FB8FEE4FCC3CC86FF6C724154C49C42.js
mail.antisnoringdevicesonline.com/template/castro/refnr_files/
87 KB
38 KB
Script
General
Full URL
https://mail.antisnoringdevicesonline.com/template/castro/refnr_files/jquery-3.6.0-ver-8FB8FEE4FCC3CC86FF6C724154C49C42.js
Requested by
Host: mail.antisnoringdevicesonline.com
URL: https://mail.antisnoringdevicesonline.com/template/castro/refnr.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.242.143 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-242-143.unifiedlayer.com
Software
Apache /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.antisnoringdevicesonline.com/template/castro/refnr.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:56:49 GMT
content-encoding
gzip
last-modified
Thu, 29 Dec 2022 18:09:50 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
wicket-ajax-jquery-ver-04D5389C5F00ED98AD39E57EBB5AA818.js
mail.antisnoringdevicesonline.com/template/castro/refnr_files/
42 KB
14 KB
Script
General
Full URL
https://mail.antisnoringdevicesonline.com/template/castro/refnr_files/wicket-ajax-jquery-ver-04D5389C5F00ED98AD39E57EBB5AA818.js
Requested by
Host: mail.antisnoringdevicesonline.com
URL: https://mail.antisnoringdevicesonline.com/template/castro/refnr.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.242.143 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-242-143.unifiedlayer.com
Software
Apache /
Resource Hash
7d4811f2ec41c08d2fd6ac616ebe9f74497c9ee48649c6475508c251838ce5ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.antisnoringdevicesonline.com/template/castro/refnr.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:56:49 GMT
content-encoding
gzip
last-modified
Thu, 29 Dec 2022 18:09:50 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
14490
4006.js
mail.antisnoringdevicesonline.com/template/castro/refnr_files/
32 KB
13 KB
Script
General
Full URL
https://mail.antisnoringdevicesonline.com/template/castro/refnr_files/4006.js
Requested by
Host: mail.antisnoringdevicesonline.com
URL: https://mail.antisnoringdevicesonline.com/template/castro/refnr.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.242.143 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-242-143.unifiedlayer.com
Software
Apache /
Resource Hash
119027f18db75cab8f5b231b08c50c6b3017142228d19db88e4590e2963f6878

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.antisnoringdevicesonline.com/template/castro/refnr.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:56:49 GMT
content-encoding
gzip
last-modified
Thu, 29 Dec 2022 18:09:50 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
13358
uni_main-ver-ABFA6FE238735EF40AF83D53C6FEFF99.js
mail.antisnoringdevicesonline.com/template/castro/refnr_files/
45 KB
18 KB
Script
General
Full URL
https://mail.antisnoringdevicesonline.com/template/castro/refnr_files/uni_main-ver-ABFA6FE238735EF40AF83D53C6FEFF99.js
Requested by
Host: mail.antisnoringdevicesonline.com
URL: https://mail.antisnoringdevicesonline.com/template/castro/refnr.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.242.143 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-242-143.unifiedlayer.com
Software
Apache /
Resource Hash
140f6796d4c700661994a7a5baad0e498bd36294d982efb8cf04c193e5f264c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.antisnoringdevicesonline.com/template/castro/refnr.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:56:49 GMT
content-encoding
gzip
last-modified
Thu, 29 Dec 2022 18:09:50 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
uni-ver-FFA18EE8CD5D2AE5275EA28E618201C8.css
mail.antisnoringdevicesonline.com/template/castro/refnr_files/
48 KB
14 KB
Stylesheet
General
Full URL
https://mail.antisnoringdevicesonline.com/template/castro/refnr_files/uni-ver-FFA18EE8CD5D2AE5275EA28E618201C8.css
Requested by
Host: mail.antisnoringdevicesonline.com
URL: https://mail.antisnoringdevicesonline.com/template/castro/refnr.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.242.143 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-242-143.unifiedlayer.com
Software
Apache /
Resource Hash
fe2bd538ab96ff9d26f40e9214e364ce94d2e8d06d05ba405ddf5ac842b17987

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.antisnoringdevicesonline.com/template/castro/refnr.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:56:49 GMT
content-encoding
gzip
last-modified
Thu, 29 Dec 2022 18:09:50 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
14098
index.jpg
mail.antisnoringdevicesonline.com/template/castro/refnr_files/
3 KB
3 KB
Image
General
Full URL
https://mail.antisnoringdevicesonline.com/template/castro/refnr_files/index.jpg
Requested by
Host: mail.antisnoringdevicesonline.com
URL: https://mail.antisnoringdevicesonline.com/template/castro/refnr.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.242.143 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-242-143.unifiedlayer.com
Software
Apache /
Resource Hash
ef8b1deeeae73c65bd9099dc8986ef4e77fff10fcafc824551b45243a14a6ed1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.antisnoringdevicesonline.com/template/castro/refnr.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:56:49 GMT
last-modified
Thu, 29 Dec 2022 18:09:50 GMT
server
Apache
accept-ranges
bytes
content-length
2668
content-type
image/jpeg
sprite-ver-D3F1EDEA52AAAD29F634A631F98FAF3B.svg
mail.antisnoringdevicesonline.com/template/castro/interceptor/resource/_cp._/::/gui/assets/icons/
0
0
Other
General
Full URL
https://mail.antisnoringdevicesonline.com/template/castro/interceptor/resource/_cp._/::/gui/assets/icons/sprite-ver-D3F1EDEA52AAAD29F634A631F98FAF3B.svg?requestSecurityToken=deb3c605-afea-4764-8bdf-5f1b438f7a9b
Requested by
Host: mail.antisnoringdevicesonline.com
URL: https://mail.antisnoringdevicesonline.com/template/castro/refnr.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.242.143 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-242-143.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.antisnoringdevicesonline.com/template/castro/refnr.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 12:56:49 GMT
server
Apache
content-length
0
content-type
text/html; charset=UTF-8
RobotoCondensed-Light-webfont.woff
img.ui-portal.de/ci/gmx/global/fonts/roboto/
18 KB
19 KB
Font
General
Full URL
https://img.ui-portal.de/ci/gmx/global/fonts/roboto/RobotoCondensed-Light-webfont.woff
Requested by
Host: mail.antisnoringdevicesonline.com
URL: https://mail.antisnoringdevicesonline.com/template/castro/refnr_files/uni-ver-FFA18EE8CD5D2AE5275EA28E618201C8.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.158 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-158.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4cde34c1e366e3d7625d453914da07e72c137c195ec9191db06f41775e65a01b

Request headers

Referer
https://mail.antisnoringdevicesonline.com/
Origin
https://mail.antisnoringdevicesonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

unused62
8096267
date
Tue, 24 Jan 2023 12:56:49 GMT
content-encoding
gzip
last-modified
Tue, 18 Jul 2017 09:59:36 GMT
server
Apache
etag
"49c0-5549492a91200"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=597547
accept-ranges
bytes
x-robots-tag
noindex
content-length
18817
Roboto-Medium-webfont.woff
img.ui-portal.de/ci/gmx/global/fonts/roboto/
24 KB
25 KB
Font
General
Full URL
https://img.ui-portal.de/ci/gmx/global/fonts/roboto/Roboto-Medium-webfont.woff
Requested by
Host: mail.antisnoringdevicesonline.com
URL: https://mail.antisnoringdevicesonline.com/template/castro/refnr_files/uni-ver-FFA18EE8CD5D2AE5275EA28E618201C8.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.158 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-158.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ca845a97256742debfc82004246fe03d97da1aae5b41b691b23d90b70df3910

Request headers

Referer
https://mail.antisnoringdevicesonline.com/
Origin
https://mail.antisnoringdevicesonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

unused62
8096267
date
Tue, 24 Jan 2023 12:56:49 GMT
content-encoding
gzip
last-modified
Thu, 27 Feb 2014 04:45:46 GMT
server
Apache
etag
"61d8-4f35bfe9b3280"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=639380
accept-ranges
bytes
x-robots-tag
noindex
content-length
24997

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange function| $ function| jQuery object| Wicket object| NSfTIF string| szmvars object| iom function| initializeComponents object| __core-js_shared__ object| core function| parcelRequire

2 Cookies

Domain/Path Name / Value
n9.kz/ Name: XSRF-TOKEN
Value: eyJpdiI6IjhnSDZGWEE4TDErOXJFcXN3aVV2Q3c9PSIsInZhbHVlIjoiVVdJa2FlTSs5OUpiMGhtbVdNRVVZazVxYVBUSzloaEM2UWpacWxOZFZHNkVoOXRyazNCMjhPMzVudzl2QS8wUSIsIm1hYyI6IjExNmFjYzlhNDgxM2U0NzQwZjc0MTczZDUyZDI4OWU4YTc3Y2IyMmUwNzhiMjZjNTUzOTc1Y2UwY2IwNTljZTAifQ%3D%3D
n9.kz/ Name: n9_session
Value: eyJpdiI6ImNyVG5BV2JEbVp2bzlmbFFNZXV0ZkE9PSIsInZhbHVlIjoiR0ZsYU1MQ3N6L252VWpOUlY4Tlp6bVBjRVg4MjdyN3hIS3ZWVzU3WnZXdTJMdklydHdwZ2o2OFFJMHY4MS91SiIsIm1hYyI6IjFiZGI2MDFkMjMyZjM3M2UxMjQwNWZlNDlhYjIyZDY3N2QwODEwYWIwMjZmYzU3YzUyMjk2MzcxZDNkNjZiMTkifQ%3D%3D

1 Console Messages

Source Level URL
Text
network error URL: https://mail.antisnoringdevicesonline.com/template/castro/interceptor/resource/_cp._/::/gui/assets/icons/sprite-ver-D3F1EDEA52AAAD29F634A631F98FAF3B.svg?requestSecurityToken=deb3c605-afea-4764-8bdf-5f1b438f7a9b#logo-gmx
Message:
Failed to load resource: the server responded with a status of 500 ()