urlscan.io logo urlscan.io
SecurityTrails logo

blockf.nitrogen.com.pk Open in urlscan Pro
170.249.216.178  Public Scan

Go To Rescan Add Verdict Report
URL: https://blockf.nitrogen.com.pk/
Submission Tags: phishingrod
Submission: On June 07 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 4 HTTP transactions. The main IP is 170.249.216.178, located in United States and belongs to PRIVATESYSTEMS, US. The main domain is blockf.nitrogen.com.pk.
TLS certificate: Issued by R3 on June 7th 2023. Valid for: 3 months.
This is the only time blockf.nitrogen.com.pk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 170.249.216.178 63410 (PRIVATESY...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 3
Apex Domain
Subdomains		 Transfer
2 nitrogen.com.pk
blockf.nitrogen.com.pk
18 KB
1 gstatic.com
fonts.gstatic.com
36 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
983 B
4 3
Domain Requested by
2 blockf.nitrogen.com.pk blockf.nitrogen.com.pk
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com blockf.nitrogen.com.pk
4 3

This site contains no links.

Subject Issuer Validity Valid
www.blockf.nitrogen.com.pk
R3		 2023-06-07 -
2023-09-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://blockf.nitrogen.com.pk/
Frame ID: 5B5848B51D2C2D5BF3E4A97D83ADA478
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BLOCK F - NITROGEN | Fitness & Wellness

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

4
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

55 kB
Transfer

57 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
blockf.nitrogen.com.pk/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blockf.nitrogen.com.pk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.249.216.178 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
srv31.easyhost.pk
Software
LiteSpeed /
Resource Hash
3fd73c6d61a68f24be40793d03b41089d7f37f1cecde8a83d11dfe5f130e7f3e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, private
content-encoding
br
content-length
812
content-type
text/html; charset=UTF-8
date
Wed, 07 Jun 2023 16:37:58 GMT
server
LiteSpeed
vary
Accept-Encoding
css
fonts.googleapis.com/ 		3 KB
983 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito:200,600
Requested by
Host: blockf.nitrogen.com.pk
URL: https://blockf.nitrogen.com.pk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
468255782bcbae7dda37ce7e537febe02bdf12fdd0ae40ee204a889424f32625
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blockf.nitrogen.com.pk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Jun 2023 16:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 07 Jun 2023 16:37:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Jun 2023 16:37:58 GMT
nitrogen-light-m.png
blockf.nitrogen.com.pk/admin/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blockf.nitrogen.com.pk/admin/images/nitrogen-light-m.png
Requested by
Host: blockf.nitrogen.com.pk
URL: https://blockf.nitrogen.com.pk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.249.216.178 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
srv31.easyhost.pk
Software
LiteSpeed /
Resource Hash
c6207fcc4ffd11465c83ed681321710822e4c46786d00ebeaabc9772c1ed5d4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blockf.nitrogen.com.pk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 16:37:58 GMT
last-modified
Sun, 12 Feb 2023 12:18:45 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
16951
expires
Wed, 14 Jun 2023 16:37:58 GMT
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:200,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blockf.nitrogen.com.pk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 04:41:07 GMT
x-content-type-options
nosniff
age
43011
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35904
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:34:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Jun 2024 04:41:07 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

2 Cookies

Domain/Path Name / Value
blockf.nitrogen.com.pk/ Name: XSRF-TOKEN
Value: eyJpdiI6InZ6UzdzSWpGR3MyVkFVbnBjYlEvTWc9PSIsInZhbHVlIjoiRzBDTWpsUUVYbjVEVmtKQjdYN2oreTAzeDJScFRTYW5lNzlOeXZYTVNOYnZTSFdjbnN1Nk0xVmRUakErL3hralNyYzVvTGhvNWhOS0NzNkFyR3JOVW5hUmI4eENxWVRMSDdHSDdSWjM1SlBjeUMybDJYWENNQm8zOGRFVE1UblAiLCJtYWMiOiJkYjYwNzQ5MzMxNzEyMGQ2MDJkN2VjZDU2NjAwMjlkZmQzZTkyYzViZmE0NmRmZmJmNDA2ZjIyYmNjNzQ4ZDdlIn0%3D
blockf.nitrogen.com.pk/ Name: block_f_nitrogen_fitness_wellness_session
Value: eyJpdiI6ImozaU1udFAzK2ZyZkcrdzd1MGhhdGc9PSIsInZhbHVlIjoiTmdBNEhDUEREMFpJMlVDT252N2J2QlZzaFR2bzBSOHpjNkdrMGJRb0xyaW1wTWtkN3lteGtNSmRWQUxSbTVVMWxaMU0rSlozaE53Y3I1Z016WE43Y3RJNFhOR3ZQdThEa1UzSW1ndXN2YkZWaXpSWnpXa3ZUUUJocW9iS2JEZVYiLCJtYWMiOiI3NjE4YmIyMThlOTZmNmUxNmMwMWI0N2Q5ZGMzNDkwYTgxZDk4MDFjNTE1YzRkM2JmZGQ3ZDM2MGRlMmY2ZWU2In0%3D