urlscan.io logo urlscan.io
SecurityTrails logo

nitroflarepremium.com Open in urlscan Pro
2606:4700:3031::ac43:aee5  Public Scan

Go To Rescan Add Verdict Report
URL: https://nitroflarepremium.com/
Submission Tags: phishingrod
Submission: On October 03 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 2606:4700:3031::ac43:aee5, located in United States and belongs to CLOUDFLARENET, US. The main domain is nitroflarepremium.com.
TLS certificate: Issued by GTS CA 1P5 on October 3rd 2023. Valid for: 3 months.
This is the only time nitroflarepremium.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:303... 13335 (CLOUDFLAR...)
5 2
Apex Domain
Subdomains		 Transfer
4 nitroflarepremium.com
nitroflarepremium.com
67 KB
5 1
Domain Requested by
4 nitroflarepremium.com nitroflarepremium.com
5 1

This site contains links to these domains. Also see Links.

Domain
nitroflare.org
tezfiles.info
fikperpremium.com
wordpress.org
Subject Issuer Validity Valid
nitroflarepremium.com
GTS CA 1P5		 2023-10-03 -
2024-01-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://nitroflarepremium.com/
Frame ID: 30F8C5AC8BAECE3D3E52B0F0A64BED75
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nitroflare Premium Account

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

5
Requests

80 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

67 kB
Transfer

420 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nitroflarepremium.com/ 		47 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nitroflarepremium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:aee5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
631c60c11cfac8ca4bfa3c9556901b446360b4e94f334492c861d9c90c7cede4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81067bbd7ca14184-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 16:15:21 GMT
link
<https://nitroflarepremium.com/wp-json/>; rel="https://api.w.org/" <https://nitroflarepremium.com/wp-json/wp/v2/pages/146>; rel="alternate"; type="application/json" <https://nitroflarepremium.com/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHlmACebbsPT6Ikq3Dpx69kxZXVOga%2FhrCN%2FeZb7VmA1zoJJJhRBijXBT8Aa4JP9HHfATYIyXP1oiSxk9tnDmoFG8Fx9g%2BAUpcjf4FNLb3NX6N%2Be1MJOJxh3c8MlQmV6mC%2Fp1Qxgx5fhwhZliqG%2Bt4xWgNg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-dns-prefetch-control
on
x-litespeed-cache
hit
831117ea01a3aee75ebd515944b1055b.css
nitroflarepremium.com/wp-content/litespeed/css/ 		357 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nitroflarepremium.com/wp-content/litespeed/css/831117ea01a3aee75ebd515944b1055b.css?ver=44289
Requested by
Host: nitroflarepremium.com
URL: https://nitroflarepremium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:aee5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dee64519fe8bb5338bddb66b57a2958993e9e4caf6aec30afe4c4c8e6b1a908

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroflarepremium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:15:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=366448
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 20 Aug 2023 02:37:01 GMT
server
cloudflare
etag
W/"59770-64e17c4d-1a539a;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgFpgx9Il27QyuOQJXdsElHinwGO9QeIZ95gRp8dkORsr%2FGAQh%2FS7Ic13oVDVCy2LudLRCBQFDnRmvjZWY26kcZCjn1o9jskbnu83EEuUxotL6UCDa8RuL0oUUWZfQOKbT9oxAMZb98f%2BhxFQ8YixgiTyPo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81067bc0981c4184-AMS
expires
Tue, 10 Oct 2023 03:38:54 GMT
rocket-loader.min.js
nitroflarepremium.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nitroflarepremium.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: nitroflarepremium.com
URL: https://nitroflarepremium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:aee5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroflarepremium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 29 Sep 2023 17:15:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65170615-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXzm3u2fXFiiZH0fx09qhNS8%2BfM4mgqvViSG0nQFeOwXviPZOuqGEZhbqdsLPL%2BZjRRrXMJMVHU%2BemKj8sZrFmXW2J0NraICuwN0ojMShOuZyXkR3lg8PQKwI4Is9GRafy%2FOxT4HfrZFhM%2FH62an4XLXYUw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
81067bc0981f4184-AMS
expires
Thu, 05 Oct 2023 16:15:21 GMT
truncated
/ 		165 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4ca1a4c397cbb5d1e7a5a85d70317ac05187d66150bf86049f35f8ac4fed577

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		167 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
283a3dae13bc861bdc4a7d5938693f2874f06c59bdac33e3f613c742b3dc943a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		163 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59b2953a6509047f30e0cccee9a596aa81e1df0f5e953ada8bb710261ede9e97

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		808 B
808 B 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e82505b30144c1df925f9e2b41576a1126a9168e5a2d7f4913f6304763dcdc8

Request headers

Referer
Origin
https://nitroflarepremium.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
guest.vary.php
nitroflarepremium.com/wp-content/plugins/litespeed-cache/ 		0
0
logo.png
nitroflarepremium.com/wp-content/uploads/2022/01/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nitroflarepremium.com/wp-content/uploads/2022/01/logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:aee5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f407db1c53bee25e38778fceb1dac855c895fc215ef2920dfcc388ea367037e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroflarepremium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:15:22 GMT
cf-cache-status
HIT
last-modified
Tue, 25 Apr 2023 03:03:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9e8-64474302-186a34;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nZ7pDxWNuq1Tcf0F8PB9n2q9bfdAixLmsjUw9ywUXSwSMA0hP43ZkEM4eRLwJ2yKPyT%2FNzu0gkRaAr%2BmA%2BC1sJ11lsM48csI90d7fE2TIXayfkTmw0izLurmhWaKhVST4GpJ0fogzguaHYOdncJjfPCEZA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
81067bc428dd903a-FRA
alt-svc
h3=":443"; ma=86400
content-length
2536
expires
Fri, 06 Oct 2023 09:15:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
nitroflarepremium.com
URL
https://nitroflarepremium.com/wp-content/plugins/litespeed-cache/guest.vary.php

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| __cfQR object| litespeed_docref function| LazyLoad string| litespeed_vary function| urlCreator function| litespeed_load_delayed_js_force function| litespeed_load_delayed_js function| litespeed_load_one function| litespeed_inline2src boolean| __cfRLUnblockHandlers

0 Cookies