nitrowind.penghy.xyz
Open in
urlscan Pro
111.231.10.48
Public Scan
Submission Tags: phishingrod
Submission: On November 01 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on October 31st 2023. Valid for: a year.
This is the only time nitrowind.penghy.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 111.231.10.48 111.231.10.48 | 45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited) | |
4 | 192.0.77.48 192.0.77.48 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
13 | 3 |
ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
nitrowind.penghy.xyz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
penghy.xyz
nitrowind.penghy.xyz |
100 KB |
4 |
w.org
s.w.org — Cisco Umbrella Rank: 2772 |
3 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
13 | 3 |
Domain | Requested by | |
---|---|---|
7 | nitrowind.penghy.xyz |
nitrowind.penghy.xyz
|
4 | s.w.org |
nitrowind.penghy.xyz
|
0 | 111.231.10.48 Failed |
nitrowind.penghy.xyz
|
13 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
nitrowind.penghy.xyz Encryption Everywhere DV TLS CA - G2 |
2023-10-31 - 2024-10-30 |
a year | crt.sh |
*.w.org Sectigo ECC Domain Validation Secure Server CA |
2022-12-06 - 2024-01-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://nitrowind.penghy.xyz/
Frame ID: B0F68567FCFAAA0444520F9D8B9C9349
Requests: 13 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
nitrowind.penghy.xyz/ |
52 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min.css
nitrowind.penghy.xyz/wp-includes/blocks/cover/ |
16 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min.css
nitrowind.penghy.xyz/wp-includes/blocks/social-links/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
nitrowind.penghy.xyz/wp-content/themes/bounds/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DALL%C2%B7E-2023-10-28-03.42.30-16-9-wide-format-photo-showcasing-a-realistic-dark-toned-forest-environment-reminiscent-of-a-scene-created-in-a-high-quality-game-engine.-Amidst-the-.png
nitrowind.penghy.xyz/wp-content/uploads/2023/11/ |
2 MB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
24bad6d5-380f-4bfc-babe-7c942f857d0a
https://nitrowind.penghy.xyz/ |
1 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
image-from-rawpixel-id-9084949-jpeg.jpg
111.231.10.48/wp-content/themes/bounds/assets/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
REM-VariableFont_wght.woff2
nitrowind.penghy.xyz/wp-content/themes/bounds/assets/fonts/REM/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-emoji-release.min.js
nitrowind.penghy.xyz/wp-includes/js/ |
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f534.svg
s.w.org/images/core/emoji/14.0.0/svg/ |
113 B 400 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f7e1.svg
s.w.org/images/core/emoji/14.0.0/svg/ |
113 B 399 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f7e2.svg
s.w.org/images/core/emoji/14.0.0/svg/ |
113 B 399 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f44d.svg
s.w.org/images/core/emoji/14.0.0/svg/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- 111.231.10.48
- URL
- http://111.231.10.48/wp-content/themes/bounds/assets/images/image-from-rawpixel-id-9084949-jpeg.jpg
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| _wpemojiSettings object| twemoji object| wp0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
111.231.10.48
nitrowind.penghy.xyz
s.w.org
111.231.10.48
111.231.10.48
192.0.77.48
0f2b2ef249afadcfcd3cd9e1dcc7ba612f595135cd70c6663267380ea4d3331e
35f13b37effb45365808667e08dec3034ca79d587a5343f665c5e53c29345907
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
66b1c8e22d1f5804ed048c6a1f5fe5d4210c274967d4f7f42e595851d6cd9f47
93f28a18a1df638b539f6bde99c048a50ad7b8a5643c6966a0546a0c50f7cace
a05c1b4a0da521d08a4fd7c477f5da8bcd7691f8e69244ec265762ddf4dd03e9
bbc5c3ac23e7aa8868ccd7ead04b1c7865d2dc3ff14d17e2ecedf1f45523390c
e0d83437cb48f0371bd8c2941d2a37b65da3435dfb72277eec31d8891c860f26
e2dfd28ec7460085b440a1188217e0ed17589b40751be8a123025f5995f670c6
fb71d8eefb7a3c6d12c421740f99f066c8913e6d6dfb702fdff410ebf176b405