mem.nitrogc.com Open in urlscan Pro
170.247.2.206 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mem.nitrogc.com/
Submission Tags: phishingrod
Submission: On May 29 via api (May 29th 2024, 4:38:39 am UTC) from DE — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 170.247.2.206, located in Pasto, Colombia and belongs to IP TECHNOLOGIES S.A.S., CO. The main domain is mem.nitrogc.com.
TLS certificate: Issued by R3 on May 29th 2024. Valid for: 3 months.

This is the only time mem.nitrogc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	170.247.2.206 170.247.2.206		267788 (IP TECHNO...) (IP TECHNOLOGIES S.A.S.)
9	1

9 170.247.2.206 (Pasto, Colombia)

ASN267788 (IP TECHNOLOGIES S.A.S., CO)

mem.nitrogc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	nitrogc.com mem.nitrogc.com	323 KB
9	1

	Domain	Requested by
9	mem.nitrogc.com	mem.nitrogc.com
9	1

This site contains no links.

Subject Issuer	Validity	Valid
mem.nitrogc.com R3	`2024-05-29` - `2024-08-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mem.nitrogc.com/
Frame ID: E7A2D3DC1BE725DF2093E8C2B598BCDB
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Iniciar sesión | Nitro Energy

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

323 kB
Transfer

838 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response mem.nitrogc.com/	429 B 676 B	859ms 192ms	Document text/html	170.247.2.206 IP TECHNOLOGIES S...
General Check archive.org Show headers Download Go to Full URL https://mem.nitrogc.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 170.247.2.206 Pasto, Colombia, ASN267788 (IP TECHNOLOGIES S.A.S., CO), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `cf0ee2f821471de031d19bd8b7062f16b172c110a447df2bd710636c361197e1` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Accept-Ranges bytes Connection keep-alive Content-Length 429 Content-Type text/html Date Wed, 29 May 2024 04:38:34 GMT ETag "6637d81b-1ad" Last-Modified Sun, 05 May 2024 19:03:55 GMT Server nginx/1.18.0 (Ubuntu)
GET H/1.1	200 OK	index-028ebd44.js Show response mem.nitrogc.com/assets/	787 KB 298 KB	389ms 388ms	Script application/javascript	170.247.2.206 IP TECHNOLOGIES S...
General Check archive.org Show headers Download Go to Full URL https://mem.nitrogc.com/assets/index-028ebd44.js Requested by Host: mem.nitrogc.com URL: https://mem.nitrogc.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 170.247.2.206 Pasto, Colombia, ASN267788 (IP TECHNOLOGIES S.A.S., CO), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `4deb29b3770f06350d26897bd6f2027d1ae17f9751c271bec4f851cb845b1eb6` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mem.nitrogc.com/ Origin https://mem.nitrogc.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 29 May 2024 04:38:34 GMT Content-Encoding gzip Last-Modified Sun, 05 May 2024 19:03:52 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"6637d818-c4b5f" Transfer-Encoding chunked Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	index-1f08b7d3.css mem.nitrogc.com/assets/	6 KB 2 KB	199ms 199ms	Stylesheet text/css	170.247.2.206 IP TECHNOLOGIES S...
General Check archive.org Show headers Download Go to Full URL https://mem.nitrogc.com/assets/index-1f08b7d3.css Requested by Host: mem.nitrogc.com URL: https://mem.nitrogc.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 170.247.2.206 Pasto, Colombia, ASN267788 (IP TECHNOLOGIES S.A.S., CO), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `1f08b7d378190de71d0ed282ef7aa7540e8a31a8dd840e47d32a82eb4df79f2c` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mem.nitrogc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 29 May 2024 04:38:34 GMT Content-Encoding gzip Last-Modified Sun, 05 May 2024 19:03:52 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"6637d818-16db" Transfer-Encoding chunked Content-Type text/css Connection keep-alive
GET H/1.1	200 OK	auth Show response mem.nitrogc.com/api/	0 407 B	197ms 197ms	Fetch application/json	170.247.2.206 IP TECHNOLOGIES S...
General Check archive.org Show headers Download Go to Full URL https://mem.nitrogc.com/api/auth?method=getToken Requested by Host: mem.nitrogc.com URL: https://mem.nitrogc.com/assets/index-028ebd44.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 170.247.2.206 Pasto, Colombia, ASN267788 (IP TECHNOLOGIES S.A.S., CO), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mem.nitrogc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 29 May 2024 04:38:35 GMT Server nginx/1.18.0 (Ubuntu) x-ratelimit-remaining 98 vary accept-encoding Content-Type application/json; charset=utf-8 access-control-allow-credentials true x-ratelimit-reset 178 x-ratelimit-limit 100 Connection keep-alive Content-Length 0
GET H/1.1	200 OK	favicon.png mem.nitrogc.com/	2 KB 2 KB	181ms 181ms	Other image/png	170.247.2.206 IP TECHNOLOGIES S...
General Check archive.org Show headers Download Go to Full URL https://mem.nitrogc.com/favicon.png Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 170.247.2.206 Pasto, Colombia, ASN267788 (IP TECHNOLOGIES S.A.S., CO), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `073c54f7525a47a830ebd25be284c88af6d59144373072c5df7a51090af0da6e` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mem.nitrogc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 29 May 2024 04:38:35 GMT Last-Modified Sun, 05 May 2024 19:03:46 GMT Server nginx/1.18.0 (Ubuntu) ETag "6637d812-6cd" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1741
GET H/1.1	200 OK	LoginPage-205347f4.js Show response mem.nitrogc.com/assets/	2 KB 1 KB	196ms 196ms	Script application/javascript	170.247.2.206 IP TECHNOLOGIES S...
General Check archive.org Show headers Download Go to Full URL https://mem.nitrogc.com/assets/LoginPage-205347f4.js Requested by Host: mem.nitrogc.com URL: https://mem.nitrogc.com/assets/index-028ebd44.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 170.247.2.206 Pasto, Colombia, ASN267788 (IP TECHNOLOGIES S.A.S., CO), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `fbc3a8fc798fac74e69d43d38ce376b24768a2e6b8d6dd758702f82fdbdb31ca` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Origin https://mem.nitrogc.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 29 May 2024 04:38:36 GMT Content-Encoding gzip Last-Modified Sun, 05 May 2024 19:03:52 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"6637d818-824" Transfer-Encoding chunked Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	index-446ac6ef.js Show response mem.nitrogc.com/assets/	36 KB 15 KB	505ms 362ms	Script application/javascript	170.247.2.206 IP TECHNOLOGIES S...
General Check archive.org Show headers Download Go to Full URL https://mem.nitrogc.com/assets/index-446ac6ef.js Requested by Host: mem.nitrogc.com URL: https://mem.nitrogc.com/assets/index-028ebd44.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 170.247.2.206 Pasto, Colombia, ASN267788 (IP TECHNOLOGIES S.A.S., CO), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `b7d683a37111e0335728526072c218430bf21b19d98d1b6bdd76205f22cf48e0` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Origin https://mem.nitrogc.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 29 May 2024 04:38:36 GMT Content-Encoding gzip Last-Modified Sun, 05 May 2024 19:03:52 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"6637d818-90df" Transfer-Encoding chunked Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	favicon.png mem.nitrogc.com/	2 KB 0	141ms 141ms	Other image/png	170.247.2.206 IP TECHNOLOGIES S...
General Check archive.org Show headers Download Go to Full URL https://mem.nitrogc.com/favicon.png Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 170.247.2.206 Pasto, Colombia, ASN267788 (IP TECHNOLOGIES S.A.S., CO), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `073c54f7525a47a830ebd25be284c88af6d59144373072c5df7a51090af0da6e` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mem.nitrogc.com/login?redirectTo=/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 29 May 2024 04:38:35 GMT Last-Modified Sun, 05 May 2024 19:03:46 GMT Server nginx/1.18.0 (Ubuntu) Accept-Ranges bytes ETag "6637d812-6cd" Content-Length 1741 Content-Type image/png
GET H/1.1	200 OK	nitro-enerfy-logo-f258da28.svg mem.nitrogc.com/assets/	4 KB 4 KB	181ms 181ms	Image image/svg+xml	170.247.2.206 IP TECHNOLOGIES S...
General Check archive.org Show headers Download Go to Show image Full URL https://mem.nitrogc.com/assets/nitro-enerfy-logo-f258da28.svg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 170.247.2.206 Pasto, Colombia, ASN267788 (IP TECHNOLOGIES S.A.S., CO), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `f258da28cc8e541b8fe7ee0e59eb098adb76c0c0c4b77da0ad9d581df6ee97a0` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mem.nitrogc.com/login?redirectTo=/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 29 May 2024 04:38:36 GMT Last-Modified Sun, 05 May 2024 19:03:52 GMT Server nginx/1.18.0 (Ubuntu) ETag "6637d818-eb9" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 3769

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| RWJS_API_GRAPHQL_URL string| RWJS_API_URL string| __REDWOOD__APP_TITLE

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://mem.nitrogc.com/login?redirectTo=/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "username"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mem.nitrogc.com
170.247.2.206
073c54f7525a47a830ebd25be284c88af6d59144373072c5df7a51090af0da6e
1f08b7d378190de71d0ed282ef7aa7540e8a31a8dd840e47d32a82eb4df79f2c
4deb29b3770f06350d26897bd6f2027d1ae17f9751c271bec4f851cb845b1eb6
b7d683a37111e0335728526072c218430bf21b19d98d1b6bdd76205f22cf48e0
cf0ee2f821471de031d19bd8b7062f16b172c110a447df2bd710636c361197e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f258da28cc8e541b8fe7ee0e59eb098adb76c0c0c4b77da0ad9d581df6ee97a0
fbc3a8fc798fac74e69d43d38ce376b24768a2e6b8d6dd758702f82fdbdb31ca

mem.nitrogc.com Open in urlscan Pro 170.247.2.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

323 kBTransfer

838 kBSize

0 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

mem.nitrogc.com Open in urlscan Pro
170.247.2.206 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

323 kB
Transfer

838 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions