urlscan.io logo urlscan.io
SecurityTrails logo

demo2.nitrotest.net Open in urlscan Pro
51.89.43.40  Public Scan

Go To Rescan Add Verdict Report
URL: https://demo2.nitrotest.net/
Submission Tags: phishingrod
Submission: On February 06 via api from DE — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 24 HTTP transactions. The main IP is 51.89.43.40, located in London, United Kingdom and belongs to OVH, FR. The main domain is demo2.nitrotest.net.
TLS certificate: Issued by R3 on February 6th 2024. Valid for: 3 months.
This is the only time demo2.nitrotest.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 51.89.43.40 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
24 3
Domain Requested by
10 demo2.nitrotest.net demo2.nitrotest.net
5 fonts.gstatic.com fonts.googleapis.com
5 onlinechiptuning.com demo2.nitrotest.net
3 fonts.googleapis.com demo2.nitrotest.net
1 onlinechiptuning.nitrotest.net demo2.nitrotest.net
24 5

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.youtube.com
tr.pinterest.com
www.instagram.com
Subject Issuer Validity Valid
demo2.nitrotest.net
R3		 2024-02-06 -
2024-05-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
onlinechiptuning.com
R3		 2024-01-05 -
2024-04-04		 3 months crt.sh
onlinechiptuning.nitrotest.net
R3		 2024-01-05 -
2024-04-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://demo2.nitrotest.net/
Frame ID: 29B93C957C134447992F4D7DE32FB549
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nitrotest. Home page title

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

24
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

5
Subdomains

3
IPs

2
Countries

628 kB
Transfer

1318 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
demo2.nitrotest.net/ 		13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://demo2.nitrotest.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.43.40 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3171321.ip-51-89-43.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
b9c4778cf4df8c29942bedea060df136a342491ad39cbe462fd21c25d3c758a5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-language
en-US
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-type
text/html; charset=utf-8
date
Tue, 06 Feb 2024 17:01:23 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
pragma
no-cache
referrer-policy
same-origin
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-miniprofiler-ids
["f4828c6a-f956-4876-a53e-e7b479a992b8"]
x-xss-protection
1; mode=block
venture-font.woff
demo2.nitrotest.net/Themes/Venture/Content/fonts/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://demo2.nitrotest.net/Themes/Venture/Content/fonts/venture-font.woff
Requested by
Host: demo2.nitrotest.net
URL: https://demo2.nitrotest.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.43.40 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3171321.ip-51-89-43.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
433e3ab4d1d2d75ac304c6074d3e712c791a1a1bea07d2eea0c58d62a7434eee
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://demo2.nitrotest.net/
Origin
https://demo2.nitrotest.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 20 Oct 2022 13:58:50 GMT
server
Microsoft-IIS/10.0
date
Tue, 06 Feb 2024 17:01:23 GMT
etag
"1d8e48c149fe0e8"
x-frame-options
SAMEORIGIN
content-type
application/font-woff
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
10728
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		1 KB
598 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fjalla+One&subset=latin-ext&display=swap
Requested by
Host: demo2.nitrotest.net
URL: https://demo2.nitrotest.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
116971543805848f1a500a262c24d3ab4ac7e847800a48b739e3ba3f9670717b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Feb 2024 17:01:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 17:01:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Feb 2024 17:01:23 GMT
css
fonts.googleapis.com/ 		761 B
791 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&subset=latin-ext&display=swap
Requested by
Host: demo2.nitrotest.net
URL: https://demo2.nitrotest.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Feb 2024 17:01:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 16:58:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Feb 2024 17:01:23 GMT
css2
fonts.googleapis.com/ 		10 KB
796 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700;800;900&family=Russo+One&display=swap
Requested by
Host: demo2.nitrotest.net
URL: https://demo2.nitrotest.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab23d5361fcfcd0a8ec147ee715699c6070320f29b73b4c7c7fe69585afd81a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Feb 2024 17:01:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 17:01:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Feb 2024 17:01:23 GMT
Homepage.Head.styles.css
demo2.nitrotest.net/css/ 		266 KB
57 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://demo2.nitrotest.net/css/Homepage.Head.styles.css?v=OYbGWYZPwKYqKpzbuM4VLa3Xbf0
Requested by
Host: demo2.nitrotest.net
URL: https://demo2.nitrotest.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.43.40 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3171321.ip-51-89-43.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
cf899440fbebb86190d8084c4367bab0c80f59eb37a766f001893a147f67bee8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://demo2.nitrotest.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
last-modified
Thu, 13 Jul 2023 11:20:21 GMT
server
Microsoft-IIS/10.0
date
Tue, 06 Feb 2024 17:01:23 GMT
referrer-policy
same-origin
etag
"OYbGWYZPwKYqKpzbuM4VLa3Xbf0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
max-age=31536000,immutable
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
x-xss-protection
1; mode=block
us.png
demo2.nitrotest.net/images/flags/ 		609 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo2.nitrotest.net/images/flags/us.png
Requested by
Host: demo2.nitrotest.net
URL: https://demo2.nitrotest.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.43.40 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3171321.ip-51-89-43.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://demo2.nitrotest.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Wed, 06 May 2020 06:42:16 GMT
server
Microsoft-IIS/10.0
date
Tue, 06 Feb 2024 17:01:23 GMT
etag
"1d623717b3ed661"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
609
x-xss-protection
1; mode=block
tr.png
demo2.nitrotest.net/images/flags/ 		492 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo2.nitrotest.net/images/flags/tr.png
Requested by
Host: demo2.nitrotest.net
URL: https://demo2.nitrotest.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.43.40 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3171321.ip-51-89-43.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
292d592f7fa1df2fa653ecc1e03d5eb2ae68277c6df264f762aefb8218e23454
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://demo2.nitrotest.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Wed, 06 May 2020 06:42:16 GMT
server
Microsoft-IIS/10.0
date
Tue, 06 Feb 2024 17:01:23 GMT
etag
"1d623717b3ed5ec"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
492
x-xss-protection
1; mode=block
0000011_chiptuning_logo.png
demo2.nitrotest.net/images/thumbs/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo2.nitrotest.net/images/thumbs/0000011_chiptuning_logo.png
Requested by
Host: demo2.nitrotest.net
URL: https://demo2.nitrotest.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.43.40 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3171321.ip-51-89-43.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
5c21732a9abcb45ddc555a817b87ef8d9c78b4552e1aea2497433b66960222e6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://demo2.nitrotest.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 08 Jun 2023 09:08:40 GMT
server
Microsoft-IIS/10.0
date
Tue, 06 Feb 2024 17:01:23 GMT
etag
"1d999e8d0e0cbc5"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
6085
x-xss-protection
1; mode=block
0000385_onlinechiptuning_slider_guncel.webp
onlinechiptuning.com/images/thumbs/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinechiptuning.com/images/thumbs/0000385_onlinechiptuning_slider_guncel.webp
Requested by
Host: demo2.nitrotest.net
URL: https://demo2.nitrotest.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.43.40 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3171321.ip-51-89-43.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
97bbfcdd52702d6531f3af1f5edb237d22030d453553e27704166f42646629fa
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 26 May 2023 06:03:23 GMT
server
Microsoft-IIS/10.0
date
Tue, 06 Feb 2024 17:01:23 GMT
etag
"1d98f97c74343be"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
115774
x-xss-protection
1; mode=block
step_1.webp
onlinechiptuning.com/images/uploaded/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinechiptuning.com/images/uploaded/step_1.webp
Requested by
Host: demo2.nitrotest.net
URL: https://demo2.nitrotest.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.43.40 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3171321.ip-51-89-43.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
04825b4f9101a266f7dd90311669bce6bb9109eea180e02388c2972371adda63
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 26 May 2023 06:12:26 GMT
server
Microsoft-IIS/10.0
date
Tue, 06 Feb 2024 17:01:23 GMT
etag
"1d98f990ae9d45c"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
5468
x-xss-protection
1; mode=block
step_2.webp
onlinechiptuning.com/images/uploaded/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinechiptuning.com/images/uploaded/step_2.webp
Requested by
Host: demo2.nitrotest.net
URL: https://demo2.nitrotest.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.43.40 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3171321.ip-51-89-43.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
01f1cdac316966d05036da6e49b0e4f792963f69929328f1b71147eef2590751
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 26 May 2023 06:12:26 GMT
server
Microsoft-IIS/10.0
date
Tue, 06 Feb 2024 17:01:23 GMT
etag
"1d98f990ae9d944"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
6212
x-xss-protection
1; mode=block
step_3.webp
onlinechiptuning.com/images/uploaded/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinechiptuning.com/images/uploaded/step_3.webp
Requested by
Host: demo2.nitrotest.net
URL: https://demo2.nitrotest.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.43.40 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3171321.ip-51-89-43.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
419f11baa4b199ea41b572d782d0897f9819549b1da959011c7b6ba3766ec949
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 26 May 2023 06:12:26 GMT
server
Microsoft-IIS/10.0
date
Tue, 06 Feb 2024 17:01:23 GMT
etag
"1d98f990ae9d870"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
6512
x-xss-protection
1; mode=block
step_4.webp
onlinechiptuning.com/images/uploaded/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinechiptuning.com/images/uploaded/step_4.webp
Requested by
Host: demo2.nitrotest.net
URL: https://demo2.nitrotest.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.43.40 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3171321.ip-51-89-43.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
b05f671a0ba5c92838e95d31be42e6d84f5691f43ad5c95f4ffca856c13c0d35
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 26 May 2023 06:12:26 GMT
server
Microsoft-IIS/10.0
date
Tue, 06 Feb 2024 17:01:23 GMT
etag
"1d98f990ae9d03c"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
4412
x-xss-protection
1; mode=block
Homepage.Footer.scripts.js
demo2.nitrotest.net/js/ 		768 KB
300 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo2.nitrotest.net/js/Homepage.Footer.scripts.js?v=0ctEdXChWB3pdY4cmjeNWhipwJ4
Requested by
Host: demo2.nitrotest.net
URL: https://demo2.nitrotest.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.43.40 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3171321.ip-51-89-43.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
0130f65511bcad56fb9a53aac88250b9d993fa6f7697de0125536945c59cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://demo2.nitrotest.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
last-modified
Wed, 24 May 2023 13:17:33 GMT
server
Microsoft-IIS/10.0
date
Tue, 06 Feb 2024 17:01:23 GMT
referrer-policy
same-origin
etag
"0ctEdXChWB3pdY4cmjeNWhipwJ4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000,immutable
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
x-xss-protection
1; mode=block
search-button.svg
demo2.nitrotest.net/Themes/Venture/Content/img/ 		949 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo2.nitrotest.net/Themes/Venture/Content/img/search-button.svg
Requested by
Host: demo2.nitrotest.net
URL: https://demo2.nitrotest.net/css/Homepage.Head.styles.css?v=OYbGWYZPwKYqKpzbuM4VLa3Xbf0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.43.40 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3171321.ip-51-89-43.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
6a783653a713b82df0c46e0735d1651b57c9d80305e2d1fe1abebc2e8a50fe2f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://demo2.nitrotest.net/css/Homepage.Head.styles.css?v=OYbGWYZPwKYqKpzbuM4VLa3Xbf0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 20 Oct 2022 13:58:50 GMT
server
Microsoft-IIS/10.0
date
Tue, 06 Feb 2024 17:01:23 GMT
etag
"1d8e48c149fcab5"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
949
x-xss-protection
1; mode=block
horizontal_line_bg_1000.webp
onlinechiptuning.nitrotest.net/images/uploaded/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinechiptuning.nitrotest.net/images/uploaded/horizontal_line_bg_1000.webp
Requested by
Host: demo2.nitrotest.net
URL: https://demo2.nitrotest.net/css/Homepage.Head.styles.css?v=OYbGWYZPwKYqKpzbuM4VLa3Xbf0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.43.40 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3171321.ip-51-89-43.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
95e60b59949bc54a9ac20732c8f171fcbc047c85ab1864de9f9f8cf6f974a779
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 20 Dec 2022 08:44:23 GMT
server
Microsoft-IIS/10.0
date
Tue, 06 Feb 2024 17:01:23 GMT
etag
"1d9144f4236c60c"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
2956
x-xss-protection
1; mode=block
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://demo2.nitrotest.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:11:24 GMT
x-content-type-options
nosniff
age
596999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 19:11:24 GMT
subscribe-button.svg
demo2.nitrotest.net/Themes/Venture/Content/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo2.nitrotest.net/Themes/Venture/Content/img/subscribe-button.svg
Requested by
Host: demo2.nitrotest.net
URL: https://demo2.nitrotest.net/css/Homepage.Head.styles.css?v=OYbGWYZPwKYqKpzbuM4VLa3Xbf0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.43.40 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3171321.ip-51-89-43.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
a4d846ea764e2d8ef79342ddd4b2c353b07307c6f448dd1f76d9057b5c390c54
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://demo2.nitrotest.net/css/Homepage.Head.styles.css?v=OYbGWYZPwKYqKpzbuM4VLa3Xbf0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 20 Oct 2022 13:58:50 GMT
server
Microsoft-IIS/10.0
date
Tue, 06 Feb 2024 17:01:23 GMT
etag
"1d8e48c149fcdaa"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public,max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
content-length
1194
x-xss-protection
1; mode=block
Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
fonts.gstatic.com/s/fjallaone/v15/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fjalla+One&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://demo2.nitrotest.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:13:47 GMT
x-content-type-options
nosniff
age
596856
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44584
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 20:46:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 19:13:47 GMT
Z9XUDmZRWg6M1LvRYsHOz8mJ.woff2
fonts.gstatic.com/s/russoone/v16/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/russoone/v16/Z9XUDmZRWg6M1LvRYsHOz8mJ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700;800;900&family=Russo+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82f191a65d38e50c45e0c35e15343690ea1d122402990b99d0c5a1585f9d47af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://demo2.nitrotest.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:34:41 GMT
x-content-type-options
nosniff
age
84402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7368
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 22:05:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Feb 2025 17:34:41 GMT
Yq6R-LCAWCX3-6Ky7FAFrO96kigt.woff2
fonts.gstatic.com/s/fjallaone/v15/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrO96kigt.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fjalla+One&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f9a868663880020b4e9072f91e7b84f9fad0291fe529e8d00495eb731b610d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://demo2.nitrotest.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:03:02 GMT
x-content-type-options
nosniff
age
590301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23324
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 20:46:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 21:03:02 GMT
S6uyw4BMUTPHjxAwXjeu.woff2
fonts.gstatic.com/s/lato/v24/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://demo2.nitrotest.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:50:01 GMT
x-content-type-options
nosniff
age
598282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5472
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:50:01 GMT
getquickviewbutton
demo2.nitrotest.net/ 		71 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://demo2.nitrotest.net/getquickviewbutton?_=1707238884381
Requested by
Host: demo2.nitrotest.net
URL: https://demo2.nitrotest.net/js/Homepage.Footer.scripts.js?v=0ctEdXChWB3pdY4cmjeNWhipwJ4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.43.40 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3171321.ip-51-89-43.eu
Software
Microsoft-IIS/10.0 /
Resource Hash
17002db412ed29d3780cc1bef403297e62c2cc23fe9cdff31d83239804c617c7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://demo2.nitrotest.net/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
server
Microsoft-IIS/10.0
date
Tue, 06 Feb 2024 17:01:24 GMT
referrer-policy
same-origin
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=utf-8
content-language
en-US
x-miniprofiler-ids
["2c4efed8-e369-42c5-a596-88673784dc7a"]
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| OpenWindow function| setLocation function| displayAjaxLoading function| displayPopupNotification function| displayJoinedPopupNotifications function| displayPopupContentFromUrl function| displayBarNotification function| htmlEncode function| htmlDecode function| addAntiForgeryToken object| AjaxCart object| cookieHelper function| $ function| jQuery object| kendo object| sevenSpikesCore object| CatalogProducts object| nopProductRibbons function| qq function| Ta function| CloudZoom object| sevenSpikesThemeModules function| sevenSpikesTheme object| localized_data function| newsletter_subscribe

3 Cookies

Domain/Path Name / Value
demo2.nitrotest.net/ Name: .Nop.Antiforgery
Value: CfDJ8OiK5NFWgS1LrDEFPnO_4l2enKeE1sJDkVVrtLsixUEHDB31YhnJbyVqKM36ZIYnvjxug4UhvkIbg_RRkuVU2xEwX1SffUqdZkK5cfUl8Gx5VyJRGhl6VeXFlthJ646DtS7Ok_2pVmUtWmvjZO6qUvE
demo2.nitrotest.net/ Name: .Nop.Customer
Value: c9e6df32-9ea7-4def-adce-18ce35818fab
demo2.nitrotest.net/ Name: .Nop.Culture
Value: c%3Den-US%7Cuic%3Den-US

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

demo2.nitrotest.net
fonts.googleapis.com
fonts.gstatic.com
onlinechiptuning.com
onlinechiptuning.nitrotest.net
2a00:1450:4001:811::2003
2a00:1450:4001:82f::200a
51.89.43.40
0130f65511bcad56fb9a53aac88250b9d993fa6f7697de0125536945c59cd2d4
01f1cdac316966d05036da6e49b0e4f792963f69929328f1b71147eef2590751
04825b4f9101a266f7dd90311669bce6bb9109eea180e02388c2972371adda63
116971543805848f1a500a262c24d3ab4ac7e847800a48b739e3ba3f9670717b
17002db412ed29d3780cc1bef403297e62c2cc23fe9cdff31d83239804c617c7
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7
292d592f7fa1df2fa653ecc1e03d5eb2ae68277c6df264f762aefb8218e23454
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
3f9a868663880020b4e9072f91e7b84f9fad0291fe529e8d00495eb731b610d2
419f11baa4b199ea41b572d782d0897f9819549b1da959011c7b6ba3766ec949
433e3ab4d1d2d75ac304c6074d3e712c791a1a1bea07d2eea0c58d62a7434eee
43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47
5c21732a9abcb45ddc555a817b87ef8d9c78b4552e1aea2497433b66960222e6
6a783653a713b82df0c46e0735d1651b57c9d80305e2d1fe1abebc2e8a50fe2f
82f191a65d38e50c45e0c35e15343690ea1d122402990b99d0c5a1585f9d47af
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
95e60b59949bc54a9ac20732c8f171fcbc047c85ab1864de9f9f8cf6f974a779
97bbfcdd52702d6531f3af1f5edb237d22030d453553e27704166f42646629fa
a4d846ea764e2d8ef79342ddd4b2c353b07307c6f448dd1f76d9057b5c390c54
ab23d5361fcfcd0a8ec147ee715699c6070320f29b73b4c7c7fe69585afd81a8
b05f671a0ba5c92838e95d31be42e6d84f5691f43ad5c95f4ffca856c13c0d35
b9c4778cf4df8c29942bedea060df136a342491ad39cbe462fd21c25d3c758a5
cf899440fbebb86190d8084c4367bab0c80f59eb37a766f001893a147f67bee8
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c