client-nitro.habbosk.us Open in urlscan Pro
2606:4700:3032::6815:5de1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://client-nitro.habbosk.us/
Submission Tags: phishingrod
Submission: On December 08 via api (December 8th 2022, 4:50:12 am UTC) from DE — Scanned from US

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3032::6815:5de1, located in United States and belongs to CLOUDFLARENET, US. The main domain is client-nitro.habbosk.us.
TLS certificate: Issued by R3 on December 8th 2022. Valid for: 3 months.

This is the only time client-nitro.habbosk.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2606:4700:303... 2606:4700:3032::6815:5de1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:8c50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	3

11 2606:4700:3032::6815:5de1 (United States)

ASN13335 (CLOUDFLARENET, US)

client-nitro.habbosk.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8c50 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.habbosk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	habbosk.us client-nitro.habbosk.us	2 MB
1	habbosk.com cdn.habbosk.com	3 KB
13	2

	Domain	Requested by
11	client-nitro.habbosk.us	client-nitro.habbosk.us
1	cdn.habbosk.com	client-nitro.habbosk.us
13	2

This site contains no links.

Subject Issuer	Validity	Valid
client-nitro.habbosk.us R3	`2022-12-08` - `2023-03-08`	3 months	crt.sh
cdn.habbosk.com Cloudflare Inc ECC CA-3	`2022-10-19` - `2023-10-18`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://client-nitro.habbosk.us/
Frame ID: 9C48334CA61408146730766426BFB3B7
Requests: 11 HTTP requests in this frame

Frame: https://client-nitro.habbosk.us/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1670472000
Frame ID: 6AF12311222863CAACAC0B363C4D2501
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nitro

Page Statistics

13
Requests

92 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

1679 kB
Transfer

5800 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
client-nitro.habbosk.us/ 5 KB
3 KB 411ms
145ms Document
text/html 2606:4700:3032::6815:5de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-nitro.habbosk.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:5de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a40a102a5f1fcb48010b5ef389da89e1a901a3ce9c06c3b3a430a317449d7b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7762e0b2fec6631a-ORD
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 08 Dec 2022 04:50:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8D3Yk2%2FXcC10EnXZ5lFZ9b8BG0f1uyjC8F04MvFNU5L4dsAA585AonshLrsJKvrz7MZkJ2l5yix9n%2BnEkkM20Wlu9j1t7rOyHjE3AUP2Enw13XMr7T935kzzAfu0ycnFfMwc%2B3AT6khagQ1haoNeGYC5Rozp1A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 vendors.34eda13e.chunk.css
client-nitro.habbosk.us/static/css/ 70 KB
6 KB 322ms
319ms Stylesheet
text/css 2606:4700:3032::6815:5de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-nitro.habbosk.us/static/css/vendors.34eda13e.chunk.css

Requested by

Host: client-nitro.habbosk.us
URL: https://client-nitro.habbosk.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:5de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8f7d3d5a9f58b8194d795addbb8d662dbd341ee10fa04df96b66dded5e752fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client-nitro.habbosk.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 04:50:01 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"d34d71cf7236243ac25b1bf62a4ce405"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9xhyYZABErGksIPJh9v1rDdgsPjWzqQ317jYXchQEghBKSlSGtVPEAiqny3DIWUyD%2Bt2tKLYsU1C16kZo4BdDeEt87unfD%2BrioadBwR36qDrY%2BRBZHJar28eA1eAUW4v05MtgCk8C1EvOWT2yq%2FUiHNvnu08Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=691200, must-revalidate
cf-ray: 7762e0b4584b631a-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main.bd6357e2.chunk.css
client-nitro.habbosk.us/static/css/ 971 KB
422 KB 537ms
534ms Stylesheet
text/css 2606:4700:3032::6815:5de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-nitro.habbosk.us/static/css/main.bd6357e2.chunk.css

Requested by

Host: client-nitro.habbosk.us
URL: https://client-nitro.habbosk.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:5de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9a88a74b6d53b0745ded1e3c6b86d0a7cb9016598b2d4494db0aa3d6b57a6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client-nitro.habbosk.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 04:50:01 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"531f4c3025c2af375c75978f70fea6cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLLJaxvPftFxiIUK4uJt1Drt7GW5rNY8w7g1VfZgoZRys8fC9Oiv7oCFMTW3wh0AqgSPGhdiOAdZWSaVX%2BMBymxjhdeM6TbHGnIbgQMsUltOmpoLF%2B3OFaOwoaaCsMbQvveLVaMEtGN234qyRbg87g%2F%2BT4Xrzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=691200, must-revalidate
cf-ray: 7762e0b4584d631a-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 vendors.0db446ec.chunk.js Show response
client-nitro.habbosk.us/static/js/ 4 MB
911 KB 1004ms
1001ms Script
application/javascript 2606:4700:3032::6815:5de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-nitro.habbosk.us/static/js/vendors.0db446ec.chunk.js

Requested by

Host: client-nitro.habbosk.us
URL: https://client-nitro.habbosk.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:5de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba5abbcff1c616504d382d7293115ec6e758245f5969bb1293ec6a4fdc95084c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client-nitro.habbosk.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 04:50:01 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"03008bbd136b428f18355fe6d088ba08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hV9%2FQE%2BnmfBOwgNd%2B%2BC%2BOluWtm%2B3qtzfI5uxqEprLuO2yR6M6s%2BpZQBQfRxwe3RGqauQ13ryTA78exY118Pyee%2BVOgQzkvc6J8WlcVpS6pKDHH2avWMwUSrxGzR26QyUR5hPWEFGppJoyL4m3xLWMOgM2rEwrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=691200, must-revalidate
cf-ray: 7762e0b4584e631a-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main.82b8846e.chunk.js Show response
client-nitro.habbosk.us/static/js/ 644 KB
143 KB 448ms
446ms Script
application/javascript 2606:4700:3032::6815:5de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-nitro.habbosk.us/static/js/main.82b8846e.chunk.js

Requested by

Host: client-nitro.habbosk.us
URL: https://client-nitro.habbosk.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:5de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64ce4279dcefe340291ecd3b2f563fa33ed8a67109b66b214ae1c7d3222f0441

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client-nitro.habbosk.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 04:50:01 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"53701b9c415324385c9e748a691201b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGYi%2Fpt3gxTRiALI%2FfvTOicBGmYu0AzwK0RrQnUjmHyMzvYvBVmTZlRvkmg5%2FQnUk8T3bgG8PvO4%2FG94fHSGQIJjPWPToGIuw9t%2F8cqyxVqgQ1LDkDkLhGlGOiSB9nU6p9UGYrC77L%2BgkBVytMIV6eYF%2F%2BDhNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=691200, must-revalidate
cf-ray: 7762e0b45850631a-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 34 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e83054236f35d7ee33fdb649c288651dec43854f2187e52dbabbb8d19b992da

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Ubuntu-C.8d413c42.ttf
client-nitro.habbosk.us/static/media/ 361 KB
162 KB 150ms
149ms Font
font/ttf 2606:4700:3032::6815:5de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-nitro.habbosk.us/static/media/Ubuntu-C.8d413c42.ttf

Requested by

Host: client-nitro.habbosk.us
URL: https://client-nitro.habbosk.us/static/css/main.bd6357e2.chunk.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:5de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd02348fb91c0da7688a48b1c84436754e65f1dd3bf55b5083fc2915c04805c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://client-nitro.habbosk.us/static/css/main.bd6357e2.chunk.css
Origin: https://client-nitro.habbosk.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 04:50:04 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"072161fc6e560a5d33d5c494ccce31e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnpVjLohJ9UrTome0JdX3SpayGjNMbNAa2BQBbvFEp0%2FOwH0b8%2Bmt8dlZxFfYfe4TjHzaD1X2iBnsrQF78BR0hIUHPQRJeVPoq1vBvwgBsSzbKgld2%2FfVLuUEac8rIJ3dL%2Fa0fSBsjV5yIHnRCyyJE9URvxf8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=691200, must-revalidate
cf-ray: 7762e0cb3bfd2b45-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 invisible.js Show response
client-nitro.habbosk.us/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 6AF1 34 KB
15 KB 75ms
74ms Script
application/javascript 2606:4700:3032::6815:5de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://client-nitro.habbosk.us/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1670472000
Requested by: Host: client-nitro.habbosk.us
URL: https://client-nitro.habbosk.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bebdaf9748b9df1d0e9a7db11699acbfb89d28463ace0a14d62d76f124041684

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 04:50:04 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6JiMFuvm%2BG1I9dCHQgst2fo%2FAyiKv714MKw5TwMg%2BMCFWf4ywS2ld1I5%2FKWSPNZQ3wG%2BMiwNc%2BrO8QSanhaVEZA1tmg4g%2FbA%2FESREOicRIM9I86zPLh2gASX4X7u%2BVGN7rmKokPUR%2BSvnvFkccnEYS%2BrgZP3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7762e0cb8c382b45-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
BLOB 200
OK 5f1a700f-2143-4323-b652-d7952325db0c
https://client-nitro.habbosk.us/ 365 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://client-nitro.habbosk.us/5f1a700f-2143-4323-b652-d7952325db0c
Requested by: Host: client-nitro.habbosk.us
URL: https://client-nitro.habbosk.us/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9be202454df0a19e4e1585738699cbc767091cc642e842d73ae98ce90ab5c50

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Length: 365

GET
H3 200 renderer-config.json Show response
client-nitro.habbosk.us/ 19 KB
2 KB 305ms
304ms Fetch
application/json 2606:4700:3032::6815:5de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-nitro.habbosk.us/renderer-config.json

Requested by

Host: client-nitro.habbosk.us
URL: https://client-nitro.habbosk.us/static/js/vendors.0db446ec.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:5de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee90522aaad559afbb03bee6c7096fbf7ebefda7b0ee5c43390ec961dd6bd346

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client-nitro.habbosk.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 04:50:04 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: DYNAMIC
etag: W/"fbc3778fbc81ea82eb660c889902a29f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wE5vdjUQuZCpYoKCySxeVyNkhcly4OsDpqDio4FSk1WoZq4IFo3PCrsw1Wt%2FM1h0tBhemM0mWVU4Sd53EwIdF%2FsZsPaYeFOQRiNM1vG6F5fJ7%2FNj1EgZuqVvE4NTIxoDnUJRfH5GbOKmzPYCaBFKqhvuVcHgJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 7762e0cb8c412b45-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ui-config.json Show response
client-nitro.habbosk.us/ 29 KB
3 KB 115ms
114ms Fetch
application/json 2606:4700:3032::6815:5de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-nitro.habbosk.us/ui-config.json

Requested by

Host: client-nitro.habbosk.us
URL: https://client-nitro.habbosk.us/static/js/vendors.0db446ec.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:5de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c3ea7abf4606d76987899b3e038b043e30177cd971377ca1fdd263b9233ccbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client-nitro.habbosk.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 04:50:05 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: DYNAMIC
etag: W/"1bb4fb57e26ec741e5868a8c724c5ffd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTu3vH%2BptCiEx95jTHKo%2FKyOhSvqjWv%2FmPCHDv2tydl8xR5XSZ%2BwUHEPv%2FPRNDhI2Bb86WzyAv2B3PLq6sCLrx1pUkzF%2BxmThwo17NiDVV3zgfL11QISD0ucijgNAZX%2FcRZXuBerXjO4FL0vD14GMpOm36slAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 7762e0cdcea02b45-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
client-nitro.habbosk.us/cdn-cgi/challenge-platform/h/g/scripts/ Frame 6AF1 22 KB
9 KB 72ms
72ms Other
application/javascript 2606:4700:3032::6815:5de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://client-nitro.habbosk.us/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41ee98aaa6a54cd96a9de571194b3239e8a0f8082980dfa7a7e6c113c33513af

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 04:50:05 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5IqMvzlfMmBWH5wa9mPfvER2NmypkFYB9nqnK51i%2F5lIjPKvwR9NCWJPJiV5NVpKar4Q57l2PhKjBeR%2FJ73PlMy%2FclqH2VyBAhuRGO0MkX8xYGQTojvebmBNWEwWLbOeaPamJNglIFKbDNMUenPjbj4pBWFrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7762e0cddeb12b45-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 403
Forbidden ExternalTexts.json Show response
cdn.habbosk.com/nitro/gamedata/ 6 KB
3 KB 249ms
58ms Fetch
text/html 2606:4700:3037::ac43:8c50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.habbosk.com/nitro/gamedata/ExternalTexts.json?v=3.3

Requested by

Host: client-nitro.habbosk.us
URL: https://client-nitro.habbosk.us/static/js/vendors.0db446ec.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8c50 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44eb921abfc4cc1b81be7baf05c39b9352342a073ce719a4df85f0dedb8a3dee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client-nitro.habbosk.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 04:50:05 GMT
Content-Encoding: br
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Referrer-Policy: same-origin
Server: cloudflare
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7I3MMkq%2BKeA86N%2FwrczLsROank7kCbMUFpVy8coXEZ2qyCpqtswHXWCxSmzxLtGj8xPUHdX53HVgNDKMEnCD%2FfYc4WIGV0%2BxOnSK3cEHG851QaQMPJqP1%2BUfbTaPk42hsFy4S3hXBnBqwhYjqA%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
CF-RAY: 7762e0cfb8d2869e-ORD
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H3 200 7762e0b2fec6631a Show response
client-nitro.habbosk.us/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 6AF1 2 B
684 B 60ms
58ms XHR
text/plain 2606:4700:3032::6815:5de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://client-nitro.habbosk.us/cdn-cgi/challenge-platform/h/g/cv/result/7762e0b2fec6631a
Requested by: Host: client-nitro.habbosk.us
URL: https://client-nitro.habbosk.us/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1670472000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 08 Dec 2022 04:50:06 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4ts3JmQ0c0Oh%2BsLNH2AeA6t5hImlWQwW65%2BrhUSq6yKnNOMHYOKO93Hne1YryF47Qr%2Bcjb0IYdnqvhe23DrhZRKC2z9nhp3Ui8FdsWqz4kpgce0toVHc9jOuVP0JkdVecbsagtiuw0%2Bbg%2FdUXi1z3QQux28Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7762e0d8799c2b45-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.habbosk.us/	1970-01-20 08:01:16	Name: __cf_bm Value: XByYuhzZqTVz.9yB5PLWrQZB7XN.rueLVoHjiYJjcDQ-1670475006-0-AYlqSCTS+lCNbRIT/8NWHI/pv+Gs+yfVtUjkO1TAKY4/8hJeoPRLhiXr4vH5nI4q+lhMIHHxv/A8TCwzpH732zTyNR7L5QXXjJeTaJ6U9/fYIKIwO4jgZwv4YfQom69gBKHDazvhBQq45ojOuWIllzg=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.habbosk.com/nitro/gamedata/ExternalTexts.json?v=3.3 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.habbosk.com
client-nitro.habbosk.us
2606:4700:3032::6815:5de1
2606:4700:3037::ac43:8c50
1e83054236f35d7ee33fdb649c288651dec43854f2187e52dbabbb8d19b992da
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
41ee98aaa6a54cd96a9de571194b3239e8a0f8082980dfa7a7e6c113c33513af
44eb921abfc4cc1b81be7baf05c39b9352342a073ce719a4df85f0dedb8a3dee
5c3ea7abf4606d76987899b3e038b043e30177cd971377ca1fdd263b9233ccbd
64ce4279dcefe340291ecd3b2f563fa33ed8a67109b66b214ae1c7d3222f0441
7bd02348fb91c0da7688a48b1c84436754e65f1dd3bf55b5083fc2915c04805c
a40a102a5f1fcb48010b5ef389da89e1a901a3ce9c06c3b3a430a317449d7b73
b8f7d3d5a9f58b8194d795addbb8d662dbd341ee10fa04df96b66dded5e752fb
b9be202454df0a19e4e1585738699cbc767091cc642e842d73ae98ce90ab5c50
ba5abbcff1c616504d382d7293115ec6e758245f5969bb1293ec6a4fdc95084c
bebdaf9748b9df1d0e9a7db11699acbfb89d28463ace0a14d62d76f124041684
d9a88a74b6d53b0745ded1e3c6b86d0a7cb9016598b2d4494db0aa3d6b57a6f2
ee90522aaad559afbb03bee6c7096fbf7ebefda7b0ee5c43390ec961dd6bd346

client-nitro.habbosk.us Open in urlscan Pro 2606:4700:3032::6815:5de1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

13 Requests

92 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

1679 kBTransfer

5800 kBSize

1 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

client-nitro.habbosk.us Open in urlscan Pro
2606:4700:3032::6815:5de1 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

1679 kB
Transfer

5800 kB
Size

1
Cookies

13 HTTP transactions
1 data transactions