urlscan.io logo urlscan.io
SecurityTrails logo

nitroflarepremium.com Open in urlscan Pro
2606:4700:3031::ac43:aee5  Public Scan

Go To Rescan Add Verdict Report
URL: https://nitroflarepremium.com/
Submission Tags: phishingrod
Submission: On November 26 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 2606:4700:3031::ac43:aee5, located in United States and belongs to CLOUDFLARENET, US. The main domain is nitroflarepremium.com.
TLS certificate: Issued by GTS CA 1P5 on October 3rd 2023. Valid for: 3 months.
This is the only time nitroflarepremium.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:303... 13335 (CLOUDFLAR...)
5 2
Apex Domain
Subdomains		 Transfer
4 nitroflarepremium.com
nitroflarepremium.com
67 KB
5 1
Domain Requested by
4 nitroflarepremium.com nitroflarepremium.com
5 1

This site contains links to these domains. Also see Links.

Domain
nitroflare.org
tezfiles.info
fikperpremium.com
wordpress.org
Subject Issuer Validity Valid
nitroflarepremium.com
GTS CA 1P5		 2023-10-03 -
2024-01-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://nitroflarepremium.com/
Frame ID: 359B2E6FAC05D9C366A95130D1418515
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nitroflare Premium Account

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

5
Requests

80 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

68 kB
Transfer

425 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nitroflarepremium.com/ 		47 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nitroflarepremium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:aee5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
051d8a17ef70fd65f78b84c0aac7d26a71c9c758ff90af08e79d73fec25e375a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82c23d52ada03f69-SIN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 26 Nov 2023 12:47:22 GMT
link
<https://nitroflarepremium.com/wp-json/>; rel="https://api.w.org/" <https://nitroflarepremium.com/wp-json/wp/v2/pages/146>; rel="alternate"; type="application/json" <https://nitroflarepremium.com/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5UOBR0IQkNNNgqpLkHaWQRNTQqTOSX9SnTvD%2BjDfFZylZygdzaLKQvhs8E%2BlVZB2ocqGxvrY5Mh8Qb4zMX9pTfm%2BcSK7OHeBC37XP7mGbL6qIYW1x16Nu20KfCuBtLDwhRFLfJIaZ4XqELuwZcxZterW90I%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-dns-prefetch-control
on
x-litespeed-cache
hit
4475c4c58b60e3a9f0bbe433c6c13632.css
nitroflarepremium.com/wp-content/litespeed/css/ 		362 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nitroflarepremium.com/wp-content/litespeed/css/4475c4c58b60e3a9f0bbe433c6c13632.css?ver=b1cee
Requested by
Host: nitroflarepremium.com
URL: https://nitroflarepremium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:aee5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca7fb7c79f91e8a255788c3a3719653d17b172b2cfe6fb800b787a0fed64f03b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroflarepremium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 12:47:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=371999
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 08 Nov 2023 01:49:10 GMT
server
cloudflare
etag
W/"5ad1f-654ae916-17f933;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0xuzcGo5tz%2FNugFQr%2B27OD3p%2FRE6fxbC91H0fo8kuNZ6Wo9326zliW4Kf%2BXIgnQZY8txHBAhjdTew%2BywQRyDLVm2m163lmd0Icll4N7lcogHdfAbTEe1gV%2FivfSBGNldn3uzVKJFtq7jnQo97XyFFWNJtI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82c23d58bea23f69-SIN
expires
Wed, 29 Nov 2023 09:49:13 GMT
truncated
/ 		165 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4ca1a4c397cbb5d1e7a5a85d70317ac05187d66150bf86049f35f8ac4fed577

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		167 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
283a3dae13bc861bdc4a7d5938693f2874f06c59bdac33e3f613c742b3dc943a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		163 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59b2953a6509047f30e0cccee9a596aa81e1df0f5e953ada8bb710261ede9e97

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
rocket-loader.min.js
nitroflarepremium.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nitroflarepremium.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: nitroflarepremium.com
URL: https://nitroflarepremium.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:aee5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroflarepremium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 12:47:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 Nov 2023 21:55:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65568fe4-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2BK%2BbCdHuAHvqbcJqnslmMKW%2F0vNh%2F6r5JdtBIzzTmpqdAJdRfRE34VagLcwGaAUdo2OFuJ8gl2I%2FgRtVr3E1YAuRMHRJFkfh5Xt22JgSKwZ9dM8oyf1CTyKKEMg5u%2FybVcUbS4yFnSiQsXKRrqs3p9PxFA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
82c23d5879ee91e9-FRA
expires
Tue, 28 Nov 2023 12:47:22 GMT
truncated
/ 		808 B
808 B 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e82505b30144c1df925f9e2b41576a1126a9168e5a2d7f4913f6304763dcdc8

Request headers

Referer
Origin
https://nitroflarepremium.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
guest.vary.php
nitroflarepremium.com/wp-content/plugins/litespeed-cache/ 		0
0
logo.png
nitroflarepremium.com/wp-content/uploads/2022/01/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nitroflarepremium.com/wp-content/uploads/2022/01/logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:aee5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f407db1c53bee25e38778fceb1dac855c895fc215ef2920dfcc388ea367037e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroflarepremium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 12:47:23 GMT
cf-cache-status
HIT
last-modified
Tue, 25 Apr 2023 03:03:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9e8-64474302-186a34;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxxY4a4mKH6alBf12PoSo6bTZ5n%2Bp4iHd2QnAUCSZOL%2FBOERFYpjUKNUsGetcPUtseTfMVOVmyU7hd6yXw%2Bvk6FP%2BjtVKYDdxpIpMGGjhoGTfKxesoytqUp%2B%2Boc8NdJBiGb6C7WMDW%2B4mjMWXzPMgrsfm78%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
82c23d5bacfd91e9-FRA
alt-svc
h3=":443"; ma=86400
content-length
2536
expires
Wed, 29 Nov 2023 09:49:14 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
nitroflarepremium.com
URL
https://nitroflarepremium.com/wp-content/plugins/litespeed-cache/guest.vary.php

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| __cfQR object| litespeed_docref function| LazyLoad string| litespeed_vary function| urlCreator function| litespeed_load_delayed_js_force function| litespeed_load_delayed_js function| litespeed_load_one function| litespeed_inline2src boolean| __cfRLUnblockHandlers

0 Cookies