urlscan.io logo urlscan.io
SecurityTrails logo

nezur.net Open in urlscan Pro
185.100.87.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nezur.net/nezur_external.zip
Effective URL: https://nezur.net/nezur_external.zip
Submission: On January 21 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 10 HTTP transactions. The main IP is 185.100.87.32, located in Bucharest, Romania and belongs to FLOKINET, SC. The main domain is nezur.net.
TLS certificate: Issued by R3 on January 3rd 2024. Valid for: 3 months.
This is the only time nezur.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    185.100.87.32 (Bucharest, Romania)

ASN200651 (FLOKINET, SC)
PTR: ddos1.flokinet.is
nezur.net
1    2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2600:9000:2211:5400:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.website-files.com
1    108.156.105.203 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-105-203.ord56.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
1    2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
4 nezur.net
nezur.net
319 KB
2 gstatic.com
fonts.gstatic.com
82 KB
2 website-files.com
assets.website-files.com — Cisco Umbrella Rank: 12153
55 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369
fonts.googleapis.com — Cisco Umbrella Rank: 28
7 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
31 KB
10 5
Domain Requested by
4 nezur.net 1 redirects nezur.net
2 fonts.gstatic.com fonts.googleapis.com
2 assets.website-files.com nezur.net
1 fonts.googleapis.com ajax.googleapis.com
1 d3e54v103j8qbb.cloudfront.net nezur.net
1 ajax.googleapis.com nezur.net
10 6

This site contains no links.

Subject Issuer Validity Valid
www.store.nezur.net
R3		 2024-01-03 -
2024-04-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.website-files.com
Amazon RSA 2048 M03		 2023-09-11 -
2024-10-08		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://nezur.net/nezur_external.zip
Frame ID: 332457B06C4B5EC66DEC770688FD63FE
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nezur - 404 Not Found

Page URL History Show full URLs

  1. http://nezur.net/nezur_external.zip HTTP 301
    https://nezur.net/nezur_external.zip Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Checkout
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

494 kB
Transfer

1932 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nezur.net/nezur_external.zip HTTP 301
    https://nezur.net/nezur_external.zip Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request nezur_external.zip
nezur.net/
Redirect Chain
  • http://nezur.net/nezur_external.zip
  • https://nezur.net/nezur_external.zip
19 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nezur.net/nezur_external.zip
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.100.87.32 Bucharest, Romania, ASN200651 (FLOKINET, SC),
Reverse DNS
ddos1.flokinet.is
Software
nginx /
Resource Hash
91335b0a1549533532d13489e42b8dd05c63e24ea83a84b1565e6078c2fcfba1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
br
content-type
text/html
date
Sun, 21 Jan 2024 21:00:36 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 21 Jan 2024 21:00:36 GMT
Location
https://nezur.net/nezur_external.zip
Server
nginx
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
styles.css
nezur.net/ 		293 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nezur.net/styles.css
Requested by
Host: nezur.net
URL: https://nezur.net/nezur_external.zip
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.100.87.32 Bucharest, Romania, ASN200651 (FLOKINET, SC),
Reverse DNS
ddos1.flokinet.is
Software
nginx /
Resource Hash
ccffe8f1375c07438b4e709ec8eaf4f4036a1f4ccbd15225556e2173209092a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nezur.net/nezur_external.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:00:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Wed, 03 Jan 2024 01:40:03 GMT
server
nginx
content-encoding
br
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: nezur.net
URL: https://nezur.net/nezur_external.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nezur.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 06:57:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 Jan 2025 06:57:53 GMT
64b40feb4c270b78df7111dc_our-mission-is-to-make-the-best-ai-model-image-ai-x-webflow-template-p-2000.jpg
assets.website-files.com/64ad74dff3ea6b720f588d10/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.website-files.com/64ad74dff3ea6b720f588d10/64b40feb4c270b78df7111dc_our-mission-is-to-make-the-best-ai-model-image-ai-x-webflow-template-p-2000.jpg
Requested by
Host: nezur.net
URL: https://nezur.net/nezur_external.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2211:5400:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc6aeceb52fb4f9df5f9cd1c64eb2a2b42f51ead7b91cb121b66206c6d658031

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nezur.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 01:16:36 GMT
x-amz-version-id
Wp.de3Pog5IPi6ddgHhh8glQbJihWjTY
via
1.1 a16b6423d8aef1185032c1f124bc04fe.cloudfront.net (CloudFront)
age
1799042
x-amz-cf-pop
ORD51-C4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
34818
last-modified
Sun, 16 Jul 2023 15:42:39 GMT
server
AmazonS3
etag
"05de7369d494ad4f67acc268ad9782e5"
content-type
image/jpg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
01p_IlZTqhPrT-2hjlirtJT-Xl8nrtXWXKyKSqyzes-w5doC2w-tZQ==
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=64ad74dff3ea6b720f588d10
Requested by
Host: nezur.net
URL: https://nezur.net/nezur_external.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.105.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-105-203.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://nezur.net/
Origin
https://nezur.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 06:52:37 GMT
content-encoding
gzip
via
1.1 039ac362fa59bc52322694c6504981b8.cloudfront.net (CloudFront)
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
age
50881
x-amz-cf-pop
ORD56-P2
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
x-amz-cf-id
9p3lLx5uUpfE6D3J41oGJ6MoBDMDoqqsr8YBfXiSPbmb22V8fkNZUg==
nigger.js
nezur.net/ 		1 MB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nezur.net/nigger.js
Requested by
Host: nezur.net
URL: https://nezur.net/nezur_external.zip
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.100.87.32 Bucharest, Romania, ASN200651 (FLOKINET, SC),
Reverse DNS
ddos1.flokinet.is
Software
nginx /
Resource Hash
222f0e1cec809b72f485cb0896fc37fbd018c0f94bdc04c3b1d355c793220ebb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nezur.net/nezur_external.zip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:00:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Wed, 03 Jan 2024 01:40:03 GMT
server
nginx
content-encoding
br
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=DM+Sans:regular,500,700%7CInter:regular,500,600,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
95f2081bfab8d73f84216bbe2e5b39280127ce6e047efdc9fdc52343abeddc29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nezur.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Jan 2024 21:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 Jan 2024 21:00:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Jan 2024 21:00:37 GMT
64af31761b05cabfbf2bbd45_card-frame-ai-x-webflow-template.png
assets.website-files.com/64ad74dff3ea6b720f588d10/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.website-files.com/64ad74dff3ea6b720f588d10/64af31761b05cabfbf2bbd45_card-frame-ai-x-webflow-template.png
Requested by
Host: nezur.net
URL: https://nezur.net/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2211:5400:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a27939721b372bee6658ff8aac9346c2c8bcf2dd2d57c078c5e3dfb32ec0a3ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nezur.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 10:14:03 GMT
x-amz-version-id
8t84IjmXzP905yVF1Kpcuw9SfogLnC3M
via
1.1 a16b6423d8aef1185032c1f124bc04fe.cloudfront.net (CloudFront)
age
989195
x-amz-cf-pop
ORD51-C4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
20747
last-modified
Wed, 12 Jul 2023 23:04:24 GMT
server
AmazonS3
etag
"6ecabeda8dce3d26d9a981ba628d616d"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
-xllfqMCsr53iyBr1xRWPI01Y6nUI4dGHvnAGDy8WaJjjf99SGC-5Q==
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:regular,500,700%7CInter:regular,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nezur.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:17:06 GMT
x-content-type-options
nosniff
age
261811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:17:06 GMT
rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
fonts.gstatic.com/s/dmsans/v14/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v14/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:regular,500,700%7CInter:regular,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2113de896c7ffcc1d75fe539e9ba823bb93ada5cbf6fa83873d35a042b2ca46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nezur.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:22:05 GMT
x-content-type-options
nosniff
age
261512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37000
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 22:08:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:22:05 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| WebFont object| __WEBFLOW_CURRENCY_SETTINGS function| $ function| jQuery function| tram object| Webflow object| process

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://nezur.net/nezur_external.zip
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN