Submitted URL: https://nitromc-web.olekaleksander.dev/
Effective URL: https://nitromc-web.olekaleksander.dev/install.php
Submission Tags: phishingrod
Submission: On March 24 via api from DE — Scanned from GB

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 23.162.136.79, located in Canary Wharf, United Kingdom and belongs to HOSTARIS-NET, GB. The main domain is nitromc-web.olekaleksander.dev.
TLS certificate: Issued by R3 on March 24th 2024. Valid for: 3 months.
This is the only time nitromc-web.olekaleksander.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
1 10 23.162.136.79 199765 (HOSTARIS-NET)
9 1
Apex Domain
Subdomains
Transfer
10 olekaleksander.dev
nitromc-web.olekaleksander.dev
2 MB
9 1
Domain Requested by
10 nitromc-web.olekaleksander.dev 1 redirects nitromc-web.olekaleksander.dev
9 1

This site contains links to these domains. Also see Links.

Domain
github.com
Subject Issuer Validity Valid
nitromc-web.olekaleksander.dev
R3
2024-03-24 -
2024-06-22
3 months crt.sh

This page contains 1 frames:

Primary Page: https://nitromc-web.olekaleksander.dev/install.php
Frame ID: C24934B6792833CCB1B28C6AEF74E8FE
Requests: 9 HTTP requests in this frame

Screenshot

Page Title

Install • NamelessMC

Page URL History Show full URLs

  1. https://nitromc-web.olekaleksander.dev/ HTTP 302
    https://nitromc-web.olekaleksander.dev/install.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • <link[^>]+semantic(?:\.min)\.css"
  • /semantic(?:-([\d.]+))?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2294 kB
Transfer

2299 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nitromc-web.olekaleksander.dev/ HTTP 302
    https://nitromc-web.olekaleksander.dev/install.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request install.php
nitromc-web.olekaleksander.dev/
Redirect Chain
  • https://nitromc-web.olekaleksander.dev/
  • https://nitromc-web.olekaleksander.dev/install.php
12 KB
3 KB
Document
General
Full URL
https://nitromc-web.olekaleksander.dev/install.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.162.136.79 Canary Wharf, United Kingdom, ASN199765 (HOSTARIS-NET, GB),
Reverse DNS
static.79-136-162-23.hostaris.network
Software
openresty /
Resource Hash
f583e33643e3e3c6fc7af0c3460a6b3ce2c1658085ddc745f808f9b3cc35ddd3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=UTF-8
date
Sun, 24 Mar 2024 09:01:14 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
referrer-policy
same-origin
server
openresty
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-served-by
nitromc-web.olekaleksander.dev
x-xss-protection
1; mode=block

Redirect headers

content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=UTF-8
date
Sun, 24 Mar 2024 09:01:14 GMT
location
install.php
referrer-policy
same-origin
server
openresty
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-served-by
nitromc-web.olekaleksander.dev
x-xss-protection
1; mode=block
semantic.min.css
nitromc-web.olekaleksander.dev/core/assets/vendor/fomantic-ui/dist/
2 MB
2 MB
Stylesheet
General
Full URL
https://nitromc-web.olekaleksander.dev/core/assets/vendor/fomantic-ui/dist/semantic.min.css
Requested by
Host: nitromc-web.olekaleksander.dev
URL: https://nitromc-web.olekaleksander.dev/install.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.162.136.79 Canary Wharf, United Kingdom, ASN199765 (HOSTARIS-NET, GB),
Reverse DNS
static.79-136-162-23.hostaris.network
Software
openresty /
Resource Hash
a2df44a217e2f6dde242408d40a613bbd3bd9232b1e62279864434bb5c592e29
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://nitromc-web.olekaleksander.dev/install.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Mon, 25 Mar 2024 00:30:00 GMT
date
Sun, 24 Mar 2024 09:01:14 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
referrer-policy
same-origin
server
openresty
etag
"652821fd-18762c"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=55726
accept-ranges
bytes
content-length
1603116
x-xss-protection
1; mode=block
x-served-by
nitromc-web.olekaleksander.dev
namelessmc_logo.png
nitromc-web.olekaleksander.dev/core/assets/img/
25 KB
25 KB
Image
General
Full URL
https://nitromc-web.olekaleksander.dev/core/assets/img/namelessmc_logo.png
Requested by
Host: nitromc-web.olekaleksander.dev
URL: https://nitromc-web.olekaleksander.dev/install.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.162.136.79 Canary Wharf, United Kingdom, ASN199765 (HOSTARIS-NET, GB),
Reverse DNS
static.79-136-162-23.hostaris.network
Software
openresty /
Resource Hash
1a8dcb96163aa438e9096fedcac1bdbf7974e7f3317d76de83777c36273f3f36
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://nitromc-web.olekaleksander.dev/install.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Mon, 25 Mar 2024 00:30:00 GMT
date
Sun, 24 Mar 2024 09:01:14 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
referrer-policy
same-origin
server
openresty
etag
"652821ef-6362"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=55726
accept-ranges
bytes
content-length
25442
x-xss-protection
1; mode=block
x-served-by
nitromc-web.olekaleksander.dev
jquery.min.js
nitromc-web.olekaleksander.dev/core/assets/vendor/jquery/dist/
88 KB
88 KB
Script
General
Full URL
https://nitromc-web.olekaleksander.dev/core/assets/vendor/jquery/dist/jquery.min.js
Requested by
Host: nitromc-web.olekaleksander.dev
URL: https://nitromc-web.olekaleksander.dev/install.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.162.136.79 Canary Wharf, United Kingdom, ASN199765 (HOSTARIS-NET, GB),
Reverse DNS
static.79-136-162-23.hostaris.network
Software
openresty /
Resource Hash
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://nitromc-web.olekaleksander.dev/install.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Mon, 25 Mar 2024 00:30:00 GMT
date
Sun, 24 Mar 2024 09:01:14 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
referrer-policy
same-origin
server
openresty
etag
"652821fd-15f5b"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=55726
accept-ranges
bytes
content-length
89947
x-xss-protection
1; mode=block
x-served-by
nitromc-web.olekaleksander.dev
semantic.min.js
nitromc-web.olekaleksander.dev/core/assets/vendor/fomantic-ui/dist/
391 KB
391 KB
Script
General
Full URL
https://nitromc-web.olekaleksander.dev/core/assets/vendor/fomantic-ui/dist/semantic.min.js
Requested by
Host: nitromc-web.olekaleksander.dev
URL: https://nitromc-web.olekaleksander.dev/install.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.162.136.79 Canary Wharf, United Kingdom, ASN199765 (HOSTARIS-NET, GB),
Reverse DNS
static.79-136-162-23.hostaris.network
Software
openresty /
Resource Hash
93cf4c72a890780787df3c0452ef2d3a22ac1d262067872fc5a6213ed3ce837e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://nitromc-web.olekaleksander.dev/install.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Mon, 25 Mar 2024 00:30:00 GMT
date
Sun, 24 Mar 2024 09:01:14 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
referrer-policy
same-origin
server
openresty
etag
"652821fd-61a9d"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=55726
accept-ranges
bytes
content-length
400029
x-xss-protection
1; mode=block
x-served-by
nitromc-web.olekaleksander.dev
icons.woff2
nitromc-web.olekaleksander.dev/core/assets/vendor/fomantic-ui/dist/themes/default/assets/fonts/
76 KB
77 KB
Font
General
Full URL
https://nitromc-web.olekaleksander.dev/core/assets/vendor/fomantic-ui/dist/themes/default/assets/fonts/icons.woff2
Requested by
Host: nitromc-web.olekaleksander.dev
URL: https://nitromc-web.olekaleksander.dev/core/assets/vendor/fomantic-ui/dist/semantic.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.162.136.79 Canary Wharf, United Kingdom, ASN199765 (HOSTARIS-NET, GB),
Reverse DNS
static.79-136-162-23.hostaris.network
Software
openresty /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nitromc-web.olekaleksander.dev/core/assets/vendor/fomantic-ui/dist/semantic.min.css
Origin
https://nitromc-web.olekaleksander.dev
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 09:01:15 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 12 Oct 2023 16:42:37 GMT
server
openresty
etag
"652821fd-131bc"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
content-length
78268
x-xss-protection
1; mode=block
x-served-by
nitromc-web.olekaleksander.dev
LatoLatin-Bold.woff2
nitromc-web.olekaleksander.dev/core/assets/vendor/fomantic-ui/dist/themes/default/assets/fonts/
33 KB
33 KB
Font
General
Full URL
https://nitromc-web.olekaleksander.dev/core/assets/vendor/fomantic-ui/dist/themes/default/assets/fonts/LatoLatin-Bold.woff2
Requested by
Host: nitromc-web.olekaleksander.dev
URL: https://nitromc-web.olekaleksander.dev/core/assets/vendor/fomantic-ui/dist/semantic.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.162.136.79 Canary Wharf, United Kingdom, ASN199765 (HOSTARIS-NET, GB),
Reverse DNS
static.79-136-162-23.hostaris.network
Software
openresty /
Resource Hash
d952174432302829bdc762952b19b7865f62b6310959c83e99d742252d7e1791
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nitromc-web.olekaleksander.dev/core/assets/vendor/fomantic-ui/dist/semantic.min.css
Origin
https://nitromc-web.olekaleksander.dev
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 09:01:15 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 12 Oct 2023 16:42:37 GMT
server
openresty
etag
"652821fd-8350"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
content-length
33616
x-xss-protection
1; mode=block
x-served-by
nitromc-web.olekaleksander.dev
LatoLatin-Regular.woff2
nitromc-web.olekaleksander.dev/core/assets/vendor/fomantic-ui/dist/themes/default/assets/fonts/
33 KB
33 KB
Font
General
Full URL
https://nitromc-web.olekaleksander.dev/core/assets/vendor/fomantic-ui/dist/themes/default/assets/fonts/LatoLatin-Regular.woff2
Requested by
Host: nitromc-web.olekaleksander.dev
URL: https://nitromc-web.olekaleksander.dev/core/assets/vendor/fomantic-ui/dist/semantic.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.162.136.79 Canary Wharf, United Kingdom, ASN199765 (HOSTARIS-NET, GB),
Reverse DNS
static.79-136-162-23.hostaris.network
Software
openresty /
Resource Hash
f1a5932ac70017fcf8343f1a8f7415b9409fb7b8441cebd5b1f2a9e9c3e7539e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nitromc-web.olekaleksander.dev/core/assets/vendor/fomantic-ui/dist/semantic.min.css
Origin
https://nitromc-web.olekaleksander.dev
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 09:01:15 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 12 Oct 2023 16:42:37 GMT
server
openresty
etag
"652821fd-8424"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
content-length
33828
x-xss-protection
1; mode=block
x-served-by
nitromc-web.olekaleksander.dev
brand-icons.woff2
nitromc-web.olekaleksander.dev/core/assets/vendor/fomantic-ui/dist/themes/default/assets/fonts/
75 KB
75 KB
Font
General
Full URL
https://nitromc-web.olekaleksander.dev/core/assets/vendor/fomantic-ui/dist/themes/default/assets/fonts/brand-icons.woff2
Requested by
Host: nitromc-web.olekaleksander.dev
URL: https://nitromc-web.olekaleksander.dev/core/assets/vendor/fomantic-ui/dist/semantic.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.162.136.79 Canary Wharf, United Kingdom, ASN199765 (HOSTARIS-NET, GB),
Reverse DNS
static.79-136-162-23.hostaris.network
Software
openresty /
Resource Hash
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nitromc-web.olekaleksander.dev/core/assets/vendor/fomantic-ui/dist/semantic.min.css
Origin
https://nitromc-web.olekaleksander.dev
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 09:01:15 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 12 Oct 2023 16:42:37 GMT
server
openresty
etag
"652821fd-12bc0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
content-length
76736
x-xss-protection
1; mode=block
x-served-by
nitromc-web.olekaleksander.dev

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| setLanguage

1 Cookies

Domain/Path Name / Value
nitromc-web.olekaleksander.dev/ Name: PHPSESSID
Value: 86hkjf58hi6q1o1rfk8sunf6d0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block