pow.nexia.moe - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is pow.nexia.moe.
TLS certificate: Issued by WE1 on November 15th 2024. Valid for: 3 months.

This is the only time pow.nexia.moe was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 9	188.114.96.3 188.114.96.3		13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	1

9 188.114.96.3 (Amsterdam, Netherlands) 2 redirects

ASN13335 (CLOUDFLARENET, US)

pow.nexia.moe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	nexia.moe 2 redirects pow.nexia.moe	84 KB
7	1

	Domain	Requested by
9	pow.nexia.moe	2 redirects pow.nexia.moe
7	1

This site contains links to these domains. Also see Links.

Domain
wiki.servarr.com

Subject Issuer	Validity	Valid
nexia.moe WE1	`2024-11-15` - `2025-02-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pow.nexia.moe/login?returnUrl=%2F
Frame ID: 6A0CCAAC92A69FD0FBF8286483A770EF
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - Prowlarr

Page URL History Show full URLs

https://pow.nexia.moe/ HTTP 302
https://pow.nexia.moe/login?returnUrl=%2F Page URL

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

83 kB
Transfer

112 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wiki.servarr.com/prowlarr/faq#help-i-have-locked-myself-out
Title: Forgot your password?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pow.nexia.moe/ HTTP 302
https://pow.nexia.moe/login?returnUrl=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://pow.nexia.moe/favicon.ico?h=ku5GjlCheye0xhFKUgKAUQ HTTP 302
https://pow.nexia.moe/login?returnUrl=%2Ffavicon.ico%3Fh%3Dku5GjlCheye0xhFKUgKAUQ

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request login Show response pow.nexia.moe/ Redirect Chain https://pow.nexia.moe/ https://pow.nexia.moe/login?returnUrl=%2F	10 KB 4 KB	170ms 170ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pow.nexia.moe/login?returnUrl=%2F Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `14dde672ce892df7f908811e3013cc2df5e7bc9808541e2ac42e976ff742c21c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache, no-store cf-cache-status DYNAMIC cf-ray 8f6f9539ed326566-AMS content-encoding zstd content-type text/html date Tue, 24 Dec 2024 09:32:13 GMT expires -1 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i8P7a%2FMWyI5mqVAUBySuOGpDVoCCBk6RG7651lud4XgRbZFkpydeOmIMt3dmSa3jXfr5Ylag1kwW9iP6w0i%2FgiU66xPR97fDuKTPJwTi6c9i9YiAk644FjZ7r0eHy7uq"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=16451&min_rtt=13623&rtt_var=7075&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4848&recv_bytes=4885&delivery_rate=42744&cwnd=12000&unsent_bytes=0&cid=b864cf61f184d731&ts=639&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f6f9536fa466566-AMS content-length 0 date Tue, 24 Dec 2024 09:32:13 GMT location https://pow.nexia.moe/login?returnUrl=%2F nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WWyxR0ESLB%2BTfKQgm%2B2lK5%2FXmS0pPxwpAKV6NPK6UkvNNi1ock5q15c2KW3AlsY03Q9zyKW%2FITAZLZE2EZfu3uix5C%2FuHTNSVneQj7qPy1CDZkmBDe8FV16vmg8yu5XM"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=16825&min_rtt=13623&rtt_var=8435&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4137&recv_bytes=4481&delivery_rate=725&cwnd=12000&unsent_bytes=0&cid=b864cf61f184d731&ts=468&x=1" cfExtPri cfHdrFlush;dur=0
GET H3	200	styles.css pow.nexia.moe/Content/	271 B 859 B	474ms 473ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pow.nexia.moe/Content/styles.css?h=VAwjWra8YBWH8JiyE7JFDA Requested by Host: pow.nexia.moe URL: https://pow.nexia.moe/login?returnUrl=%2F Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `edc6fbb702089490bb7f5205e44aa5eeb08f7ee811541ff2767c05c787cdfb0e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://pow.nexia.moe/login?returnUrl=%2F Response headers server cloudflare cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KRrvrx%2B3GG%2BhbPzBA%2BKT0fP53HzcVRSMh7It8oMvtJZ5kT5jlBoyNi36zLsuCFoMuCtT73x6x71YjAEYK5R45qGGhmwnBr9zbbIE9NyjjX%2FUgWn5I40j8cniMDrdSilB"}],"group":"cf-nel","max_age":604800} cf-ray 8f6f953afe516566-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15823&min_rtt=13623&rtt_var=5068&sent=19&recv=16&lost=0&retrans=0&sent_bytes=9572&recv_bytes=6048&delivery_rate=22548&cwnd=12000&unsent_bytes=0&cid=b864cf61f184d731&ts=1119&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 24 Dec 2024 09:32:14 GMT content-type text/css last-modified Mon, 16 Dec 2024 19:22:24 GMT vary Accept-Encoding priority u=0,i=?0
GET H3	200	fonts.css pow.nexia.moe/Content/Fonts/	1 KB 899 B	470ms 470ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pow.nexia.moe/Content/Fonts/fonts.css?h=ZYP7+3tB+/eme7MGOlDOLg Requested by Host: pow.nexia.moe URL: https://pow.nexia.moe/login?returnUrl=%2F Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8d8250343b8065fdcbd214816aa47410feef8d5cb6b24a0120d8285abea95001` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://pow.nexia.moe/login?returnUrl=%2F Response headers server cloudflare cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UKc%2FnULLz0axS9UQCZOa0sD%2F0IdyXduGEP5ddWUOsrJ4ZtTEVIVsjNB6kOwmaAR%2FIATrjXF9pqhYqzpd%2BQNKGGLJKJGiaBDj2ajTP4u2tFbpCZ%2FBNscz7WEeto5tnsrg"}],"group":"cf-nel","max_age":604800} cf-ray 8f6f953afe536566-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15823&min_rtt=13623&rtt_var=5068&sent=18&recv=16&lost=0&retrans=0&sent_bytes=8650&recv_bytes=6048&delivery_rate=22548&cwnd=12000&unsent_bytes=0&cid=b864cf61f184d731&ts=1116&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 24 Dec 2024 09:32:14 GMT content-type text/css last-modified Mon, 16 Dec 2024 19:22:24 GMT vary Accept-Encoding priority u=0,i=?0
GET H3	200	logo.svg pow.nexia.moe/Content/Images/	27 KB 8 KB	601ms 601ms	Image image/svg+xml	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pow.nexia.moe/Content/Images/logo.svg?h=8opO029fk/f1FoGMvxi9uw Requested by Host: pow.nexia.moe URL: https://pow.nexia.moe/login?returnUrl=%2F Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1f14f67237068d9d04b98867663f27c0cc8d71292345f40631e45b5b87dad9f5` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://pow.nexia.moe/login?returnUrl=%2F Response headers server cloudflare cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JXqBl8HMimS3o6aDTliZ%2Fh9hY7rz95Bq11dOiBpAV%2B0kBIiaDt59YB%2Fe7A80pPTkWNHh6Xy80lWsuJJlbvBglVYCpkHBhR%2FJXXl5h4UVdOXoEhmy388H1AZ93X4m7hp2"}],"group":"cf-nel","max_age":604800} cf-ray 8f6f953afe566566-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15926&min_rtt=13623&rtt_var=4007&sent=21&recv=18&lost=0&retrans=0&sent_bytes=10478&recv_bytes=6454&delivery_rate=3838&cwnd=12000&unsent_bytes=0&cid=b864cf61f184d731&ts=1248&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 24 Dec 2024 09:32:14 GMT content-type image/svg+xml last-modified Mon, 16 Dec 2024 19:22:24 GMT vary Accept-Encoding priority u=2,i
GET H3	200	Roboto-Regular.woff2 pow.nexia.moe/Content/Fonts/	62 KB 63 KB	747ms 746ms	Font font/woff2	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pow.nexia.moe/Content/Fonts/Roboto-Regular.woff2?v=1.3.0 Requested by Host: pow.nexia.moe URL: https://pow.nexia.moe/Content/Fonts/fonts.css?h=ZYP7+3tB+/eme7MGOlDOLg Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cc7b26ac53700f78f8a452be6d14f14943e88dceb14edf64cddceba6e66f3f5e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://pow.nexia.moe Referer https://pow.nexia.moe/Content/Fonts/fonts.css?h=ZYP7+3tB+/eme7MGOlDOLg Response headers cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qCLmZcTLtqI9pjvV%2BXu97uqhJ4wvQPaZCdj%2BMw4a10NJ2M5SWkc79CO9eenrN2nnaAwhLeMQ0ZWKptPK26oXRg5qtZ9FKYJKjth9h%2Fr2Rg4%2BzKEGjNJ4yc%2FRQUlNqFIh"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16442&min_rtt=13623&rtt_var=1949&sent=29&recv=22&lost=0&retrans=0&sent_bytes=19140&recv_bytes=6626&delivery_rate=71133&cwnd=12000&unsent_bytes=0&cid=b864cf61f184d731&ts=1874&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 24 Dec 2024 09:32:15 GMT content-type font/woff2 last-modified Mon, 16 Dec 2024 19:22:24 GMT vary Accept-Encoding priority u=0,i=?0 cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f6f953e09186566-AMS accept-ranges bytes access-control-allow-origin * content-length 63412 server cloudflare
GET H3	200	login pow.nexia.moe/ Redirect Chain https://pow.nexia.moe/favicon.ico?h=ku5GjlCheye0xhFKUgKAUQ https://pow.nexia.moe/login?returnUrl=%2Ffavicon.ico%3Fh%3Dku5GjlCheye0xhFKUgKAUQ	10 KB 4 KB	178ms 178ms	Other text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pow.nexia.moe/login?returnUrl=%2Ffavicon.ico%3Fh%3Dku5GjlCheye0xhFKUgKAUQ Protocol H3 Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `14dde672ce892df7f908811e3013cc2df5e7bc9808541e2ac42e976ff742c21c` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://pow.nexia.moe/login?returnUrl=%2F Response headers cache-control no-cache, no-store nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MFj5kx1tpRNkxnF9F00jwUgEUfpgGedYd7uTZZnSzgOEJ66WaZcLNClzBCRaQCBPrbJaCEn6LviwwFbXHFQHNDlwg1lSS7OKSwmPHx%2B8SNI%2BSd7CDDQEh8K6YbnZApPZ"}],"group":"cf-nel","max_age":604800} cf-ray 8f6f9545d9f06566-AMS expires -1 alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=14049&min_rtt=13623&rtt_var=152&sent=88&recv=51&lost=0&retrans=0&sent_bytes=85394&recv_bytes=8587&delivery_rate=1466&cwnd=40800&unsent_bytes=0&cid=b864cf61f184d731&ts=2562&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 24 Dec 2024 09:32:15 GMT content-type text/html vary Accept-Encoding server cloudflare priority u=1,i Redirect headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} location https://pow.nexia.moe/login?returnUrl=%2Ffavicon.ico%3Fh%3Dku5GjlCheye0xhFKUgKAUQ cf-cache-status BYPASS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ntUbjBQuLneeCPnwBchJ1xKzWFEr%2Br%2B3fXrDQSvZtundRXcjFNlbr8dPcKoJcu9cqCrqTpy2%2B%2FVsnY3uy0Z7stT91xEzxmMsk5kCA5gJivaH44nFRolOVAhz38SV6LTD"}],"group":"cf-nel","max_age":604800} cf-ray 8f6f9542eec06566-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=14099&min_rtt=13623&rtt_var=70&sent=86&recv=50&lost=0&retrans=0&sent_bytes=84677&recv_bytes=8185&delivery_rate=1519211&cwnd=40800&unsent_bytes=0&cid=b864cf61f184d731&ts=2384&x=1", cfExtPri, cfHdrFlush;dur=0 content-length 0 date Tue, 24 Dec 2024 09:32:15 GMT vary Accept-Encoding server cloudflare priority u=1,i
GET H3	200	favicon-32x32.png pow.nexia.moe/Content/Images/Icons/	2 KB 3 KB	470ms 470ms	Other image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pow.nexia.moe/Content/Images/Icons/favicon-32x32.png?h=lmqCw7GaBq+Sl0mzceEopQ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `422d54b1f787f9e520da85dd5cd15c9a4d8adbc4a76c9a13be1e2d0da97bba2e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://pow.nexia.moe/login?returnUrl=%2F Response headers server cloudflare cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=95XsXiZ0fDLDcOzuO5S%2FmOfuOJFwIK5B7Q4NJghQslNd5a0%2BeJUPAHKvsQbRmJRN5kc5nfJgTvt7dehU9O%2Bg%2BhF4JDIykxuDFYLgZbsX2qKsKg6IeetcHGeqH5UuQzAm"}],"group":"cf-nel","max_age":604800} cf-ray 8f6f9546fb0d6566-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=14026&min_rtt=13623&rtt_var=100&sent=94&recv=54&lost=0&retrans=0&sent_bytes=89227&recv_bytes=9080&delivery_rate=21691&cwnd=40800&unsent_bytes=0&cid=b864cf61f184d731&ts=3035&x=1", cfExtPri, cfHdrFlush;dur=0 content-length 2437 date Tue, 24 Dec 2024 09:32:16 GMT content-type image/png last-modified Mon, 16 Dec 2024 19:22:24 GMT vary Accept-Encoding priority u=1,i

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://pow.nexia.moe/login?returnUrl=%2F Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pow.nexia.moe
188.114.96.3
14dde672ce892df7f908811e3013cc2df5e7bc9808541e2ac42e976ff742c21c
1f14f67237068d9d04b98867663f27c0cc8d71292345f40631e45b5b87dad9f5
422d54b1f787f9e520da85dd5cd15c9a4d8adbc4a76c9a13be1e2d0da97bba2e
8d8250343b8065fdcbd214816aa47410feef8d5cb6b24a0120d8285abea95001
cc7b26ac53700f78f8a452be6d14f14943e88dceb14edf64cddceba6e66f3f5e
edc6fbb702089490bb7f5205e44aa5eeb08f7ee811541ff2767c05c787cdfb0e

pow.nexia.moe Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

7 Requests

86 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

83 kBTransfer

112 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

pow.nexia.moe Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

86 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

83 kB
Transfer

112 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions