nmp.su Open in urlscan Pro
93.189.42.40 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://nmp.su/
Submission Tags: ☭ l4ing tld su ru rf cccp h8 n* Search All
Submission: On January 19 via manual (January 19th 2024, 9:19:51 pm UTC) from UA — Scanned from DE

Summary HTTP 10 Redirects Links 3 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 10 HTTP transactions. The main IP is 93.189.42.40, located in Russian Federation and belongs to NTCOM-AS, RU. The main domain is nmp.su.

This is the only time nmp.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
8	93.189.42.40 93.189.42.40		41853 (NTCOM-AS) (NTCOM-AS)
1	2a00:1450:400... 2a00:1450:4001:808::200a		15169 (GOOGLE) (GOOGLE)
1 2	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902		2635 (AUTOMATTIC) (AUTOMATTIC)
10	4

8 93.189.42.40 (Russian Federation)

ASN41853 (NTCOM-AS, RU)

nmp.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:fa87:fffe::c000:4902 (Ireland) 1 redirects

ASN2635 (AUTOMATTIC, US)

2.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	nmp.su nmp.su	223 KB
2	gravatar.com 1 redirects 2.gravatar.com — Cisco Umbrella Rank: 11374	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	553 B
10	3

	Domain	Requested by
8	nmp.su	nmp.su
2	2.gravatar.com	1 redirects nmp.su
1	fonts.googleapis.com	nmp.su
10	3

This site contains links to these domains. Also see Links.

Domain
ag.xe8.ru
ru.wordpress.org
wordpress.org

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://nmp.su/
Frame ID: 8E26E2942B10C494FBD49C3D5C317F0A
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

nmp.su — Ещё один сайт сети «Ag.xe8.ru»

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Gravatar (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<[^>]+gravatar\.com/avatar/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

10
Requests

10 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

238 kB
Transfer

235 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://ag.xe8.ru/
Title: Ag.xe8.ru

Search URL Search Domain Scan URL

URL: https://ru.wordpress.org/
Title: WordPress.org

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: Сайт работает на WordPress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://2.gravatar.com/avatar/b7c20c25074486181644e0235748ea0a?s=49&d=mm&r=g HTTP 301
https://2.gravatar.com/avatar/b7c20c25074486181644e0235748ea0a?s=49&d=mm&r=g

10 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
nmp.su/ 11 KB
11 KB 360ms
116ms Document
text/html 93.189.42.40
NTCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://nmp.su/
Protocol: HTTP/1.1
Server: 93.189.42.40 , Russian Federation, ASN41853 (NTCOM-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f6124f68eb6c24709947cc36f93ba191f48648069291aa40d945850d8f6a2af6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 Jan 2024 21:19:46 GMT
Link: <http://nmp.su/wp-json/>; rel="https://api.w.org/"
Server: nginx/1.16.1
Transfer-Encoding: chunked
X-debug: 105

GET
H2 200 css
fonts.googleapis.com/ 251 B
553 B 144ms
49ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inconsolata%3A400&subset=latin%2Clatin-ext

Requested by

Host: nmp.su
URL: http://nmp.su/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c85829bbd574c681aa423fc4d2abf12c804a60b36eaddc7a3a9a3cd5f697890

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmp.su/
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)

Response headers

date: Fri, 19 Jan 2024 21:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Fri, 19 Jan 2024 21:19:46 GMT

GET
H/1.1 200
OK genericons.css
nmp.su/wp-content/themes/twentysixteen/genericons/ 28 KB
28 KB 77ms
74ms Stylesheet
text/css 93.189.42.40
NTCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://nmp.su/wp-content/themes/twentysixteen/genericons/genericons.css?ver=3.4.1
Requested by: Host: nmp.su
URL: http://nmp.su/
Protocol: HTTP/1.1
Server: 93.189.42.40 , Russian Federation, ASN41853 (NTCOM-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmp.su/
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)

Response headers

Date: Fri, 19 Jan 2024 21:19:46 GMT
Last-Modified: Thu, 09 Feb 2017 10:33:41 GMT
Server: nginx/1.16.1
ETag: "589c4585-6e6a"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
X-debug-3: 105
Content-Length: 28266

GET
H/1.1 200
OK style.css
nmp.su/wp-content/themes/twentysixteen/ 68 KB
68 KB 146ms
72ms Stylesheet
text/css 93.189.42.40
NTCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://nmp.su/wp-content/themes/twentysixteen/style.css?ver=4.7.12
Requested by: Host: nmp.su
URL: http://nmp.su/
Protocol: HTTP/1.1
Server: 93.189.42.40 , Russian Federation, ASN41853 (NTCOM-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 02b188bbbe2a5458cd5655a2de5a83a4c7ec914dd7c9833eb12155968d90790a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmp.su/
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)

Response headers

Date: Fri, 19 Jan 2024 21:19:46 GMT
Last-Modified: Thu, 09 Feb 2017 10:33:41 GMT
Server: nginx/1.16.1
ETag: "589c4585-11093"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
X-debug-3: 105
Content-Length: 69779

GET
H/1.1 200
OK jquery.js Show response
nmp.su/wp-includes/js/jquery/ 95 KB
95 KB 147ms
74ms Script
application/javascript 93.189.42.40
NTCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://nmp.su/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: nmp.su
URL: http://nmp.su/
Protocol: HTTP/1.1
Server: 93.189.42.40 , Russian Federation, ASN41853 (NTCOM-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmp.su/
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)

Response headers

Date: Fri, 19 Jan 2024 21:19:46 GMT
Last-Modified: Tue, 21 Jun 2016 20:47:53 GMT
Server: nginx/1.16.1
ETag: "5769a7f9-17ba0"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
X-debug-3: 105
Content-Length: 97184

GET
H/1.1 200
OK jquery-migrate.min.js Show response
nmp.su/wp-includes/js/jquery/ 10 KB
10 KB 147ms
73ms Script
application/javascript 93.189.42.40
NTCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://nmp.su/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: nmp.su
URL: http://nmp.su/
Protocol: HTTP/1.1
Server: 93.189.42.40 , Russian Federation, ASN41853 (NTCOM-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmp.su/
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)

Response headers

Date: Fri, 19 Jan 2024 21:19:46 GMT
Last-Modified: Tue, 21 Jun 2016 20:47:53 GMT
Server: nginx/1.16.1
ETag: "5769a7f9-2748"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
X-debug-3: 105
Content-Length: 10056

GET
H2

200

b7c20c25074486181644e0235748ea0a
2.gravatar.com/avatar/
Redirect Chain

http://2.gravatar.com/avatar/b7c20c25074486181644e0235748ea0a?s=49&d=mm&r=g
https://2.gravatar.com/avatar/b7c20c25074486181644e0235748ea0a?s=49&d=mm&r=g

1 KB
1 KB

126ms
40ms

Image
image/jpeg

2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2.gravatar.com/avatar/b7c20c25074486181644e0235748ea0a?s=49&d=mm&r=g
Requested by: Host: nmp.su
URL: http://nmp.su/
Protocol: H2
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6d56f8cdef052a7d17726f28428d67ba5fc76cd473b8b3198c7ae4bca139122

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmp.su/
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)

Response headers

x-nc: HIT hhn 2
date: Fri, 19 Jan 2024 21:19:47 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="b7c20c25074486181644e0235748ea0a.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/b7c20c25074486181644e0235748ea0a?s=49&d=mm&r=g>; rel="canonical"
content-length: 1124
alt-svc: h3=":443"; ma=86400
expires: Fri, 19 Jan 2024 21:24:47 GMT

Redirect headers

Location: https://2.gravatar.com/avatar/b7c20c25074486181644e0235748ea0a?s=49&d=mm&r=g
Date: Fri, 19 Jan 2024 21:19:47 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK skip-link-focus-fix.js Show response
nmp.su/wp-content/themes/twentysixteen/js/ 1 KB
1 KB 149ms
74ms Script
application/javascript 93.189.42.40
NTCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://nmp.su/wp-content/themes/twentysixteen/js/skip-link-focus-fix.js?ver=20160816
Requested by: Host: nmp.su
URL: http://nmp.su/
Protocol: HTTP/1.1
Server: 93.189.42.40 , Russian Federation, ASN41853 (NTCOM-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmp.su/
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)

Response headers

Date: Fri, 19 Jan 2024 21:19:46 GMT
Last-Modified: Thu, 09 Feb 2017 10:33:41 GMT
Server: nginx/1.16.1
ETag: "589c4585-423"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
X-debug-3: 105
Content-Length: 1059

GET
H/1.1 200
OK functions.js Show response
nmp.su/wp-content/themes/twentysixteen/js/ 7 KB
7 KB 150ms
75ms Script
application/javascript 93.189.42.40
NTCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://nmp.su/wp-content/themes/twentysixteen/js/functions.js?ver=20160816
Requested by: Host: nmp.su
URL: http://nmp.su/
Protocol: HTTP/1.1
Server: 93.189.42.40 , Russian Federation, ASN41853 (NTCOM-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 0161f4d0837753708a4b16315a4d804d48c57f3ecaa8e9877aef0ef752ada6e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmp.su/
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)

Response headers

Date: Fri, 19 Jan 2024 21:19:46 GMT
Last-Modified: Thu, 09 Feb 2017 10:33:41 GMT
Server: nginx/1.16.1
ETag: "589c4585-1aa4"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
X-debug-3: 105
Content-Length: 6820

GET
H/1.1 200
OK wp-embed.min.js Show response
nmp.su/wp-includes/js/ 1 KB
2 KB 75ms
75ms Script
application/javascript 93.189.42.40
NTCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://nmp.su/wp-includes/js/wp-embed.min.js?ver=4.7.12
Requested by: Host: nmp.su
URL: http://nmp.su/
Protocol: HTTP/1.1
Server: 93.189.42.40 , Russian Federation, ASN41853 (NTCOM-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://nmp.su/
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)

Response headers

Date: Fri, 19 Jan 2024 21:19:47 GMT
Last-Modified: Wed, 01 Feb 2017 21:17:27 GMT
Server: nginx/1.16.1
ETag: "58925067-576"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
X-debug-3: 105
Content-Length: 1398

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer: http://nmp.su/
Origin: http://nmp.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)

Response headers

Content-Type: application/x-font-woff;charset=utf-8

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings undefined| $ function| jQuery object| screenReaderText object| wp object| jQuery1124016153736769605898

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.gravatar.com
fonts.googleapis.com
nmp.su
2a00:1450:4001:808::200a
2a04:fa87:fffe::c000:4902
93.189.42.40
0161f4d0837753708a4b16315a4d804d48c57f3ecaa8e9877aef0ef752ada6e4
02b188bbbe2a5458cd5655a2de5a83a4c7ec914dd7c9833eb12155968d90790a
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
5c85829bbd574c681aa423fc4d2abf12c804a60b36eaddc7a3a9a3cd5f697890
6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a
c6d56f8cdef052a7d17726f28428d67ba5fc76cd473b8b3198c7ae4bca139122
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
f6124f68eb6c24709947cc36f93ba191f48648069291aa40d945850d8f6a2af6
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e