gift-nitro.group Open in urlscan Pro
2606:4700:3033::6815:496f Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gift-nitro.group/
Effective URL:
https://gift-nitro.group/
Submission: On January 13 via manual (January 13th 2022, 4:02:58 pm UTC) from SG — Scanned from DE

Summary HTTP 35 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 35 HTTP transactions. The main IP is 2606:4700:3033::6815:496f, located in United States and belongs to CLOUDFLARENET, US. The main domain is gift-nitro.group.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 30th 2021. Valid for: a year.

This is the only time gift-nitro.group was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Discord (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
1 7	2606:4700:303... 2606:4700:3033::6815:496f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	185.43.220.20 185.43.220.20	59939 (WIBO-AS) (WIBO-AS)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
35	4

7 2606:4700:3033::6815:496f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gift-nitro.group	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 185.43.220.20 (Lithuania)

ASN59939 (WIBO-AS, LT)
PTR: sr43.hostlife.net

images-sof.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	images-sof.xyz images-sof.xyz	12 MB
7	gift-nitro.group 1 redirects gift-nitro.group	207 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	988 B
35	3

	Domain	Requested by
20	images-sof.xyz	gift-nitro.group images-sof.xyz
7	gift-nitro.group	1 redirects gift-nitro.group
1	fonts.googleapis.com	images-sof.xyz
35	3

This site contains links to these domains. Also see Links.

Domain
discord.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-12-30` - `2022-12-29`	a year	crt.sh
cpcontacts.images-sof.xyz R3	`2022-01-12` - `2022-04-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gift-nitro.group/
Frame ID: D72863309646715186A4670926BA9024
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nitro Benefits and Features | Discord

Page URL History Show full URLs

http://gift-nitro.group/ HTTP 301
https://gift-nitro.group/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

35
Requests

77 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

12288 kB
Transfer

13082 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.com/login
Title: Login

Search URL Search Domain Scan URL

URL: https://discord.com/register
Title: Sign up

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gift-nitro.group/ HTTP 301
https://gift-nitro.group/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gift-nitro.group/
Redirect Chain

http://gift-nitro.group/
https://gift-nitro.group/

51 KB
9 KB

237ms
191ms

Document
text/html

2606:4700:3033::6815:496f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:496f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26f170946825e9a987e9e88752161a6cfbf3a013bf1ef23eeb9fae2d227e4dbb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 13 Jan 2022 16:02:50 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1r7%2BxQ6On9dbuKodhIxCvbCjAN73QQubqqzyTcxl4WVn7Cs4Eq9RIh1JjU7rmaNCpwekKVXm2rkNjOWPF%2BFts75K%2FyASD5C1T6DSMTltle6D0QJDmW17mZNZiG6yi1ta9xgnFlNVJcCMKtUO4mrJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ccfd9e64faed610-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Thu, 13 Jan 2022 16:02:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 13 Jan 2022 17:02:49 GMT
Location: https://gift-nitro.group/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SoUI%2FVD3NF5jEVY3tZffMiM6CdAqEMJ5XragV7WPE2iJIebgvRMyJ81CgF%2FS22I%2BhmmKvlRhGQw3lq2allEtE4UGxyN%2FF6vqPF2pswBF%2Fdr0t26tLopl1locQBiusoA634oi4v95Z0aOAWi4%2B5W8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6ccfd9e39b3519e3-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 0.234b507975bcaea44e60.css
images-sof.xyz/assets/ 259 KB
261 KB 94ms
21ms Stylesheet
text/css 185.43.220.20
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images-sof.xyz/assets/0.234b507975bcaea44e60.css
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.43.220.20 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr43.hostlife.net
Software: Apache /
Resource Hash: 4e15ae7d40f2e8b8abe28049571421888623c15aaec3993449bfcf13428ba3a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:49 GMT
last-modified: Wed, 22 Dec 2021 05:10:10 GMT
server: Apache
accept-ranges: bytes
content-length: 265097
content-type: text/css

GET
H2 200 dc35384.js Show response
gift-nitro.group/ 87 KB
32 KB 278ms
277ms Script
text/javascript 2606:4700:3033::6815:496f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gift-nitro.group/dc35384.js
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:496f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62bb02fa91c1537efbce823d5d1981982d3925bcdaac667dc6ca64f8469e2284

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Jan 2022 16:02:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5quSaWuo6FljnfZhjr%2Fnpg2k%2BSOepPFcdz5NB%2B21nZIRgO4rGeMsWmQ8ZgyGK5vCFQg8Ok7dA7gtM89YLiULuYDCMgeaEi5g3esv22oCioZ%2F16WqJ3aImqvIQUWRvFztRNICZY5iIe%2FVdh072ug"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ccfd9e7a9c9d610-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 b9104c5.js Show response
gift-nitro.group/ 186 KB
27 KB 318ms
318ms Script
text/javascript 2606:4700:3033::6815:496f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gift-nitro.group/b9104c5.js
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:496f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4ba238c5fce9fd70fc9336c07319169986217e3beb42959dc9d137a57cafa4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Jan 2022 16:02:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQiD6E0ci07YVNnGbaPmeaXAOS6ckZNdRhvHlvhQxn6j5cehzIkT4JFC2WOaqazd1PA8%2FflkhIz5CGh2I0bOJ0BKIEmWGgwH2qYw1UIJPhMBt8Ttb1%2B7M3HQddMeHVaAmgzX8CRRifqd4DqiQv12"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ccfd9e7a9cad610-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 cb436e22ed18484e04f3e6002e407de9.svg
images-sof.xyz/assets/ 8 KB
8 KB 19ms
19ms Image
image/svg+xml 185.43.220.20
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-sof.xyz/assets/cb436e22ed18484e04f3e6002e407de9.svg
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.43.220.20 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr43.hostlife.net
Software: Apache /
Resource Hash: 43ecb899a10d42f0e461e31ce83e65ea2622ab1f05ec9a428e799e4c5e31c81d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:49 GMT
last-modified: Wed, 12 May 2021 12:52:20 GMT
server: Apache
accept-ranges: bytes
content-length: 8318
content-type: image/svg+xml

GET
H2 200 steam.png
images-sof.xyz/assets/ 3 KB
3 KB 18ms
18ms Image
image/png 185.43.220.20
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-sof.xyz/assets/steam.png
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.43.220.20 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr43.hostlife.net
Software: Apache /
Resource Hash: 54a50d2d52b2705c65fd208391753c858bad078c4055ef2534ee8d6e401d184b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:49 GMT
last-modified: Wed, 22 Dec 2021 05:43:24 GMT
server: Apache
accept-ranges: bytes
content-length: 3407
content-type: image/png

GET
H2 200 9d51aef4c57689e5f78f1124485f6eb9.svg
images-sof.xyz/assets/ 53 KB
53 KB 20ms
20ms Image
image/svg+xml 185.43.220.20
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-sof.xyz/assets/9d51aef4c57689e5f78f1124485f6eb9.svg
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.43.220.20 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr43.hostlife.net
Software: Apache /
Resource Hash: c97a58d544c374c5214915f44f9daf67ae04ee8d3f94990b9269e4d6770fa042

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:49 GMT
last-modified: Wed, 03 Jun 2020 06:42:02 GMT
server: Apache
accept-ranges: bytes
content-length: 54289
content-type: image/svg+xml

GET
H2 200 a85c1e61d72e1236b440a8b3abf4263d.svg
images-sof.xyz/assets/ 79 KB
80 KB 31ms
30ms Image
image/svg+xml 185.43.220.20
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-sof.xyz/assets/a85c1e61d72e1236b440a8b3abf4263d.svg
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.43.220.20 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr43.hostlife.net
Software: Apache /
Resource Hash: bd91e0c9cbe61e71d4be397aa51fea6a67035ef9acc83069863b40dd58e7e6d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:50 GMT
last-modified: Wed, 03 Jun 2020 06:42:06 GMT
server: Apache
accept-ranges: bytes
content-length: 81104
content-type: image/svg+xml

GET
H2 200 1f4a4af827e31434fe29b8bc36c2513c.svg
images-sof.xyz/assets/ 15 KB
15 KB 31ms
8ms Image
image/svg+xml 185.43.220.20
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-sof.xyz/assets/1f4a4af827e31434fe29b8bc36c2513c.svg
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.43.220.20 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr43.hostlife.net
Software: Apache /
Resource Hash: 183f41e22ce48a678cf4e788df7e7f999ff55a89431f99501ea3e6f414406105

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:50 GMT
last-modified: Wed, 03 Jun 2020 06:42:06 GMT
server: Apache
accept-ranges: bytes
content-length: 15066
content-type: image/svg+xml

GET
H2 200 c0da27d3ae69e4c0544f9d7b11319170.svg
images-sof.xyz/assets/ 25 KB
25 KB 44ms
17ms Image
image/svg+xml 185.43.220.20
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-sof.xyz/assets/c0da27d3ae69e4c0544f9d7b11319170.svg
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.43.220.20 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr43.hostlife.net
Software: Apache /
Resource Hash: 55b3d8cd7a577726ff430b6bc7fcdddc9a88a7f29d014f4323e63535ac67ba62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:50 GMT
last-modified: Tue, 25 Aug 2020 04:50:04 GMT
server: Apache
accept-ranges: bytes
content-length: 25182
content-type: image/svg+xml

GET
H2 200 90e17f43426c2411b47906831576deaf.png
images-sof.xyz/assets/ 287 KB
290 KB 64ms
33ms Image
image/png 185.43.220.20
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-sof.xyz/assets/90e17f43426c2411b47906831576deaf.png
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.43.220.20 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr43.hostlife.net
Software: Apache /
Resource Hash: 1a3655b63a125832e069496e770bd5096944e9cd94695287ead4241f3f0d70f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:50 GMT
last-modified: Wed, 03 Jun 2020 06:42:04 GMT
server: Apache
accept-ranges: bytes
content-length: 294360
content-type: image/png

GET
H2 200 ff5b4f3466b1e217ba845ce0540da563.png
images-sof.xyz/assets/ 291 KB
294 KB 64ms
33ms Image
image/png 185.43.220.20
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-sof.xyz/assets/ff5b4f3466b1e217ba845ce0540da563.png
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.43.220.20 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr43.hostlife.net
Software: Apache /
Resource Hash: fc8fe559f54194bba20a2d6a784877b7b6055defb0c39285f1ae7e92ec3c2f4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:50 GMT
last-modified: Wed, 03 Jun 2020 06:42:04 GMT
server: Apache
accept-ranges: bytes
content-length: 298455
content-type: image/png

GET
H2 200 d3e19db7390a2d1afbe895b73c4d253c.svg
images-sof.xyz/assets/ 14 KB
14 KB 72ms
41ms Image
image/svg+xml 185.43.220.20
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-sof.xyz/assets/d3e19db7390a2d1afbe895b73c4d253c.svg
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.43.220.20 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr43.hostlife.net
Software: Apache /
Resource Hash: d1f07a505999735b81c84cef82b0c2e3ddfea1cef9a55b99df91ac2815e85dac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:50 GMT
last-modified: Wed, 12 May 2021 12:52:22 GMT
server: Apache
accept-ranges: bytes
content-length: 14185
content-type: image/svg+xml

GET
H2 200 779a770c34fcb823a598a7277301adaf.svg
images-sof.xyz/assets/ 179 B
232 B 64ms
31ms Image
image/svg+xml 185.43.220.20
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-sof.xyz/assets/779a770c34fcb823a598a7277301adaf.svg
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.43.220.20 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr43.hostlife.net
Software: Apache /
Resource Hash: 34141e9a95e611f7ba839276d4fbcf27228af1a3a903c2724098fab7df60d447

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:50 GMT
last-modified: Thu, 02 Apr 2020 03:34:08 GMT
server: Apache
accept-ranges: bytes
content-length: 179
content-type: image/svg+xml

GET
H2 200 7f3d7fae8a3a741b4dfa.js Show response
images-sof.xyz/assets/ 8 KB
8 KB 64ms
31ms Script
application/javascript 185.43.220.20
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images-sof.xyz/assets/7f3d7fae8a3a741b4dfa.js
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.43.220.20 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr43.hostlife.net
Software: Apache /
Resource Hash: 60cd71a4b5d2952fd92fada0b76cda7b7fa0cbfa2a3a170f5f767b96c5cd211b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:50 GMT
last-modified: Wed, 22 Dec 2021 04:32:38 GMT
server: Apache
accept-ranges: bytes
content-length: 8566
content-type: application/javascript

GET
H2 200 2a1b2b21c990b4fa9060.js Show response
images-sof.xyz/assets/ 62 KB
62 KB 63ms
31ms Script
application/javascript 185.43.220.20
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images-sof.xyz/assets/2a1b2b21c990b4fa9060.js
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.43.220.20 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr43.hostlife.net
Software: Apache /
Resource Hash: 418f732e3f451c106637ca39d5c4948b9045278db863a5883ee2a57ce2d1e44a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:50 GMT
last-modified: Wed, 22 Dec 2021 04:32:38 GMT
server: Apache
accept-ranges: bytes
content-length: 63769
content-type: application/javascript

GET
H2 200 90b545986ead4612c188.js Show response
images-sof.xyz/assets/ 9 MB
9 MB 53ms
31ms Script
application/javascript 185.43.220.20
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images-sof.xyz/assets/90b545986ead4612c188.js
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.43.220.20 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr43.hostlife.net
Software: Apache /
Resource Hash: 79966a8b663930a24bceb5c67077ba1e46a13a10e6f68fc895648aa46137359f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:50 GMT
last-modified: Wed, 22 Dec 2021 04:32:38 GMT
server: Apache
accept-ranges: bytes
content-length: 9512431
content-type: application/javascript

GET
H2 200 7e196fe9624c714402d8.js Show response
images-sof.xyz/assets/ 107 KB
107 KB 44ms
29ms Script
application/javascript 185.43.220.20
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images-sof.xyz/assets/7e196fe9624c714402d8.js
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.43.220.20 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr43.hostlife.net
Software: Apache /
Resource Hash: d9e0b281b6e382ce49d7bec76f8014fc9213cd0057c2489036a675b62a23adaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:50 GMT
last-modified: Wed, 22 Dec 2021 04:32:38 GMT
server: Apache
accept-ranges: bytes
content-length: 109415
content-type: application/javascript

GET
H2 200 493aeda0cf9222bd5e86.js Show response
images-sof.xyz/assets/ 21 KB
21 KB 82ms
67ms Script
application/javascript 185.43.220.20
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images-sof.xyz/assets/493aeda0cf9222bd5e86.js
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.43.220.20 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr43.hostlife.net
Software: Apache /
Resource Hash: 44d81b8b257d09d73606e54c221ecf7cdda61e0e811f2b1dd508bac501c47339

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:50 GMT
last-modified: Wed, 22 Dec 2021 04:33:10 GMT
server: Apache
accept-ranges: bytes
content-length: 21788
content-type: application/javascript

GET
H2 200 5ddc548c54905d511926.js Show response
images-sof.xyz/assets/ 136 KB
136 KB 82ms
68ms Script
application/javascript 185.43.220.20
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images-sof.xyz/assets/5ddc548c54905d511926.js
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.43.220.20 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr43.hostlife.net
Software: Apache /
Resource Hash: 2f4931125bc8b6d91c968cbe124a885b32c9a326c832f51ee1107feee9f8cd28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:50 GMT
last-modified: Wed, 22 Dec 2021 04:32:38 GMT
server: Apache
accept-ranges: bytes
content-length: 139182
content-type: application/javascript

GET
H2 200 93ef0297ddecef2d4201.js Show response
images-sof.xyz/assets/ 21 KB
21 KB 82ms
68ms Script
application/javascript 185.43.220.20
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images-sof.xyz/assets/93ef0297ddecef2d4201.js
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.43.220.20 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr43.hostlife.net
Software: Apache /
Resource Hash: 9a1d501d0d4a6837eb6d1d80e871e3cb0bf3b83c2e3b8a6973df33e63709bf2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:50 GMT
last-modified: Wed, 22 Dec 2021 04:32:38 GMT
server: Apache
accept-ranges: bytes
content-length: 21616
content-type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ 2 KB
988 B 41ms
16ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Press+Start+2P

Requested by

Host: images-sof.xyz
URL: https://images-sof.xyz/assets/0.234b507975bcaea44e60.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8cddafdce118e839bc5f03e9dc8a76c3b6972ad3348fc6096774ad4cae15146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://images-sof.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 15:37:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 13 Jan 2022 16:02:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jan 2022 16:02:50 GMT

GET
H3 200 zq4 Show response
gift-nitro.group/1kxzq/ 406 KB
62 KB 214ms
203ms Script
text/javascript 2606:4700:3033::6815:496f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gift-nitro.group/1kxzq/zq4
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/b9104c5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:496f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce4ebe6f938d4bf5a78339c1c5133bf02780c932e51a3bb896794343de297bd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 16:02:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQO6l1ykOWRLJlKQrcLeQ8%2B7HxfcxPPupg4p0cwinSU1UW2yTlB0%2BKrK2bKoYQJLSBDq5nLb4r4ciwv4d6Cd4hbW9ECvwdo8zjIZzywpfK2cZxp5H0LZFhGV5zqyB4zxSZc3D3scNoOUTJ%2B2ATX8"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 6ccfd9ea1e7e3751-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET be0060dafb7a0e31d2a1ca17c0708636.woff
images-sof.xyz/assets/ 0
0

GET 3bdef1251a424500c1b3a78dea9b7e57.woff
images-sof.xyz/assets/ 0
0

GET e8acd7d9bf6207f99350ca9f9e23b168.woff
images-sof.xyz/assets/ 0
0

GET ae7c84783ad48b6d1c8e2bfbe707e0d4.woff2
images-sof.xyz/assets/ 0
0

GET e215f61cbbc2e49cea6121e0d2679aa2.woff2
images-sof.xyz/assets/ 0
0

GET
H2 206 ff96c6cc388e99cdcdd33e996ba9f893.webm
images-sof.xyz/assets/ 0
0 97ms
94ms Media
video/webm 185.43.220.20
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images-sof.xyz/assets/ff96c6cc388e99cdcdd33e996ba9f893.webm
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.43.220.20 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr43.hostlife.net
Software: Apache /
Resource Hash

Request headers

Referer: https://gift-nitro.group/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1419766/1419767
date: Thu, 13 Jan 2022 16:02:50 GMT
last-modified: Wed, 22 Dec 2021 04:40:44 GMT
server: Apache
accept-ranges: bytes
Content-Length: 1419767
content-type: video/webm

GET
H2 206 ff96c6cc388e99cdcdd33e996ba9f893.webm
images-sof.xyz/assets/ 1 MB
1 MB 97ms
95ms Media
video/webm 185.43.220.20
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images-sof.xyz/assets/ff96c6cc388e99cdcdd33e996ba9f893.webm
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.43.220.20 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr43.hostlife.net
Software: Apache /
Resource Hash: 45e0304c3f742748533a42883c3148b3a8abda8c0bc501341db7248210f0932d

Request headers

Referer: https://gift-nitro.group/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1419766/1419767
date: Thu, 13 Jan 2022 16:02:50 GMT
last-modified: Wed, 22 Dec 2021 04:40:44 GMT
server: Apache
accept-ranges: bytes
Content-Length: 1419767
content-type: video/webm

GET 92e32db984c8577d8b81548b43b9c061.woff
images-sof.xyz/assets/ 0
0

GET 88055567e3d928bcb1e67e967081572e.woff
images-sof.xyz/assets/ 0
0

GET 8e12fb4f14d9c4592eb8ec9f22337b04.woff
images-sof.xyz/assets/ 0
0

GET
H3 200 jquery-ui.css
gift-nitro.group/Content/css/ 35 KB
9 KB 221ms
221ms Stylesheet
text/css 2606:4700:3033::6815:496f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gift-nitro.group/Content/css/jquery-ui.css
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/dc35384.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:496f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gift-nitro.group/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 28 Dec 2021 14:06:52 GMT
server: cloudflare
etag: W/"61cb19fc-8c85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BOYIOUMfJ8Lw8%2F40aoRFx5yKjA%2BuZi3Y1fAVNInof%2FYPpFcMNtftLYSb77KROU83fj02PcPBCL9E1eB%2FqUzcNJSi0hvVoGzW3aOMVe4SMm47BfRDmEB19RIKxIOjATqdFGQKwPWbkWwhlwJdcBH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ccfd9ed1eae3751-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 jquery-ui.min.js Show response
gift-nitro.group/Content/js/ 248 KB
68 KB 357ms
356ms XHR
application/javascript 2606:4700:3033::6815:496f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gift-nitro.group/Content/js/jquery-ui.min.js
Requested by: Host: gift-nitro.group
URL: https://gift-nitro.group/dc35384.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:496f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://gift-nitro.group/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 16:02:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 28 Dec 2021 14:06:52 GMT
server: cloudflare
etag: W/"61cb19fc-3dee4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MuE6KmWoQEM74ucBTukHssSJCryrrzRw7pTx2e0YvXd9gBovu9guyrzxi16JvHGaf7kua%2FzC2MuCiYGRONrwm1BELmtoeLDOXRIO56bFFrcAGD%2BU4trqQi0ugaZpdhYfpNe%2B0JLkj8tHRtGBRBOg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ccfd9ed1eb33751-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: images-sof.xyz
URL: https://images-sof.xyz/assets/be0060dafb7a0e31d2a1ca17c0708636.woff

Domain: images-sof.xyz
URL: https://images-sof.xyz/assets/3bdef1251a424500c1b3a78dea9b7e57.woff

Domain: images-sof.xyz
URL: https://images-sof.xyz/assets/e8acd7d9bf6207f99350ca9f9e23b168.woff

Domain: images-sof.xyz
URL: https://images-sof.xyz/assets/ae7c84783ad48b6d1c8e2bfbe707e0d4.woff2

Domain: images-sof.xyz
URL: https://images-sof.xyz/assets/e215f61cbbc2e49cea6121e0d2679aa2.woff2

Domain: images-sof.xyz
URL: https://images-sof.xyz/assets/92e32db984c8577d8b81548b43b9c061.woff

Domain: images-sof.xyz
URL: https://images-sof.xyz/assets/88055567e3d928bcb1e67e967081572e.woff

Domain: images-sof.xyz
URL: https://images-sof.xyz/assets/8e12fb4f14d9c4592eb8ec9f22337b04.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Discord (Instant Messenger)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gift-nitro.group/	1969-12-31 23:59:59	Name: 8866308252d63f9bf74b74e606896148 Value: l31kxzq4av
gift-nitro.group/	1970-01-20 00:08:20	Name: 24bf5f05adbb546b9fa17a23ebe12d6c Value: GEDRDI9MhM
gift-nitro.group/	1970-01-20 00:08:20	Name: aedf806b25197c3b3030d95f950c2848 Value: 673f573f099635e618a94c24c81d7a31
gift-nitro.group/	1970-01-20 00:08:20	Name: 8f0ac4ea9c8c485cb20cd1274730949a Value: oTG1VT2NWTnRObFRUYmFVNnpsOXd2bFRXdkd4d1RvOTRUYTlHZFR4U01LdV8tSlVPY19OdE5PTnUwbjBxOU9ZcTB3U18wT3p1Zm5OMzlub2dmNG9tYzRUXzlLb205aDlPTl9wXzBCY19kX1VIOXdTbmRoWTQwT05xY0thQTBCZl9jQllCYzFGM2Z3MDNmS3hPY09pdWRKTkVObmN1Tk9RX2pzVXE5Vk5FTm5jcU5PUV82Sj1nYkFIdHZUcElMa291Tl9wXzBCMF9kbEVfNko1SGMxTmUwNE5tZndvdTl3ZkhjS3ZwY09UbGNCb2U5S3pBZnd6M2ZPb3VkSjNwMm52Xy1KVXYtQmZfOXd6QWYxVG5maEdIZmhIbDl3ejNjdzBtOUs5YTBLSGFkMVNhMHdOcC1reHk5bU5FTmxwSTBLYTRjd1NhMDRjM2ZCWXVkaDBxMEJhQjloeF85T0hhY3djcDkxbzM5S2F5djEza05fcF82SjVPZmh4YTBCY21mT2NtY2h6ZWMxZmEwSzlsOU9GZ2ZoeG4wT1NPZkJqXzBtM3AybnZfLUpVdi1COW5jS3Z1Y2hhdWZLaXVjMU5BZk9jcTBLMHBjQk5lZDFOZ2NoMHBjaGFnLWt4eTltTkVObHBJYzFmSGZPYWVmS1llMDQwM2NPdmVkaDBwZmh4TzBuRnFmS0ZwOUtHX2Rodnl2MTNrTl9wXzZKPXFmNFNsOU9UYWR3Zm5mT3ZwY08wcGRoeE9jS3ZxZk92cDA0enVmT05BY0ozcDJudl8tSlV2LUJVX2ZubzQwQkZCZEtIbmNLWUJjQkdPZmhOdWZLY3VjQmZuY0tjMzA0emUta3h5OW1ORU5scEkwT3o0Y2hTYWRob3VmT3hfMHdGZWQxR0gwS1lCOU8wbWYxVV85bnpwZm5OeWJ3ZklObHVFTm5jQU5PUV82SjVJdjFUeWJ3U0I2SjVFMjRqODJfVTU%3D

44 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/cb436e22ed18484e04f3e6002e407de9.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/steam.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/9d51aef4c57689e5f78f1124485f6eb9.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/a85c1e61d72e1236b440a8b3abf4263d.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/1f4a4af827e31434fe29b8bc36c2513c.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/c0da27d3ae69e4c0544f9d7b11319170.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/90e17f43426c2411b47906831576deaf.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/ff5b4f3466b1e217ba845ce0540da563.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/steam.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/d3e19db7390a2d1afbe895b73c4d253c.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/steam.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/779a770c34fcb823a598a7277301adaf.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/cb436e22ed18484e04f3e6002e407de9.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/steam.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/9d51aef4c57689e5f78f1124485f6eb9.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/a85c1e61d72e1236b440a8b3abf4263d.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/1f4a4af827e31434fe29b8bc36c2513c.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/c0da27d3ae69e4c0544f9d7b11319170.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/90e17f43426c2411b47906831576deaf.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/ff5b4f3466b1e217ba845ce0540da563.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/steam.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/d3e19db7390a2d1afbe895b73c4d253c.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/steam.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/779a770c34fcb823a598a7277301adaf.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/ff96c6cc388e99cdcdd33e996ba9f893.webm'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure element 'http://images-sof.xyz/assets/ff96c6cc388e99cdcdd33e996ba9f893.webm'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	error	URL: https://gift-nitro.group/ Message: Access to font at 'https://images-sof.xyz/assets/ae7c84783ad48b6d1c8e2bfbe707e0d4.woff2' from origin 'https://gift-nitro.group' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://images-sof.xyz/assets/ae7c84783ad48b6d1c8e2bfbe707e0d4.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gift-nitro.group/ Message: Access to font at 'https://images-sof.xyz/assets/e215f61cbbc2e49cea6121e0d2679aa2.woff2' from origin 'https://gift-nitro.group' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://images-sof.xyz/assets/e215f61cbbc2e49cea6121e0d2679aa2.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gift-nitro.group/ Message: Access to font at 'https://images-sof.xyz/assets/3bdef1251a424500c1b3a78dea9b7e57.woff' from origin 'https://gift-nitro.group' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://images-sof.xyz/assets/3bdef1251a424500c1b3a78dea9b7e57.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gift-nitro.group/ Message: Access to font at 'https://images-sof.xyz/assets/be0060dafb7a0e31d2a1ca17c0708636.woff' from origin 'https://gift-nitro.group' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://images-sof.xyz/assets/be0060dafb7a0e31d2a1ca17c0708636.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gift-nitro.group/ Message: Access to font at 'https://images-sof.xyz/assets/e8acd7d9bf6207f99350ca9f9e23b168.woff' from origin 'https://gift-nitro.group' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://images-sof.xyz/assets/e8acd7d9bf6207f99350ca9f9e23b168.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gift-nitro.group/ Message: Access to font at 'https://images-sof.xyz/assets/92e32db984c8577d8b81548b43b9c061.woff' from origin 'https://gift-nitro.group' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://images-sof.xyz/assets/92e32db984c8577d8b81548b43b9c061.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gift-nitro.group/ Message: Access to font at 'https://images-sof.xyz/assets/88055567e3d928bcb1e67e967081572e.woff' from origin 'https://gift-nitro.group' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://images-sof.xyz/assets/88055567e3d928bcb1e67e967081572e.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gift-nitro.group/ Message: Access to font at 'https://images-sof.xyz/assets/8e12fb4f14d9c4592eb8ec9f22337b04.woff' from origin 'https://gift-nitro.group' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://images-sof.xyz/assets/8e12fb4f14d9c4592eb8ec9f22337b04.woff Message: Failed to load resource: net::ERR_FAILED
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure video 'http://images-sof.xyz/assets/ff96c6cc388e99cdcdd33e996ba9f893.webm'. This content should also be served over HTTPS.
security	warning	URL: https://gift-nitro.group/ Message: Mixed Content: The page at 'https://gift-nitro.group/' was loaded over HTTPS, but requested an insecure video 'http://images-sof.xyz/assets/ff96c6cc388e99cdcdd33e996ba9f893.webm'. This content should also be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
gift-nitro.group
images-sof.xyz
images-sof.xyz
185.43.220.20
2606:4700:3033::6815:496f
2a00:1450:4001:802::200a
183f41e22ce48a678cf4e788df7e7f999ff55a89431f99501ea3e6f414406105
1a3655b63a125832e069496e770bd5096944e9cd94695287ead4241f3f0d70f4
26f170946825e9a987e9e88752161a6cfbf3a013bf1ef23eeb9fae2d227e4dbb
2f4931125bc8b6d91c968cbe124a885b32c9a326c832f51ee1107feee9f8cd28
34141e9a95e611f7ba839276d4fbcf27228af1a3a903c2724098fab7df60d447
418f732e3f451c106637ca39d5c4948b9045278db863a5883ee2a57ce2d1e44a
43ecb899a10d42f0e461e31ce83e65ea2622ab1f05ec9a428e799e4c5e31c81d
44d81b8b257d09d73606e54c221ecf7cdda61e0e811f2b1dd508bac501c47339
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
45e0304c3f742748533a42883c3148b3a8abda8c0bc501341db7248210f0932d
4e15ae7d40f2e8b8abe28049571421888623c15aaec3993449bfcf13428ba3a5
54a50d2d52b2705c65fd208391753c858bad078c4055ef2534ee8d6e401d184b
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
55b3d8cd7a577726ff430b6bc7fcdddc9a88a7f29d014f4323e63535ac67ba62
60cd71a4b5d2952fd92fada0b76cda7b7fa0cbfa2a3a170f5f767b96c5cd211b
62bb02fa91c1537efbce823d5d1981982d3925bcdaac667dc6ca64f8469e2284
79966a8b663930a24bceb5c67077ba1e46a13a10e6f68fc895648aa46137359f
9a1d501d0d4a6837eb6d1d80e871e3cb0bf3b83c2e3b8a6973df33e63709bf2a
bd91e0c9cbe61e71d4be397aa51fea6a67035ef9acc83069863b40dd58e7e6d8
c97a58d544c374c5214915f44f9daf67ae04ee8d3f94990b9269e4d6770fa042
ce4ebe6f938d4bf5a78339c1c5133bf02780c932e51a3bb896794343de297bd9
d1f07a505999735b81c84cef82b0c2e3ddfea1cef9a55b99df91ac2815e85dac
d4ba238c5fce9fd70fc9336c07319169986217e3beb42959dc9d137a57cafa4a
d8cddafdce118e839bc5f03e9dc8a76c3b6972ad3348fc6096774ad4cae15146
d9e0b281b6e382ce49d7bec76f8014fc9213cd0057c2489036a675b62a23adaa
fc8fe559f54194bba20a2d6a784877b7b6055defb0c39285f1ae7e92ec3c2f4a

gift-nitro.group Open in urlscan Pro 2606:4700:3033::6815:496f Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

77 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

12288 kBTransfer

13082 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

gift-nitro.group Open in urlscan Pro
2606:4700:3033::6815:496f Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

77 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

12288 kB
Transfer

13082 kB
Size

4
Cookies

35 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!