urlscan.io logo urlscan.io
SecurityTrails logo

nefasto.xyz Open in urlscan Pro
185.27.134.59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nightstore.xyz/
Effective URL: https://nefasto.xyz/?i=2
Submission: On December 06 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 11 HTTP transactions. The main IP is 185.27.134.59, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is nefasto.xyz.
TLS certificate: Issued by R3 on October 30th 2023. Valid for: 3 months.
This is the only time nefasto.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 185.27.134.171 34119 (WILDCARD-...)
4 185.27.134.59 34119 (WILDCARD-...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 162.159.130.233 13335 (CLOUDFLAR...)
11 4
Apex Domain
Subdomains		 Transfer
4 vendicated.dev
widgets.vendicated.dev
31 KB
4 nefasto.xyz
nefasto.xyz
13 KB
4 nightstore.xyz
nightstore.xyz
15 KB
1 discordapp.com
cdn.discordapp.com — Cisco Umbrella Rank: 2996
20 KB
11 4
Domain Requested by
4 widgets.vendicated.dev nefasto.xyz
widgets.vendicated.dev
4 nefasto.xyz nightstore.xyz
nefasto.xyz
4 nightstore.xyz 2 redirects nightstore.xyz
1 cdn.discordapp.com widgets.vendicated.dev
11 4

This site contains no links.

Subject Issuer Validity Valid
nefasto.xyz
R3		 2023-10-30 -
2024-01-28		 3 months crt.sh
widgets.vendicated.dev
E1		 2023-10-28 -
2024-01-26		 3 months crt.sh
discordapp.com
Cloudflare Inc ECC CA-3		 2023-10-20 -
2024-10-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://nefasto.xyz/?i=2
Frame ID: C4590DA4A7CCBC5C9E7E85C5BB67B38D
Requests: 6 HTTP requests in this frame

Frame: https://widgets.vendicated.dev/user?id=768695648676610060&theme=dark&banner=true&full-banner=false&rounded-corners=false&discord-icon=false&badges=true&guess-nitro=true&
Frame ID: D56260B46CE6FEE45ED6DAD800AF91AA
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

nefasto – apenas eu

Page URL History Show full URLs

  1. http://nightstore.xyz/ Page URL
  2. http://nightstore.xyz/?i=1 HTTP 302
    https://nightstore.xyz/?i=1 HTTP 301
    https://nefasto.xyz/?i=1 Page URL
  3. https://nefasto.xyz/?i=2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

11
Requests

82 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

78 kB
Transfer

109 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nightstore.xyz/ Page URL
  2. http://nightstore.xyz/?i=1 HTTP 302
    https://nightstore.xyz/?i=1 HTTP 301
    https://nefasto.xyz/?i=1 Page URL
  3. https://nefasto.xyz/?i=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://nightstore.xyz/?i=1 HTTP 302
  • https://nightstore.xyz/?i=1 HTTP 301
  • https://nefasto.xyz/?i=1

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
nightstore.xyz/ 		825 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://nightstore.xyz/
Protocol
HTTP/1.1
Server
185.27.134.171 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
7c1532949d504e27dc32386ee96cefb95ac18e77cf608e82b50fc2c760a4df9f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
825
Content-Type
text/html
Date
Wed, 06 Dec 2023 04:01:28 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Server
nginx
aes.js
nightstore.xyz/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://nightstore.xyz/aes.js
Requested by
Host: nightstore.xyz
URL: http://nightstore.xyz/
Protocol
HTTP/1.1
Server
185.27.134.171 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://nightstore.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 04:01:28 GMT
Last-Modified
Sun, 15 Oct 2023 18:01:35 GMT
Server
nginx
ETag
"652c28ff-35a5"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13733
/
nefasto.xyz/
Redirect Chain
  • http://nightstore.xyz/?i=1
  • https://nightstore.xyz/?i=1
  • https://nefasto.xyz/?i=1
823 B
564 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nefasto.xyz/?i=1
Requested by
Host: nightstore.xyz
URL: http://nightstore.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.59 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
90eaafaa2fe9c39f077cb483b666fe2ced89682dbfd2dd64f8349378f09612b4

Request headers

Referer
http://nightstore.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache
content-encoding
br
content-type
text/html
date
Wed, 06 Dec 2023 04:01:30 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
nginx

Redirect headers

cache-control
max-age=0
content-length
231
content-type
text/html; charset=iso-8859-1
date
Wed, 06 Dec 2023 04:01:29 GMT
expires
Wed, 06 Dec 2023 04:01:29 GMT
location
https://nefasto.xyz?i=1
server
nginx
aes.js
nefasto.xyz/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nefasto.xyz/aes.js
Requested by
Host: nefasto.xyz
URL: https://nefasto.xyz/?i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.59 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://nefasto.xyz/?i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 04:01:30 GMT
content-encoding
br
last-modified
Thu, 26 Oct 2023 17:57:22 GMT
server
nginx
etag
W/"653aa882-35a5"
content-type
application/javascript
Primary Request /
nefasto.xyz/ 		24 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nefasto.xyz/?i=2
Requested by
Host: nefasto.xyz
URL: https://nefasto.xyz/?i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.59 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
be9d1048c71c287d178d776ef50d116b331365daeca7047fda4ac2e8f4f5e62f

Request headers

Referer
https://nefasto.xyz/?i=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0
content-encoding
gzip
content-length
5174
content-type
text/html; charset=UTF-8
date
Wed, 06 Dec 2023 04:01:31 GMT
expires
Wed, 06 Dec 2023 04:01:30 GMT
link
<https://nefasto.xyz/wp-json/>; rel="https://api.w.org/"
server
nginx
vary
Accept-Encoding
style.css
nefasto.xyz/wp-content/themes/twentytwentytwo/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nefasto.xyz/wp-content/themes/twentytwentytwo/style.css?ver=1.6
Requested by
Host: nefasto.xyz
URL: https://nefasto.xyz/?i=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.59 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
a81033c1b6389626f0840be3169b2d99fc345ac4d450c31a88ef7303590c484f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://nefasto.xyz/?i=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 04:01:31 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2023 02:05:20 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10368000, public, proxy-revalidate, must-revalidate
accept-ranges
bytes
content-length
2135
expires
max-age=A10368000,
user
widgets.vendicated.dev/ Frame D562 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.vendicated.dev/user?id=768695648676610060&theme=dark&banner=true&full-banner=false&rounded-corners=false&discord-icon=false&badges=true&guess-nitro=true&
Requested by
Host: nefasto.xyz
URL: https://nefasto.xyz/?i=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:de39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9748c14f28be8faeb9a49efd4220f66c9d9f6840b1c3582b7039e1bfdd10d5a

Request headers

Referer
https://nefasto.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=300, s-maxage=300
cf-ray
8311a0cf380cd188-LHR
content-encoding
br
content-type
text/html
date
Wed, 06 Dec 2023 04:01:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqOWjzSv2gm5T0QQ88dXLRuzbbPHM8ABp91gzP%2Bgz%2Bm6bApxQbWoFt6ihXWwGldFQwspeRs5Rtf%2F8t0sPwok9vh2nhgFD%2FyvIP4HHJX91VT14Dknvp1iJ%2BbOfux%2F9JkGPNUfqoo3W4UO2WhJB%2B85z8UQU1Tq"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user.7ce4ac59.css
widgets.vendicated.dev/_astro/ Frame D562 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widgets.vendicated.dev/_astro/user.7ce4ac59.css
Requested by
Host: widgets.vendicated.dev
URL: https://widgets.vendicated.dev/user?id=768695648676610060&theme=dark&banner=true&full-banner=false&rounded-corners=false&discord-icon=false&badges=true&guess-nitro=true&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:de39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ce4ac5930ba00e35ced667183c916136d560846c1a43886fc2192286da187a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 04:01:34 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"fcf8749478d1e2b331766850926a82cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRk7ZXh09Q0MCswmyBuN1SATV0TRwT0gLg5kcm74R7TPjbNL%2BTOg%2FSJT8MF2cW7z1ROTGsycGggkgUkgdTIfd2fCB%2BvOIL3Zv7gF6SP8oR01RYSKPFi9vdHrVclrvN%2BhROXu34RYflV0nTW2%2F2Hm1jOLcsMJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8311a0dd2ed1d188-LHR
alt-svc
h3=":443"; ma=86400
c8805e966d9d4ee101711be10403d35a.webp
cdn.discordapp.com/avatars/768695648676610060/ Frame D562 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.discordapp.com/avatars/768695648676610060/c8805e966d9d4ee101711be10403d35a.webp?size=256
Requested by
Host: widgets.vendicated.dev
URL: https://widgets.vendicated.dev/user?id=768695648676610060&theme=dark&banner=true&full-banner=false&rounded-corners=false&discord-icon=false&badges=true&guess-nitro=true&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2ff2e3d21a192762a8f81ff2cbee6214ff98e9b05d0be4acb83339d50bacc1c

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 04:01:34 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
19146
last-modified
Tue, 05 Dec 2023 19:41:26 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=US0046AfuBwTMRXnRuuoI7psXcXowvQ03KceHzXqGNOcb5uFGqUl%2Bsjt5zcDDk4UOMIFbSixcO42DBmLUpFZw3kQyO%2F7fsK3kAmSodHfNWGR6JKMb5%2BBycxfXOTl9wgHlnc3sA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray
8311a0de2a693697-LHR
expires
Thu, 05 Dec 2024 04:01:34 GMT
active-developer.png
widgets.vendicated.dev/assets/badges/ Frame D562 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.vendicated.dev/assets/badges/active-developer.png
Requested by
Host: widgets.vendicated.dev
URL: https://widgets.vendicated.dev/user?id=768695648676610060&theme=dark&banner=true&full-banner=false&rounded-corners=false&discord-icon=false&badges=true&guess-nitro=true&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:de39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8216341ad9c3b8f4634ea3323c1fb9f7b351a4360583eb752f6a28bc3364014c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 04:01:34 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"099608d66132578c23f6cbe83118d498"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Qa%2FmFoCQ4JV4UWEe5F3SQAxLI%2F05E1Rj6kmO4bxrzC06fXATSr%2BT9wmRmuWtnN6wQPyDbBbhu3neHTDTgx3a8dXXGm63USM0ArUbKMPzTbHmDBs8EbxVXt9Un%2FtMXMxBe%2Ff0ABmCJiMaq4gswqasojTHz7H"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8311a0dd5efcd188-LHR
alt-svc
h3=":443"; ma=86400
content-length
2985
gg-sans-600.woff2
widgets.vendicated.dev/assets/ Frame D562 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://widgets.vendicated.dev/assets/gg-sans-600.woff2
Requested by
Host: widgets.vendicated.dev
URL: https://widgets.vendicated.dev/_astro/user.7ce4ac59.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:de39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ebaa9bc2190b1c8b005739078490ea30a014fd52ef1356d2c9de646396c4ac6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgets.vendicated.dev/_astro/user.7ce4ac59.css
Origin
null
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 04:01:34 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"33e8090d965253dd1719012c4cae113e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0fAhV4bdgWydfEfw%2Bj7bzUfYyXyeqGzSjYbDO0sBb74u6ark4FiI7oySn%2FMzfP%2FL3yX%2FMtXBtNXFFM2kvKdPNtjam7Ru0s3YkwevUoUPdZ3y2oTOxsi7e3XK8qHw6PGxfBBDfsiJ4H%2B2daOMEoWTtK2nHDw"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8311a0debba376c6-LHR
alt-svc
h3=":443"; ma=86400
content-length
25168

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

4 Cookies

Domain/Path Name / Value
nightstore.xyz/ Name: __test
Value: 547a347467797b188fe819d8bbac91fb
nefasto.xyz/ Name: __test
Value: 547a347467797b188fe819d8bbac91fb
.discordapp.com/ Name: __cf_bm
Value: 0shfdGGpQXW1tVEdJejwavpJGBdO03XbCvxrKIoU194-1701835294-0-AVmfoFe0EopP7VV4c/GCy3QAe70Q+n62j+TU40QQtK19oL3G5v9BiYFkzNdsX2V7cw817X9LKwgqA7EI6BtM6mQ=
.discordapp.com/ Name: _cfuvid
Value: cWv7p4U1fxJiksQKu3bPvI71nm9l.k7TmNKccSVzqIg-1701835294577-0-604800000