nitrogamer.org Open in urlscan Pro
2606:4700:3031::ac43:b9ce Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nitrogamer.org/
Submission Tags: phishingrod
Submission: On March 21 via api (March 21st 2023, 5:31:17 am UTC) from DE — Scanned from DE

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3031::ac43:b9ce, located in United States and belongs to CLOUDFLARENET, US. The main domain is nitrogamer.org.
TLS certificate: Issued by GTS CA 1P5 on March 21st 2023. Valid for: 3 months.

This is the only time nitrogamer.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3031::ac43:b9ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
7	2606:4700:303... 2606:4700:3033::6815:ea9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	6

4 2606:4700:3031::ac43:b9ce (United States)

ASN13335 (CLOUDFLARENET, US)

nitrogamer.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3033::6815:ea9 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.topofleaked.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	topofleaked.co cdn.topofleaked.co	624 KB
4	nitrogamer.org nitrogamer.org	16 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 10464	1 KB
1	gstatic.com fonts.gstatic.com	26 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	833 B
14	5

	Domain	Requested by
7	cdn.topofleaked.co	nitrogamer.org
4	nitrogamer.org	nitrogamer.org
2	counter.yadro.ru	1 redirects nitrogamer.org
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	nitrogamer.org
14	5

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru

Subject Issuer	Validity	Valid
*.nitrogamer.org GTS CA 1P5	`2023-03-21` - `2023-06-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.topofleaked.co E1	`2023-03-07` - `2023-06-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nitrogamer.org/
Frame ID: ABD93BD05FCF51FE33B2865490237A4B
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Top OnlyFans Creators Leaked - Best OnlyFans Leaks » Topofleaked.com

Page Statistics

14
Requests

93 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

667 kB
Transfer

715 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://counter.yadro.ru/hit?t43.6;r;s1600*1200*24;uhttps%3A//nitrogamer.org/;hTop%20OnlyFans%20Creators%20Leaked%20-%20Best%20OnlyFans%20Leaks%20%BB%20Topofleaked.com;0.006093329848653406 HTTP 302
https://counter.yadro.ru/hit?q;t43.6;r;s1600*1200*24;uhttps%3A//nitrogamer.org/;hTop%20OnlyFans%20Creators%20Leaked%20-%20Best%20OnlyFans%20Leaks%20%BB%20Topofleaked.com;0.006093329848653406

14 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
nitrogamer.org/ 35 KB
8 KB 307ms
258ms Document
text/html 2606:4700:3031::ac43:b9ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nitrogamer.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b9ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23b679fdf621af63f776805f3a53356c208bcfaa74f4fe362017b9bbd0d7af04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ab3ceaa8fc5927d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 21 Mar 2023 05:31:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oksB6oMVw%2B0%2B0aUuiB91a3I8fznDd%2FdFgIdsmALc3jyA5n%2BjnANnxbUGP92w0fES8frJQSyGlKhlSfoVcjyDmiZ2uPahhgVkVog8etrqSwn7NLLS1VWyYQa7x%2FT27%2B%2BbCgLNpQH3Zfaos0B5ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 style.css
nitrogamer.org/ 25 KB
5 KB 193ms
191ms Stylesheet
text/css 2606:4700:3031::ac43:b9ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nitrogamer.org/style.css?ver=323938984

Requested by

Host: nitrogamer.org
URL: https://nitrogamer.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b9ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3352f44c5886b7dc7e69ec057d9bc217e8229671095fbe5312238692b0d4de4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nitrogamer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:31:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 02 Jul 2021 14:55:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdOofw4aOK0OwaMLTRP%2BeJRZjHsrf%2FZwaXIN5bdG4zYaFpHJCRGHhjwnj2gxbM%2B4n06ACmxunwtnwFziqf5uN3OK46C80LOmgoac%2FODOzvRuv8orwG2HPj%2FeF0Qsl9i%2BQX%2F1cYYo6iu%2BYIGRWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 7ab3ceac2963927d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
833 B 58ms
23ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Jost:wght@400;700&display=swap

Requested by

Host: nitrogamer.org
URL: https://nitrogamer.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27fbfda5884224d97f8082c1562e96dbf51c431ecf3858fcde229a50008856e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nitrogamer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Mar 2023 05:31:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Mar 2023 04:27:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Mar 2023 05:31:12 GMT

GET
H2 200 lazy.js Show response
nitrogamer.org/js/ 2 KB
820 B 54ms
53ms Script
application/javascript 2606:4700:3031::ac43:b9ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nitrogamer.org/js/lazy.js
Requested by: Host: nitrogamer.org
URL: https://nitrogamer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b9ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c336a3685b1cd85551e0351e108c2725ba2ed7144cda6f0c61dfdec3a129bea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nitrogamer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:31:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 06 Jun 2021 16:32:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"60bcf894-667"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wuxx8cWkygcYbQxlJoDnrFnjcleN5uWsx9T7Zv9Lo7CakmzVXrzYxP%2BzFOeEGAIV2L5ux%2B5vAy3i6t%2BnjlbUI2%2F4M8fx0YRgqHKHYObY0GMlj4HhNrRME3Sv3Cd4RnjCKyqPbrA8dfz3q3xtKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ab3ceac2964927d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gccp.js Show response
nitrogamer.org/js/ 6 KB
2 KB 52ms
51ms Script
application/javascript 2606:4700:3031::ac43:b9ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nitrogamer.org/js/gccp.js
Requested by: Host: nitrogamer.org
URL: https://nitrogamer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b9ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533762c4538607814461f90c3b5e7d7b6700ab1dbff813de3388e926e3de840c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nitrogamer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:31:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 21 Mar 2023 05:31:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UEnApZRCCJmKeJ6RMoOrVgQB8bE0HDvykR5Z%2FOePKbJyn2YbFQ4JZru5YbKUk9FYDIUZyBtxe9hRDL09IA%2FA%2Bjle%2BZdVyiFYOOiLkGmqJpTfG%2Bi0tWomtuSYmGtvAGXP1%2BIMIb7IzFpRWQ%2BDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ab3ceac2965927d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t43.6;r;s1600*1200*24;uhttps%3A//nitrogamer.org/;hTop%20OnlyFans%20Creators%20Leaked%20-%20Best%20OnlyFans%20Leaks%20%BB%20Topofleaked.com;0.006093329848653406
https://counter.yadro.ru/hit?q;t43.6;r;s1600*1200*24;uhttps%3A//nitrogamer.org/;hTop%20OnlyFans%20Creators%20Leaked%20-%20Best%20OnlyFans%20Leaks%20%BB%20Topofleaked.com;0.006093329848653406

148 B
634 B

45ms
45ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t43.6;r;s1600*1200*24;uhttps%3A//nitrogamer.org/;hTop%20OnlyFans%20Creators%20Leaked%20-%20Best%20OnlyFans%20Leaks%20%BB%20Topofleaked.com;0.006093329848653406

Requested by

Host: nitrogamer.org
URL: https://nitrogamer.org/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

931383ad7739ca39f3a67277ee1b475d8567181feb6ef127c421238d1172fff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nitrogamer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Mar 2023 05:31:13 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 148
Expires: Sun, 20 Mar 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 21 Mar 2023 05:31:12 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t43.6;r;s1600*1200*24;uhttps%3A//nitrogamer.org/;hTop%20OnlyFans%20Creators%20Leaked%20-%20Best%20OnlyFans%20Leaks%20%BB%20Topofleaked.com;0.006093329848653406
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Sun, 20 Mar 2022 21:00:00 GMT

GET
H2 200 92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v14/ 26 KB
26 KB 58ms
24ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oTd4g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Jost:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nitrogamer.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 22:39:38 GMT
x-content-type-options: nosniff
age: 370294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26304
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:29:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 22:39:38 GMT

GET
H2 200 lexiduram_avatar.jpg
cdn.topofleaked.co/img/ 25 KB
25 KB 149ms
106ms Image
image/jpeg 2606:4700:3033::6815:ea9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.topofleaked.co/img/lexiduram_avatar.jpg
Requested by: Host: nitrogamer.org
URL: https://nitrogamer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:ea9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 276792eb57adc0e3d47a593734011c19b04b9a104d1600cd03570a6f96a02d15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nitrogamer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:31:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25292
pragma: public
last-modified: Mon, 15 Aug 2022 12:24:32 GMT
server: cloudflare
etag: "62fa3b00-62cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7H9JSRz9WooTxOVwP42fR04ni56kMJED8mXC6HvtqDFCSs0Euunc0xC1CUhVMGOdFpWzuvDu5Fya0wZJd5LYiJ%2Bml%2BzqwkDFykyoHhkkh0xRVrRnsLe9DGmw%2Fyt4x5XgloPGGCGlmbUwIB3LsVTwcC8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15552000
accept-ranges: bytes
cf-ray: 7ab3ceadce869112-FRA
expires: Sun, 17 Sep 2023 05:31:12 GMT

GET
H2 200 house_ofwindsor.jpg
cdn.topofleaked.co/img/ 107 KB
107 KB 172ms
130ms Image
image/jpeg 2606:4700:3033::6815:ea9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.topofleaked.co/img/house_ofwindsor.jpg
Requested by: Host: nitrogamer.org
URL: https://nitrogamer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:ea9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da470e9934b854b54b8d1e0ec4c7c7f42daf081b6aeb000733cbde421b726205

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nitrogamer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:31:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 109347
pragma: public
last-modified: Fri, 12 Feb 2021 12:43:08 GMT
server: cloudflare
etag: "602677dc-1ab23"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wY7hbFNrFIU0%2FuN1qpWKs1HGysYvgrE5poUiXJfwTjHv4yKwetRlXqzZKpNJ9jwX5PP8W0pgg5wUKX7eQXUotBUk1QpRydbsyqMsWJLmSrqepbK5fBCnux4SI5YF6HuFfB9XXStpclvDN3%2F0YK5Sl7I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15552000
accept-ranges: bytes
cf-ray: 7ab3ceadce879112-FRA
expires: Sun, 17 Sep 2023 05:31:12 GMT

GET
H2 200 gattinavoy.jpg
cdn.topofleaked.co/img/ 57 KB
57 KB 206ms
164ms Image
image/jpeg 2606:4700:3033::6815:ea9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.topofleaked.co/img/gattinavoy.jpg
Requested by: Host: nitrogamer.org
URL: https://nitrogamer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:ea9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a54fb717631d4e8306ce399308b07617b3867be3b14df3bfcca2dfe812f8e027

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nitrogamer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:31:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57991
pragma: public
last-modified: Mon, 15 Aug 2022 12:20:36 GMT
server: cloudflare
etag: "62fa3a14-e287"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kzfLD4wtI4hnC1Pg9Jm00fbHfwQq2fUp%2BYWPCrHnxcxIOIF23bHJ620%2BD1Cm2s9nTEutCr31MGqztXeiHYr%2BkCypbOD2SAft8VpzlKYkqnWbOrf%2BvRY62JuWfF3R9pr8xJi0a3Zv6PNnaNYRjhF5Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15552000
accept-ranges: bytes
cf-ray: 7ab3ceadce889112-FRA
expires: Sun, 17 Sep 2023 05:31:12 GMT

GET
H2 200 christinarodriguez.jpg
cdn.topofleaked.co/img/ 187 KB
188 KB 170ms
128ms Image
image/jpeg 2606:4700:3033::6815:ea9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.topofleaked.co/img/christinarodriguez.jpg
Requested by: Host: nitrogamer.org
URL: https://nitrogamer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:ea9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84125f5b07ea5fe00af60ec2d7b1162b14667a744f8fa54a4e18d56c7a63bcd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nitrogamer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:31:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 191780
pragma: public
last-modified: Fri, 12 Feb 2021 12:06:46 GMT
server: cloudflare
etag: "60266f56-2ed24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6oizLNczpjLgGwrtJX1J4eOWz7P4kCJMsEws0mCV9hQikn3RcDvOBgELuBtaLRMHrtG8CPqgzgtDFczSg5QAf9EgI9LZMDrwgvlJg4yib7oqGz%2F8oAV4%2BhOhaI5r3peQ6xuVefgBjpstWIQ4tfMfeTU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15552000
accept-ranges: bytes
cf-ray: 7ab3ceadce899112-FRA
expires: Sun, 17 Sep 2023 05:31:12 GMT

GET
H2 200 destanyylynn.jpg
cdn.topofleaked.co/img/ 49 KB
49 KB 195ms
153ms Image
image/jpeg 2606:4700:3033::6815:ea9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.topofleaked.co/img/destanyylynn.jpg
Requested by: Host: nitrogamer.org
URL: https://nitrogamer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:ea9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d560665e6eb498650c60400d1225044d10905aadae67031f043bf14858941571

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nitrogamer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:31:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50013
pragma: public
last-modified: Mon, 15 Aug 2022 12:19:02 GMT
server: cloudflare
etag: "62fa39b6-c35d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tr%2FVsrCuZMaZfFOSgN9%2Brm6dyMU%2F%2BA5u0E8n7%2BLQ79HwlTERs4LTsYAkNn4vtxVrmiXt3uItF%2BfH25uayw8Cj2LbP%2FZW40fOK8HHr0bi1O%2FKpbdwzDlTnWxC4K1r8QWYn9paDmZLMdUl%2B4fk0zrCxXY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15552000
accept-ranges: bytes
cf-ray: 7ab3ceadce8a9112-FRA
expires: Sun, 17 Sep 2023 05:31:12 GMT

GET
H2 200 thegingerbimbo_avatar.jpg
cdn.topofleaked.co/img/ 32 KB
32 KB 157ms
115ms Image
image/jpeg 2606:4700:3033::6815:ea9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.topofleaked.co/img/thegingerbimbo_avatar.jpg
Requested by: Host: nitrogamer.org
URL: https://nitrogamer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:ea9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5331e71f4187275c4f0cf10f529bf48fc061a2e5f2618390adeb470be2255fe2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nitrogamer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:31:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32428
pragma: public
last-modified: Mon, 15 Aug 2022 12:32:50 GMT
server: cloudflare
etag: "62fa3cf2-7eac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7VL%2BTB0Z%2BGyduEgwnGidIgz5Mtmq5A6%2BUfh3ZR7BnA7PrRcmAH%2FXZ%2FHbNdMIPI6hbUMntHm8X5Y8YHE6R0mxvKtInwcKPXVTkLtmtV1NckcGfiW%2FlTw3X1GKT0Utn%2B89TR2fQTS213PyFO%2BKX608vms%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15552000
accept-ranges: bytes
cf-ray: 7ab3ceadce8b9112-FRA
expires: Sun, 17 Sep 2023 05:31:12 GMT

GET
H2 200 elunestear.jpg
cdn.topofleaked.co/img/ 164 KB
165 KB 138ms
138ms Image
image/jpeg 2606:4700:3033::6815:ea9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.topofleaked.co/img/elunestear.jpg
Requested by: Host: nitrogamer.org
URL: https://nitrogamer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:ea9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9b8795cb14c57ac08621d0d68539f750e283b5da5f3d5f925fd2d33ac9e86a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nitrogamer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:31:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 168375
pragma: public
last-modified: Fri, 12 Feb 2021 12:23:32 GMT
server: cloudflare
etag: "60267344-291b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V90ScYUTLI93amaIsp2%2BXnL23mDB%2FCzL26wZrqqCTVTkJaxRi%2FV9SOxJ9iHetnOJXMB8vnOtepbOIIlXl7j6W9vO3JQ7ydXAhe%2BGHeqg4RyR2LxcChyawN0xJGe1225lu%2BObkMVCEjy5Z0HKm3g0Loc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15552000
accept-ranges: bytes
cf-ray: 7ab3ceadfea39112-FRA
expires: Sun, 17 Sep 2023 05:31:13 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.yadro.ru/	1970-01-20 19:14:42	Name: FTID Value: 1a6K4W1TXgOW1a6K4W0019k0
			.yadro.ru/	1970-01-20 19:14:42	Name: VID Value: 3NzzWn1sGmOW1a6K4X001HY3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.topofleaked.co
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
nitrogamer.org
2606:4700:3031::ac43:b9ce
2606:4700:3033::6815:ea9
2a00:1450:4001:806::2003
2a00:1450:4001:828::200a
88.212.201.198
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
0b9b8795cb14c57ac08621d0d68539f750e283b5da5f3d5f925fd2d33ac9e86a
23b679fdf621af63f776805f3a53356c208bcfaa74f4fe362017b9bbd0d7af04
276792eb57adc0e3d47a593734011c19b04b9a104d1600cd03570a6f96a02d15
27fbfda5884224d97f8082c1562e96dbf51c431ecf3858fcde229a50008856e4
3352f44c5886b7dc7e69ec057d9bc217e8229671095fbe5312238692b0d4de4a
5331e71f4187275c4f0cf10f529bf48fc061a2e5f2618390adeb470be2255fe2
533762c4538607814461f90c3b5e7d7b6700ab1dbff813de3388e926e3de840c
6c336a3685b1cd85551e0351e108c2725ba2ed7144cda6f0c61dfdec3a129bea
84125f5b07ea5fe00af60ec2d7b1162b14667a744f8fa54a4e18d56c7a63bcd0
931383ad7739ca39f3a67277ee1b475d8567181feb6ef127c421238d1172fff2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a54fb717631d4e8306ce399308b07617b3867be3b14df3bfcca2dfe812f8e027
d560665e6eb498650c60400d1225044d10905aadae67031f043bf14858941571
da470e9934b854b54b8d1e0ec4c7c7f42daf081b6aeb000733cbde421b726205

nitrogamer.org Open in urlscan Pro 2606:4700:3031::ac43:b9ce Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

14 Requests

93 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

6 IPs

3 Countries

667 kBTransfer

715 kBSize

2 Cookies

1 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

nitrogamer.org Open in urlscan Pro
2606:4700:3031::ac43:b9ce Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

667 kB
Transfer

715 kB
Size

2
Cookies

14 HTTP transactions
1 data transactions