prs6.nitrosub.site Open in urlscan Pro
85.158.145.202 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://prs6.nitrosub.site/
Submission Tags: phishingrod
Submission: On October 21 via api (October 21st 2024, 12:49:48 am UTC) from DE — Scanned from NL

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 85.158.145.202, located in Meppel, Netherlands and belongs to CUKMAN-AS, HR. The main domain is prs6.nitrosub.site.
TLS certificate: Issued by R11 on October 20th 2024. Valid for: 3 months.

This is the only time prs6.nitrosub.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
12	85.158.145.202 85.158.145.202		212025 (CUKMAN-AS) (CUKMAN-AS)
12	1

12 85.158.145.202 (Meppel, Netherlands)

ASN212025 (CUKMAN-AS, HR)
PTR: ptr.potenting.com

prs6.nitrosub.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	nitrosub.site prs6.nitrosub.site	624 KB
12	1

	Domain	Requested by
12	prs6.nitrosub.site	prs6.nitrosub.site
12	1

This site contains no links.

Subject Issuer	Validity	Valid
*.prs6.nitrosub.site R11	`2024-10-20` - `2025-01-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://prs6.nitrosub.site/
Frame ID: E835D920FBBA1100F3D27AB55EFF6898
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

usahistoric

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

624 kB
Transfer

645 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response prs6.nitrosub.site/	4 KB 2 KB	110ms 19ms	Document text/html	85.158.145.202 CUKMAN-AS
General Check archive.org Show headers Download Go to Full URL https://prs6.nitrosub.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 85.158.145.202 Meppel, Netherlands, ASN212025 (CUKMAN-AS, HR), Reverse DNS ptr.potenting.com Software / Resource Hash `038ce1050a8e93c6324b0298a177dc5fc4e9b097123aac4cb56eb3c40d81fffc` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 1349 content-type text/html date Mon, 21 Oct 2024 00:49:44 GMT last-modified Tue, 15 Oct 2024 16:18:58 GMT vary Accept-Encoding
GET H2	200	style.css prs6.nitrosub.site/assets/css/	14 KB 2 KB	38ms 37ms	Stylesheet text/css	85.158.145.202 CUKMAN-AS
General Check archive.org Show headers Download Go to Full URL https://prs6.nitrosub.site/assets/css/style.css Requested by Host: prs6.nitrosub.site URL: https://prs6.nitrosub.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 85.158.145.202 Meppel, Netherlands, ASN212025 (CUKMAN-AS, HR), Reverse DNS ptr.potenting.com Software / Resource Hash `863c604dc169e43c5b931d718d50f93607e90a57b42ff0e4899a9ba2ba2c040c` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://prs6.nitrosub.site/ Response headers cache-control public, max-age=604800 content-encoding br expires Mon, 28 Oct 2024 00:49:44 GMT accept-ranges bytes content-length 2392 date Mon, 21 Oct 2024 00:49:44 GMT content-type text/css last-modified Sun, 13 Oct 2024 03:36:42 GMT vary Accept-Encoding
GET H2	200	responsive.css prs6.nitrosub.site/assets/css/	454 B 241 B	39ms 39ms	Stylesheet text/css	85.158.145.202 CUKMAN-AS
General Check archive.org Show headers Download Go to Full URL https://prs6.nitrosub.site/assets/css/responsive.css Requested by Host: prs6.nitrosub.site URL: https://prs6.nitrosub.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 85.158.145.202 Meppel, Netherlands, ASN212025 (CUKMAN-AS, HR), Reverse DNS ptr.potenting.com Software / Resource Hash `d66a860154712075b06376c2d4d958f3ecf7638a2073cdfec6fbe30693c6598a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://prs6.nitrosub.site/ Response headers cache-control public, max-age=604800 content-encoding br expires Mon, 28 Oct 2024 00:49:44 GMT accept-ranges bytes content-length 186 date Mon, 21 Oct 2024 00:49:44 GMT content-type text/css last-modified Thu, 05 Sep 2024 13:51:48 GMT vary Accept-Encoding
GET H2	200	vote.png prs6.nitrosub.site/assets/images/	122 KB 122 KB	38ms 38ms	Image image/png	85.158.145.202 CUKMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://prs6.nitrosub.site/assets/images/vote.png Requested by Host: prs6.nitrosub.site URL: https://prs6.nitrosub.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 85.158.145.202 Meppel, Netherlands, ASN212025 (CUKMAN-AS, HR), Reverse DNS ptr.potenting.com Software / Resource Hash `55ae6c41dec81adfb1d030e22d19cced8f1145739a438ee130d77f1156d0aa01` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://prs6.nitrosub.site/ Response headers expires Mon, 28 Oct 2024 00:49:44 GMT accept-ranges bytes cache-control public, max-age=604800 content-length 124677 date Mon, 21 Oct 2024 00:49:44 GMT content-type image/png last-modified Tue, 24 Sep 2024 00:09:57 GMT
GET H2	200	bronze-medal.png prs6.nitrosub.site/assets/images/	89 KB 89 KB	55ms 55ms	Image image/png	85.158.145.202 CUKMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://prs6.nitrosub.site/assets/images/bronze-medal.png Requested by Host: prs6.nitrosub.site URL: https://prs6.nitrosub.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 85.158.145.202 Meppel, Netherlands, ASN212025 (CUKMAN-AS, HR), Reverse DNS ptr.potenting.com Software / Resource Hash `db8b393033316e348a80cce9dd757cf1b8b836fd95d5327c32bb8d582cd308fe` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://prs6.nitrosub.site/ Response headers expires Mon, 28 Oct 2024 00:49:44 GMT accept-ranges bytes cache-control public, max-age=604800 content-length 91477 date Mon, 21 Oct 2024 00:49:44 GMT content-type image/png last-modified Thu, 05 Sep 2024 13:51:48 GMT
GET H2	200	chph.png prs6.nitrosub.site/assets/images/	168 KB 168 KB	62ms 61ms	Image image/png	85.158.145.202 CUKMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://prs6.nitrosub.site/assets/images/chph.png Requested by Host: prs6.nitrosub.site URL: https://prs6.nitrosub.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 85.158.145.202 Meppel, Netherlands, ASN212025 (CUKMAN-AS, HR), Reverse DNS ptr.potenting.com Software / Resource Hash `1dc90b61ed745cf2f1085c0806d636932d61a44d3e444db629bfafff819c9eb3` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://prs6.nitrosub.site/ Response headers expires Mon, 28 Oct 2024 00:49:44 GMT accept-ranges bytes cache-control public, max-age=604800 content-length 172092 date Mon, 21 Oct 2024 00:49:44 GMT content-type image/png last-modified Mon, 23 Sep 2024 23:55:25 GMT
GET H2	200	thunder.png prs6.nitrosub.site/assets/images/	15 KB 15 KB	98ms 97ms	Image image/png	85.158.145.202 CUKMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://prs6.nitrosub.site/assets/images/thunder.png Requested by Host: prs6.nitrosub.site URL: https://prs6.nitrosub.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 85.158.145.202 Meppel, Netherlands, ASN212025 (CUKMAN-AS, HR), Reverse DNS ptr.potenting.com Software / Resource Hash `fdf95bda4f1542b5cb22d00708f5ace7efa4db8f90e8fe0392a55407380ad931` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://prs6.nitrosub.site/ Response headers expires Mon, 28 Oct 2024 00:49:44 GMT accept-ranges bytes cache-control public, max-age=604800 content-length 15110 date Mon, 21 Oct 2024 00:49:44 GMT content-type image/png last-modified Thu, 05 Sep 2024 13:51:48 GMT
GET H2	200	friend2.png prs6.nitrosub.site/assets/images/	27 KB 27 KB	81ms 81ms	Image image/png	85.158.145.202 CUKMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://prs6.nitrosub.site/assets/images/friend2.png Requested by Host: prs6.nitrosub.site URL: https://prs6.nitrosub.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 85.158.145.202 Meppel, Netherlands, ASN212025 (CUKMAN-AS, HR), Reverse DNS ptr.potenting.com Software / Resource Hash `18527b5fbc63d3c655142c7f8b75d98279a06827c0cdc21b5464e118084070f6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://prs6.nitrosub.site/ Response headers expires Mon, 28 Oct 2024 00:49:44 GMT accept-ranges bytes cache-control public, max-age=604800 content-length 28021 date Mon, 21 Oct 2024 00:49:44 GMT content-type image/png last-modified Sat, 28 Sep 2024 18:29:57 GMT
GET H2	200	task2.png prs6.nitrosub.site/assets/images/	44 KB 44 KB	45ms 44ms	Image image/png	85.158.145.202 CUKMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://prs6.nitrosub.site/assets/images/task2.png Requested by Host: prs6.nitrosub.site URL: https://prs6.nitrosub.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 85.158.145.202 Meppel, Netherlands, ASN212025 (CUKMAN-AS, HR), Reverse DNS ptr.potenting.com Software / Resource Hash `4f7ea6bd18145b6b1ee29542226170ae9e44dc202273ae4558d83beaeb57ae87` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://prs6.nitrosub.site/ Response headers expires Mon, 28 Oct 2024 00:49:44 GMT accept-ranges bytes cache-control public, max-age=604800 content-length 45008 date Mon, 21 Oct 2024 00:49:44 GMT content-type image/png last-modified Sat, 28 Sep 2024 18:30:34 GMT
GET H2	200	rocket.png prs6.nitrosub.site/assets/images/	28 KB 28 KB	84ms 83ms	Image image/png	85.158.145.202 CUKMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://prs6.nitrosub.site/assets/images/rocket.png Requested by Host: prs6.nitrosub.site URL: https://prs6.nitrosub.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 85.158.145.202 Meppel, Netherlands, ASN212025 (CUKMAN-AS, HR), Reverse DNS ptr.potenting.com Software / Resource Hash `063ce3ca26ff385554910f9ef3bb5536e0446f9bc57be30e8844d95d5e428303` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://prs6.nitrosub.site/ Response headers expires Mon, 28 Oct 2024 00:49:44 GMT accept-ranges bytes cache-control public, max-age=604800 content-length 28704 date Mon, 21 Oct 2024 00:49:44 GMT content-type image/png last-modified Thu, 05 Sep 2024 13:51:48 GMT
GET H2	200	main.js Show response prs6.nitrosub.site/	6 KB 2 KB	44ms 44ms	Script text/javascript	85.158.145.202 CUKMAN-AS
General Check archive.org Show headers Download Go to Full URL https://prs6.nitrosub.site/main.js Requested by Host: prs6.nitrosub.site URL: https://prs6.nitrosub.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 85.158.145.202 Meppel, Netherlands, ASN212025 (CUKMAN-AS, HR), Reverse DNS ptr.potenting.com Software / Resource Hash `4833b3f41917d5f3d069c2c935219165c10bea0e7106ba57aaace58b7afd2af3` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://prs6.nitrosub.site/ Response headers accept-ranges bytes content-encoding br content-length 1638 date Mon, 21 Oct 2024 00:49:44 GMT content-type text/javascript last-modified Wed, 16 Oct 2024 06:28:58 GMT vary Accept-Encoding
GET H3	200	favicon.ico prs6.nitrosub.site/assets/favicon/	127 KB 125 KB	19ms 18ms	Other image/x-icon	85.158.145.202 CUKMAN-AS
General Check archive.org Show headers Download Go to Full URL https://prs6.nitrosub.site/assets/favicon/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 85.158.145.202 Meppel, Netherlands, ASN212025 (CUKMAN-AS, HR), Reverse DNS ptr.potenting.com Software / Resource Hash `586f6c55276d5fdfd0153b556dc4df4e39c2914aa75dfd5598576bd70c4c62c1` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://prs6.nitrosub.site/ Response headers cache-control public, max-age=604800 content-encoding br expires Mon, 28 Oct 2024 00:49:44 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 127440 date Mon, 21 Oct 2024 00:49:44 GMT content-type image/x-icon last-modified Tue, 08 Oct 2024 07:56:17 GMT vary Accept-Encoding

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

prs6.nitrosub.site
85.158.145.202
038ce1050a8e93c6324b0298a177dc5fc4e9b097123aac4cb56eb3c40d81fffc
063ce3ca26ff385554910f9ef3bb5536e0446f9bc57be30e8844d95d5e428303
18527b5fbc63d3c655142c7f8b75d98279a06827c0cdc21b5464e118084070f6
1dc90b61ed745cf2f1085c0806d636932d61a44d3e444db629bfafff819c9eb3
4833b3f41917d5f3d069c2c935219165c10bea0e7106ba57aaace58b7afd2af3
4f7ea6bd18145b6b1ee29542226170ae9e44dc202273ae4558d83beaeb57ae87
55ae6c41dec81adfb1d030e22d19cced8f1145739a438ee130d77f1156d0aa01
586f6c55276d5fdfd0153b556dc4df4e39c2914aa75dfd5598576bd70c4c62c1
863c604dc169e43c5b931d718d50f93607e90a57b42ff0e4899a9ba2ba2c040c
d66a860154712075b06376c2d4d958f3ecf7638a2073cdfec6fbe30693c6598a
db8b393033316e348a80cce9dd757cf1b8b836fd95d5327c32bb8d582cd308fe
fdf95bda4f1542b5cb22d00708f5ace7efa4db8f90e8fe0392a55407380ad931

prs6.nitrosub.site Open in urlscan Pro 85.158.145.202 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

624 kBTransfer

645 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Indicators

prs6.nitrosub.site Open in urlscan Pro
85.158.145.202 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

624 kB
Transfer

645 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions