Report - nitro.neeve.co/

Report Overview

Submitted URL
nitro.neeve.co/
IP
172.67.193.224
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-16 21:19:05
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
158

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	57 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	393 B	746 B	142.250.74.74
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
nitro.neeve.co	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	4.1 MB	104.21.60.79
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	44.228.1.109
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.131
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord
2023-01-16	medium	nitro.neeve.co/	Discord

PhishTank

Scan Date	Severity	Indicator	Alert
2022-02-09	medium	nitro.neeve.co/	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/animate.min.css	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/translateelement.css	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/0.1fafb1729b3e11fa547c.css	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/22.png	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/11.png	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/44.png	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/3bdef1251a424500c1b3a78dea9b7e57.woff	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/be0060dafb7a0e31d2a1ca17c0708636.woff	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/d1f837b34217a6e22085262c73e5e9d2.webm	Other
2022-02-09	medium	nitro.neeve.co/assets/3bdef1251a424500c1b3a78dea9b7e57.woff	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/e8acd7d9bf6207f99350ca9f9e23b168.woff	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/ae7c84783ad48b6d1c8e2bfbe707e0d4.woff2	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/fire.webm	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/pisscord.png	Other
2022-02-09	medium	nitro.neeve.co/assets/be0060dafb7a0e31d2a1ca17c0708636.woff	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/66.png	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/nitro.png	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/neko-neco.gif	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/e6d6b255259ac878d00819a9555072ad.png	Other
2022-02-09	medium	nitro.neeve.co/assets/e8acd7d9bf6207f99350ca9f9e23b168.woff	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/33.png	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/779a770c34fcb823a598a7277301adaf.png	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/92e32db984c8577d8b81548b43b9c061.woff	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/skeleton.png	Other
2022-02-09	medium	nitro.neeve.co/assets/ae7c84783ad48b6d1c8e2bfbe707e0d4.woff2	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/8e12fb4f14d9c4592eb8ec9f22337b04.woff	Other
2022-02-09	medium	nitro.neeve.co/assets/92e32db984c8577d8b81548b43b9c061.woff	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/847541504914fd33810e70a0ea73177e.ico	Other
2022-02-09	medium	nitro.neeve.co/assets/8e12fb4f14d9c4592eb8ec9f22337b04.woff	Other
2022-02-09	medium	nitro.neeve.co/steam_nitro_files/skeletal.m4a	Other

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-16	medium	nitro.neeve.co/	Phishing
2023-01-16	medium	nitro.neeve.co/steam_nitro_files/3bdef1251a424500c1b3a78dea9b7e57.woff	Phishing
2023-01-16	medium	nitro.neeve.co/steam_nitro_files/be0060dafb7a0e31d2a1ca17c0708636.woff	Phishing
2023-01-16	medium	nitro.neeve.co/steam_nitro_files/d1f837b34217a6e22085262c73e5e9d2.webm	Phishing
2023-01-16	medium	nitro.neeve.co/assets/3bdef1251a424500c1b3a78dea9b7e57.woff	Phishing
2023-01-16	medium	nitro.neeve.co/steam_nitro_files/e8acd7d9bf6207f99350ca9f9e23b168.woff	Phishing
2023-01-16	medium	nitro.neeve.co/steam_nitro_files/ae7c84783ad48b6d1c8e2bfbe707e0d4.woff2	Phishing
2023-01-16	medium	nitro.neeve.co/steam_nitro_files/fire.webm	Phishing
2023-01-16	medium	nitro.neeve.co/assets/be0060dafb7a0e31d2a1ca17c0708636.woff	Phishing
2023-01-16	medium	nitro.neeve.co/assets/e8acd7d9bf6207f99350ca9f9e23b168.woff	Phishing
2023-01-16	medium	nitro.neeve.co/steam_nitro_files/92e32db984c8577d8b81548b43b9c061.woff	Phishing
2023-01-16	medium	nitro.neeve.co/assets/ae7c84783ad48b6d1c8e2bfbe707e0d4.woff2	Phishing
2023-01-16	medium	nitro.neeve.co/steam_nitro_files/8e12fb4f14d9c4592eb8ec9f22337b04.woff	Phishing
2023-01-16	medium	nitro.neeve.co/assets/92e32db984c8577d8b81548b43b9c061.woff	Phishing
2023-01-16	medium	nitro.neeve.co/steam_nitro_files/847541504914fd33810e70a0ea73177e.ico	Phishing
2023-01-16	medium	nitro.neeve.co/assets/8e12fb4f14d9c4592eb8ec9f22337b04.woff	Phishing
2023-01-16	medium	nitro.neeve.co/steam_nitro_files/skeletal.m4a	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	Size	First Seen	Last Seen
	nitro.neeve.co/	799 B	2023-03-07	2024-04-14
Pretty URL nitro.neeve.co/ IP 104.21.60.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:52 Last Seen2024-04-14 18:42:12 Times Seen8 Hash fc15e798c13f953c2835a1698f786a60 45058319230109d64172a0fbcc4f6495a526eab6 150c54525c20708c93195ad3cb1a0cb581be7b798e201c74c249688b82b6fa8b Loading...

HTTP Transactions (51)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0643dc6b6fed33b3537160b6bb77bcbf
aa43bd1fbb30d2219f3285c1ee4991ffb33562c5
f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2313
Expires: Mon, 16 Jan 2023 21:57:26 GMT
Date: Mon, 16 Jan 2023 21:18:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7898
Expires: Mon, 16 Jan 2023 23:30:31 GMT
Date: Mon, 16 Jan 2023 21:18:53 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 16 Jan 2023 20:49:11 GMT
content-type: application/json
age: 1782
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7bd85a261739c122eefb74ffddaec99
e2e059b0740592e8591d432249aafe5fcb8af23c
71bdd130b8d143f228542f678e91c98ab4e5844fb9f47b036e15372660be25fd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71BDD130B8D143F228542F678E91C98AB4E5844FB9F47B036E15372660BE25FD"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3728
Expires: Mon, 16 Jan 2023 22:21:01 GMT
Date: Mon, 16 Jan 2023 21:18:53 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: u/wWRDfa0+GGHOOLmnDikpNdMChCxR08IWT38y4piUD5xFJ6a09niKIcnqD1LezGEu8tmBU/B9s=
x-amz-request-id: Z729Y51MWWY6V03N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 16 Jan 2023 20:44:43 GMT
age: 2051
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 21:18:54 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

nitro.neeve.co/

104.21.60.79

200 OK

70 kB

URL HTTP/1.1
nitro.neeve.co/
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (355)
Size
70 kB (69742 bytes)
Hash
8897c1f13957259cae3954f63468c4d5
7f08deb699871ceff9c16523300d4827616ac6b1
4d96b19d45a5e27061317efd4e074cb52ea30dfc5bd85372014911c6463883af

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 13:52:11 GMT
Vary: Accept-Encoding
Cache-Control: max-age=86400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owduRJtMZj%2Fk%2Fo72esZNX5nZrjWUHqrbQdhiusURJbAFnL7FkF8rwRVaJWaw3cdvUQEBT6eJK%2BFN0lOw4rj5GKCj959UkaYyug%2B5HCMViTIqr70a7wDSdqpBC%2BD05p7Xlg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78a9e2e21890b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1b2e51abfd12507b00ebd8b7afda6308
4d3d5fa49e007714dd37da7da25d9d490d05bd0a
85a04d4cf987fcc2d087ab815a8d373e164a2adf2bf478e7a5c1fae3e109ba26

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 21:18:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1b2e51abfd12507b00ebd8b7afda6308
4d3d5fa49e007714dd37da7da25d9d490d05bd0a
85a04d4cf987fcc2d087ab815a8d373e164a2adf2bf478e7a5c1fae3e109ba26

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 21:18:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

nitro.neeve.co/steam_nitro_files/animate.min.css

104.21.60.79

200 OK

5.3 kB

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/animate.min.css
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65348)
Size
5.3 kB (5270 bytes)
Hash
ac23b5088eae379ce967c2f8da6b3b61
d3da9cc72f6de6b0b580b4b33bed74f2c0ecc750
177275b6f527e9c8482c5e4e6cc7e19d6575378292079185e0db4e0b82196d37

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other

HTTP Headers

GET /steam_nitro_files/animate.min.css HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:54 GMT
Content-Type: text/css
Content-Length: 5270
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 11:05:12 GMT
ETag: "11846-5d72f3984ea00-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YufOzBxWk63Px5KZty08IuRscmFPTf5wlo6qScW5Cvptpt3y14Qzp40lKKTL0NXGb6278RDar8wodTkHpj0Wr0fNyhLGc4GgESpLlZFybAe5MBQyFVHeo6T34pPgxQP2kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78a9e2e5cebbb4f1-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 16 Jan 2023 21:17:25 GMT
age: 89
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

nitro.neeve.co/steam_nitro_files/translateelement.css

104.21.60.79

200 OK

3.7 kB

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/translateelement.css
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (18670)
Size
3.7 kB (3655 bytes)
Hash
8173435a3cfe101b14dfcc0e8affe3ad
2f269eca387685dced568ced06e6261851ce7913
1a3e0a254cd4dd96002919ba8e6d096fa23c42addbeb41a8c132639edf3124ef

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other

HTTP Headers

GET /steam_nitro_files/translateelement.css HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:54 GMT
Content-Type: text/css
Content-Length: 3655
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 11:05:12 GMT
ETag: "4924-5d72f3984ea00-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYu3YkTKeXyLxKKrB8bfbKXJcsBhd6orVPzFjxgwZx3J0Z1DU2SKNaadNq5141r71gIh2a%2BL7Habfo36zFRkhZQte3pTmfjxLQNZcwHNXee1mk8aNpYkIx%2BUSEHzudA47g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78a9e2e62e1ab51e-OSL
alt-svc: h2=":443"; ma=60

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d03545e1fc5a8876441094039811aac5
99fcc840f3516298625c528e9b408132f7fcbb9c
166fa7c7bb716b2cd02a47884ee00df31030dfb4b2a6fdae7b59b19f87739123

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3261
Cache-Control: max-age=132140
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 21:18:54 GMT
Etag: "63c513ad-1d7"
Expires: Wed, 18 Jan 2023 10:01:14 GMT
Last-Modified: Mon, 16 Jan 2023 09:06:53 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

nitro.neeve.co/steam_nitro_files/0.1fafb1729b3e11fa547c.css

104.21.60.79

200 OK

54 kB

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/0.1fafb1729b3e11fa547c.css
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (16985)
Size
54 kB (53859 bytes)
Hash
c6ee4557a2acc5eec60a5c098cedd333
e016e6edd60ba9649a1bbb8280d0c1fd07a16390
ca2e68b5f3e9d79dc048fdbcfbefa9d4a7262b90227ef69d90c2a74fee83fb20

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other

HTTP Headers

GET /steam_nitro_files/0.1fafb1729b3e11fa547c.css HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:54 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 11:05:12 GMT
ETag: "45795-5d72f3984ea00-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1BE2UlujRgwkW7%2Bjhnqh0YagOJWNpLDIJdua2d4h%2FmK7DrAj4xwoGUHaY8xXkKtjHGqSg0Qiz6F%2BzrljQt81h9BY9YB06AtBvCm9U8JCqQ30fFdrydIF%2FOpwtUEdRFgNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78a9e2e5c9abb50f-OSL
alt-svc: h2=":443"; ma=60

push.services.mozilla.com/

44.228.1.109

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.228.1.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +e5THtyLUQUiGN8WNsgqHQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DgRj4fGPZq7oJMkcQkRhtsPWAT8=

nitro.neeve.co/steam_nitro_files/22.png

104.21.60.79

200 OK

13 kB

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/22.png
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 145 x 111, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (12692 bytes)
Hash
b37a8eaa659eda8fc9528bda4bb0ac0a
bc6bd317402590687dc27ffd2b9a23a534eacfe9
2994c443671b189ed7fd5a793d221aebe744539d4f4eec6a2ed730af2c535145

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other

HTTP Headers

GET /steam_nitro_files/22.png HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:55 GMT
Content-Type: image/png
Content-Length: 12692
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 12:53:58 GMT
ETag: "3194-5d730be7fc580"
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zw7I8sM1RLtpn0Fl1TAVB0If%2FokZMymNK2CNhaykc9jeP8mKRbYy6dBNE9tgGWPMrmCkR8aQ3ImbYXaspwvH1Dt2DHs9DG58pqK70b3btzc%2FVQDiH6a8XVgI6%2BiNz0t2MA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e2e9bad7b51e-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/steam_nitro_files/11.png

104.21.60.79

200 OK

6.2 kB

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/11.png
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 177 x 97, 8-bit/color RGBA, non-interlaced\012- data
Size
6.2 kB (6224 bytes)
Hash
34b9b394dae1f7a16d917844843d46d3
8188ef48ec48600bc17bb25dad8496c736a44e73
2c8813900377de00eb7eb46da030bc732fa7f2a627d2d8e4875a40ce2fbbba0e

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other

HTTP Headers

GET /steam_nitro_files/11.png HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:55 GMT
Content-Type: image/png
Content-Length: 6224
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 12:49:44 GMT
ETag: "1850-5d730af5c0a00"
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XG8GEi%2F9xrDrYvJChUsAetulG%2F8sPmGC3aEnQ19HAGQiOKSGUxkph2w%2B2mQqp3M6DT6PKXEhyd1ABg%2BJcwBCTVdlAtSGikGWgI1dd0%2BnjKosy8GoOTJiShHRlLple7Wc1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e2e9bb97b515-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/steam_nitro_files/44.png

104.21.60.79

200 OK

19 kB

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/44.png
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 193 x 113, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (19423 bytes)
Hash
90eef639e61460511129c2b40cbb0dc4
6f0af640d7a0b30f6ea3d839d6ba7e2a504a63f9
4ff7dd7f0c62cda8057bfb3809210f6586de455d3b34ec5300e28f143d58d9b0

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other

HTTP Headers

GET /steam_nitro_files/44.png HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:55 GMT
Content-Type: image/png
Content-Length: 19423
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 12:56:20 GMT
ETag: "4bdf-5d730c6f68500"
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9D802YhOTOuRUeECTAR%2BSU0uJyu5pFn4mc3yTYOoZrTEKPSH7P5%2F9T0AgHvz3LFvA%2BCcHhqhstagS2hTX6utORVWB3KHMfbvA7Uoq2e2ATml%2B3pyTZZ%2FS0dTBo4oWjXNCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e2e9bedfb50f-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/steam_nitro_files/3bdef1251a424500c1b3a78dea9b7e57.woff

104.21.60.79

200 OK

115 kB

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/3bdef1251a424500c1b3a78dea9b7e57.woff
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 76783, version 11128.2\012- data
Size
115 kB (114843 bytes)
Hash
62515e49f46a4329a07bb18034c2270f
a358a839ce1c19c03e038cf8c138631b8d4c3746
64cbc8b9ad3b034271ee06632f40f379fda6782a0332a88f3ab1c2da3db0d706

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /steam_nitro_files/3bdef1251a424500c1b3a78dea9b7e57.woff HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:56 GMT
Content-Type: font/woff
Content-Length: 114843
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 13:33:04 GMT
ETag: "1c09b-5d7314a54e400"
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtWPpSle7z%2BsKikr5geFAF%2FomcKtH0gTxrQJqbmTAEB8%2Bh%2BDxQsirXupihyGMb1tWPqGlyzs1eRr6HWebe4d9t%2Fq%2B7pD5NJLN%2BZmfzrKWdaXgixuBT5rXRkfVTTEdjJIMA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e2ebbe0cb515-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14988
Expires: Tue, 17 Jan 2023 01:28:44 GMT
Date: Mon, 16 Jan 2023 21:18:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14988
Expires: Tue, 17 Jan 2023 01:28:44 GMT
Date: Mon, 16 Jan 2023 21:18:56 GMT
Connection: keep-alive

nitro.neeve.co/steam_nitro_files/be0060dafb7a0e31d2a1ca17c0708636.woff

104.21.60.79

200 OK

122 kB

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/be0060dafb7a0e31d2a1ca17c0708636.woff
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 82688, version -16451.2\012- data
Size
122 kB (121930 bytes)
Hash
56aafd7bdfa0c7228372f9776ed7a291
a202b9da8d6b33a93837e9f6c45cdfdd19726460
3712004f3bb70c91347f4a6210c033319126872fe3f9136091fca19d8163e636

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /steam_nitro_files/be0060dafb7a0e31d2a1ca17c0708636.woff HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:56 GMT
Content-Type: font/woff
Content-Length: 121930
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 13:33:04 GMT
ETag: "1dc4a-5d7314a54e400"
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqeFIPMe5CnsBdexFtkCkiqm%2FBzMneUKNdXfjGz6k0w9enSC8bhkZuILk1fI%2B98rsm%2B2f%2FnfZOUUejggmvwOYYCl0h%2FHuagXVdMZ1nCrDY3xG05%2BicTbb3jtBPtiAW933g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e2ebad83b51e-OSL
alt-svc: h2=":443"; ma=60

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdba5086-6c46-4cc7-9087-e85f89cbe947.jpeg

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdba5086-6c46-4cc7-9087-e85f89cbe947.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9176 bytes)
Hash
ad1a79b09348c4959a8ac05513efcb78
10c0a66add63c868ff332022f588e65f4ac1ec15
8a123746389e6b480669b8d6882f7edce290f1c226cd6744e23bac94b8de6d32

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdba5086-6c46-4cc7-9087-e85f89cbe947.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9176
x-amzn-requestid: 1d5746ff-7de6-4a54-87d2-d15330d1bb58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etlL8HiPoAMFrIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21be5-044d012445cf23c01cb07a89;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:05:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pfjURj_jUMCbuxIL46hNNw6BeY4YX4TDo-9Ch6R5y3CuWTyt1r3ttw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 03:52:01 GMT
age: 62815
etag: "10c0a66add63c868ff332022f588e65f4ac1ec15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2fb3ba8-a85e-42ba-b607-87ced36844b2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5766 bytes)
Hash
542f87ebb35e170451b610e4b700bcb1
2259cdebacc4c9f07aad838eec494863d4273ad1
85001f2cf33f3fc98d4cdcc7aef38611e34aea3a791d8acb0a5946c4619398eb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2fb3ba8-a85e-42ba-b607-87ced36844b2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5766
x-amzn-requestid: b6a8d7ee-ff35-4720-8d2e-ba2b8db6edfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbP4GDQIAMFTSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47265-6022a62f69d8f938458d18a0;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YcIDYSEtEIIfGauNxD9V1tuSCAPDq9OaaAATRTOC3Sjlb-72IA0ScQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 22:06:50 GMT
age: 83526
etag: "2259cdebacc4c9f07aad838eec494863d4273ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9801 bytes)
Hash
74ac30be02dee9dcfeee79a7dc54edff
1368d81de22ea2e4054a3e1a8f01ef337c63e35b
8abc2f276906dfb9ce75c2526d2c2cfa6aea6dbe13f4046de1040cd611cbbc1f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9801
x-amzn-requestid: 39d84a20-55f7-4b7c-abc4-9ac1ff100da9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eqSkoGCZoAMF1zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0caea-4f7a1cf676335cc83018dc51;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 03:07:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: n-uzZFYeVcR7YP4lVhGVKFmINHUwd3kNcJIAJiRJW5maf_MqufqU8g==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 05:42:23 GMT
age: 56193
etag: "1368d81de22ea2e4054a3e1a8f01ef337c63e35b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6273 bytes)
Hash
a7917592de9f2ddbe7d3a7fa7f3d4d62
866b04ce93a30369d7cb0a6d2155a8b10292507f
da58e1798bf0fcbfe771420a66bbf671cc84e0ca429e076fdc70bb8d73cddb18

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6273
x-amzn-requestid: f5d21802-91ea-44cc-aeb2-8ec9af07e1a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbOyFwNIAMFZsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4725e-3028350e72b2ee7b6ae44f2c;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8ggqVFvybykQ-MJzU9H_L6JS9YqmLGsuaMJ34Qy7o6yoMOJOmvYsMA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:53:09 GMT
age: 84347
etag: "866b04ce93a30369d7cb0a6d2155a8b10292507f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d821e79-af3a-4b67-a79e-90cdf9701001.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11285 bytes)
Hash
91a664271b9042ab5a34c1259df6ab93
7ce177939ceed31dbe137996cace3f71eaab3cf4
08b872b4c8dc8d4b5e26d7c5e7985c144dcf45623737e6daf7813b2add8ab013

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d821e79-af3a-4b67-a79e-90cdf9701001.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11285
x-amzn-requestid: 46c0b124-5916-4067-99af-2fa9812dfb2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ev-1zHc4oAMFV6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c311be-3ffbee9348f4351459ed0099;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 20:34:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8FcfGYx-mcEZzF4IoADT5iGnf0vTk2cACE4nseVdonXHBXOSno9vQw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 04:42:49 GMT
age: 59767
etag: "7ce177939ceed31dbe137996cace3f71eaab3cf4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa81e129b-3fb3-4b30-a6fc-04ac1926b5c8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7986 bytes)
Hash
0c1d929710bbf5d3a500cff064fa28e5
f76fade4eba5e5740d1261a2bce7776719ee477f
bb0b45ede28406534c236881abe011a1b8162a1bcb4cbe61320c613fec5d0010

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa81e129b-3fb3-4b30-a6fc-04ac1926b5c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7986
x-amzn-requestid: 366be46e-97f4-4bdc-8341-5bf87438ad86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbPvEezoAMF6ng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47264-7eef208b3ec703b82d792537;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _cMoPRYYqsc6B6TWFkmrfDMCleAW2jWn5FXGmjay279Bf3tppH60hQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 22:04:21 GMT
age: 83675
etag: "f76fade4eba5e5740d1261a2bce7776719ee477f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

nitro.neeve.co/steam_nitro_files/d1f837b34217a6e22085262c73e5e9d2.webm

104.21.60.79

206 Partial Content

1.5 MB

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/d1f837b34217a6e22085262c73e5e9d2.webm
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
WebM\012- EBML file, creator webmB\20\012- data
Size
1.5 MB (1461670 bytes)
Hash
d1f837b34217a6e22085262c73e5e9d2
6411c11445af0e487212c4e2acacdfb2561cdd47
438c7a08d68750935d5724bec09bbbff9d7ce5d944b33cdc8acf956a953a6057

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /steam_nitro_files/d1f837b34217a6e22085262c73e5e9d2.webm HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 206 Partial Content
Date: Mon, 16 Jan 2023 21:18:55 GMT
Content-Type: video/webm
Content-Length: 1461670
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 11:15:02 GMT
ETag: "164da6-5d72f5caf9980"
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Content-Range: bytes 0-1461669/1461670
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKRMKalk4kLOyuh0OFojzuGr%2FTDD62cLTBpJNdhEqhcBFICPXrOdiMGtPU%2BL9BW9FygxOYJ5kIniXznYlLj3HNPdcmnLIJPXXcbG1LofjpH1iTHGLHLGk6mLyn09WAXbEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78a9e2e9bb9fb4f1-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/assets/3bdef1251a424500c1b3a78dea9b7e57.woff

104.21.60.79

404 Not Found

276 B

URL HTTP/1.1
nitro.neeve.co/assets/3bdef1251a424500c1b3a78dea9b7e57.woff
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
276 B (276 bytes)
Hash
8ef6a3ea52da10a26fe455df52a0dd85
867b2065e688a69c989900743b857767fe95c913
e5a07648827ebf8c200ccaa0a35873504f118342560ef8be6036a95c22311667

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /assets/3bdef1251a424500c1b3a78dea9b7e57.woff HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nitro.neeve.co/steam_nitro_files/0.1fafb1729b3e11fa547c.css

HTTP/1.1 404 Not Found
Date: Mon, 16 Jan 2023 21:18:56 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vV7cBEwdEmc0Ov%2Fr6x8oOpnOZDLXwORAGm78E5mrSUckCXJpEUGAQXryUazrqC4yEHQlD%2FvIA%2F6ZirSqze7EzKvWmHP270QJNFCHadSF0cVjOXKgkzmtAeceup8mEU8bRA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e2f30fa1b51e-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/steam_nitro_files/e8acd7d9bf6207f99350ca9f9e23b168.woff

104.21.60.79

200 OK

116 kB

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/e8acd7d9bf6207f99350ca9f9e23b168.woff
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 77807, version 12271.-16451\012- data
Size
116 kB (115574 bytes)
Hash
c938bc77012bfe77de522e38aae462b8
f16071336bd0eb62c4466d12f92ea82ad36ffb33
484f6a3ae8c43c58cf69b78c0216a7644425ac615514a7348693b79312838abb

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /steam_nitro_files/e8acd7d9bf6207f99350ca9f9e23b168.woff HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:57 GMT
Content-Type: font/woff
Content-Length: 115574
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 13:33:04 GMT
ETag: "1c376-5d7314a54e400"
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gR%2BGqLkxr56Q5PcXo3GnQbkDmKy4WGUmUyQvzcqQ6u6tNUctjkHQYO1lRjPzDd7vP1NNNsUgGibZwJ%2BY3MwGso8jU0YfrcEhD2GQU9eqtjoOBxS5Va0EseMeo%2BW4yGbWA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e2ec7aa2b50f-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/steam_nitro_files/ae7c84783ad48b6d1c8e2bfbe707e0d4.woff2

104.21.60.79

200 OK

104 kB

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/ae7c84783ad48b6d1c8e2bfbe707e0d4.woff2
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 61375, version 0.-4161\012- data
Size
104 kB (104325 bytes)
Hash
8a2e5f64b34caf11188c0b7e1c1ec7c0
1c39ce099eb3df3c2d32c4a67092a92a35ff7725
2c24a844d74f9ce6a2052f54f65b1792b4cbabc91387c13039d35ce0a6861bb6

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /steam_nitro_files/ae7c84783ad48b6d1c8e2bfbe707e0d4.woff2 HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:57 GMT
Content-Type: font/woff2
Content-Length: 104325
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 13:33:04 GMT
ETag: "19785-5d7314a54e400"
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H99JSoGqQ6mFa%2F4HH8o1ka8ySBwNM3mQnfrvReP9OBW%2F7r1l5g5M4dzGAFYQ%2BAznHIoCfbPcdWmaj%2FS77Viap3qBdjNaLBv8zw0vlk5gCBftnjsHdkqx0uqB%2BZm5w9qTvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e2ed79f91c02-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/steam_nitro_files/fire.webm

104.21.60.79

206 Partial Content

1.1 MB

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/fire.webm
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
WebM\012- EBML file, creator webmB\20\012- data
Size
1.1 MB (1130867 bytes)
Hash
a126260cc2f646b0f7587cb06fccfe78
2c3b1ca336282049cccae0064d7b4e6c8677d8f4
2fdb9fc92e7bab92f622ff7a9da472fd702983b5f806c8bcb2bd884266cb583f

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /steam_nitro_files/fire.webm HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 206 Partial Content
Date: Mon, 16 Jan 2023 21:18:55 GMT
Content-Type: video/webm
Content-Length: 1130867
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 11:36:38 GMT
ETag: "114173-5d72fa9eefd80"
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Content-Range: bytes 0-1130866/1130867
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwgxX37m8urWwVqktu%2BIlOBQ%2FQlvAOrbu7bg37ph%2FK%2FPOaOBWl%2FH23ZlFLyHbZBLobikLz1ppn1XdRP8dvG4j0TCaKqhMCH2266%2BR5KnFFN6XsvQRU8DRNEV0JM7MMEkTA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78a9e2e9bd610b55-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/steam_nitro_files/pisscord.png

104.21.60.79

200 OK

3.4 kB

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/pisscord.png
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 153 x 44, 8-bit/color RGBA, non-interlaced\012- data
Size
3.4 kB (3370 bytes)
Hash
726a4c17b00ae84c0348e8908b81b395
499cb0a2cb9271ff99e9bd6bef662cf1912642dc
311d196aed1caf945681745e6c6684a90a2fcc2bd2b3344b6b581c7a6d44edae

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other

HTTP Headers

GET /steam_nitro_files/pisscord.png HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:57 GMT
Content-Type: image/png
Content-Length: 3370
Connection: keep-alive
Last-Modified: Thu, 06 Jan 2022 16:53:58 GMT
ETag: "d2a-5d4ecb7687580"
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbXHdgoXQTio3zZCuV0W6ezZb%2FWXMHuwxmtjvhEhxNbFKznM161Xi%2Bf0uNl5izpNh8gaOoJB4gw043pNuUXcGgj9iqDfR42jou%2FtAX7KRkYExt8knEe7noEfvLvygbTF4w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e2f13cd3b515-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/assets/be0060dafb7a0e31d2a1ca17c0708636.woff

104.21.60.79

404 Not Found

276 B

URL HTTP/1.1
nitro.neeve.co/assets/be0060dafb7a0e31d2a1ca17c0708636.woff
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
276 B (276 bytes)
Hash
8ef6a3ea52da10a26fe455df52a0dd85
867b2065e688a69c989900743b857767fe95c913
e5a07648827ebf8c200ccaa0a35873504f118342560ef8be6036a95c22311667

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /assets/be0060dafb7a0e31d2a1ca17c0708636.woff HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nitro.neeve.co/steam_nitro_files/0.1fafb1729b3e11fa547c.css

HTTP/1.1 404 Not Found
Date: Mon, 16 Jan 2023 21:18:57 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BX0yXLUkuGm%2FIEdk5e7reP%2FpFBCVoQs2daDWtH2w9V6RZMB7qmDzpJ8tfLuFgy7yJBmHvgvi0GmNmTpuZ1DZOBVHPd5MvDRNW6n97R4yEVEL0k9qnTZzB5Enz7lDNYkwg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e2f3fa37b4f1-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/steam_nitro_files/66.png

104.21.60.79

200 OK

9.8 kB

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/66.png
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 193 x 113, 8-bit/color RGBA, non-interlaced\012- data
Size
9.8 kB (9802 bytes)
Hash
0080cb9395b64f186e6ee35b51ef8fa4
68f7f30ce3afc9cf12b3e17da06cd410b8deca9d
90135af37e351433866e62b0935231adb27d0125dde6ed7eb46eed7c453a3510

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other

HTTP Headers

GET /steam_nitro_files/66.png HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:57 GMT
Content-Type: image/png
Content-Length: 9802
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 13:18:58 GMT
ETag: "264a-5d73117e7f480"
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8D31xPdi9%2BEyKSvsQ2Hc3JkEyCX%2FEKmrgDgiWNraF7feHyX%2BfknYXPgFE%2B%2FZNZ%2FcwMqkvf%2F3yNRyiOhuTfVoJoLNB60Qkv694VxVhQJlheh7rWciWkfVkJLQnD6amhuSA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e2f7794eb50f-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/steam_nitro_files/nitro.png

104.21.60.79

200 OK

19 kB

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/nitro.png
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 122, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (18944 bytes)
Hash
4ceaafeb227310eb19caba4aa60d86ce
e95ab7c2e34bfac3eb073120d9a58ea514c509f8
d458388f67bfc91fd4bd321f0a3065c50965572c95a45363bb08c4d8842bd1f7

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other

HTTP Headers

GET /steam_nitro_files/nitro.png HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:58 GMT
Content-Type: image/png
Content-Length: 18944
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 13:13:34 GMT
ETag: "4a00-5d73104981b80"
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8nPXK1hUSZTU68nr2FxdiI%2FFio1KlOKb39qnEeS7bklMbgE83i1pD0ytMmpp850q4GEeTlgCXalyxbqe3jrQYOwXmTrXwnKBD31laPOPbuUiVT3GuGzu%2BWBNjap%2FWSu9vA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e2fb0af9b4f1-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/steam_nitro_files/neko-neco.gif

104.21.60.79

200 OK

242 kB

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/neko-neco.gif
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 192 x 161\012- data
Size
242 kB (241737 bytes)
Hash
7a0ea0353b369a871e224b42c80e03b6
8e6b1fa42dbea1113fc44ba73c9f88bb5372fad5
c492e982894e405d129b700d68f6aff9b48b878287682dfb7d6058853eb71c9e

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other

HTTP Headers

GET /steam_nitro_files/neko-neco.gif HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:58 GMT
Content-Type: image/gif
Content-Length: 241737
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 13:07:34 GMT
ETag: "3b049-5d730ef22f180"
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zepx48dXm%2FI8fB6%2BoTWqyZEKuUtJ0I7zTKixMz6jg6M%2BYKkc4QtTNA6yuW0VLoH%2F42SsbgYSWJ353xXKuWGuDZoWW%2B5Tg12afrr7V8ePr%2BNavscE3%2Bsl22KlD0to0hLvLg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e2f3f8f4b51e-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/steam_nitro_files/e6d6b255259ac878d00819a9555072ad.png

104.21.60.79

200 OK

288 B

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/e6d6b255259ac878d00819a9555072ad.png
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
288 B (288 bytes)
Hash
e6d6b255259ac878d00819a9555072ad
6beb12d36acbad79743495aef581891a1ff4f5f5
21d34772ed80c8be7ab9e7338498bdfe2f66c77b61542cc48e103fd77ecd7f60

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other

HTTP Headers

GET /steam_nitro_files/e6d6b255259ac878d00819a9555072ad.png HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:58 GMT
Content-Type: image/png
Content-Length: 288
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 11:05:14 GMT
ETag: "120-5d72f39a36e80"
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9%2FIZKoT%2FrjbZE%2BYTyGrXwkwzFldocCyAgNazap2%2BqcAVPqcmvkeYtwBNdt%2FSKTHF09rGoGn3%2BwcH5THY%2BdyVP1SFhSE7YDnu7Uxhkwq210itE036H8CpyPV9lofcYkIKg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e2f78c4b1c02-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/assets/e8acd7d9bf6207f99350ca9f9e23b168.woff

104.21.60.79

404 Not Found

276 B

URL HTTP/1.1
nitro.neeve.co/assets/e8acd7d9bf6207f99350ca9f9e23b168.woff
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
276 B (276 bytes)
Hash
8ef6a3ea52da10a26fe455df52a0dd85
867b2065e688a69c989900743b857767fe95c913
e5a07648827ebf8c200ccaa0a35873504f118342560ef8be6036a95c22311667

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /assets/e8acd7d9bf6207f99350ca9f9e23b168.woff HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nitro.neeve.co/steam_nitro_files/0.1fafb1729b3e11fa547c.css

HTTP/1.1 404 Not Found
Date: Mon, 16 Jan 2023 21:18:58 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hzwy3Z1RQ7sRe257U0QRxnzyGZnkomk7aCjMkF7s6w3Ck3GfXt1fdcDgI1IPeXKgkFAy6DlO5qLJ1ZD6AzJM5HMc01D%2B9pmlM1%2FxEImx1nKRFpJqUNZNw4avOkMr1CAn2g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e2fb09e2b515-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/steam_nitro_files/33.png

104.21.60.79

200 OK

5.0 kB

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/33.png
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 193 x 113, 8-bit/color RGBA, non-interlaced\012- data
Size
5.0 kB (5006 bytes)
Hash
b95b182cbb45def7e9d738a6b1cb7f52
0108ef451205142b295649426db473843bb5857e
7a0e9b77119af13449fe59ded26ab577de8b03d1aaaded707f1b79ed0e26ed6c

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other

HTTP Headers

GET /steam_nitro_files/33.png HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:58 GMT
Content-Type: image/png
Content-Length: 5006
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 11:05:14 GMT
ETag: "138e-5d72f39a36e80"
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOJzX1KNUSZL%2BjOaFjNlJxhvuEQPjCMjzP2MwBOh6kCh6Zz28ILqcTEpb5w7WLzInqxUyjImYFbqJFsFRr9uUSTp%2FMHvTmsbG8cL9xfjae96gEsWb%2F865Zuy6HSvmq17AA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e2fb0e02b50f-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/steam_nitro_files/779a770c34fcb823a598a7277301adaf.png

104.21.60.79

200 OK

132 B

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/779a770c34fcb823a598a7277301adaf.png
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 7 x 5, 8-bit/color RGBA, non-interlaced\012- data
Size
132 B (132 bytes)
Hash
59def4a26eff6e1d35d0de0e958b30eb
6311acd75f3eb3056f426bdf38e30e82cec74d16
11b1e3d03ec7979945c71d0ab2e4ace8efca5b03816ae10426f895e47bc21f3a

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other

HTTP Headers

GET /steam_nitro_files/779a770c34fcb823a598a7277301adaf.png HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:58 GMT
Content-Type: image/png
Content-Length: 132
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 11:05:14 GMT
ETag: "84-5d72f39a36e80"
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnaGMPw2WpQsJG956rTcT8Wz2hBKr7rkuG4mgp2qPPNQ5wsP1RlAMrtB7jeFa4sTT1W%2BOBuAyeXY0WjwEE0x7WW2NrJR6TW1yRysfgwliRmTKL3H8Gg665buJTQ90KzSGA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e2fced6eb4f1-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/steam_nitro_files/92e32db984c8577d8b81548b43b9c061.woff

104.21.60.79

200 OK

129 kB

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/92e32db984c8577d8b81548b43b9c061.woff
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 71151, version -4161.-17088\012- data
Size
129 kB (129410 bytes)
Hash
52ee3dc251d50420279779a20efaad15
1ce2aaacda54fd0d5ca6460bbe9a4218b61ab2d7
e63ac77dcfb8bb8a34184e82f62e75d55ff5b43238a4e2ab2b88cc5ba9a94422

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /steam_nitro_files/92e32db984c8577d8b81548b43b9c061.woff HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:59 GMT
Content-Type: font/woff
Content-Length: 129410
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 13:33:04 GMT
ETag: "1f982-5d7314a54e400"
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKud24Sbjj7eJPUw7Yz728eyg1iX3AI6PXvCjGG6Tf3eRkWLp6l4ERBAJT7gfV6bikdSIPRbRtdOr3AgZA%2FCj%2BTlEsNhqtKTH%2FLD47%2BoUxZdR%2Fa2BKmr3sMtid4Y02tvvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e2f7ad3f0b55-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/steam_nitro_files/skeleton.png

104.21.60.79

200 OK

310 kB

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/skeleton.png
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 315 x 478, 8-bit/color RGBA, interlaced\012- data
Size
310 kB (310298 bytes)
Hash
cba8f26ac86ba0f77af52fd644b365d2
ab540773a5eac41d371740a1f87c1c04d399e16a
c3833bdb4b0f5e40adb2f1d662d6e5e52994f28b0823a969500ceb0238caaa5c

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other

HTTP Headers

GET /steam_nitro_files/skeleton.png HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:59 GMT
Content-Type: image/png
Content-Length: 310298
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 11:54:28 GMT
ETag: "4bc1a-5d72fe9b5e500"
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDdgh2FF3FPebgjD%2FswlaVFuX0hZnvvkx0mSyv7CKkV9%2BFpuY2Uo9gzh78IYSapSePNur%2B6UXWn46HaILxw6YAaMByTNEFjmqycHSC0b%2BJvGkKkKkG60Xg%2FfbWGnLWi9bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e2feaf98b51e-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/assets/ae7c84783ad48b6d1c8e2bfbe707e0d4.woff2

104.21.60.79

404 Not Found

276 B

URL HTTP/1.1
nitro.neeve.co/assets/ae7c84783ad48b6d1c8e2bfbe707e0d4.woff2
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
276 B (276 bytes)
Hash
8ef6a3ea52da10a26fe455df52a0dd85
867b2065e688a69c989900743b857767fe95c913
e5a07648827ebf8c200ccaa0a35873504f118342560ef8be6036a95c22311667

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /assets/ae7c84783ad48b6d1c8e2bfbe707e0d4.woff2 HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nitro.neeve.co/steam_nitro_files/0.1fafb1729b3e11fa547c.css

HTTP/1.1 404 Not Found
Date: Mon, 16 Jan 2023 21:18:59 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgQIYKYJQcglDqnkatSnKa2AbxNICqcsEcDID8B%2F9l%2FnB6C8tgjx6B6zzQs6HTfJb8ozmIhchFPaStflUQ6RUWd08j4W%2FWgiJ5%2FGF50lFU8m7CDFNzOL5L%2BnxazlSIRp5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e3040b480b55-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/steam_nitro_files/8e12fb4f14d9c4592eb8ec9f22337b04.woff

104.21.60.79

200 OK

117 kB

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/8e12fb4f14d9c4592eb8ec9f22337b04.woff
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 80111, version 14384.2\012- data
Size
117 kB (117392 bytes)
Hash
054b206d8b9941eefc4ac3240fe7306d
37c46feed0059ef7de28083c3fdeafd7d855ea02
490cc2604e10587242c821baadd3fb0fcb4d014eddfa7d3572053fa957f1ff2d

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /steam_nitro_files/8e12fb4f14d9c4592eb8ec9f22337b04.woff HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:59 GMT
Content-Type: font/woff
Content-Length: 117392
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 13:33:04 GMT
ETag: "1ca90-5d7314a54e400"
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6jMPFtR1yaM4xbIrK%2Fzf9o6TgJM%2Fmv%2B52vpHMuCnlYnfFzRkj51ZQAt%2B4SPfTs26UU75dmsknaHELe6q62ql6%2BUnh6WWAQB3IYD%2BOiCByjdDJqrRtBZrAZkw8fgZ5B%2FtA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e3041b83b50f-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/assets/92e32db984c8577d8b81548b43b9c061.woff

104.21.60.79

404 Not Found

276 B

URL HTTP/1.1
nitro.neeve.co/assets/92e32db984c8577d8b81548b43b9c061.woff
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
276 B (276 bytes)
Hash
8ef6a3ea52da10a26fe455df52a0dd85
867b2065e688a69c989900743b857767fe95c913
e5a07648827ebf8c200ccaa0a35873504f118342560ef8be6036a95c22311667

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /assets/92e32db984c8577d8b81548b43b9c061.woff HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nitro.neeve.co/steam_nitro_files/0.1fafb1729b3e11fa547c.css

HTTP/1.1 404 Not Found
Date: Mon, 16 Jan 2023 21:18:59 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSrnVgLf51I58qeE66PT%2BgBtlN4lZluj%2BtTF1gwFyflfvRz0bveBd6usXUeuIzOSue20SI4eVEi2m784HfNYOasKCo1bsH3sZfB1LHFGyLlwYnGYnJIT48Yr24y2QqXOpg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e305fd9f0b55-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/steam_nitro_files/847541504914fd33810e70a0ea73177e.ico

104.21.60.79

200 OK

9.7 kB

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/847541504914fd33810e70a0ea73177e.ico
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
9.7 kB (9734 bytes)
Hash
b50a299a1f5fd395da3424f3fa0d602b
54d155e9fa104f7b74dd9ce15f57028f67082777
c0bb7b05c667a0944ccfaa43a5f7e6d4bebcf7dd7efccd90ae383f06e9e81f52

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /steam_nitro_files/847541504914fd33810e70a0ea73177e.ico HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 21:18:59 GMT
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 13:37:50 GMT
ETag: W/"45b26-5d7315b60e780"
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgjWpS17CuiglPB1HuC1pHOpmDZ4LrunlGMUvqQitCF%2F3%2B%2FMFo47zp2adlUg6xpqQ3INpcySsIkKhTFzYTkyiPd9t16wXF82FNL8eS%2FHo8dKBchG14w%2F1HJs%2BaeByE97Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e3029d55b4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

nitro.neeve.co/assets/8e12fb4f14d9c4592eb8ec9f22337b04.woff

104.21.60.79

404 Not Found

276 B

URL HTTP/1.1
nitro.neeve.co/assets/8e12fb4f14d9c4592eb8ec9f22337b04.woff
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
276 B (276 bytes)
Hash
8ef6a3ea52da10a26fe455df52a0dd85
867b2065e688a69c989900743b857767fe95c913
e5a07648827ebf8c200ccaa0a35873504f118342560ef8be6036a95c22311667

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /assets/8e12fb4f14d9c4592eb8ec9f22337b04.woff HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nitro.neeve.co/steam_nitro_files/0.1fafb1729b3e11fa547c.css

HTTP/1.1 404 Not Found
Date: Mon, 16 Jan 2023 21:19:00 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GYvPU8ND642hjjvkkBs58p%2Bv%2B6cdpj5OWvJ9EmABz42ipoZElGDKIrgepiz5am1AjnBwmdRivRofFjXhREl637I4pIAN120F%2B9LVtsfO8xLWQRq4b%2BhnAZ%2BY5XDe9KCpA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a9e307efea0b55-OSL
alt-svc: h2=":443"; ma=60

nitro.neeve.co/steam_nitro_files/skeletal.m4a

104.21.60.79

206 Partial Content

0 B

URL HTTP/1.1
nitro.neeve.co/steam_nitro_files/skeletal.m4a
IP
104.21.60.79:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Discord
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /steam_nitro_files/skeletal.m4a HTTP/1.1
Host: nitro.neeve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://nitro.neeve.co/

HTTP/1.1 206 Partial Content
Date: Mon, 16 Jan 2023 21:18:55 GMT
Content-Type: audio/mpeg
Content-Length: 631278
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 11:28:58 GMT
ETag: "9a1ee-5d72f8e83f280"
Cache-Control: max-age=86400
CF-Cache-Status: MISS
Content-Range: bytes 0-631277/631278
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5BJV%2BIBP1hG%2Flx321yGU8x78pKDINwWE7Qml1l2NmaV1lyojqDYAAGVtgXkAnW%2BIgrbsF7vUiTLpMtPtTd10cgkms0rNpH23m1zuThOdeXpLFxaqBOwNOjiaQcC7lk2OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78a9e2e9bc1fb506-OSL
alt-svc: h2=":443"; ma=60

fonts.googleapis.com/css?family=Press+Start+2P

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Press+Start+2P
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Press+Start+2P HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nitro.neeve.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 16 Jan 2023 21:18:54 GMT
date: Mon, 16 Jan 2023 21:18:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (51)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type