Report - num.natxs.com/

Report Overview

Submitted URL
num.natxs.com/
IP
172.67.132.135
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-26 12:40:03
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
60

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.215.56.181
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	450 B	6.9 kB	104.17.25.14
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	57 kB	34.120.237.76
num.natxs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.7 kB	972 kB	172.67.132.135
cloudpack.my.id	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	126 kB	153.92.11.28
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
i.ibb.co	13485	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	801 B	34 kB	162.19.58.157
stackpath.bootstrapcdn.com	2467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	443 B	85 kB	104.18.10.207
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	93.184.220.29
www.pubgmobile.com	21653	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	79 kB	23.36.76.250
i.postimg.cc	23840	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	408 B	671 kB	162.19.88.68
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	746 B	142.250.74.10
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-11-26	medium	num.natxs.com/	Tencent
2022-11-26	medium	num.natxs.com/	Tencent
2022-11-26	medium	num.natxs.com/	Tencent
2022-11-26	medium	num.natxs.com/	Tencent
2022-11-26	medium	num.natxs.com/	Tencent
2022-11-26	medium	num.natxs.com/	Tencent
2022-11-26	medium	num.natxs.com/	Tencent
2022-11-26	medium	num.natxs.com/	Tencent
2022-11-26	medium	num.natxs.com/	Tencent
2022-11-26	medium	num.natxs.com/	Tencent
2022-11-26	medium	num.natxs.com/	Tencent
2022-11-26	medium	num.natxs.com/	Tencent
2022-11-26	medium	num.natxs.com/	Tencent
2022-11-26	medium	num.natxs.com/	Tencent
2022-11-26	medium	num.natxs.com/	Tencent
2022-11-26	medium	num.natxs.com/	Tencent
2022-11-26	medium	num.natxs.com/	Tencent
2022-11-26	medium	num.natxs.com/	Tencent
2022-11-26	medium	num.natxs.com/	Tencent

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-26	medium	num.natxs.com/	Phishing
2022-11-26	medium	num.natxs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	Phishing
2022-11-26	medium	num.natxs.com/index_files/css	Phishing
2022-11-26	medium	num.natxs.com/index_files/jquery.min.js.download	Phishing
2022-11-26	medium	num.natxs.com/js-zone/jquery.js	Phishing
2022-11-26	medium	num.natxs.com/js-zone/main-zone.js	Phishing
2022-11-26	medium	num.natxs.com/index_files/gift-zone.js	Phishing
2022-11-26	medium	num.natxs.com/js-zone/showHide.js	Phishing
2022-11-26	medium	num.natxs.com/js-zone/slider.js	Phishing
2022-11-26	medium	num.natxs.com/js-zone/alert-zone.js	Phishing
2022-11-26	medium	num.natxs.com/js-zone/zero-zone.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	num.natxs.com/js-zone/zero-zone.js	225 B	2023-03-11	2023-06-30
Pretty URL num.natxs.com/js-zone/zero-zone.js IP 172.67.132.135 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:42:10 Last Seen2023-06-30 02:05:29 Times Seen8 Hash e293ff95126d55c4ed6b47ce941448a5 79732472186e3f722addfe3d196250c64aa77bef b6863f58d79163b6887bf98e7e5857cf07d080b27297c21fd3b1dd6b08829e47 Loading...

	num.natxs.com/	20 B	2023-03-07	2024-03-26
Pretty URL num.natxs.com/ IP 172.67.132.135 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-03-26 04:44:52 Times Seen78 Hash 1e302d3b8e4b50901df076b04617cc30 c598b2e079134d7faaabd2986014225a4fec5420 ea0da56ebd906b9b9770465bd9a6098d7eeffc3b4f12247aa615b6f6d0a7c526 Loading...

	num.natxs.com/index_files/jquery.min.js.download	87 kB	2023-03-07	2024-04-23
Pretty URL num.natxs.com/index_files/jquery.min.js.download IP 172.67.132.135 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-23 11:43:00 Times Seen105696 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	num.natxs.com/js-zone/jquery.js	632 B	2023-03-11	2023-06-30
Pretty URL num.natxs.com/js-zone/jquery.js IP 172.67.132.135 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:42:10 Last Seen2023-06-30 02:05:29 Times Seen8 Hash a26441333d55e523427e5de366ec649c 032bdb319abac65c638d45aa91906831a0b296ab a26d4af56485d42592c1d0abcc34a2706c7551c050b2b7821d60eabb34fd720f Loading...

	num.natxs.com/js-zone/main-zone.js	221 B	2023-03-11	2023-06-30
Pretty URL num.natxs.com/js-zone/main-zone.js IP 172.67.132.135 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:42:10 Last Seen2023-06-30 02:05:29 Times Seen8 Hash a4aa8ce48020cc02b97847394357ba06 a7f0b58ea532205fce5ba30787a96741be4a8733 1a5257b25538d2fd10a2bde01573903b456effd6779c497476af163d96c0b149 Loading...

	num.natxs.com/	34 B	2023-03-07	2024-04-09
Pretty URL num.natxs.com/ IP 172.67.132.135 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:42 Last Seen2024-04-09 07:55:21 Times Seen26 Hash 3a6224ee256df33c049ad05a73679a0c 59b55c4608022b524c5ff20866c32b48893c6f92 f3040b7e9b336615dcbc5921d0ee7439544c748db30ba5e484f68270bcac9a4d Loading...

	num.natxs.com/js-zone/showHide.js	47 kB	2023-03-11	2023-03-11
Pretty URL num.natxs.com/js-zone/showHide.js IP 172.67.132.135 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:42:10 Last Seen2023-03-11 20:42:10 Times Seen1 Hash 3442a2c688a1a0efc0b8cae09fcdec4d ba8dff8d2f395bd9a82760ca754da42527d833e7 a28ada3e6f6d1547e2669fa39c47a7755bfb8b49b9963eca22fa106a35218088 Loading...

	num.natxs.com/js-zone/alert-zone.js	121 kB	2023-03-07	2024-04-19
Pretty URL num.natxs.com/js-zone/alert-zone.js IP 172.67.132.135 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:45 Last Seen2024-04-19 06:50:27 Times Seen2418 Hash 2d8819d4b15ffe076a804a074e0229da 0e76d42421e78a58d71c99e233335f39b8b47645 b49a2dab55008d7ba1277b3adbb0b5f590f9b3ee25e3e89a9d78696efd262dde Loading...

		Size	First Seen	Last Seen
	#1 Write - d7d45230746aadb587b5421834758994	171 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:03:42 Last Seen2024-04-19 06:50:27 Times Seen1306 Hash d7d45230746aadb587b5421834758994 65480c14ebd56b32288f937a0a51867362c530ae 06d287bc821986c6d2cea4631dc0329b9cd9e15ca19737eb1479e118526bc3e9 Loading...

	#2 Write - bcac842be7f8998e3880a54fae737f5c	140 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:03:42 Last Seen2024-04-19 06:50:27 Times Seen1298 Hash bcac842be7f8998e3880a54fae737f5c c4a801e5013546c703ba5cba5c176e7d525aadc9 69db51683da9aaff997d8865c60e37445e2bc99d451ec64029183b375779df4d Loading...

HTTP Transactions (54)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16055
Expires: Sat, 26 Nov 2022 17:07:26 GMT
Date: Sat, 26 Nov 2022 12:39:51 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1469
Cache-Control: max-age=166546
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:39:51 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 10:55:37 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2204
Expires: Sat, 26 Nov 2022 13:16:35 GMT
Date: Sat, 26 Nov 2022 12:39:51 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: BQB40y3ip/Tt1agGlSbVYq3fRFSCsG0VrUBksMXpObyiwplu2+VozOFRhLqOKEV0V/vxK7KQJGw=
x-amz-request-id: VK0DQZ5XM3DP6MK0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 11:44:13 GMT
age: 3338
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 12:19:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1238
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 12:39:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 12:08:54 GMT
cache-control: public,max-age=3600
age: 1858
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3884
Cache-Control: max-age=163903
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:39:52 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:11:35 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.215.56.181

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.215.56.181:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eIK1sVzf3mILRGpdfRuZmw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: evWMfpnP+PVxa8KJsi2dTD03z0M=

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
13c265f2c258e0bcea2ac1149188d332
3d42f91eec1fae7ff5e243d2a35afdd5a6d58db0
26666f4ea8fe16648ef9593216b725f692a1cb913763b186cd19d59e7875a930

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5693
Cache-Control: max-age=158176
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:39:53 GMT
Etag: "6381b9bc-117"
Expires: Mon, 28 Nov 2022 08:36:09 GMT
Last-Modified: Sat, 26 Nov 2022 07:01:16 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279

cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

104.17.25.14

200 OK

5.8 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
5.8 kB (5845 bytes)
Hash
a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf

HTTP Headers

GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://num.natxs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 12:39:53 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 214581
expires: Thu, 16 Nov 2023 12:39:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3AmmwIo76A9oqtztaZ%2BKKhLhAdmxgGdelB1JSFzI3qTUsYIQ2Twie5MA1lwosg2vwH4rh2JFaMFlZyK42%2FjAdLo0lKCzOUfn8IKImazRo4gsjTlnWkIbzPYcHebioXiPIlbHT48"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7702b07ffe2bb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:39:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
13c265f2c258e0bcea2ac1149188d332
3d42f91eec1fae7ff5e243d2a35afdd5a6d58db0
26666f4ea8fe16648ef9593216b725f692a1cb913763b186cd19d59e7875a930

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5693
Cache-Control: max-age=158176
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:39:53 GMT
Etag: "6381b9bc-117"
Expires: Mon, 28 Nov 2022 08:36:09 GMT
Last-Modified: Sat, 26 Nov 2022 07:01:16 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 12:39:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.pubgmobile.com/en/images/nav_download.svg

23.36.76.250

200 OK

485 B

URL HTTP/2
www.pubgmobile.com/en/images/nav_download.svg
IP
23.36.76.250:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (999), with no line terminators
Size
485 B (485 bytes)
Hash
105955f14143a23be57cadef8e91950e
98cc1e76113b4b2a2a77805bb1f1d6b364344d88
b85bdfd2887c4fe7681cae97896e604e74d27f150feb49598e1e7efebd3c6fc2

HTTP Headers

GET /en/images/nav_download.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://num.natxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-3ef"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Sat, 26 Nov 2022 12:39:53 GMT
content-length: 485
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_menu.svg

23.36.76.250

200 OK

426 B

URL HTTP/2
www.pubgmobile.com/en/images/nav_menu.svg
IP
23.36.76.250:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (876), with no line terminators
Size
426 B (426 bytes)
Hash
76f5753e4fe160785df31ef342ada1c1
a78cc3e318b79b7fe5e7eb8df11683706b518e8f
52c48564638e7f165f23fae7f76b72d07905f2179ff659b939bfab7ec8b82a26

HTTP Headers

GET /en/images/nav_menu.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://num.natxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Sat, 26 Nov 2022 12:39:53 GMT
content-length: 426
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_language.svg

23.36.76.250

200 OK

675 B

URL HTTP/2
www.pubgmobile.com/en/images/nav_language.svg
IP
23.36.76.250:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (1107), with no line terminators
Size
675 B (675 bytes)
Hash
77e7b8dcd13159c59219706782b1a897
a3c73409a8e9841a00b771d96ce6cb0ce76d222e
4f61e0a210a58bdf43f8a93bf658275291e6a16979f8090c0731f06b6fb3c5a4

HTTP Headers

GET /en/images/nav_language.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://num.natxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Sat, 26 Nov 2022 12:39:53 GMT
content-length: 675
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_shop.svg

23.36.76.250

200 OK

526 B

URL HTTP/2
www.pubgmobile.com/en/images/nav_shop.svg
IP
23.36.76.250:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (985), with no line terminators
Size
526 B (526 bytes)
Hash
ad0548f5478991acc360e6464247e82a
40e3e327eebfc39a8e45b1aa46b725d65390cdcc
6654577abe5f4be7b3f9089fa76e5f746c8d0f5c7eae1cc8202a94fae1193fe3

HTTP Headers

GET /en/images/nav_shop.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://num.natxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-3e1"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Sat, 26 Nov 2022 12:39:53 GMT
content-length: 526
X-Firefox-Spdy: h2

www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg

23.36.76.250

200 OK

75 kB

URL HTTP/2
www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
IP
23.36.76.250:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Size
75 kB (75149 bytes)
Hash
92c19dc5bd77186e5bb8ed35ce668979
646bf70d1c669c7d7388f95a0a33755e4721289c
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef

HTTP Headers

GET /id/event/royalepass10/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://num.natxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 75149
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
etag: "614196e3-1258d"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=275
expires: Sat, 26 Nov 2022 12:44:28 GMT
date: Sat, 26 Nov 2022 12:39:53 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18931
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 12:39:53 GMT
Connection: keep-alive

i.ibb.co/Wg8qQxh/facebook-text.png

162.19.58.157

200 OK

29 kB

URL HTTP/2
i.ibb.co/Wg8qQxh/facebook-text.png
IP
162.19.58.157:0
ASN
#16276 OVH SAS

File type
PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Size
29 kB (28789 bytes)
Hash
74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

HTTP Headers

GET /Wg8qQxh/facebook-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://num.natxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 12:39:53 GMT
content-type: image/png
content-length: 28789
last-modified: Mon, 18 Oct 2021 19:35:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.ibb.co/V9rgBqw/twitter-text.png

162.19.58.157

200 OK

4.3 kB

URL HTTP/2
i.ibb.co/V9rgBqw/twitter-text.png
IP
162.19.58.157:0
ASN
#16276 OVH SAS

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4298 bytes)
Hash
fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f

HTTP Headers

GET /V9rgBqw/twitter-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://num.natxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 12:39:53 GMT
content-type: image/png
content-length: 4298
last-modified: Mon, 18 Oct 2021 19:35:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18931
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 12:39:53 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9049 bytes)
Hash
c8dc4b8a7e9f7f4f84f0da568b43392b
3d32bff85cb7ec118c4496d0c3802829fdc9af3b
4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: utbUF-6Z7rMqPNdRKHJyI-IZoyTy6HpkNBY-60xcZ-6NDXBz1XN6-Q==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:48:40 GMT
age: 53473
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

num.natxs.com/

172.67.132.135

200 OK

18 kB

URL HTTP/1.1
num.natxs.com/
IP
172.67.132.135:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (20458), with CRLF line terminators
Size
18 kB (18433 bytes)
Hash
06fc48ed047a5c000848ac41e1b1cc3b
32da7738ede0924bcd410a6e133df04b418e1729
ad9459f69412e1f66e768bd92218650c711401483bb5f200dc21dba67de2654a

Detections

Analyzer	Verdict	Alert
openphish	Tencent
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: num.natxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 12:39:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYgSmMTkml3pfZ4jhAraYAb6NtzKNBeUsIkvOrvjc8w6dedEjjL6mjNu0KQUgf3I%2FL7BmEI85fc6C%2B%2BBmetGpdOQEkowBHw8%2BlKhwU63WnmbF1k3ln3six%2BItrmDXOId"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7702b07389f9b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18931
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 12:39:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18931
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 12:39:53 GMT
Connection: keep-alive

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6789 bytes)
Hash
926df9839ec3d924b563b55d8bccace8
c47a3884465fc02b5c57faa5ffbd986ba29c64c2
a97cd625959aa81bc516024628315b2c6e2ce94f76cd579751a686a6611cc4d2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: eede6332-5376-4f9c-83fc-f894430c1f4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWYFFgoAMFhaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-66d7ffc70f7d901420a503da;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yM8EHyxy6pUHVZhGUOHuFOU-Z4eTyL2N3Ooa6QMrPlIfp6X5I_JBRw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 53627
etag: "c47a3884465fc02b5c57faa5ffbd986ba29c64c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7799 bytes)
Hash
96437d0cb1ceaffa77124f0dcfeb38cf
3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50
89244601b0a4bc150033e52dc56cf0fbe2846ebba7532c477146258a70783e05

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7799
x-amzn-requestid: 4b3bf619-fb69-4cfe-b8e7-7de4ea127853
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXADFOvoAMFXQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813866-77f561ae3496d84c75541300;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:49:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lt_7H9W9LVUS5gKPrBF_vGiXg-anP_bGV5izsxPiGhiasy2eBnltuw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:39 GMT
age: 50774
etag: "3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7c216e6-fb54-4285-8656-a1e15990a37a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8078 bytes)
Hash
70fae9ac56bb7676177d4252757f0180
bd3027af47f20f4bb9ac36cd9e4493e28e6b041c
1378749f1b28b6c56b8e76418fc5dd59cf608a4e64c1e1067b4f19df10233afc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7c216e6-fb54-4285-8656-a1e15990a37a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8078
x-amzn-requestid: e199b062-09f2-46b8-a8ee-6d7b782f7359
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVC7GT2oAMF5XA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813545-485ea8fd3e785be748834efd;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yJdSAEHw1AFVsBFBSX5G6rqED3Kpi_P69vtTrVVE1vFDtl3XMsyJ4g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:31:51 GMT
age: 50882
etag: "bd3027af47f20f4bb9ac36cd9e4493e28e6b041c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.5 kB (3502 bytes)
Hash
a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SRN-oOfa8Z0mQZFYkWAv32XFiXChfGjfwZkfWz-IzHubwrKgzwoTxQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 03:55:38 GMT
age: 31455
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15818 bytes)
Hash
17ebe470d040a6ea8c57e9b9d4f4e828
1ac7a410cd4f3709f476c776dd5646dd982dcfa8
d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TI0cacek54dPUYW7fYy0xm-1CKdRXZGqBH1vGURakUsBbm-WGcW-vA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:17:55 GMT
age: 51718
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

i.postimg.cc/8z99QCGw/20220817-215258.png

162.19.88.68

200 OK

671 kB

URL HTTP/2
i.postimg.cc/8z99QCGw/20220817-215258.png
IP
162.19.88.68:0
ASN
#16276 OVH SAS

File type
PNG image data, 1280 x 471, 8-bit/color RGBA, non-interlaced\012- data
Size
671 kB (670727 bytes)
Hash
0bb82873b3a3250469aa294d1ac0b210
fc806cfcde5a319779692105481322b7a09fb343
52561945862e047415d62f6a792a16bcf6aa4c6e73402c2d8848d52b29d0216a

HTTP Headers

GET /8z99QCGw/20220817-215258.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://num.natxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 12:39:53 GMT
content-type: image/png
content-length: 670727
last-modified: Wed, 17 Aug 2022 14:53:29 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

num.natxs.com/css-zone/facebook.css

172.67.132.135

200 OK

848 B

URL HTTP/1.1
num.natxs.com/css-zone/facebook.css
IP
172.67.132.135:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
848 B (848 bytes)
Hash
6ccffc97f012d894133f797feced6435
b9ed09fb87d34d862c99b945207681d26eaee6e3
194e8028d5c92ec122b0ab14a9412f8afad57a2552dfef0f4f374359ee684421

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /css-zone/facebook.css HTTP/1.1
Host: num.natxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://num.natxs.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 12:39:54 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 08:39:36 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qR4mMVblNuhUOSFyJlwQBFE5ZOvSBE5jhr1HJUT%2BdgIVw4rvxZgIFARMjnjaj7b89QSJjCWmP2mGfX%2FhSONagMvl5AR55eLEw%2BECFSGcb6IHLcKrHGUb6iTYC5H7lX%2Fi"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702b07fda551bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

num.natxs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

172.67.132.135

200 OK

655 B

URL HTTP/1.1
num.natxs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
172.67.132.135:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (1238)
Size
655 B (655 bytes)
Hash
bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f

Detections

Analyzer	Verdict	Alert
openphish	Tencent
fortinet	Phishing

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: num.natxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://num.natxs.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 12:39:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:35:09 GMT
ETag: W/"637cd00d-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxnZaeNqMzqcxBKWs1PIQN8%2BPD3ywnL%2F2wMMstg9f1X5qvcjg9x77C7YOQz9%2FDv5Nfg68UtEE4%2FS0sVueHNeh1%2BfkHs8WmVFR%2Bwt4AVH54KVbSwVGznyx6FyGsm0w1uJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702b084ae671bfe-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Mon, 28 Nov 2022 12:39:54 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip

num.natxs.com/index_files/css

172.67.132.135

200 OK

62 kB

URL HTTP/1.1
num.natxs.com/index_files/css
IP
172.67.132.135:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1116)
Size
62 kB (62268 bytes)
Hash
755df17a408beddb747e36f27ae4dedc
53daa61ef477c0badec68fa8942cb5ffce0c38b0
a2db023c6c27693f044211498c952a94f002c75b80926bde95c24d5dbab187f4

Detections

Analyzer	Verdict	Alert
openphish	Tencent
fortinet	Phishing

HTTP Headers

GET /index_files/css HTTP/1.1
Host: num.natxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://num.natxs.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 12:39:54 GMT
Content-Length: 62268
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 10:39:26 GMT
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHb9RA0NZndiGo%2FuFBVBnU4Fm%2FRa4ooHvVFqc537QNnY%2FK67xnUWXxWiYr6LegjOfE0iWztv61xTJeyMMMeYjpHJ4lf4asa7l8AYGqlAg24LUkdsn16NqqSFwi2jTIoa"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7702b07fdf79b506-OSL
alt-svc: h2=":443"; ma=60

num.natxs.com/index_files/jquery.min.js.download

172.67.132.135

200 OK

30 kB

URL HTTP/1.1
num.natxs.com/index_files/jquery.min.js.download
IP
172.67.132.135:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
30 kB (30372 bytes)
Hash
0f6b2ebc1c27dca322778ef1ee7723c7
0f02ccaee8b4222039ae38b845a2f688eb4c89ae
969f75aeabe9506ecdbf96efe9e4f04281fe05552b5518f21dafacd16316f42e

Detections

Analyzer	Verdict	Alert
openphish	Tencent
fortinet	Phishing

HTTP Headers

GET /index_files/jquery.min.js.download HTTP/1.1
Host: num.natxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://num.natxs.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 12:39:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 10:39:26 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utBtPZxR4W7IQ%2FYz5UWGjVq7iubYDY7vR8Lea9XBjWxrYoVnhy3OvL1WwSu1cQ%2FTrCj7r0CQWvcXh8I%2B9yh0e43tjllUg29G5xR8Dw7owtuvQsUO%2BWXsn8CGHnbo8tzO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7702b084ae681bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

cloudpack.my.id/nav_logo.svg

153.92.11.28

200 OK

125 kB

URL HTTP/2
cloudpack.my.id/nav_logo.svg
IP
153.92.11.28:0
ASN
#47583 Hostinger International Limited

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
125 kB (125039 bytes)
Hash
8c07573254a5dca15dc9a5e20ba8a2d7
ab0e90457c093aed07195a259cb6c6cf56da318f
9e19b6e3a184e04135be086973d38c5afc1e33d6cd988f424ddf03ca96946bf7

HTTP Headers

GET /nav_logo.svg HTTP/1.1
Host: cloudpack.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://num.natxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 12:39:54 GMT
content-type: image/svg+xml
last-modified: Fri, 14 Oct 2022 11:44:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 125039
date: Sat, 26 Nov 2022 12:39:54 GMT
server: LiteSpeed
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

num.natxs.com/css-zone/twitter.css

172.67.132.135

200 OK

718 B

URL HTTP/1.1
num.natxs.com/css-zone/twitter.css
IP
172.67.132.135:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
718 B (718 bytes)
Hash
e649d6ed8e09946382ef5ff34e7407fe
5a422c5f62d63e30ef76f16c4abbaaf64f4962e0
ed98637a9c5958750467f0b6746ce763f8e8286b946f3b11bdfbec8a3d6b3080

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /css-zone/twitter.css HTTP/1.1
Host: num.natxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://num.natxs.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 12:39:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 08:39:36 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9mrfAq35Emgv7f66m8euzOzgGiEBJf2x%2BL7cZQP2cR%2FEbXav9WSazNN3NkJCSnw7l2vu7DbqwgNiPoG3HvtYskobJYCoFPj1B30CRvGsCre%2BO3LdhsjmnwZlaRp5SSE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702b07fdbbbb50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

num.natxs.com/css-zone/animate.css

172.67.132.135

200 OK

4.7 kB

URL HTTP/1.1
num.natxs.com/css-zone/animate.css
IP
172.67.132.135:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
4.7 kB (4683 bytes)
Hash
0ddbd5b846bb5859630d16b3bc990ede
4cf068cfd4e70a216df3af2c8320a07ae9d642b5
9d3bd3d01b937e6bd482f1de2a9978f14fa132cf6d36784cc81f83d446ede16d

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /css-zone/animate.css HTTP/1.1
Host: num.natxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://num.natxs.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 12:39:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 18 Oct 2022 17:31:16 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ugd40khcLr7Xf%2FZ3D7pcYuhQ3PQgCS%2FAeOVa9hrILjPyFFsqxP9VKTujHfJcVfPAMviO3OCgsg2OgUrC89rL8BCXrraR1tHPSJYug%2B0Z3ZpFWiJOpYeY%2FNTpC3O8A9qD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702b07fed25b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

num.natxs.com/js-zone/jquery.js

172.67.132.135

200 OK

230 B

URL HTTP/1.1
num.natxs.com/js-zone/jquery.js
IP
172.67.132.135:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (632), with no line terminators
Size
230 B (230 bytes)
Hash
9d2aa042ff5bb4e32e40ad9a17e004fa
64bb4d989f0428e3337bd1aaab11f2e4e8e0f03a
da6888294d08bbdf168a96b8c04d2d28bc8dfd12068c717420adce6eb2bc3700

Detections

Analyzer	Verdict	Alert
openphish	Tencent
fortinet	Phishing

HTTP Headers

GET /js-zone/jquery.js HTTP/1.1
Host: num.natxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://num.natxs.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 12:39:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 19:27:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEt%2Bms3zpeL%2FfzR3J2Lm9hglIx0e7Vkff7BZ8DkOFs3%2FiKm4gZ6Jrcg3vQw8ErHoel%2FZptd4hZJTE12ShMnuyuykPcRwu%2FJ27vxvKCg2Z7S6qPg7ltUPQ5f%2FM%2BaWcFyR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702b07feca0fabc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

num.natxs.com/js-zone/main-zone.js

172.67.132.135

200 OK

182 B

URL HTTP/1.1
num.natxs.com/js-zone/main-zone.js
IP
172.67.132.135:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
182 B (182 bytes)
Hash
32f27e615c5df88dc7b145219dded0df
cd9716561c532609811c624fbf9854e04eff0096
1e9c74140643993bce287fbae42d92aa85773e08a99db9fa72c3c4bbd69e3f21

Detections

Analyzer	Verdict	Alert
openphish	Tencent
fortinet	Phishing

HTTP Headers

GET /js-zone/main-zone.js HTTP/1.1
Host: num.natxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://num.natxs.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 12:39:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 19:27:46 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3CpPpRMCyXxpvcYeX%2BdRogEDlWpXAwEVShmgN6t0e8fMgJn8Rxk9g3mwetQBTs1rgJhRwfPwkDStKvPw8eSiMslFgJTkDwwJa5bm1%2BkpKNAPFVopiSsJ15l0f1jjjorr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702b081faaab4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

num.natxs.com/index_files/gift-zone.js

172.67.132.135

200 OK

633 B

URL HTTP/1.1
num.natxs.com/index_files/gift-zone.js
IP
172.67.132.135:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
633 B (633 bytes)
Hash
36c66a5858739e6e4292644a69881502
c88534cd8a09aab21ef15eaee7ca3726584b0eb3
585e9d93d2a5e5eb3c781272abe9f16ded59439a48b5860ec4a321c991ac48d1

Detections

Analyzer	Verdict	Alert
openphish	Tencent
fortinet	Phishing

HTTP Headers

GET /index_files/gift-zone.js HTTP/1.1
Host: num.natxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://num.natxs.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 12:39:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 10:39:26 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuhclALwfNmMeK19On1c2xnsnY1Eg8k2lh3DPLm7gpF4w3jLCpdkNsuQMuIPZ0CAiHMP7KFlF3rGeLKOttv4JdP8B5uQbBM8qcSWq6xJ90ppRaBoa0t0Cv6ZrHGRA%2FOU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702b086e81db506-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

num.natxs.com/img/reward/6.png

172.67.132.135

200 OK

104 kB

URL HTTP/1.1
num.natxs.com/img/reward/6.png
IP
172.67.132.135:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1080, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1080], progressive, precision 8, 1080x1080, components 3\012- data
Size
104 kB (104010 bytes)
Hash
5e245415e18dbe86d3f317c95d22e1ab
d851c58726feb0caa3467b78a6491763db053aff
88491093eafaa4d8ca320cf15158aa71fa9b14a5f815c97031231beeb0f433dd

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /img/reward/6.png HTTP/1.1
Host: num.natxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://num.natxs.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 12:39:56 GMT
Content-Type: image/png
Content-Length: 104010
Connection: keep-alive
Last-Modified: Fri, 05 Aug 2022 13:17:18 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yElNLPqTRknOWT%2FSH%2BVMedbm76KFXBzslS9HF1s3AwbCAmtRiIHklfxz489HAh9APGt3zf%2FnUcYKFrR38clsuI%2BQNvOGi9MrigqZ0lqehlGhg4VeX7Qzd5khE6FlP1RI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702b0914d8bb4ff-OSL
alt-svc: h2=":443"; ma=60

num.natxs.com/js-zone/showHide.js

172.67.132.135

200 OK

16 kB

URL HTTP/1.1
num.natxs.com/js-zone/showHide.js
IP
172.67.132.135:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (47393)
Size
16 kB (16074 bytes)
Hash
d6dc088eccdce4b7ab5edc1d81dee3a4
b67d72f7fa3c41b0b4bf6b730f887e4a6415bf35
b25782c4d0e1417bb9515636360e66ffde9ac1e0cd12f1e8404a941af1c81c7c

Detections

Analyzer	Verdict	Alert
openphish	Tencent
fortinet	Phishing

HTTP Headers

GET /js-zone/showHide.js HTTP/1.1
Host: num.natxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://num.natxs.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 12:39:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 02:00:48 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUE5KMyHQ4s2rIrELwkgQgwUTkbZFa%2F8l4Oih9EAZBW%2FHGC0ekI4DdYUduihk5acZwe8NBcmbdVPOzUh4PyhjREXJS4w13WYdPYgOHqW10FOykS4xRceurbRTjcADeS7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702b08728eb1bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

num.natxs.com/js-zone/slider.js

172.67.132.135

200 OK

241 B

URL HTTP/1.1
num.natxs.com/js-zone/slider.js
IP
172.67.132.135:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (410), with no line terminators
Size
241 B (241 bytes)
Hash
44e45d955314ccffd04d9cc7a60b5b86
649468ddd88a785dcb7e590e17897423157d9d72
c527737af8ee2e31feaa0d5932c9accfc4d0e8790cd7d65ff5dd38a9cdaaf621

Detections

Analyzer	Verdict	Alert
openphish	Tencent
fortinet	Phishing

HTTP Headers

GET /js-zone/slider.js HTTP/1.1
Host: num.natxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://num.natxs.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 12:39:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 19:27:56 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DA436Z46u4GXziJEUuNwiEUSeJCgHafGGq60EwpBU2pMqu1d34Cm77hdij1XJHGDV5ZAI5pJ4jBbKqCbDbZaN9%2FWs3%2FW9VsziIucWalIMuItlg2JdpBOr3mTi11AuUYO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702b0890fe1b50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.10.207

200 OK

84 kB

URL HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (30837)
Size
84 kB (84429 bytes)
Hash
76a7ce279ee603ad8047f0c280bf7fad
eaa1f578f53496bc4f0169ebbaa42916e6326493
5d9a493a2c943e34d21c1e1869cea844ddba217529a6f4857350381713e8fa58

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://num.natxs.com
Connection: keep-alive
Referer: http://num.natxs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 12:39:53 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/18/2022 06:18:29
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 01e74dd8b2df3cd0c1704fb6d53fdf64
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7702b08009ddb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

num.natxs.com/js-zone/alert-zone.js

172.67.132.135

200 OK

17 kB

URL HTTP/1.1
num.natxs.com/js-zone/alert-zone.js
IP
172.67.132.135:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (64301)
Size
17 kB (16642 bytes)
Hash
e8b74c6795976bb00b39192913be9a32
dda8e1b9a91bfe6ddca677812c4968291e28786a
00da874465ecd5632f1b7461cf7f65f9aa53bce8408b23775d70f08d6a963322

Detections

Analyzer	Verdict	Alert
openphish	Tencent
fortinet	Phishing

HTTP Headers

GET /js-zone/alert-zone.js HTTP/1.1
Host: num.natxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://num.natxs.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 12:39:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 19:05:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1go6K1QW5Ek9Oi%2Bvqu6nBrFu%2FH7a4SheFWOBLzOwvSb9d%2FPh3r%2FTHFHfKa31gQYPKh2zz9vMV1ocZGy2kx7UEHmgf1Mj3ZPddmdgoeDqGpX%2BJnesxs6e8YsgGi0UQdwD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702b0917e19b506-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

num.natxs.com/img/reward/5.png

172.67.132.135

200 OK

554 kB

URL HTTP/1.1
num.natxs.com/img/reward/5.png
IP
172.67.132.135:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x1280, components 3\012- data
Size
554 kB (553849 bytes)
Hash
db360c75303d4d88e184dff54e38d4fe
7178eb688a93e1f54b0cbfbe6456f9dfdc93affb
31e5945bcd545bbf7157da62c0b942a17d2b9d2adf61e14fe931d23872e23570

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /img/reward/5.png HTTP/1.1
Host: num.natxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://num.natxs.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 12:39:58 GMT
Content-Type: image/png
Content-Length: 553849
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 07:34:58 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpRh4ES%2FaeAZeKpPYKAtBFTe02z4peiVXhrEXfoWGhfRy5w8WBtDZ9MMLbTgpkTQHiUFSIPpdsSvwdw4BXi8NJ7J1dWel1DzSvm60RqU1zeiFw5mp6F8esT4eEn1CHAn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702b0914ff7fabc-OSL
alt-svc: h2=":443"; ma=60

num.natxs.com/js-zone/zero-zone.js

172.67.132.135

200 OK

166 B

URL HTTP/1.1
num.natxs.com/js-zone/zero-zone.js
IP
172.67.132.135:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
166 B (166 bytes)
Hash
c6038611931ffd6eae861a740cae0dfc
48068dbd10848063985c2c6de0ffe0767d0306d5
bd0d530541c6c91503fb8364405922732956aa4c479aa8e970ad057d57ed4b61

Detections

Analyzer	Verdict	Alert
openphish	Tencent
fortinet	Phishing

HTTP Headers

GET /js-zone/zero-zone.js HTTP/1.1
Host: num.natxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://num.natxs.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 12:39:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 19:28:04 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAouEFEbAsJnc2aqGPFVmijQT4dXk6J6SxW%2FBr%2BfHo%2FjcgMkQi6bGyw1hraP6H1qQKkqat%2FTy2tsveMPbAqpzr2UQn00QH7ebzibSraDRJ9rt%2FLaDcpPL4PjKU8P4AeA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702b0960abeb4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

num.natxs.com/img/reward/1.png

172.67.132.135

200 OK

48 kB

URL HTTP/1.1
num.natxs.com/img/reward/1.png
IP
172.67.132.135:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3\012- data
Size
48 kB (47532 bytes)
Hash
89a7dd6ba417e69cd5acdae1ef5bd710
4a645665620e38f6be96dcf964b8a6d35b2a7267
3cb9bc934682e4f6fbbd3089abac8227699026bf84d6c7d32ce860b404214b5a

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /img/reward/1.png HTTP/1.1
Host: num.natxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://num.natxs.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 12:39:59 GMT
Content-Type: image/png
Content-Length: 47532
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 07:34:58 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7DdCTxJsYnJYI5rh5%2FRkHFUsTXwAlCaW1NEEAk5tUE5tkTZ0NVsKBbEugxnz2RNGBJkjD4eCQyB8aaF5fOmxfFpbLIlV3JMUzK2szN6p1BhMhVt1xjj7LKisM7zT%2Bx%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702b0a50d78b506-OSL
alt-svc: h2=":443"; ma=60

num.natxs.com/img/reward/2.png

172.67.132.135

200 OK

79 kB

URL HTTP/1.1
num.natxs.com/img/reward/2.png
IP
172.67.132.135:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 0-0, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 632845819638102097920.000000\012- data
Size
79 kB (78903 bytes)
Hash
2c7e7c352baa52302665e39007535c15
12c54efeed18f17347b7d9551ca809916e503c29
df2284fbfdaa08980b70842c02637362f21e47689415b61807bb435431e98974

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /img/reward/2.png HTTP/1.1
Host: num.natxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://num.natxs.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 12:39:59 GMT
Content-Type: image/png
Content-Length: 78903
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 07:34:58 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKUD1PqLq9s%2FFmhvIyVTdU1NKqJ9Ah7KZqrIlU6Aaug0gROcjktzhplroXTRwWBgxX4CU%2BGC0OaZioPdV4L9tpjP7JeETvsHloACH99uwj6fdcB9P17FkNx659RhGIf%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702b0a50cc21bfe-OSL
alt-svc: h2=":443"; ma=60

num.natxs.com/img/footer.png

172.67.132.135

200 OK

23 kB

URL HTTP/1.1
num.natxs.com/img/footer.png
IP
172.67.132.135:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1280 x 189, 8-bit colormap, non-interlaced\012- data
Size
23 kB (22718 bytes)
Hash
c6b56cf1fbbb63620e8558afde759e96
4d50888d8a17c2dcdbd05e6068ca4b4b587c7f29
34f7601064bb7cc3cce9ba942dd92d7f53889c703daea37bf34e1e71a1de03f8

Detections

Analyzer	Verdict	Alert
openphish	Tencent

HTTP Headers

GET /img/footer.png HTTP/1.1
Host: num.natxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://num.natxs.com/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 12:40:00 GMT
Content-Type: image/png
Content-Length: 22718
Connection: keep-alive
Last-Modified: Tue, 18 Oct 2022 17:31:16 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qa8%2FzPAsh2PjFcgKnI%2FeR4TZ1EIx2z1fwiU5758LD0buh7uCBjh6ame2i70qUZs0OaugdY8Oh3TIbdbJ6twyk%2B4mVWst0KIDWj%2FIMhriVteQ1jVzAmENGdKO7bHZ9WVv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702b0a50d6cb4ff-OSL
alt-svc: h2=":443"; ma=60

fonts.googleapis.com/css2?family=Teko&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Teko&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Teko&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://num.natxs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 12:39:53 GMT
date: Sat, 26 Nov 2022 12:39:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations