{"report_id":"fa56dbe1-6cf9-47ef-a081-1a7896a81334","version":0,"status":"done","tags":[],"date":"2026-06-17T16:32:27Z","url":{"schema":"http","addr":"natix.svault.fun","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"172.67.170.45","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"natix.svault.fun/","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"title":"NATIX Network | Airdrop","dom":{"size":30326,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (15751)","md5":"249b44a3333f8508b8e669211d56e1a3","sha1":"987b07af263b6f346b1cb08a1689e3f7d7f1dd05","sha256":"e7f1756740dcb43980f4e12b2338aebe21a1e2b032cf2511277c9c9242d40988","sha512":"ce37dd6c24e8308300c5b9c3dc4af5de317e8abc260622ffed4b7dc3da3aec5d29edae43679848ee8918549cf1b8bc5ae3a274a3d5f4abdfd6e8c659d6c1f8b5","ssdeep":"768:rmdOcraAaIvDhz/yzwl92yRYXbRKoP1YwW3:rmdfXaIvDhzOXFDP1YwW3","tlshash":"b7d262b022a0503aa01b5ad76f26376f36f7b1fed9720504f7fe0b959b90d8ae813045","dom_hash":"domhash213ed0efcf7edaea023e0219f2609d55","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"natix.svault.fun","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"172.67.170.45","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T16:32:27Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"natix.svault.fun","ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-04-22","domain_rank":0,"first_seen":"2026-06-17T16:32:28.123432Z","last_seen":"2026-06-17T16:32:28.123432Z","alert_count":32,"request_count":16,"received_data":722493,"sent_data":8134,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-06-14T22:19:01.724334Z","alert_count":0,"request_count":8,"received_data":163848,"sent_data":4448,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-14T22:22:05.140579Z","alert_count":0,"request_count":1,"received_data":15692,"sent_data":546,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"lite-api.jup.ag","ip":{"addr":"143.204.238.57","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2021-09-15","domain_rank":1536175,"first_seen":"2025-06-01T22:48:15.859785Z","last_seen":"2026-06-16T07:13:35.778047Z","alert_count":0,"request_count":1,"received_data":2935,"sent_data":527,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"natix.svault.fun/","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6a2fc9cfa52208084013f88311bb5374","sha1":"cc826ee6b5ca83f9a5c62dd5ed7639f0c5c1588e","sha256":"20a81c2d6ea55a4bb58a2ba2c14daf95bdd826d3e83b9cb4188a5e53a33e9e94","sha512":"b4bc7300ca16278af0096b982e9c11c11726bfb8f290e460591b2533f85be191b1e67b21c3388312307bacb92790e1b7aa2107f45a2db1ba07d69d1c1fdbaa7b","ssdeep":"","tlshash":"b7d05e111122911ab63094412b9ebbd627422233976192413f2feb506f62a0fc2a8fcc","size":271,"data":"","first_seen":"2026-06-17T16:32:32.108961Z","last_seen":"2026-06-17T16:32:32.108961Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"natix.svault.fun/","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1ce100e9f9a1f21053001e49bc9fa75a","sha1":"17a688400fac1ac7f424ee96d83748403be97664","sha256":"af2cff58c7856579369c5882cdbf20614c2fa518f06a45beb24775466ac74646","sha512":"d0f29c1bd80724ca4c99036136e1a52d854434cbb95de3e06fc4c7a217f0210bd48d8f35684539f87c55788c63b3babf8c63a15e18af08d261088052ab6f109b","ssdeep":"","tlshash":"23c0c044c270cdb1141400ef207ca3cc34511c5c0097f189c9bd488fb8ccfc10a48014","size":180,"data":"","first_seen":"2026-06-17T16:32:32.110294Z","last_seen":"2026-06-17T16:32:32.110294Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"natix.svault.fun/","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6a2fc9cfa52208084013f88311bb5374","sha1":"cc826ee6b5ca83f9a5c62dd5ed7639f0c5c1588e","sha256":"20a81c2d6ea55a4bb58a2ba2c14daf95bdd826d3e83b9cb4188a5e53a33e9e94","sha512":"b4bc7300ca16278af0096b982e9c11c11726bfb8f290e460591b2533f85be191b1e67b21c3388312307bacb92790e1b7aa2107f45a2db1ba07d69d1c1fdbaa7b","ssdeep":"","tlshash":"b7d05e111122911ab63094412b9ebbd627422233976192413f2feb506f62a0fc2a8fcc","size":271,"data":"","first_seen":"2026-06-17T16:32:32.108961Z","last_seen":"2026-06-17T16:32:32.108961Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"natix.svault.fun/","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1ce100e9f9a1f21053001e49bc9fa75a","sha1":"17a688400fac1ac7f424ee96d83748403be97664","sha256":"af2cff58c7856579369c5882cdbf20614c2fa518f06a45beb24775466ac74646","sha512":"d0f29c1bd80724ca4c99036136e1a52d854434cbb95de3e06fc4c7a217f0210bd48d8f35684539f87c55788c63b3babf8c63a15e18af08d261088052ab6f109b","ssdeep":"","tlshash":"23c0c044c270cdb1141400ef207ca3cc34511c5c0097f189c9bd488fb8ccfc10a48014","size":180,"data":"","first_seen":"2026-06-17T16:32:32.110294Z","last_seen":"2026-06-17T16:32:32.110294Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"natix.svault.fun/script-bg1u3.js","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"98bccc1fcd802ebdaf5cf831e678d8eb","sha1":"8f197ed51d1f6fbc4452dc5739bf73c0f8c4b96c","sha256":"d3906c7d74a76aa1087f891d2f29adb6e9515420f664ea06d2578da2da8adfe4","sha512":"64a83321df95d75e8773cc88da060703dfafaa0dc1eb1d036a9e9780b2e134698b314201ee4dc3928027ba0acd8a88784d5156bd0b9299523a0449c55382a1a3","ssdeep":"192:OtgovdMI0jYh3KDAjBW2dDjyaBwSV8FzIFPmn60vkSX:2XvF0jOdVwIFk60vdX","tlshash":"b6d1836831803032806b55c723e647a6783de589eb6380b172bd09e79f65ccd72dbb76","size":6403,"data":"","first_seen":"2026-06-17T16:32:32.089463Z","last_seen":"2026-06-17T16:32:32.089463Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"natix.svault.fun/secureproxy?c=%2Fipfs%2FngX0J3pf4WUQxknp4p0oNA5bd47d4291ccd3721f1e5c760b66522e%3Ft%3D1781713923394","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"522133e11f362aa12cd5206fe93f32d4","sha1":"7e624c6f058efc0038cb4ab25570d7e8bab04409","sha256":"c4c9b955bd7ce753161856e68bbefcbeff75781eb2086056150846b2f01c4b02","sha512":"ce0d4089551064596f253a774407b86c910673aa40882f843078fe703cd30289961f33251ba019e0045c0a12178d8eeb1dda40fa306407788ea18dd6ebca8ffb","ssdeep":"6144:4hXFMHTn8U1qFcHZVNYT1XveUtK3+9mpQttmI4qrBLOfXsl3toLAp:EFMzn8UIFTeUtG+9Zmaxx","tlshash":"36c4b8e38b0899f344c427b7046f546fefc8bf481f8b984b53c1ac9e52657ae49e8158","size":571410,"data":"","first_seen":"2026-06-17T16:32:32.105426Z","last_seen":"2026-06-17T16:32:32.105426Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"Initialized 3 transactions","filename":"https://natix.svault.fun/script-bg1u3.js","line_number":0,"column_number":0}]},"http":[{"url":{"schema":"https","addr":"natix.svault.fun/bf2cc3c573214cb1e62d5e8e9423e14b19d7140e4a5bc217dda1fe529288ecd0.png","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:02.890Z","timestamp":1781713922890,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"svault.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 15:52:16 GMT","end":"Mon, 10 Aug 2026 15:52:15 GMT"},"fingerprint":{"sha1":"76:A4:03:25:08:93:38:B4:F5:5B:7A:F4:A2:BC:2C:2F:D8:1A:2A:A2","sha256":"60:9B:87:7F:56:35:D6:3A:9D:D8:57:0F:3C:27:53:26:B2:F7:5F:48:03:82:7B:F7:D4:50:D5:18:C3:D8:62:81"}}},"request":{"raw":"GET /bf2cc3c573214cb1e62d5e8e9423e14b19d7140e4a5bc217dda1fe529288ecd0.png HTTP/1.1\r\nHost: natix.svault.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://natix.svault.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 16:32:03 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Tue, 09 Jun 2026 15:09:51 GMT\r\netag: \"6a282cbf-c3c\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=j5yasJeBIq%2BButslQitJ4fII46yaOWqjCa2WjTNDzoMtjXbYWLj12zZ6278y6CcpoakMK7odMOci3kpHKX7BwclT4Y35Bbdz64RCtMGE1DxbA3OYLT2bAt5ZjH9zcCkGVzJ3\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 3132\r\ncf-ray: a0d372b21e9b5a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3132,"size_decoded":4054,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"089bde0b96c40194ea9ccda89e3ac478","sha1":"d3b1c37a0d9fe7c2896b31e3b620bd4606d94f8e","sha256":"87eab0edbb7838745c4f280e8dfe96f762c72c78fa411714f2b2b7306162664d","sha512":"acad6973283ffb121d6bea49e8d05ab6ca02b1259e9304e6f40ed899c8d64bfaeab644899b3fe0019429173db034255c7df911f7d71b77ccbdf56222945d242a","ssdeep":"","tlshash":"16516d7cb85e57c98ab66cbcfbaa337255df6ed24414944315ed0bd20a04f7a8d5400e","first_seen":"2026-06-17T16:32:32.084635Z","last_seen":"2026-06-17T16:32:32.084635Z","times_seen":1,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:03.453Z","timestamp":1781713923453,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:18 GMT","end":"Mon, 17 Aug 2026 08:38:17 GMT"},"fingerprint":{"sha1":"C4:91:D1:0E:C2:A8:68:24:7B:00:2B:4A:EB:42:41:E0:29:E2:4E:A0","sha256":"68:29:56:08:39:D8:99:7B:20:CC:14:D3:4F:4D:D2:55:68:A6:27:DC:52:E9:7B:CF:CE:6B:D3:13:BC:97:65:C1"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://natix.svault.fun\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14500\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 14 Jun 2026 10:39:23 GMT\r\nexpires: Mon, 14 Jun 2027 10:39:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 280360\r\nlast-modified: Thu, 04 Sep 2025 17:09:13 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":14500,"size_decoded":15313,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14500, version 1.0","md5":"e58febde317b69ceb51690ea201850c9","sha1":"d8fc94bf7a39043a7759bd564a7e16b3ea080736","sha256":"c268b459a9329e59fecf39a17618efd44c71735532048d60b12aab76a8c14914","sha512":"af17f0a6913d974bd7d38a060549dacd158c667abb08f830d44d302c1a1cb4f8106eeeb772d2b4066be2c5a1e763d26042c707343770f5e84b0f5165cab9d96b","ssdeep":"384:4VvSHMmDtGjtHrBRvGjLWPSNRXZpyJ+kC18bZ:4VvSsmDt6LBROj1RXZ4J+318bZ","tlshash":"8a52b05ef04e86f0b51f2a7ece5c6a1153725e56134f2e50e967b0c8c75e82a1e27142","first_seen":"2025-06-05T11:45:07.756161Z","last_seen":"2026-06-17T21:18:07.718179Z","times_seen":2833,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":53,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"natix.svault.fun/secureproxy?c=%2Fjmpd%2F","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:05.282Z","timestamp":1781713925282,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"svault.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 15:52:16 GMT","end":"Mon, 10 Aug 2026 15:52:15 GMT"},"fingerprint":{"sha1":"76:A4:03:25:08:93:38:B4:F5:5B:7A:F4:A2:BC:2C:2F:D8:1A:2A:A2","sha256":"60:9B:87:7F:56:35:D6:3A:9D:D8:57:0F:3C:27:53:26:B2:F7:5F:48:03:82:7B:F7:D4:50:D5:18:C3:D8:62:81"}}},"request":{"raw":"POST /secureproxy?c=%2Fjmpd%2F HTTP/1.1\r\nHost: natix.svault.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://natix.svault.fun/\r\ncontent-type: application/json\r\nContent-Length: 1375\r\nOrigin: https://natix.svault.fun\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 16:32:05 GMT\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 5966451\r\ncdn-requestcountrycode: NL\r\ncache-control: no-cache\r\netag: W/\"a-bAsFyilMr4Ra1hIU5PyoyFRunpI\"\r\nx-ratelimit-limit: 20\r\nx-ratelimit-remaining: 19\r\nx-ratelimit-reset: 1781713985385\r\ncdn-proxyver: 1.57\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 204\r\ncdn-cachedat: 06/17/2026 16:32:05\r\ncdn-edgestorageid: 1329\r\ncdn-requestid: 189841ce7eccdda32877e5b0d29fc057\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zNN1lpY3Y7Z4ETnMBrXzdwtCbB4JlzwC%2FS28y0aEJ08oP601rXydeOBxJpqRW5vMhBhLFLZrvbHjS6g4yn3%2Bk3OQz9517i5Ln54GTWwuze93%2Fl6GUtp4rETJU5VSHyqc85xs\"}]}\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d372c108c25a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":3336,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T01:31:21.233037Z","times_seen":16497762,"resource_available":true,"data":null}},"time_used":529,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":529,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Manrope:wght@200;300;400;500;600;700;800\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:03.280Z","timestamp":1781713923280,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:19 GMT","end":"Mon, 17 Aug 2026 08:38:18 GMT"},"fingerprint":{"sha1":"4D:E0:8E:62:2F:B2:3D:28:5D:7D:B5:8D:C5:3A:72:E4:EE:AB:7D:93","sha256":"AE:0B:4F:B5:B7:41:E5:0C:70:C0:E1:2A:F9:DB:AD:A8:64:94:F3:70:6D:38:1C:8A:8A:CA:52:96:5C:D8:5C:87"}}},"request":{"raw":"GET /css2?family=Manrope:wght@200;300;400;500;600;700;800\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://natix.svault.fun/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 17 Jun 2026 16:32:03 GMT\r\ndate: Wed, 17 Jun 2026 16:32:03 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15008,"size_decoded":1471,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"0ad4e9cc8948899d25eb47a31cace209","sha1":"c8a2ded69bfa8d2f4293fd3324009b36b4050256","sha256":"73ef72e9f525460bf321f3797f3c6d37aa65ea44ff78062c406fca0d98a55fc8","sha512":"1467da169a56c9e04d571063cfb541534f96920a0645641209b6e0dfcb36ce1313811515479a11731e59d2344622478ed1602dadf4531184524e611cddc867d7","ssdeep":"192:BJRKV3II8XDJi5V3PP8wiJDEV3WW89RJ8rV3118+4JlOV3MM8b/JGNV3TT80uJH0:bMEmkwU+ME02EQJ","tlshash":"7962a9900027e804eb470cd677ce7e39ad4e61567491c5ba5bfe1cd8adebd222320b5e","first_seen":"2025-09-05T04:53:42.941084Z","last_seen":"2026-06-17T16:32:32.0873Z","times_seen":3251,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":3,"connect":15,"send":0,"wait":34,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"natix.svault.fun/","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T16:32:02.420Z","timestamp":1781713922420,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"svault.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 15:52:16 GMT","end":"Mon, 10 Aug 2026 15:52:15 GMT"},"fingerprint":{"sha1":"76:A4:03:25:08:93:38:B4:F5:5B:7A:F4:A2:BC:2C:2F:D8:1A:2A:A2","sha256":"60:9B:87:7F:56:35:D6:3A:9D:D8:57:0F:3C:27:53:26:B2:F7:5F:48:03:82:7B:F7:D4:50:D5:18:C3:D8:62:81"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: natix.svault.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 16:32:02 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Tue, 09 Jun 2026 15:09:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\npriority: u=0,i\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HEl51V%2FOARTFg00J2REsz4T7uzX5oOGusdBEckc%2FoCxNEoZyp32MQMdi6OuIvFIE%2FbbhKBUumFH0KnrrlwnzmslnzOE5nbiBe4Looqj6%2Fh7Czui6hShsAPsBySt1OHEF%2Ba3q\"}]}\r\ncf-ray: a0d372af7e3c5a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":26794,"size_decoded":10351,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (24394), with CRLF line terminators","md5":"688361d0ba34a6e403365c95eb199111","sha1":"2290b6bc5b5eeac9bed1aa7ff2d766e1bc98a9d3","sha256":"e75f1f695fea3b9ae92ac1e12f5ccfe10d8588470efbebac2b2d3d75763a6139","sha512":"1e1574b701dd4efb2699c7ec0ddec0e32d47919328836b05dbd3ad222d535840b3ebb181254e1f1bfa815769649596bdee07f5517cdb67d317921dbf268c2034","ssdeep":"768:HPjraAa7vDhnyykwwl2mRYXgRojPoYwhk:HPHXa7vDhpbX8mPoYwhk","tlshash":"15c294701264403aa11b4aebaf25376f36f371fea5370504e7fe5b94e7d0c4ae826186","first_seen":"2026-06-17T16:32:32.088055Z","last_seen":"2026-06-17T16:32:32.088055Z","times_seen":1,"resource_available":true,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":32,"connect":16,"send":0,"wait":186,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"natix.svault.fun/script-bg1u3.js","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:02.886Z","timestamp":1781713922886,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"svault.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 15:52:16 GMT","end":"Mon, 10 Aug 2026 15:52:15 GMT"},"fingerprint":{"sha1":"76:A4:03:25:08:93:38:B4:F5:5B:7A:F4:A2:BC:2C:2F:D8:1A:2A:A2","sha256":"60:9B:87:7F:56:35:D6:3A:9D:D8:57:0F:3C:27:53:26:B2:F7:5F:48:03:82:7B:F7:D4:50:D5:18:C3:D8:62:81"}}},"request":{"raw":"GET /script-bg1u3.js HTTP/1.1\r\nHost: natix.svault.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://natix.svault.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 16:32:03 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Tue, 09 Jun 2026 15:09:51 GMT\r\netag: \"6a282cbf-1903\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H2RZb%2Ft30n6SmyBPCLN0KAn35%2B%2BYI0LMSaJOWMAFlzB8QUoeiBrYh97JoZQRiwccCqi5U9ad%2FjBvvDlUgyjXTWbRxRiGpWJbk%2By815RBQd%2FJfJgnFk4lAXs7szvWcLxPT4V6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: a0d372b20e985a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6403,"size_decoded":3167,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (6403), with no line terminators","md5":"98bccc1fcd802ebdaf5cf831e678d8eb","sha1":"8f197ed51d1f6fbc4452dc5739bf73c0f8c4b96c","sha256":"d3906c7d74a76aa1087f891d2f29adb6e9515420f664ea06d2578da2da8adfe4","sha512":"64a83321df95d75e8773cc88da060703dfafaa0dc1eb1d036a9e9780b2e134698b314201ee4dc3928027ba0acd8a88784d5156bd0b9299523a0449c55382a1a3","ssdeep":"192:OtgovdMI0jYh3KDAjBW2dDjyaBwSV8FzIFPmn60vkSX:2XvF0jOdVwIFk60vdX","tlshash":"b6d1836831803032806b55c723e647a6783de589eb6380b172bd09e79f65ccd72dbb76","first_seen":"2026-06-17T16:32:32.089463Z","last_seen":"2026-06-17T16:32:32.089463Z","times_seen":1,"resource_available":true,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"natix.svault.fun/images/pyth.svg","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:02.903Z","timestamp":1781713922903,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"svault.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 15:52:16 GMT","end":"Mon, 10 Aug 2026 15:52:15 GMT"},"fingerprint":{"sha1":"76:A4:03:25:08:93:38:B4:F5:5B:7A:F4:A2:BC:2C:2F:D8:1A:2A:A2","sha256":"60:9B:87:7F:56:35:D6:3A:9D:D8:57:0F:3C:27:53:26:B2:F7:5F:48:03:82:7B:F7:D4:50:D5:18:C3:D8:62:81"}}},"request":{"raw":"GET /images/pyth.svg HTTP/1.1\r\nHost: natix.svault.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://natix.svault.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 16:32:03 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Tue, 09 Jun 2026 15:09:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CwgnKfSJ4nBpzld4NiuNfLIjMj0%2FfjMv8x3%2Bwwi3tnnMumrrhkKQZ6dbuI6tx%2BYHXr9G8N62QXWTHiL0YccppaJkfAlklKzD3mNB8XgCHeeEW28Ogxod8odrZzEn7tN%2BmGM5\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: zstd\r\netag: W/\"6a282cbf-912\"\r\ncf-ray: a0d372b22ea35a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2322,"size_decoded":1960,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"37d619de40a237df97301e340b9b2447","sha1":"4503d4caddb600c467c92cb18cd5b2c13a056236","sha256":"e5e5d3c3bccd9d67b02f2ae4335e1b9f7add851b0df03eea4376ca8f39267a62","sha512":"d82646626adbee5cc7c9a709bd37b8eb8026eca69112bccd16e0b5791182ec16d8d967eee4aa99399cee3594d97bf5855bbd9fd7255a7093e090258990879db9","ssdeep":"","tlshash":"f541555122ac93e49906a7c4e715f0b2755328fd6883ca10ea32bb70b4505df8dd98c4","first_seen":"2025-09-02T07:43:09.414801Z","last_seen":"2026-06-17T16:32:32.090774Z","times_seen":449,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:03.441Z","timestamp":1781713923441,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:18 GMT","end":"Mon, 17 Aug 2026 08:38:17 GMT"},"fingerprint":{"sha1":"C4:91:D1:0E:C2:A8:68:24:7B:00:2B:4A:EB:42:41:E0:29:E2:4E:A0","sha256":"68:29:56:08:39:D8:99:7B:20:CC:14:D3:4F:4D:D2:55:68:A6:27:DC:52:E9:7B:CF:CE:6B:D3:13:BC:97:65:C1"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://natix.svault.fun\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 14 Jun 2026 10:11:33 GMT\r\nexpires: Mon, 14 Jun 2027 10:11:33 GMT\r\ncache-control: public, max-age=31536000\r\nage: 282030\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":24836,"size_decoded":25649,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-06-18T01:39:15.938386Z","times_seen":27864,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":3,"connect":30,"send":0,"wait":21,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:03.449Z","timestamp":1781713923449,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:18 GMT","end":"Mon, 17 Aug 2026 08:38:17 GMT"},"fingerprint":{"sha1":"C4:91:D1:0E:C2:A8:68:24:7B:00:2B:4A:EB:42:41:E0:29:E2:4E:A0","sha256":"68:29:56:08:39:D8:99:7B:20:CC:14:D3:4F:4D:D2:55:68:A6:27:DC:52:E9:7B:CF:CE:6B:D3:13:BC:97:65:C1"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://natix.svault.fun\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 14 Jun 2026 10:11:33 GMT\r\nexpires: Mon, 14 Jun 2027 10:11:33 GMT\r\ncache-control: public, max-age=31536000\r\nage: 282030\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":24836,"size_decoded":25649,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-06-18T01:39:15.938386Z","times_seen":27864,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":24,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:03.454Z","timestamp":1781713923454,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:18 GMT","end":"Mon, 17 Aug 2026 08:38:17 GMT"},"fingerprint":{"sha1":"C4:91:D1:0E:C2:A8:68:24:7B:00:2B:4A:EB:42:41:E0:29:E2:4E:A0","sha256":"68:29:56:08:39:D8:99:7B:20:CC:14:D3:4F:4D:D2:55:68:A6:27:DC:52:E9:7B:CF:CE:6B:D3:13:BC:97:65:C1"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://natix.svault.fun\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14500\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 14 Jun 2026 10:39:23 GMT\r\nexpires: Mon, 14 Jun 2027 10:39:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 280360\r\nlast-modified: Thu, 04 Sep 2025 17:09:13 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":14500,"size_decoded":15313,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14500, version 1.0","md5":"e58febde317b69ceb51690ea201850c9","sha1":"d8fc94bf7a39043a7759bd564a7e16b3ea080736","sha256":"c268b459a9329e59fecf39a17618efd44c71735532048d60b12aab76a8c14914","sha512":"af17f0a6913d974bd7d38a060549dacd158c667abb08f830d44d302c1a1cb4f8106eeeb772d2b4066be2c5a1e763d26042c707343770f5e84b0f5165cab9d96b","ssdeep":"384:4VvSHMmDtGjtHrBRvGjLWPSNRXZpyJ+kC18bZ:4VvSsmDt6LBROj1RXZ4J+318bZ","tlshash":"8a52b05ef04e86f0b51f2a7ece5c6a1153725e56134f2e50e967b0c8c75e82a1e27142","first_seen":"2025-06-05T11:45:07.756161Z","last_seen":"2026-06-17T21:18:07.718179Z","times_seen":2833,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":54,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"natix.svault.fun/_nuxt/assets/index.js","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:02.882Z","timestamp":1781713922882,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"svault.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 15:52:16 GMT","end":"Mon, 10 Aug 2026 15:52:15 GMT"},"fingerprint":{"sha1":"76:A4:03:25:08:93:38:B4:F5:5B:7A:F4:A2:BC:2C:2F:D8:1A:2A:A2","sha256":"60:9B:87:7F:56:35:D6:3A:9D:D8:57:0F:3C:27:53:26:B2:F7:5F:48:03:82:7B:F7:D4:50:D5:18:C3:D8:62:81"}}},"request":{"raw":"GET /_nuxt/assets/index.js HTTP/1.1\r\nHost: natix.svault.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://natix.svault.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 16:32:03 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Tue, 09 Jun 2026 15:09:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0qirtqgOM%2FR4eaeCi8sNeimSOdXhqv1DH9FZB7YEgHtF3zviEhE1wfxY77WYY6JaK7X3IXtbNjprnOQnMVHINXBQZ7%2F7kq5BRHtzbpcZlLKykHAqVaabNl%2FANoihuUJftfYg\"}]}\r\ncf-ray: a0d372b20e955a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T01:31:21.233037Z","times_seen":16497762,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"natix.svault.fun/images/solblaze.svg","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:02.904Z","timestamp":1781713922904,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"svault.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 15:52:16 GMT","end":"Mon, 10 Aug 2026 15:52:15 GMT"},"fingerprint":{"sha1":"76:A4:03:25:08:93:38:B4:F5:5B:7A:F4:A2:BC:2C:2F:D8:1A:2A:A2","sha256":"60:9B:87:7F:56:35:D6:3A:9D:D8:57:0F:3C:27:53:26:B2:F7:5F:48:03:82:7B:F7:D4:50:D5:18:C3:D8:62:81"}}},"request":{"raw":"GET /images/solblaze.svg HTTP/1.1\r\nHost: natix.svault.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://natix.svault.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 16:32:03 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Tue, 09 Jun 2026 15:09:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u8SADSk%2FGmDNahwpCaPMlGhw3%2FeRTr%2Fb0wUpCPABRiYODmwCnsm4LWCZtdO%2FbttT20MmS9lgb2Kx18INVcPTjadyNTxVneN5KSR1qalmht48ya%2FkuLVZO%2BRm5nbgTv40UAnZ\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: zstd\r\netag: W/\"6a282cbf-2fb6\"\r\ncf-ray: a0d372b22ea45a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12214,"size_decoded":6040,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e6c2726ae5e7cc1c0aa199ad3b7195b9","sha1":"e9dbc07a64cebfbd0389bcec396877b2f338e6bd","sha256":"b5ba7b16778896912b7712690a16b5eab96e9dc8643be4af77ec5a1e8b3e6b5b","sha512":"7d3f6b9f2259a8136531a9c09ade0c885e01239c4c49e6d9f4618d076361e325b7a73c5209440f733b9ca07eda312240fb4306a42a060b6733e8b474e37968d8","ssdeep":"192:Cebn8EmAexeRzs8VWOAluUFbpATzs9IQF/n9AY41RRodskit3dEamw2gq:Ceb8aexOAMnIb7XhGY41/ungq","tlshash":"9742b6debbe5a3f4a905f3c8875688793a532cf67b03cb38c3986e95b54104d8895c87","first_seen":"2025-09-02T07:43:09.409787Z","last_seen":"2026-06-17T16:32:32.092794Z","times_seen":450,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:03.451Z","timestamp":1781713923451,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:18 GMT","end":"Mon, 17 Aug 2026 08:38:17 GMT"},"fingerprint":{"sha1":"C4:91:D1:0E:C2:A8:68:24:7B:00:2B:4A:EB:42:41:E0:29:E2:4E:A0","sha256":"68:29:56:08:39:D8:99:7B:20:CC:14:D3:4F:4D:D2:55:68:A6:27:DC:52:E9:7B:CF:CE:6B:D3:13:BC:97:65:C1"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://natix.svault.fun\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14500\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 14 Jun 2026 10:39:23 GMT\r\nexpires: Mon, 14 Jun 2027 10:39:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 280360\r\nlast-modified: Thu, 04 Sep 2025 17:09:13 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":14500,"size_decoded":15313,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14500, version 1.0","md5":"e58febde317b69ceb51690ea201850c9","sha1":"d8fc94bf7a39043a7759bd564a7e16b3ea080736","sha256":"c268b459a9329e59fecf39a17618efd44c71735532048d60b12aab76a8c14914","sha512":"af17f0a6913d974bd7d38a060549dacd158c667abb08f830d44d302c1a1cb4f8106eeeb772d2b4066be2c5a1e763d26042c707343770f5e84b0f5165cab9d96b","ssdeep":"384:4VvSHMmDtGjtHrBRvGjLWPSNRXZpyJ+kC18bZ:4VvSsmDt6LBROj1RXZ4J+318bZ","tlshash":"8a52b05ef04e86f0b51f2a7ece5c6a1153725e56134f2e50e967b0c8c75e82a1e27142","first_seen":"2025-06-05T11:45:07.756161Z","last_seen":"2026-06-17T21:18:07.718179Z","times_seen":2833,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":47,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"natix.svault.fun/style-8ie3m.css","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:02.881Z","timestamp":1781713922881,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"svault.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 15:52:16 GMT","end":"Mon, 10 Aug 2026 15:52:15 GMT"},"fingerprint":{"sha1":"76:A4:03:25:08:93:38:B4:F5:5B:7A:F4:A2:BC:2C:2F:D8:1A:2A:A2","sha256":"60:9B:87:7F:56:35:D6:3A:9D:D8:57:0F:3C:27:53:26:B2:F7:5F:48:03:82:7B:F7:D4:50:D5:18:C3:D8:62:81"}}},"request":{"raw":"GET /style-8ie3m.css HTTP/1.1\r\nHost: natix.svault.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://natix.svault.fun/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 16:32:03 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Tue, 09 Jun 2026 15:09:51 GMT\r\netag: \"6a282cbf-b123\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tI4GiIJfjmkQoBtflsR6iDrLF4ifG%2BGmJvCgg6WUfNS84pl5UcZ%2BAyZ%2BXzMcsWOvLbCKXGvMOJJ6pLLBcEoYSXajmhxpPgPJM%2F3NfSAqTn5%2FkOamVvgkCUTwupwiGcZGCvsl\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: a0d372b20e945a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45347,"size_decoded":9438,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"b7d95bf879440ffd79c3f46579b96248","sha1":"a5513bcddc2acffc08ce8abcd13bd1e54e6f4825","sha256":"e0343cd496c7fa71c98204fd767473a485e2aa4a50075eceec44b6dd4249d376","sha512":"fcc85bf1898e1d3b2190a7902501f1d82986a32ff05b69be4d308c0f3dc2d95dd223efae0b402afa4526a1690a7b6b9f485f54852855e0b2dbc6fd99e0bc24f6","ssdeep":"768:YQV815FbGMcxRSXre0qZ1WWTP4ch8OehAjdloCJq8H:P0qZ1WWRrH","tlshash":"b0130f19e60211466537ebb46fb2071cfb9980138b0291b97fcd72998ff51a886a1fdc","first_seen":"2026-06-17T16:32:32.094111Z","last_seen":"2026-06-17T16:32:32.094111Z","times_seen":1,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"natix.svault.fun/images/bonk.svg","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:02.896Z","timestamp":1781713922896,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"svault.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 15:52:16 GMT","end":"Mon, 10 Aug 2026 15:52:15 GMT"},"fingerprint":{"sha1":"76:A4:03:25:08:93:38:B4:F5:5B:7A:F4:A2:BC:2C:2F:D8:1A:2A:A2","sha256":"60:9B:87:7F:56:35:D6:3A:9D:D8:57:0F:3C:27:53:26:B2:F7:5F:48:03:82:7B:F7:D4:50:D5:18:C3:D8:62:81"}}},"request":{"raw":"GET /images/bonk.svg HTTP/1.1\r\nHost: natix.svault.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://natix.svault.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 16:32:03 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Tue, 09 Jun 2026 15:09:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i%2FV7J9RRa0JvAOuPM%2B0DeKRahEPdJD%2B94zn4fU8EYxcLEgf%2BYfdOXD246wfGmPs82En8vPxeYfhf5nxYbAhOozL8%2Foi7d1qprqgpvomBW4M1c88QXMK74%2B%2FH%2B%2BH1DyerO1Qp\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: zstd\r\netag: W/\"6a282cbf-314a\"\r\ncf-ray: a0d372b21e9d5a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12618,"size_decoded":6362,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"32264f4b5ef61d12d6c8c7585e844dcc","sha1":"28f5308df3de8e7435ed9f29c07271102455bffb","sha256":"22c0b5638dc650cc5fabd4b50dd2c24b0dccdc305ea37a8dc15aaf856b58a1c8","sha512":"33d0b30212a2408e4f0b435257efd055b0a0f8a3aa404e8c666de12528a446b7cc056270e6b3f79241626436351e520f046fb37d28bc04e28178d45a1a2f4b52","ssdeep":"192:FDLeI6N6VFklwNwKIxv6Cqc9I4jnMnX6TVlAaPyvGONdRvmiVTzvjxqVASFkM0/e:9Lm9wwtiCqVMMqTVlhPIzHeiVHvj6mrK","tlshash":"cb4297eab3a9e3d4f805e7f4872768743b6b2cfd2e20c59947d5aca0e95109d4858cc2","first_seen":"2025-09-02T07:43:09.420529Z","last_seen":"2026-06-17T16:32:32.095863Z","times_seen":449,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"natix.svault.fun/images/jito.svg","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:02.897Z","timestamp":1781713922897,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"svault.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 15:52:16 GMT","end":"Mon, 10 Aug 2026 15:52:15 GMT"},"fingerprint":{"sha1":"76:A4:03:25:08:93:38:B4:F5:5B:7A:F4:A2:BC:2C:2F:D8:1A:2A:A2","sha256":"60:9B:87:7F:56:35:D6:3A:9D:D8:57:0F:3C:27:53:26:B2:F7:5F:48:03:82:7B:F7:D4:50:D5:18:C3:D8:62:81"}}},"request":{"raw":"GET /images/jito.svg HTTP/1.1\r\nHost: natix.svault.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://natix.svault.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 16:32:03 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Tue, 09 Jun 2026 15:09:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Nw%2FHzlUZ8V1FATnRCS1UNUpWSbV659EItYQh71KR171iDfikg3jCtkg3NhpTzxk%2BpPf9qDbFNj30N%2FR%2BILTdMWezDeFVTfPVA32Kzf78if6IZiGugj73v2IbVtL3bSXGJ%2FvY\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: zstd\r\netag: W/\"6a282cbf-779\"\r\ncf-ray: a0d372b21e9e5a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1913,"size_decoded":1853,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b555eeb2c89878019ca271ce239f5144","sha1":"4689fc8b3d997acabf01e06139cdb5d44fd3b7bb","sha256":"5daa8b44652cf3cca0e22528f3e8b09a4a83c071ceb68e11af6138b240220615","sha512":"b3758eff6e3f56a6b9a2189b1fa55ad8af57fe46c233ad62db30dcde00f4333128ad0b96e0730cd36609b70ffe1e875509cd6891cd423dc3f0b9f435d3b0bf83","ssdeep":"","tlshash":"59410360a26d57a4a104ebe04b1a64762e9322f7352286284b9fd97864831df5cecdc9","first_seen":"2025-09-02T07:43:09.3868Z","last_seen":"2026-06-17T16:32:32.097373Z","times_seen":449,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"natix.svault.fun/images/orca.svg","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:02.901Z","timestamp":1781713922901,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"svault.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 15:52:16 GMT","end":"Mon, 10 Aug 2026 15:52:15 GMT"},"fingerprint":{"sha1":"76:A4:03:25:08:93:38:B4:F5:5B:7A:F4:A2:BC:2C:2F:D8:1A:2A:A2","sha256":"60:9B:87:7F:56:35:D6:3A:9D:D8:57:0F:3C:27:53:26:B2:F7:5F:48:03:82:7B:F7:D4:50:D5:18:C3:D8:62:81"}}},"request":{"raw":"GET /images/orca.svg HTTP/1.1\r\nHost: natix.svault.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://natix.svault.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 16:32:03 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Tue, 09 Jun 2026 15:09:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KVRFf2GvHUgJKe%2Bdh4gFIH%2FpLrvIu1eMZmXTI1Di%2BP84lCC1DuHRgDTpXB84Nf8L1oY9rCd1NVRAfAH5NT7ENcYrC5MyxCkDPkUQ7RwEIUUA9hjIwdHVg7U1yPwlX5xYwpbw\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: zstd\r\netag: W/\"6a282cbf-eab\"\r\ncf-ray: a0d372b22ea25a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3755,"size_decoded":2562,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"399f1f0b7b8310ee13f5f344cf8d1194","sha1":"a2f3f47fce8eb5ad2b1865446591c3087c693ca6","sha256":"1b03e12e25d6722e35e48e8f63e6b740f004b74d828e8ad6d79c07615bcfe12a","sha512":"3b7b4b431ba516221ad79743433630dadb9ce869f4e6401651982bea4d87ebe2a18248a2722fe1d8fac295a89f235371f30314e29c9de56eb32e5f6bf143b676","ssdeep":"","tlshash":"157173ebb3c8a2c0d60ae3f49b2a54f9360316f94623c228c6e50f65f99209dc94c8c5","first_seen":"2025-09-02T07:43:09.392798Z","last_seen":"2026-06-17T16:32:32.098612Z","times_seen":450,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:03.446Z","timestamp":1781713923446,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:18 GMT","end":"Mon, 17 Aug 2026 08:38:17 GMT"},"fingerprint":{"sha1":"C4:91:D1:0E:C2:A8:68:24:7B:00:2B:4A:EB:42:41:E0:29:E2:4E:A0","sha256":"68:29:56:08:39:D8:99:7B:20:CC:14:D3:4F:4D:D2:55:68:A6:27:DC:52:E9:7B:CF:CE:6B:D3:13:BC:97:65:C1"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://natix.svault.fun\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14500\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 14 Jun 2026 10:39:23 GMT\r\nexpires: Mon, 14 Jun 2027 10:39:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 280360\r\nlast-modified: Thu, 04 Sep 2025 17:09:13 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":14500,"size_decoded":15313,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14500, version 1.0","md5":"e58febde317b69ceb51690ea201850c9","sha1":"d8fc94bf7a39043a7759bd564a7e16b3ea080736","sha256":"c268b459a9329e59fecf39a17618efd44c71735532048d60b12aab76a8c14914","sha512":"af17f0a6913d974bd7d38a060549dacd158c667abb08f830d44d302c1a1cb4f8106eeeb772d2b4066be2c5a1e763d26042c707343770f5e84b0f5165cab9d96b","ssdeep":"384:4VvSHMmDtGjtHrBRvGjLWPSNRXZpyJ+kC18bZ:4VvSsmDt6LBROj1RXZ4J+318bZ","tlshash":"8a52b05ef04e86f0b51f2a7ece5c6a1153725e56134f2e50e967b0c8c75e82a1e27142","first_seen":"2025-06-05T11:45:07.756161Z","last_seen":"2026-06-17T21:18:07.718179Z","times_seen":2833,"resource_available":false,"data":null}},"time_used":78,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":56,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lite-api.jup.ag/tokens/v2/search?query=FRySi8LPkuByB7VPSCCggxpewFUeeJiwEGRKKuhwpKcX","fqdn":"lite-api.jup.ag","domain":"jup.ag","tld":"ag"},"ip":{"addr":"143.204.238.57","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:03.463Z","timestamp":1781713923463,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lite-api.jup.ag","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 02 Mar 2026 00:00:00 GMT","end":"Tue, 15 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"0A:3A:FA:40:6C:C0:7E:88:0A:F3:A9:72:66:BF:C9:D6:99:1B:F6:A7","sha256":"2C:4B:20:7C:DA:39:7F:EC:E5:2A:8C:99:7C:69:6A:58:C0:62:51:B7:C7:1A:38:71:DA:BF:B8:3C:D1:B8:AB:DA"}}},"request":{"raw":"GET /tokens/v2/search?query=FRySi8LPkuByB7VPSCCggxpewFUeeJiwEGRKKuhwpKcX HTTP/1.1\r\nHost: lite-api.jup.ag\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://natix.svault.fun/\r\nOrigin: https://natix.svault.fun\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/json\r\ndate: Wed, 17 Jun 2026 16:32:03 GMT\r\nserver: cloudflare\r\ncf-ray: a0d372b5ec686cde-ARN\r\naccess-control-allow-origin: https://natix.svault.fun\r\ncache-control: public, max-age=10\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\ncontent-encoding: br\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 fb0991a0cdc083e8b3d013da8a2e9954.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P4\r\nx-amz-cf-id: unZ03CL3JriQyTORXx4FNUXnsPgmvCsx-NEtDSuffrrtRzwDO13GGg==\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2257,"size_decoded":1855,"mime_type":"application/json","magic":"JSON text data","md5":"04932ee6f153d444b1dfce61ce24408d","sha1":"c97df4b8086f140f3ff8ce45ee0c224c178b13bb","sha256":"4b14bf89be803135d77df6c002e7a28ec1be14324c9b7ff7cceb5cd202a8650e","sha512":"5fde851bf216144183ca726373d6e38916e66f0932e69aedac7f4210b7294732d7ba269509ddf4bf1741c8d2f257466f6d12eb6a34b8e1f3262cf0e14ffb5a7f","ssdeep":"","tlshash":"dd4176f5912910e0d6ca834699c8af5290e718c388210952ad3cedfc80db59fb60a95f","first_seen":"2026-06-17T16:32:32.099944Z","last_seen":"2026-06-17T16:32:32.099944Z","times_seen":1,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":0,"dns":5,"connect":8,"send":0,"wait":61,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"natix.svault.fun/images/marinade.svg","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:02.899Z","timestamp":1781713922899,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"svault.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 15:52:16 GMT","end":"Mon, 10 Aug 2026 15:52:15 GMT"},"fingerprint":{"sha1":"76:A4:03:25:08:93:38:B4:F5:5B:7A:F4:A2:BC:2C:2F:D8:1A:2A:A2","sha256":"60:9B:87:7F:56:35:D6:3A:9D:D8:57:0F:3C:27:53:26:B2:F7:5F:48:03:82:7B:F7:D4:50:D5:18:C3:D8:62:81"}}},"request":{"raw":"GET /images/marinade.svg HTTP/1.1\r\nHost: natix.svault.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://natix.svault.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 16:32:03 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Tue, 09 Jun 2026 15:09:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sVahMvrkod%2Fp%2BxM1Xj0q3LRMG2Jmk6%2FZKH8YlbQbQXgxZuzs2ko6hKqxtcAPU6mx0ZCfQRzjtJsarUVAeeLMz4ngmyCRExSLuBZKPuS3U%2F0Wo6shX%2FxS7dMVcq18YR6NL%2Bt0\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a282cbf-2677\"\r\ncf-ray: a0d372b22ea05a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9847,"size_decoded":4916,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5cb11fd2b4b91716c41205eb17e9d960","sha1":"d5e2cb59069a886204c8284813a02ecee6082250","sha256":"bf19d99498915d1aec2f355703d23bb5655de09d5b2bbcb88828aa00d9d6a3a6","sha512":"6e8df520180ffde25b12c20447d7b3ae364a11f1104c1cd5e5ee7d96978b69c43aa749db6e293e1e2acc9d6c3568a0a2841cb26ff2e105f5929b9225ab46b26b","ssdeep":"192:OXI9CbNZ73IhN47x5QO6tQuPOmU/m6FJIReX1gZss6+:+ThZ73eKVT6W05U/m6oeXdK","tlshash":"5012d8ec6be271f0f849e7e4e51698b63b1b35fb7611cb18c3856d21e64100eca79c86","first_seen":"2025-09-02T07:43:09.38934Z","last_seen":"2026-06-17T16:32:32.100794Z","times_seen":450,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"natix.svault.fun/images/metaplex.svg","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:02.900Z","timestamp":1781713922900,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"svault.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 15:52:16 GMT","end":"Mon, 10 Aug 2026 15:52:15 GMT"},"fingerprint":{"sha1":"76:A4:03:25:08:93:38:B4:F5:5B:7A:F4:A2:BC:2C:2F:D8:1A:2A:A2","sha256":"60:9B:87:7F:56:35:D6:3A:9D:D8:57:0F:3C:27:53:26:B2:F7:5F:48:03:82:7B:F7:D4:50:D5:18:C3:D8:62:81"}}},"request":{"raw":"GET /images/metaplex.svg HTTP/1.1\r\nHost: natix.svault.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://natix.svault.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 16:32:03 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Tue, 09 Jun 2026 15:09:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5J%2BVtNwJuXZEedbmoYRv8yfqxa5PtVwbEqMfNyc2Bgs7kNSBGTvHQLGZdp95B8r7%2BviHd5ZVuStb%2BVgULU7ko9VcyymAqVYZtS%2F0qWSR4nKb6eXZEtByUbl33FVaFpW99FbC\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: zstd\r\netag: W/\"6a282cbf-ad6\"\r\ncf-ray: a0d372b22ea15a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2774,"size_decoded":2078,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"14568298cbae655fd79fb65e4d75bebf","sha1":"37e12fe64bcc11848b8c979aed1164a33d726670","sha256":"d70763867ccbbd3ca57c1a327323a395798ed5c821d26c02e71667d46ea34086","sha512":"c76d53ca8cc2298b9fe604433f1ca76a6464939ed19640fc6262e54287e356a43aef2883212a2b1358d089843f8da724db7128bb5dce5e3f27da890fbe59e227","ssdeep":"","tlshash":"985153c1615827e1d8048be0df2e65b6227b1af4be82ea43f1569df23cc44de0d58bc6","first_seen":"2025-09-02T07:43:09.380851Z","last_seen":"2026-06-17T16:32:32.102567Z","times_seen":451,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"natix.svault.fun/secureproxy?c=%2Fipfs%2FngX0J3pf4WUQxknp4p0oNA5bd47d4291ccd3721f1e5c760b66522e%3Ft%3D1781713923394","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:03.396Z","timestamp":1781713923396,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"svault.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 15:52:16 GMT","end":"Mon, 10 Aug 2026 15:52:15 GMT"},"fingerprint":{"sha1":"76:A4:03:25:08:93:38:B4:F5:5B:7A:F4:A2:BC:2C:2F:D8:1A:2A:A2","sha256":"60:9B:87:7F:56:35:D6:3A:9D:D8:57:0F:3C:27:53:26:B2:F7:5F:48:03:82:7B:F7:D4:50:D5:18:C3:D8:62:81"}}},"request":{"raw":"GET /secureproxy?c=%2Fipfs%2FngX0J3pf4WUQxknp4p0oNA5bd47d4291ccd3721f1e5c760b66522e%3Ft%3D1781713923394 HTTP/1.1\r\nHost: natix.svault.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://natix.svault.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 16:32:04 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\ncdn-pullzone: 5966451\r\ncdn-requestcountrycode: NL\r\ncache-control: no-cache\r\netag: W/\"8b812-fmJMbwWO/AA4y0qyVXDX6LqwRAk\"\r\npragma: no-cache\r\ncontent-disposition: attachment; filename=u8bsF-IT4wEpxVz6XUobag.js\r\ncdn-proxyver: 1.57\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 06/17/2026 16:32:04\r\ncdn-edgestorageid: 1331\r\ncdn-requestid: 8c3713841c6ee015f1d5b1da12b3fa50\r\ncdn-cache: BYPASS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VUj5bw328%2BxF9UqqcZ4u0J3ZWVwmUXooG7%2BJpetu1MhjbwnuaKqcfx2dk1WrXPrtx7lVm7EEBWWC4Ut99YZxR0efAl4qhFQoSZoZCSVBfvCybpQsZZnYixI%2BY2qi9IY7BtG%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d372b53f125a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":571410,"size_decoded":119167,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"522133e11f362aa12cd5206fe93f32d4","sha1":"7e624c6f058efc0038cb4ab25570d7e8bab04409","sha256":"c4c9b955bd7ce753161856e68bbefcbeff75781eb2086056150846b2f01c4b02","sha512":"ce0d4089551064596f253a774407b86c910673aa40882f843078fe703cd30289961f33251ba019e0045c0a12178d8eeb1dda40fa306407788ea18dd6ebca8ffb","ssdeep":"6144:4hXFMHTn8U1qFcHZVNYT1XveUtK3+9mpQttmI4qrBLOfXsl3toLAp:EFMzn8UIFTeUtG+9Zmaxx","tlshash":"36c4b8e38b0899f344c427b7046f546fefc8bf481f8b984b53c1ac9e52657ae49e8158","first_seen":"2026-06-17T16:32:32.105426Z","last_seen":"2026-06-17T16:32:32.105426Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1067,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":995,"receive":71,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:03.448Z","timestamp":1781713923448,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:18 GMT","end":"Mon, 17 Aug 2026 08:38:17 GMT"},"fingerprint":{"sha1":"C4:91:D1:0E:C2:A8:68:24:7B:00:2B:4A:EB:42:41:E0:29:E2:4E:A0","sha256":"68:29:56:08:39:D8:99:7B:20:CC:14:D3:4F:4D:D2:55:68:A6:27:DC:52:E9:7B:CF:CE:6B:D3:13:BC:97:65:C1"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://natix.svault.fun\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 14 Jun 2026 10:11:33 GMT\r\nexpires: Mon, 14 Jun 2027 10:11:33 GMT\r\ncache-control: public, max-age=31536000\r\nage: 282030\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":24836,"size_decoded":25649,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-06-18T01:39:15.938386Z","times_seen":27864,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":31,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"natix.svault.fun/bf2cc3c573214cb1e62d5e8e9423e14b19d7140e4a5bc217dda1fe529288ecd0.png","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:03.708Z","timestamp":1781713923708,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"svault.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 15:52:16 GMT","end":"Mon, 10 Aug 2026 15:52:15 GMT"},"fingerprint":{"sha1":"76:A4:03:25:08:93:38:B4:F5:5B:7A:F4:A2:BC:2C:2F:D8:1A:2A:A2","sha256":"60:9B:87:7F:56:35:D6:3A:9D:D8:57:0F:3C:27:53:26:B2:F7:5F:48:03:82:7B:F7:D4:50:D5:18:C3:D8:62:81"}}},"request":{"raw":"GET /bf2cc3c573214cb1e62d5e8e9423e14b19d7140e4a5bc217dda1fe529288ecd0.png HTTP/1.1\r\nHost: natix.svault.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://natix.svault.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 16:32:03 GMT\r\ncontent-type: image/png\r\npriority: u=6,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 09 Jun 2026 15:09:51 GMT\r\netag: \"6a282cbf-c3c\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I3LATIeiG0DzLRVwV%2BjXFR6mG1awsT8MM8cwRRE68WyeiSXH5AezaXO8uxK5R%2B14apaQa0mHi%2F5jFMmEDDFAEDbDmn%2F7rRSNQWOlOSp6ZEUwIHRhVaeDVJyG6l2K0KiiHuCh\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 3132\r\ncf-ray: a0d372b72f6b5a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3132,"size_decoded":4063,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"089bde0b96c40194ea9ccda89e3ac478","sha1":"d3b1c37a0d9fe7c2896b31e3b620bd4606d94f8e","sha256":"87eab0edbb7838745c4f280e8dfe96f762c72c78fa411714f2b2b7306162664d","sha512":"acad6973283ffb121d6bea49e8d05ab6ca02b1259e9304e6f40ed899c8d64bfaeab644899b3fe0019429173db034255c7df911f7d71b77ccbdf56222945d242a","ssdeep":"","tlshash":"16516d7cb85e57c98ab66cbcfbaa337255df6ed24414944315ed0bd20a04f7a8d5400e","first_seen":"2026-06-17T16:32:32.084635Z","last_seen":"2026-06-17T16:32:32.084635Z","times_seen":1,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"natix.svault.fun/images/coin.svg","fqdn":"natix.svault.fun","domain":"svault.fun","tld":"fun"},"ip":{"addr":"104.21.28.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:02.892Z","timestamp":1781713922892,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"svault.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 15:52:16 GMT","end":"Mon, 10 Aug 2026 15:52:15 GMT"},"fingerprint":{"sha1":"76:A4:03:25:08:93:38:B4:F5:5B:7A:F4:A2:BC:2C:2F:D8:1A:2A:A2","sha256":"60:9B:87:7F:56:35:D6:3A:9D:D8:57:0F:3C:27:53:26:B2:F7:5F:48:03:82:7B:F7:D4:50:D5:18:C3:D8:62:81"}}},"request":{"raw":"GET /images/coin.svg HTTP/1.1\r\nHost: natix.svault.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://natix.svault.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 16:32:03 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Tue, 09 Jun 2026 15:09:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pb80nirmVmLSBRIaXkbqlvpbX4uqOdtunyOT%2BJY09UErhRLJ2GZndZAb80WjuPBa0Wh1QFvmPauMOfr9lxmnwnMoBVSNPWQO7nMwY0TwhBexyTVYk5CWlV%2FfdWDJKBXE7Yct\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: zstd\r\netag: W/\"6a282cbf-139f\"\r\ncf-ray: a0d372b21e9c5a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5023,"size_decoded":3078,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"902ed0e6f42b05f301e401efe696bcfe","sha1":"c4fc0af1086f8cb90d2e0259a9189498908ed980","sha256":"4f48e20d1856ec89b47690dbfdd7bf5e2a5d7f58f3287449aa51866625bdf480","sha512":"fbcf09b35c0135ef454a0f6d247c7b4b30afa05973390940d6e06eb192f387addc4d0167dae26f85b061164b5a979f5a5e257fc3277626be8ff36f49b3d10c53","ssdeep":"96:NZrgo+DmmnE9ht506zProP25yRRlCy1HxiRSwRft0QdJUlo5Lq:DSnEN50wP0RdH0RSwRftfa1","tlshash":"23a1b7fc73f065a55a88c7edef16806a6dab54f3bf448240f04c5f9d0b968128c976c5","first_seen":"2026-06-17T16:32:32.107222Z","last_seen":"2026-06-17T16:32:32.107222Z","times_seen":1,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"natix.svault.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://natix.svault.fun/","date":"2026-06-17T16:32:03.443Z","timestamp":1781713923443,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:18 GMT","end":"Mon, 17 Aug 2026 08:38:17 GMT"},"fingerprint":{"sha1":"C4:91:D1:0E:C2:A8:68:24:7B:00:2B:4A:EB:42:41:E0:29:E2:4E:A0","sha256":"68:29:56:08:39:D8:99:7B:20:CC:14:D3:4F:4D:D2:55:68:A6:27:DC:52:E9:7B:CF:CE:6B:D3:13:BC:97:65:C1"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://natix.svault.fun\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 14 Jun 2026 10:11:33 GMT\r\nexpires: Mon, 14 Jun 2027 10:11:33 GMT\r\ncache-control: public, max-age=31536000\r\nage: 282030\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":24836,"size_decoded":25649,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-06-18T01:39:15.938386Z","times_seen":27864,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":25,"dns":0,"connect":0,"send":0,"wait":38,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}