www.nexamoney.org Open in urlscan Pro
79.98.26.22 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nexamoney.org/
Submission: On February 11 via automatic, source certstream-suspicious (February 11th 2024, 2:11:53 pm UTC) — Scanned from DE

Summary HTTP 20 Redirects Links 8 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main IP is 79.98.26.22, located in Lithuania and belongs to INTERNETO-VIZIJA, LT. The main domain is www.nexamoney.org.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 11th 2024. Valid for: a year.

This is the only time www.nexamoney.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
15	79.98.26.22 79.98.26.22		212531 (INTERNETO...) (INTERNETO-VIZIJA)
2	2a00:1450:400... 2a00:1450:4001:830::200a		15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003		15169 (GOOGLE) (GOOGLE)
20	3

15 79.98.26.22 (Lithuania)

ASN212531 (INTERNETO-VIZIJA, LT)
PTR: tarpanas.serveriai.lt

www.nexamoney.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	nexamoney.org www.nexamoney.org	323 KB
3	gstatic.com fonts.gstatic.com	51 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
20	3

	Domain	Requested by
15	www.nexamoney.org	www.nexamoney.org
3	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	www.nexamoney.org
20	3

This site contains links to these domains. Also see Links.

Domain
nexamoney.org
www.reddit.com
spec.nexa.org
twitter.com
nexa.org
explorer.nexa.org
gitlab.com

Subject Issuer	Validity	Valid
nexamoney.org Sectigo RSA Domain Validation Secure Server CA	`2024-02-11` - `2025-02-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.nexamoney.org/
Frame ID: 534E51A46C3B6588AB0B6DDE01F011F0
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Index page - Nexa

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

HeadJS (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

head\.(?:core|load)(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

375 kB
Transfer

707 kB
Size

3
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://nexamoney.org/

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/Nexa/
Title: Join our Reddit Community

Search URL Search Domain Scan URL

URL: https://spec.nexa.org/
Title: Read more

Search URL Search Domain Scan URL

URL: https://twitter.com/NexaMoney
Title: Join us on X @NexaMoney

Search URL Search Domain Scan URL

URL: https://nexa.org/
Title: Website

Search URL Search Domain Scan URL

URL: https://explorer.nexa.org/
Title: Explorer

Search URL Search Domain Scan URL

URL: https://nexa.org/node
Title: Full node

Search URL Search Domain Scan URL

URL: https://gitlab.com/nexa

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.nexamoney.org/ 19 KB
6 KB 334ms
156ms Document
text/html 79.98.26.22
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexamoney.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.98.26.22 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tarpanas.serveriai.lt
Software: Apache /
Resource Hash: 615e06a198d1fd5509e0e0b44148bbdef74e24e9679d0af9b5fbfa57a9c7ce38

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache="set-cookie"
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 11 Feb 2024 14:11:48 GMT
expires: Sun, 11 Feb 2024 14:11:48 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 142ms
49ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: www.nexamoney.org
URL: https://www.nexamoney.org/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

59281e56c234b99f06646fb232513834dcad32d928f0b969f2fb0ae3791c1b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nexamoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Feb 2024 14:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 11 Feb 2024 12:50:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Feb 2024 14:11:48 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
541 B 145ms
52ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Asap+Condensed:600

Requested by

Host: www.nexamoney.org
URL: https://www.nexamoney.org/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

776cfac3f45c1d59ec320c7c66670df0ca328570b14ad8cc869a9730fcb1a035

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nexamoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Feb 2024 14:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 11 Feb 2024 14:11:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Feb 2024 14:11:48 GMT

GET
H2 200 stylesheet.css
www.nexamoney.org/styles/FLATBOOTS/theme/ 222 KB
45 KB 224ms
219ms Stylesheet
text/css 79.98.26.22
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexamoney.org/styles/FLATBOOTS/theme/stylesheet.css
Requested by: Host: www.nexamoney.org
URL: https://www.nexamoney.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.98.26.22 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tarpanas.serveriai.lt
Software: Apache /
Resource Hash: bd742b2e48a223c6ee94c0da25b77c7527529693a90b87cd2963fe41e523c5a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nexamoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 14:11:48 GMT
content-encoding: gzip
last-modified: Sun, 11 Feb 2024 13:08:52 GMT
server: Apache
etag: "37716-6111adcd48100-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 45554
expires: Sun, 18 Feb 2024 14:11:48 GMT

GET
H2 200 custom.css
www.nexamoney.org/styles/FLATBOOTS/theme/ 4 KB
1 KB 223ms
218ms Stylesheet
text/css 79.98.26.22
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexamoney.org/styles/FLATBOOTS/theme/custom.css
Requested by: Host: www.nexamoney.org
URL: https://www.nexamoney.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.98.26.22 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tarpanas.serveriai.lt
Software: Apache /
Resource Hash: 9db6fb2cc7747ad67269d0d95c461dbcbd8e44853cef26384f2ec5eea16c37b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nexamoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 14:11:48 GMT
content-encoding: gzip
last-modified: Sun, 11 Feb 2024 13:08:06 GMT
server: Apache
etag: "fb7-6111ada1f9701-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1136
expires: Sun, 18 Feb 2024 14:11:48 GMT

GET
H2 200 head.load.min.js Show response
www.nexamoney.org/styles/FLATBOOTS/theme/vendors/ 4 KB
2 KB 163ms
159ms Script
application/javascript 79.98.26.22
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexamoney.org/styles/FLATBOOTS/theme/vendors/head.load.min.js
Requested by: Host: www.nexamoney.org
URL: https://www.nexamoney.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.98.26.22 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tarpanas.serveriai.lt
Software: Apache /
Resource Hash: 7a5a375885058eb6421488ad3c020132a7c68eb0afdfa1d19cc2cda4707c31ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nexamoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 14:11:48 GMT
content-encoding: gzip
last-modified: Sat, 10 Feb 2024 10:43:30 GMT
server: Apache
etag: "11cd-61104b71df880-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1897

GET
H2 200 logo.png
www.nexamoney.org/styles/FLATBOOTS/theme/images/ 39 KB
39 KB 89ms
85ms Image
image/png 79.98.26.22
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nexamoney.org/styles/FLATBOOTS/theme/images/logo.png
Requested by: Host: www.nexamoney.org
URL: https://www.nexamoney.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.98.26.22 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tarpanas.serveriai.lt
Software: Apache /
Resource Hash: 7b08c50f40469addc07bab6cf638393bf9b0397f481f80d5b447a2a7949c15fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nexamoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 14:11:48 GMT
last-modified: Sun, 11 Feb 2024 10:19:44 GMT
server: Apache
etag: "9bf1-611187ff65000"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 39921
expires: Sun, 18 Feb 2024 14:11:48 GMT

GET
H2 200 f.png
www.nexamoney.org// 11 KB
11 KB 218ms
216ms Image
image/png 79.98.26.22
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nexamoney.org//f.png
Requested by: Host: www.nexamoney.org
URL: https://www.nexamoney.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.98.26.22 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tarpanas.serveriai.lt
Software: Apache /
Resource Hash: 09f7e6164228261d093710397f71ab090cce9764bfa4c1e5b5ad0e65f774a48c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nexamoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 14:11:48 GMT
last-modified: Sun, 11 Feb 2024 13:20:07 GMT
server: Apache
etag: "2b9c-6111b05102fc0"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 11164
expires: Sun, 18 Feb 2024 14:11:48 GMT

GET
H2 200 file.php
www.nexamoney.org/download/ 57 KB
58 KB 129ms
128ms Image
image/png 79.98.26.22
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nexamoney.org/download/file.php?avatar=58_1707659814.png
Requested by: Host: www.nexamoney.org
URL: https://www.nexamoney.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.98.26.22 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tarpanas.serveriai.lt
Software: Apache /
Resource Hash: 1f2d89c3cdde4a5c005e939f244c53ed9bdf503497096bc226fa03b0b588c44b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nexamoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 14:11:48 GMT
last-modified: Sun, 11 Feb 2024 13:56:54 GMT
server: Apache
content-type: image/png
cache-control: public
content-disposition: inline; filename*=UTF-8''58.png
content-length: 58807
expires: Mon, 10 Feb 2025 14:11:48 GMT

GET
H2 200 cron.task.text_reparser.pm_text
www.nexamoney.org/app.php/cron/ 43 B
94 B 133ms
132ms Image
image/gif 79.98.26.22
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nexamoney.org/app.php/cron/cron.task.text_reparser.pm_text?sid=b7eece7816b16efc8ca22a3418a1545c
Requested by: Host: www.nexamoney.org
URL: https://www.nexamoney.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.98.26.22 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tarpanas.serveriai.lt
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nexamoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 18 Feb 2024 14:11:48 GMT
date: Sun, 11 Feb 2024 14:11:48 GMT
cache-control: no-cache, private, max-age=604800
server: Apache
content-length: 43
content-type: image/gif

GET
H2 200 fltl.js Show response
www.nexamoney.org/ext/sitesplat/fltl/styles/FLATBOOTS/template/js/ 562 B
439 B 90ms
89ms Script
application/javascript 79.98.26.22
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexamoney.org/ext/sitesplat/fltl/styles/FLATBOOTS/template/js/fltl.js?assets_version=35
Requested by: Host: www.nexamoney.org
URL: https://www.nexamoney.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.98.26.22 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tarpanas.serveriai.lt
Software: Apache /
Resource Hash: 4e957a3e87a94e8adabc7d40c025a0d4ebc44163ab7fc0ea22f56747e3d15c2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nexamoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 14:11:48 GMT
content-encoding: gzip
last-modified: Thu, 17 Jun 2021 10:59:48 GMT
server: Apache
etag: "232-5c4f41b061100-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 363

GET
H2 200 jquery-1.12.4.min.js Show response
www.nexamoney.org/styles/FLATBOOTS/theme/vendors/ 95 KB
33 KB 84ms
83ms Script
application/javascript 79.98.26.22
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexamoney.org/styles/FLATBOOTS/theme/vendors/jquery-1.12.4.min.js
Requested by: Host: www.nexamoney.org
URL: https://www.nexamoney.org/styles/FLATBOOTS/theme/vendors/head.load.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.98.26.22 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tarpanas.serveriai.lt
Software: Apache /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nexamoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 14:11:48 GMT
content-encoding: gzip
last-modified: Sat, 10 Feb 2024 10:43:30 GMT
server: Apache
etag: "17b8b-61104b71df880-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 33760

GET
H2 200 bootstrap.min.js Show response
www.nexamoney.org/styles/FLATBOOTS/theme/vendors/bootstrap/336/js/ 36 KB
10 KB 83ms
82ms Script
application/javascript 79.98.26.22
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexamoney.org/styles/FLATBOOTS/theme/vendors/bootstrap/336/js/bootstrap.min.js
Requested by: Host: www.nexamoney.org
URL: https://www.nexamoney.org/styles/FLATBOOTS/theme/vendors/head.load.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.98.26.22 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tarpanas.serveriai.lt
Software: Apache /
Resource Hash: 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nexamoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 14:11:48 GMT
content-encoding: gzip
last-modified: Sat, 10 Feb 2024 10:43:30 GMT
server: Apache
etag: "9004-61104b71df880-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 9765

GET
H2 200 forum_fn.min.js Show response
www.nexamoney.org/styles/FLATBOOTS/theme/vendors/ 69 KB
21 KB 81ms
81ms Script
application/javascript 79.98.26.22
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexamoney.org/styles/FLATBOOTS/theme/vendors/forum_fn.min.js
Requested by: Host: www.nexamoney.org
URL: https://www.nexamoney.org/styles/FLATBOOTS/theme/vendors/head.load.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.98.26.22 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tarpanas.serveriai.lt
Software: Apache /
Resource Hash: b89ee8c958f95a2e85d9ff761489459cf4d2aef2588fe6f96612850ed90e98f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nexamoney.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 14:11:48 GMT
content-encoding: gzip
last-modified: Sat, 10 Feb 2024 10:43:28 GMT
server: Apache
etag: "11314-61104b6ff7400-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 21675

GET
H2 200 tile-bg-head.png
www.nexamoney.org/styles/FLATBOOTS/theme/images/ 19 KB
19 KB 77ms
77ms Image
image/png 79.98.26.22
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nexamoney.org/styles/FLATBOOTS/theme/images/tile-bg-head.png
Requested by: Host: www.nexamoney.org
URL: https://www.nexamoney.org/styles/FLATBOOTS/theme/stylesheet.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.98.26.22 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tarpanas.serveriai.lt
Software: Apache /
Resource Hash: a07c0c40f08fa5b07a31d7bcbd3950dcc9d704c139788845a71faf1ea9ea908e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nexamoney.org/styles/FLATBOOTS/theme/stylesheet.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 14:11:48 GMT
last-modified: Sat, 10 Feb 2024 10:43:28 GMT
server: Apache
etag: "4a85-61104b6ff7400"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 19077
expires: Sun, 18 Feb 2024 14:11:48 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 176ms
88ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nexamoney.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 23:58:36 GMT
x-content-type-options: nosniff
age: 310392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2025 23:58:36 GMT

GET
H2 200 fontawesome-webfont.woff2
www.nexamoney.org/styles/FLATBOOTS/theme/font/font-awesome/fonts/ 75 KB
76 KB 92ms
91ms Font
application/octet-stream 79.98.26.22
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexamoney.org/styles/FLATBOOTS/theme/font/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.nexamoney.org
URL: https://www.nexamoney.org/styles/FLATBOOTS/theme/stylesheet.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.98.26.22 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tarpanas.serveriai.lt
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.nexamoney.org/styles/FLATBOOTS/theme/stylesheet.css
Origin: https://www.nexamoney.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 14:11:48 GMT
last-modified: Sat, 10 Feb 2024 10:43:28 GMT
server: Apache
accept-ranges: bytes
etag: "12d68-61104b6ff7400"
content-length: 77160

GET
H2 200 pxieypY1o9NHyXh3WvSbGSggdO9TTFlDims.woff2
fonts.gstatic.com/s/asapcondensed/v17/ 21 KB
21 KB 138ms
51ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/asapcondensed/v17/pxieypY1o9NHyXh3WvSbGSggdO9TTFlDims.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Asap+Condensed:600

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1888a321f988409b6f4bc54b3149a6648e9b954954fd34cb7e2aca299050c2d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nexamoney.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 04:46:18 GMT
x-content-type-options: nosniff
age: 465930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21244
x-xss-protection: 0
last-modified: Tue, 02 May 2023 17:01:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 04:46:18 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 128ms
41ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nexamoney.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 04:01:41 GMT
x-content-type-options: nosniff
age: 123007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Feb 2025 04:01:41 GMT

GET
H2 200 aero.png
www.nexamoney.org/styles/FLATBOOTS/theme/images/ 881 B
977 B 82ms
82ms Image
image/png 79.98.26.22
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nexamoney.org/styles/FLATBOOTS/theme/images/aero.png
Requested by: Host: www.nexamoney.org
URL: https://www.nexamoney.org/styles/FLATBOOTS/theme/stylesheet.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.98.26.22 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tarpanas.serveriai.lt
Software: Apache /
Resource Hash: 8dc3c6851ce81bc66853a8c95ac56f190a6447c54d887ac2d9a4387617ea1f0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nexamoney.org/styles/FLATBOOTS/theme/stylesheet.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 14:11:49 GMT
last-modified: Sat, 10 Feb 2024 10:43:28 GMT
server: Apache
etag: "371-61104b6ff7400"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 881
expires: Sun, 18 Feb 2024 14:11:49 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| head number| start function| $ function| jQuery object| jQuery112403103305882828882 object| phpbb function| find_username function| popup function| keyPage function| pageJump function| marklist function| selectCode function| phpbbCheckKey function| insertUser function| insert_marked_users function| insert_single_user boolean| inAutocomplete string| lastKeyEntered object| footable

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nexamoney.org/	1970-01-21 03:06:36	Name: phpbb3_8gh1o_u Value: 1
			.nexamoney.org/	1970-01-21 03:06:36	Name: phpbb3_8gh1o_k Value:
			.nexamoney.org/	1970-01-21 03:06:36	Name: phpbb3_8gh1o_sid Value: b7eece7816b16efc8ca22a3418a1545c

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
www.nexamoney.org
2a00:1450:4001:809::2003
2a00:1450:4001:830::200a
79.98.26.22
09f7e6164228261d093710397f71ab090cce9764bfa4c1e5b5ad0e65f774a48c
1888a321f988409b6f4bc54b3149a6648e9b954954fd34cb7e2aca299050c2d5
1f2d89c3cdde4a5c005e939f244c53ed9bdf503497096bc226fa03b0b588c44b
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
4e957a3e87a94e8adabc7d40c025a0d4ebc44163ab7fc0ea22f56747e3d15c2d
59281e56c234b99f06646fb232513834dcad32d928f0b969f2fb0ae3791c1b0d
615e06a198d1fd5509e0e0b44148bbdef74e24e9679d0af9b5fbfa57a9c7ce38
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
776cfac3f45c1d59ec320c7c66670df0ca328570b14ad8cc869a9730fcb1a035
7a5a375885058eb6421488ad3c020132a7c68eb0afdfa1d19cc2cda4707c31ac
7b08c50f40469addc07bab6cf638393bf9b0397f481f80d5b447a2a7949c15fa
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
8dc3c6851ce81bc66853a8c95ac56f190a6447c54d887ac2d9a4387617ea1f0b
9db6fb2cc7747ad67269d0d95c461dbcbd8e44853cef26384f2ec5eea16c37b4
a07c0c40f08fa5b07a31d7bcbd3950dcc9d704c139788845a71faf1ea9ea908e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b89ee8c958f95a2e85d9ff761489459cf4d2aef2588fe6f96612850ed90e98f5
bd742b2e48a223c6ee94c0da25b77c7527529693a90b87cd2963fe41e523c5a0
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9