nahtinternationa.com Open in urlscan Pro
162.0.236.106  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request home.php Show response nahtinternationa.com/bnk/	45 KB 46 KB	703ms 222ms	Document text/html	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://nahtinternationa.com/bnk/home.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash 24e6c03bbcb3af189a919a742af7543139015468d8207e1ae6b7035c0d98ffce Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Fri, 16 Dec 2022 13:15:24 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache Transfer-Encoding chunked
GET H/1.1	200 OK	at.js Show response nahtinternationa.com/bnk/dis/jscripts/acquisitions/	76 KB 76 KB	157ms 157ms	Script application/javascript	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://nahtinternationa.com/bnk/dis/jscripts/acquisitions/at.js Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/home.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash a1ff0f42ff3eaea77ab9276cfe77b67312e86ccf00481deee6ba2b5f31a3e7c0 Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/bnk/home.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:25 GMT Last-Modified Thu, 14 Apr 2022 13:52:16 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 77585
GET H/1.1	200 OK	branch-sdk.css nahtinternationa.com/bnk/global/public/css/	48 B 287 B	393ms 154ms	Stylesheet text/css	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://nahtinternationa.com/bnk/global/public/css/branch-sdk.css Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/home.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash 03dc0a7b3fe3cebc62da299f79482efe4e0a3d8451e3750949eee8951e45b42a Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/bnk/home.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:25 GMT Last-Modified Thu, 14 Apr 2022 13:52:20 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 48
GET H/1.1	200 OK	common.mina41a.css nahtinternationa.com/bnk/global/public/css/	216 KB 216 KB	472ms 159ms	Stylesheet text/css	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://nahtinternationa.com/bnk/global/public/css/common.mina41a.css?ver=9737d8d66te Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/home.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash f9b2e8abbf67eadcceb515fa6eb406b026fd2626e774d08ad169fa082763bca8 Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/bnk/home.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:25 GMT Last-Modified Thu, 14 Apr 2022 13:52:20 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 220879
GET H/1.1	200 OK	homepage.min9418.css nahtinternationa.com/bnk/applications/homepage/css/	61 KB 61 KB	471ms 159ms	Stylesheet text/css	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8 Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/home.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash 802024f3561e95b85943a13fefb8307bf626ca1ea77b60c7779b722785217c3e Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/bnk/home.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:25 GMT Last-Modified Thu, 14 Apr 2022 13:52:23 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 62310
GET H/1.1	200 OK	branch-sdk.js Show response nahtinternationa.com/bnk/global/public/scripts/	1 KB 2 KB	475ms 155ms	Script application/javascript	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://nahtinternationa.com/bnk/global/public/scripts/branch-sdk.js Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/home.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash d361dbf8f7f2c71bac9543feab57c32170ac51f96351a2e6eaff87c58d2b2084 Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/bnk/home.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:25 GMT Last-Modified Thu, 14 Apr 2022 13:52:20 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1493
GET H2	200	d9cde14000.js Show response use.fontawesome.com/	9 KB 4 KB	275ms 254ms	Script text/javascript	2606:4700:e2::ac40:840f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/d9cde14000.js Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/home.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26da6167c53ea7bc4a4fe7253c49d9924a36fa95ceb6867ea0cb498829c5015d Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 16 Dec 2022 13:15:25 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 01 Jul 2021 15:33:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-amz-request-id MCEQKGWAX3G0TWPZ etag W/"bd0df2cac32ccf49d2fe9092929b1129" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BEai6u6%2FFfdNCccNYw6KLipz8Q5ZU6EjEhQo0w6FT70yNnJINks464DaFrhnBEEbIgiKmq5vssX4HBwiQbIIBXx4J1fub7pOhkIklV9OBpt%2F1CqJQhyjx9NNoUW%2BF82fmbf8vDXylE3TX5v0FduH9k7"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=1800 cf-ray 77a7b00a7c7590d7-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 KwPIstejfUt92RHS9l2t9gDd8eyr972/zbbyPYJg3BzsWl5vZA9SA5eYl1T5hMM5tKtJTeR9b5A=
GET H/1.1	200 OK	logo.png nahtinternationa.com/bnk/global/images/	7 KB 8 KB	159ms 157ms	Image image/png	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nahtinternationa.com/bnk/global/images/logo.png Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/home.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash 61d0b93bf82661c535aa496f4caa9b480c1add5f1dc992813e282e9e725d4966 Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/bnk/home.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:27 GMT Last-Modified Sat, 28 May 2022 06:13:34 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 7535
GET H/1.1	200 OK	icon-spyglass.png nahtinternationa.com/bnk/global/images/	443 B 685 B	158ms 157ms	Image image/png	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nahtinternationa.com/bnk/global/images/icon-spyglass.png Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/home.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash 2c368b494568114802e37bb3940d7f2763cb4a5e1424403460cb3710442d6125 Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/bnk/home.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:27 GMT Last-Modified Thu, 14 Apr 2022 13:52:20 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 443
GET H/1.1	200 OK	loader.gif nahtinternationa.com/bnk/applications/homepage/images/	3 KB 3 KB	155ms 155ms	Image image/gif	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nahtinternationa.com/bnk/applications/homepage/images/loader.gif Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/home.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash 2bb24032b1561352d08494faa7babab441e534f1734a70fbe35871f8ffe6efba Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/bnk/home.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:27 GMT Last-Modified Thu, 14 Apr 2022 13:52:23 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 2917
GET H/1.1	200 OK	signal_tms.js Show response nahtinternationa.com/bnk/global/public/scripts/	1 KB 1 KB	156ms 155ms	Script application/javascript	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://nahtinternationa.com/bnk/global/public/scripts/signal_tms.js Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/home.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash d3fabf8a2c10be476034ec3435b01a632b0b7c5169eb228fb134c38b5e53aaed Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/bnk/home.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:26 GMT Last-Modified Thu, 14 Apr 2022 13:52:20 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1064
GET H/1.1	200 OK	libs.minf47e.js Show response nahtinternationa.com/bnk/global/libs/scripts/	233 KB 233 KB	156ms 156ms	Script application/javascript	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://nahtinternationa.com/bnk/global/libs/scripts/libs.minf47e.js?ver=9737d8d4ef Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/home.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash e00c7025f0333ce2e8196e0210b218a8f47bd809344b9cd594816b3c36a9c819 Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/bnk/home.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:26 GMT Last-Modified Thu, 14 Apr 2022 13:52:20 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 238114
GET H/1.1	200 OK	clientlib-acqall.min.ACSHASH9f24b4ebd9a7a63a7d7ef206f30b1cf8.js Show response nahtinternationa.com/bnk/etc.clientlibs/dfs-credit-cards/clientlibs/	573 KB 573 KB	156ms 155ms	Script application/javascript	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://nahtinternationa.com/bnk/etc.clientlibs/dfs-credit-cards/clientlibs/clientlib-acqall.min.ACSHASH9f24b4ebd9a7a63a7d7ef206f30b1cf8.js Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/home.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash 62e0757e260aba020f9dd4348fe547672be177621831594a2b26069696ad597b Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/bnk/home.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:27 GMT Last-Modified Thu, 14 Apr 2022 13:52:20 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 586814
GET H/1.1	200 OK	clicktale.js Show response nahtinternationa.com/bnk/content/dam/dfs/credit-cards/static/js/clicktale/	558 B 812 B	158ms 157ms	Script application/javascript	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://nahtinternationa.com/bnk/content/dam/dfs/credit-cards/static/js/clicktale/clicktale.js Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/home.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash aa93d7347ca52db7160f90e641b79d1d4c4ce0273bb47801f93fe1a5af1d8ca5 Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/bnk/home.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:27 GMT Last-Modified Thu, 14 Apr 2022 13:52:21 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 558
GET H/1.1	200 OK	autodate.js Show response nahtinternationa.com/bnk/content/dam/dfs/credit-cards/static/js/	2 KB 2 KB	157ms 156ms	Script application/javascript	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://nahtinternationa.com/bnk/content/dam/dfs/credit-cards/static/js/autodate.js Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/home.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash dec8ab700d4f74758cf259b28921291a6f15d15f8445f0563a0236b716e78078 Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/bnk/home.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:27 GMT Last-Modified Thu, 14 Apr 2022 13:52:21 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1577
GET H2	200	json Show response discover.tt.omtrdc.net/m2/discover/mbox/	3 KB 2 KB	118ms 36ms	XHR application/json	3.248.2.215 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://discover.tt.omtrdc.net/m2/discover/mbox/json?mbox=target-global-mbox&mboxSession=ed013e030cbe421580079160f422ade0&mboxPC=&mboxPage=c43681c21c0445d9ae8975f1160d0376&mboxRid=f709f87dbd7242289de2cdd20d1eaea5&mboxVersion=1.6.4&mboxCount=1&mboxTime=1671196525579&mboxHost=nahtinternationa.com&mboxURL=https%3A%2F%2Fnahtinternationa.com%2Fbnk%2Fhome.php&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=0&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&envPresent=false&edskeypresent=N Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/dis/jscripts/acquisitions/at.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.2.215 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-2-215.eu-west-1.compute.amazonaws.com Software / Resource Hash d9b988eafa31eebc01bd5b6a94fcc5f2a2252bd1706daca3fda6f8aaff679198 Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 16 Dec 2022 13:15:25 GMT content-encoding gzip vary origin,access-control-request-method,access-control-request-headers,accept-encoding p3p CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" access-control-allow-origin https://nahtinternationa.com content-type application/json;charset=UTF-8 cache-control no-cache access-control-allow-credentials true timing-allow-origin * x-request-id f709f87dbd7242289de2cdd20d1eaea5
GET H2	200	branch-latest.min.js Show response cdn.branch.io/	72 KB 22 KB	40ms 9ms	Script text/javascript	13.225.78.84 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.branch.io/branch-latest.min.js Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/global/public/scripts/branch-sdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.84 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-84.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 83cad37f70113f7b8bbb98c2ef8ee949f9a611e402e55ee826aef65130f2ef77 Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-amz-version-id LzwY9oP1_KD6QZAz0SCDQRP53VCVCZV0 content-encoding gzip via 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront) date Fri, 16 Dec 2022 13:12:14 GMT last-modified Thu, 17 Nov 2022 20:07:47 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 194 etag "2a6320386437cc44ae1713f25f6ea30b" x-cache Hit from cloudfront content-type text/javascript cache-control max-age=300 content-length 22048 x-amz-cf-id P_6mMfmRv84XGQ4Z6xJXZMkE0eZaupeUDvXjFNhVH55VArkLz_tV2Q==
GET H2	200	d9cde14000.css use.fontawesome.com/	1 KB 799 B	226ms 225ms	Stylesheet text/css	2606:4700:e2::ac40:840f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/d9cde14000.css Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/d9cde14000.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 99027869a65ada3fa110d6e335eaae4357809f67bbebd47d71577717518f62f3 Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 16 Dec 2022 13:15:27 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 01 Jul 2021 15:33:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-amz-request-id P7YDA9XZMCNXTAPV etag W/"4b3fe213685c85cea810f975bb5178a5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGkXbHDjhxZTKNjP4fbYZ6Q42GM79bRxG%2FEm%2Bvviq8b0dM8OdE4%2FrcWNBZYhJ9y2Baxdo%2F4kkKPm2tiz1jBPW6SBmiApZsxO4Co1vDR170tTqgMzFLmvAmIvOqGHDbs3OQzJRdT4yC7xV6iRJCq8YTIR"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=1800 cf-ray 77a7b0159a9590d7-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 vo1+AKKZbcI6ZbfCxUREhZxCvkug+cMsgSZZZn+/vIBOM7TuWmOTuHJ+YRZYJdcMbT2DCQrs4DlGRH+6OAf2WA==
GET H/1.1	200 OK	utility-icons.png nahtinternationa.com/bnk/global/images/	54 KB 55 KB	305ms 157ms	Image image/png	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nahtinternationa.com/bnk/global/images/utility-icons.png Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/global/public/css/common.mina41a.css?ver=9737d8d66te Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash 69b5d627af1af7ac3c117dd914e2c868b818989d4ce9f92a53f7eebed54a4573 Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/bnk/global/public/css/common.mina41a.css?ver=9737d8d66te User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:27 GMT Last-Modified Thu, 14 Apr 2022 13:52:20 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 55800
GET H/1.1	200 OK	MetaWebPro-Bold.woff nahtinternationa.com/bnk/global/public/fonts/	59 KB 59 KB	309ms 156ms	Font font/woff	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://nahtinternationa.com/bnk/global/public/fonts/MetaWebPro-Bold.woff Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/global/public/css/common.mina41a.css?ver=9737d8d66te Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash 63173425827d1250c6266742809b1ee5a48d3e6738e2dd62168a95f2675a7d82 Request headers Referer https://nahtinternationa.com/bnk/global/public/css/common.mina41a.css?ver=9737d8d66te Origin https://nahtinternationa.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:27 GMT Last-Modified Thu, 14 Apr 2022 13:52:20 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 60420
GET H/1.1	200 OK	MetaWebPro-Normal.woff nahtinternationa.com/bnk/global/public/fonts/	60 KB 60 KB	311ms 159ms	Font font/woff	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://nahtinternationa.com/bnk/global/public/fonts/MetaWebPro-Normal.woff Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/global/public/css/common.mina41a.css?ver=9737d8d66te Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash 9f34946c2ed602b280a2f08a052802796e88c34552fc9838c5dd699783e4ae43 Request headers Referer https://nahtinternationa.com/bnk/global/public/css/common.mina41a.css?ver=9737d8d66te Origin https://nahtinternationa.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:27 GMT Last-Modified Thu, 14 Apr 2022 13:52:20 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 61069
GET H/1.1	200 OK	banner1.jpg nahtinternationa.com/bnk/applications/homepage/images/	166 KB 167 KB	609ms 155ms	Image image/jpeg	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nahtinternationa.com/bnk/applications/homepage/images/banner1.jpg Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash df31d6e27574d48c76a5be96eeda06c0451fc19ef2b68199a262d0ddab2f54a2 Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:27 GMT Last-Modified Thu, 14 Apr 2022 13:52:23 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 170422
GET H/1.1	200 OK	lock-icon.png nahtinternationa.com/bnk/applications/homepage/images/	1 KB 1 KB	925ms 156ms	Image image/png	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nahtinternationa.com/bnk/applications/homepage/images/lock-icon.png Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash 690559981647011e256215e1576be6f5fe5b323b84fcfc6af15be581c7c2ea28 Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:27 GMT Last-Modified Thu, 14 Apr 2022 13:52:23 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 1060
GET H/1.1	200 OK	BRD_19_618124_300X196_D.com_Release.jpg nahtinternationa.com/bnk/applications/homepage/images/	21 KB 21 KB	918ms 156ms	Image image/jpeg	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nahtinternationa.com/bnk/applications/homepage/images/BRD_19_618124_300X196_D.com_Release.jpg Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash c715fdb100e8275f862cbe78ca3627b8e887c31aaff020689297933fe522622d Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:27 GMT Last-Modified Thu, 14 Apr 2022 13:52:23 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 21312
GET H/1.1	200 OK	BRD-19-577812_DCOM_MILES_PLACEMENTS_300x196.jpg nahtinternationa.com/bnk/applications/homepage/images/	25 KB 25 KB	295ms 158ms	Image image/jpeg	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nahtinternationa.com/bnk/applications/homepage/images/BRD-19-577812_DCOM_MILES_PLACEMENTS_300x196.jpg Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash 5a25ec95e4554513ebb362791c60a3fce7490f2256f8082853a6edee583a4a8c Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:27 GMT Last-Modified Thu, 14 Apr 2022 13:52:23 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 25523
GET H/1.1	200 OK	debt_consolidation_img.jpg nahtinternationa.com/bnk/applications/homepage/images/	97 KB 97 KB	764ms 156ms	Image image/jpeg	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nahtinternationa.com/bnk/applications/homepage/images/debt_consolidation_img.jpg Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash eac919d928076d19aa3ccbcd76b1e4153f55db67b5218c4596fcb6678f59919b Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:27 GMT Last-Modified Thu, 14 Apr 2022 13:52:23 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 99486
GET H/1.1	200 OK	BRD_19_519766_460x196.jpg nahtinternationa.com/bnk/applications/homepage/images/	17 KB 18 KB	765ms 158ms	Image image/jpeg	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nahtinternationa.com/bnk/applications/homepage/images/BRD_19_519766_460x196.jpg Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash fdd9297aa77e4438b43bb72b30a289feb937d67cc87c11e0bf60a3dae5d0a9c1 Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:27 GMT Last-Modified Thu, 14 Apr 2022 13:52:23 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 17701
GET H/1.1	200 OK	Dcom_BoxF_CreditScorecardImageUpdate.jpg nahtinternationa.com/bnk/applications/homepage/images/	25 KB 25 KB	760ms 156ms	Image image/jpeg	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://nahtinternationa.com/bnk/applications/homepage/images/Dcom_BoxF_CreditScorecardImageUpdate.jpg Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash 9ee1dbc32dd78fbe6ba97ef7ada05fc3fe708bdac2ac719d7ca73b497ccd341c Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:27 GMT Last-Modified Thu, 14 Apr 2022 13:52:23 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 25544
GET H2	200	_r Show response app.link/	91 B 593 B	192ms 163ms	Script text/javascript	2600:9000:20eb:3e00:19:9934:6a80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.link/_r?sdk=web2.71.0&branch_key=key_live_gevPwVGxd97F95YmLl3jThcjvxgKTSvI&callback=branch_callback__0 Requested by Host: cdn.branch.io URL: https://cdn.branch.io/branch-latest.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:3e00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash 1f22d6f124f705ae8fae136b0080428b3ec29ef3154528cad4b619ea1680764a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 16 Dec 2022 13:15:27 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff via 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront) server openresty x-amz-cf-pop FRA2-C1 etag W/"5b-+BGuurkYL0FxKr5eQcwEf5H3qnQ" x-cache Miss from cloudfront content-type text/javascript; charset=utf-8 content-length 91 x-amz-cf-id 2HpsgRhd7lkkxMsHgl_mId-dRXfO3yLXZL0AXJSFYmO11zlyoUpA9w==
GET H3	200	font-awesome-css.min.css use.fontawesome.com/releases/v4.7.0/css/	30 KB 7 KB	24ms 23ms	Stylesheet text/css	2606:4700:e2::ac40:840f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/d9cde14000.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350 Request headers accept-language de-DE,de;q=0.9 Referer https://use.fontawesome.com/d9cde14000.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 16 Dec 2022 13:15:27 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 6GFEKMY757AZVMJR age 28102250 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 a1rJqww5kk6lKRIdMoYuvo+3HD7E3szcwTrKVVU4ncyVGl1400tEbljwaRkXSznguGC14aUQGXY= last-modified Wed, 30 Jun 2021 15:26:48 GMT server cloudflare etag W/"36082410df2ef7f83932219089dc1443" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0YLgKtJHFGAHm6PLfcbKWVKGp%2B0adEiZI7b%2BnDKx4a4SvfnlTpjDqHEo1pn5WEbRKTv04p1bGbWpf8T59LySn1Izt5DIBeWcK47LJHFRrGtsP0b79U5v%2F0nmzrf7O1C3iEhoQKTHa4f5sa9yIVdiAqV"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31556926 cf-ray 77a7b0170e7b9b8c-FRA
POST H2	200	open Show response api2.branch.io/v1/	317 B 677 B	207ms 168ms	XHR application/json	2600:9000:21f3:a800:11:f728:3040:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api2.branch.io/v1/open Requested by Host: cdn.branch.io URL: https://cdn.branch.io/branch-latest.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 4ccbaa3b414f5433bf8e9aef127e483f77dfe247affa7ac3da6fcd85e3c35b1b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://nahtinternationa.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 16 Dec 2022 13:15:27 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * cache-control no-cache x-branch-request-id e197844a2d7f419da83cca8cd05680ab-2022121613 content-length 317 x-amz-cf-id aRciUyqCJhY9xfBIn09FF3QT37s40eSYYqfz9kNGafXgUGAyp1pG6A==
GET H3	200	fontawesome-webfont.woff2 use.fontawesome.com/releases/v4.7.0/fonts/	75 KB 76 KB	43ms 30ms	Font application/font-woff2	2606:4700:e2::ac40:840f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2 Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/d9cde14000.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Referer https://use.fontawesome.com/d9cde14000.css Origin https://nahtinternationa.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 16 Dec 2022 13:15:27 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id B8QYH99TP2RM92SP age 49286 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 77160 x-amz-id-2 rKrn+d2JmODPxUcKeDgu/1WlFNi+o5sNEgTfjqFOyc4TMIDQTqIGt1dsUvF3DnlerlWrwZGjazzWPiHNvjhgqA== last-modified Wed, 30 Jun 2021 15:26:48 GMT server cloudflare etag "af7ae505a9eed503f8b8e6982036873e" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amj1VRz2QaJlrgDTP06woJazZWMeh9kuaWsWIWmvegT1SuyN5GigRWun3VP7UQ%2FWhRBmvWZw8fd6tnHqpSCZHdpNsS%2B4TxTMvtx8Ss0bKnLn43CY6LpTkjdiiWArCCtcDm%2FZWqP6uGEYAgl6HIr%2FCwin"}],"group":"cf-nel","max_age":604800} vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cache-control max-age=31556926 accept-ranges bytes cf-ray 77a7b0174ff19bf2-FRA
POST H2	200	pageview Show response api2.branch.io/v1/	28 B 434 B	168ms 168ms	XHR application/json	2600:9000:21f3:a800:11:f728:3040:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api2.branch.io/v1/pageview Requested by Host: cdn.branch.io URL: https://cdn.branch.io/branch-latest.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Express Resource Hash a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://nahtinternationa.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 16 Dec 2022 13:15:27 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-powered-by Express etag W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY" x-cache Miss from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin * x-branch-request-id 524b53c9fd10466cb8187a2953b60a18-2022121613 content-length 28 x-amz-cf-id 6uQwJKDUOiBmB7KN9UCmBtD4x4dND8Tv6Q3ifZEA-X28vsqECOiBNg==
GET H2	200	json Show response fls.doubleclick.net/	40 B 702 B	85ms 45ms	Script text/javascript	142.250.186.38 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fls.doubleclick.net/json?spot=3471476&src=1531196&var=s_2_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_2_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=5850016612076 Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/etc.clientlibs/dfs-credit-cards/clientlibs/clientlib-acqall.min.ACSHASH9f24b4ebd9a7a63a7d7ef206f30b1cf8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f6.1e100.net Software cafe / Resource Hash be51a84d05ff7961539831b88a797327d56b4753a4c721f78ed1d7fea00ca1dd Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 16 Dec 2022 13:15:29 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44 x-xss-protection 0 pragma no-cache server cafe x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control no-cache, must-revalidate timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	home.php Show response nahtinternationa.com/bnk/	45 KB 46 KB	226ms 225ms	XHR text/html	162.0.236.106 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://nahtinternationa.com/bnk/home.php?_=1671196527907 Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/global/libs/scripts/libs.minf47e.js?ver=9737d8d4ef Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.236.106 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS barnethost.website Software Apache / Resource Hash 24e6c03bbcb3af189a919a742af7543139015468d8207e1ae6b7035c0d98ffce Request headers Accept */* Referer https://nahtinternationa.com/bnk/home.php X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Pragma no-cache Date Fri, 16 Dec 2022 13:15:29 GMT Server Apache Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection Keep-Alive Keep-Alive timeout=5, max=98 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	fd145cf2-4109-439c-97f8-e0bc3c3e290d.js Show response cdnssl.clicktale.net/www15/ptc/	411 KB 77 KB	76ms 14ms	Script application/javascript	2600:9000:21f3:ba00:c:7c62:1240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdnssl.clicktale.net/www15/ptc/fd145cf2-4109-439c-97f8-e0bc3c3e290d.js Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/content/dam/dfs/credit-cards/static/js/clicktale/clicktale.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:ba00:c:7c62:1240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 29edb18fa2e422006e68fc2acd4b458137111b53aafb295b46a397ff5ff1ea1c Request headers Referer https://nahtinternationa.com/ Origin https://nahtinternationa.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 14 Dec 2022 14:18:11 GMT content-encoding br via 1.1 df26103dc140569d7032449c70c3b140.cloudfront.net (CloudFront) x-amz-version-id tvDFD9j4CvLAQtMAnVxOMt.tsTWfGbOO x-amz-cf-pop FRA2-C2 age 0 x-cache Hit from cloudfront content-length 78196 last-modified Wed, 14 Dec 2022 14:14:36 GMT server AmazonS3 etag "17ad3984daa103d5ac085d60a0b8e957" content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control max-age=900 accept-ranges bytes x-amz-cf-id 8835a4474wtOyzceGk6gdYRYKd24g_Sa4ts44MXhtyE8Vo1bx5XKjQ==
GET H/1.1	200 OK	tag.js Show response s.btstatic.com/	34 KB 13 KB	54ms 7ms	Script application/javascript	23.44.76.134 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s.btstatic.com/tag.js Requested by Host: nahtinternationa.com URL: https://nahtinternationa.com/bnk/global/public/scripts/signal_tms.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.44.76.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-44-76-134.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 5c2b76989e49a2bd8c651a35634fd43081b13bde1a6385fb8e36dccc1d0d42d8 Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 16 Dec 2022 13:15:30 GMT Content-Encoding gzip Last-Modified Thu, 10 Nov 2022 17:06:12 GMT Server nginx Vary Accept-Encoding P3P CP=NOI DSP COR NID Content-Type application/javascript Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes Content-Length 12525
GET H2	200	tag Show response s.thebrighttag.com/	0 268 B	322ms 107ms	Script text/javascript	3.21.151.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.thebrighttag.com/tag?site=p9zWtoq&H=-5fwncwk Requested by Host: s.btstatic.com URL: https://s.btstatic.com/tag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.21.151.19 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-21-151-19.us-east-2.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://nahtinternationa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 16 Dec 2022 13:15:30 GMT x-bt-requestid b6e5fcc0-7d43-11ed-b96b-0000ac1703bf server nginx etag d41d8cd98f00b204e9800998ecf8427e content-type text/javascript access-control-allow-origin https://nahtinternationa.com p3p CP=NOI DSP COR NID cache-control private, must-revalidate content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Discover (Financial)

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| targetPageParams object| adobe object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| ttMETA object| dfsCspTnTUtils function| getCookieValue object| branch number| dcuser_start object| FontAwesomeCdnConfig string| cssUrl function| $ function| jQuery object| jQuery1111021919844681813916 string| SEP string| PAIR string| DEV number| ver function| goto function| flashfix function| activeXDetect function| extractVersions function| stripIllegalChars function| stripFullPath function| fingerprint_browser function| fingerprint_display function| fingerprint_software function| fingerprint_timezone function| fingerprint_language function| fingerprint_java function| fingerprint_cookie function| form_add_data function| form_add_fingerprint function| asyncpost_fingerprints function| post_fingerprints function| post_fingerprints_v2 function| post_fingerprintsnoencode function| post_fingerprintsnoencode_v2 function| URLencode function| add_deviceprint function| Hashtable function| fileBB function| generateVal function| isLP object| consts string| ua number| msie object| doc undefined| globalModalMarginTopdesktop number| globalModalMarginTopmobile undefined| ieVersion boolean| nonSecure undefined| initialSecNavTop number| secNavLastScrollTop function| getWin function| winHeight object| discover_rwd function| clearScVars function| detectView object| scLoginOverlay undefined| scErrorsArray object| customInputs object| modal object| tooltip object| cookieData object| siteObj function| createCookie function| readCookie function| eraseCookie boolean| changedDropdown object| loginBox object| secNav object| dropDown undefined| didScroll number| lastScrollTop number| previousScrollTop number| delta number| navbarHeight object| $doc object| utils object| appFunctions object| s function| s_getmcmid function| s_getmcaid function| s_doPlugins function| omn_getSearchType object| dfaConfig function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| populateSiteCatalyst object| siteCatalystMap string| currentURL object| fcCall object| fcIdleModal number| hideContent function| vrsn_splash string| v_ua object| re boolean| v_old_ie object| footerNorton object| footerlink undefined| plat object| msBeautify function| stripQueryStringAndHashFromPath function| cardmember_login object| discover undefined| itpNewEnrollmentsPublic function| responsiveImages undefined| heightArr undefined| pos undefined| acmt undefined| j undefined| $window undefined| $stickyEl undefined| elTop undefined| dwallet undefined| goodGrades function| getToogleButton number| myUrl function| myUrlbrk boolean| checkCalendarFlag object| mcd undefined| cardDictionary function| clearCardChoice function| getQueryVariable function| APRTooltip function| setCoordinates function| addScrollEvents function| offsetAnchor function| c_r function| c_rspers function| c_w function| maction function| mouseDown function| resized boolean| opera boolean| ie boolean| iemac number| moz string| os object| utility object| sitecatalyst function| init function| setEvents function| calculatePosition function| positionModalEvents number| yearVal string| s_account object| s_c_il number| s_c_in object| s_Integrate_DFA string| v number| s_objectID number| s_giq object| tlsFunctions string| seal_gif_url string| dn string| sap string| splash_url string| tpt string| language string| u1 object| dfs object| $self boolean| clickTaleTagInjected function| ashserverdate object| s_2_Integrate_DFA_get_0 object| CS_CONF object| CS_INTEGRATIONS_CONF object| _uxa object| CSPureWindow function| csDate object| csJSON function| csArray function| csString function| csURL function| csMutationObserver object| csScreen function| csNodechildNodes function| csNodeparentNode function| csNodenextSibling function| csNodefirstChild function| csElementshadowRoot function| csHTMLImageElementsrc function| csEventtarget object| CSPathComputation object| UXAnalytics function| bt_eval function| bt_parameter function| bt_meta function| bt_cookie function| bt_data function| bt_log function| bt_handle_exception undefined| _bt_url_prefix undefined| _bt_referrer undefined| _bt_site undefined| _bt_mode function| btServe function| bt_data_escaped object| BrightTag

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			nahtinternationa.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ug7jl9um30ughueuprr9lqlo37
			.nahtinternationa.com/	1969-12-31 23:59:59	Name: check Value: true
			.discover.tt.omtrdc.net/	1970-01-20 08:13:18	Name: discover!mboxSession Value: ed013e030cbe421580079160f422ade0
			.discover.tt.omtrdc.net/	1970-01-20 17:49:16	Name: discover!mboxPC Value: ed013e030cbe421580079160f422ade0.37_0
			.nahtinternationa.com/	1970-01-20 17:49:16	Name: mbox Value: session#ed013e030cbe421580079160f422ade0#1671198386|PC#ed013e030cbe421580079160f422ade0.37_0#1734441326
			.nahtinternationa.com/	1970-01-20 08:13:18	Name: mboxEdgeCluster Value: 37
			.app.link/	1970-01-20 16:58:52	Name: _s Value: b83874a%2FyH5Gf6ph6ZiMfieLbRw8SKNpuL3Xq3qgY5UInkbO%2BV7tbC57E9BYl1ua
			.nahtinternationa.com/	1970-01-20 08:13:18	Name: s_pers Value: %20s_dfa%3Ddiscoverglobalprod%252Cdiscovercardservicingprod%7C1671198329813%3B
			.doubleclick.net/	1970-01-20 08:13:17	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
cdn.branch.io
cdnssl.clicktale.net
discover.tt.omtrdc.net
fls.doubleclick.net
nahtinternationa.com
s.btstatic.com
s.thebrighttag.com
use.fontawesome.com
13.225.78.84
142.250.186.38
162.0.236.106
23.44.76.134
2600:9000:20eb:3e00:19:9934:6a80:93a1
2600:9000:21f3:a800:11:f728:3040:93a1
2600:9000:21f3:ba00:c:7c62:1240:93a1
2606:4700:e2::ac40:840f
3.21.151.19
3.248.2.215
03dc0a7b3fe3cebc62da299f79482efe4e0a3d8451e3750949eee8951e45b42a
1f22d6f124f705ae8fae136b0080428b3ec29ef3154528cad4b619ea1680764a
24e6c03bbcb3af189a919a742af7543139015468d8207e1ae6b7035c0d98ffce
26da6167c53ea7bc4a4fe7253c49d9924a36fa95ceb6867ea0cb498829c5015d
29edb18fa2e422006e68fc2acd4b458137111b53aafb295b46a397ff5ff1ea1c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bb24032b1561352d08494faa7babab441e534f1734a70fbe35871f8ffe6efba
2c368b494568114802e37bb3940d7f2763cb4a5e1424403460cb3710442d6125
4ccbaa3b414f5433bf8e9aef127e483f77dfe247affa7ac3da6fcd85e3c35b1b
5a25ec95e4554513ebb362791c60a3fce7490f2256f8082853a6edee583a4a8c
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5c2b76989e49a2bd8c651a35634fd43081b13bde1a6385fb8e36dccc1d0d42d8
61d0b93bf82661c535aa496f4caa9b480c1add5f1dc992813e282e9e725d4966
62e0757e260aba020f9dd4348fe547672be177621831594a2b26069696ad597b
63173425827d1250c6266742809b1ee5a48d3e6738e2dd62168a95f2675a7d82
690559981647011e256215e1576be6f5fe5b323b84fcfc6af15be581c7c2ea28
69b5d627af1af7ac3c117dd914e2c868b818989d4ce9f92a53f7eebed54a4573
802024f3561e95b85943a13fefb8307bf626ca1ea77b60c7779b722785217c3e
83cad37f70113f7b8bbb98c2ef8ee949f9a611e402e55ee826aef65130f2ef77
99027869a65ada3fa110d6e335eaae4357809f67bbebd47d71577717518f62f3
9ee1dbc32dd78fbe6ba97ef7ada05fc3fe708bdac2ac719d7ca73b497ccd341c
9f34946c2ed602b280a2f08a052802796e88c34552fc9838c5dd699783e4ae43
a1ff0f42ff3eaea77ab9276cfe77b67312e86ccf00481deee6ba2b5f31a3e7c0
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
aa93d7347ca52db7160f90e641b79d1d4c4ce0273bb47801f93fe1a5af1d8ca5
be51a84d05ff7961539831b88a797327d56b4753a4c721f78ed1d7fea00ca1dd
c715fdb100e8275f862cbe78ca3627b8e887c31aaff020689297933fe522622d
d361dbf8f7f2c71bac9543feab57c32170ac51f96351a2e6eaff87c58d2b2084
d3fabf8a2c10be476034ec3435b01a632b0b7c5169eb228fb134c38b5e53aaed
d9b988eafa31eebc01bd5b6a94fcc5f2a2252bd1706daca3fda6f8aaff679198
dec8ab700d4f74758cf259b28921291a6f15d15f8445f0563a0236b716e78078
df31d6e27574d48c76a5be96eeda06c0451fc19ef2b68199a262d0ddab2f54a2
e00c7025f0333ce2e8196e0210b218a8f47bd809344b9cd594816b3c36a9c819
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eac919d928076d19aa3ccbcd76b1e4153f55db67b5218c4596fcb6678f59919b
f9b2e8abbf67eadcceb515fa6eb406b026fd2626e774d08ad169fa082763bca8
fdd9297aa77e4438b43bb72b30a289feb937d67cc87c11e0bf60a3dae5d0a9c1