naturellanews.live - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 2606:4700:3031::6815:31be, located in United States and belongs to CLOUDFLARENET, US. The main domain is naturellanews.live.
TLS certificate: Issued by GTS CA 1P5 on April 11th 2024. Valid for: 3 months.

This is the only time naturellanews.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3031::6815:31be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:6ea0:c70... 2a02:6ea0:c700::21	60068 (CDN77 _) (CDN77 _)
2	172.67.165.231 172.67.165.231	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	3

1 2606:4700:3031::6815:31be (United States)

ASN13335 (CLOUDFLARENET, US)

naturellanews.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::21 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

web.webpushs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.165.231 (United States)

ASN13335 (CLOUDFLARENET, US)

naturellanews.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	naturellanews.live naturellanews.live	2 KB
1	webpushs.com web.webpushs.com — Cisco Umbrella Rank: 73331	37 KB
4	2

	Domain	Requested by
3	naturellanews.live	web.webpushs.com
1	web.webpushs.com	naturellanews.live
4	2

This site contains no links.

Subject Issuer	Validity	Valid
naturellanews.live GTS CA 1P5	`2024-04-11` - `2024-07-10`	3 months	crt.sh
web.webpushs.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-09` - `2025-01-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://naturellanews.live/
Frame ID: 7E64ABC634A24D7F44D8E9809BFC86FA
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

4
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

39 kB
Transfer

120 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
naturellanews.live/ 110 B
549 B 266ms
57ms Document
text/html 2606:4700:3031::6815:31be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://naturellanews.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:31be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25d960d73c1379aaa09a316c6e453457bf31218efb6853a8020ed7bc865fbded

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87402162eaaa9bb2-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 14 Apr 2024 02:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Sfqa1%2F5exeVwSUBqYHxDg4ImCcZ3r453Dm5HMSYpIlGnCHKpjfff6PAnPrkQpDurUCWL3JT3ZnZQmLyC%2FBp6DV07V3xEpfjgZmaSb%2BmVkFShfVe2JaWOBTOLC7lUBLPaXXOv1KD2LF44M%2F8qJ%2BT8JU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 39911ead0a389eca54769a238422516b_1.js Show response
web.webpushs.com/js/push/ 119 KB
37 KB 117ms
32ms Script
application/javascript 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://web.webpushs.com/js/push/39911ead0a389eca54769a238422516b_1.js

Requested by

Host: naturellanews.live
URL: https://naturellanews.live/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

d11be608f440a879a566d9c3eac9cb421be8c8ced23c8f6bc8f0e7516d26b34e

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 data.sendpulse.com .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 wss://ws.binotel.com:9002 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng sendpul.se .sendpul.se trckln.com .loginsrc.com .routee.net .routee.net:444 .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua https://google.com/pay .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com revisionme.pages.dev .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com dl-media.viber.com .braintree-api.com vk.com api.telegram.org .webformscr.com .cardinalcommerce.com .mercadolibre.com .supportsrc.com .instagram.com s3.eu-central-1.amazonaws.com .googleoptimize.com .privatbank.ua .cardinalcommerce.com viacep.com.br .wdgtsrc.com 1860267202.rsc.cdn77.org 1443908614.rsc.cdn77.org 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://naturellanews.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Sun, 14 Apr 2024 02:05:21 GMT
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua https://google.com/pay *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com dl-media.viber.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com viacep.com.br *.wdgtsrc.com 1860267202.rsc.cdn77.org 1443908614.rsc.cdn77.org 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
x-content-type-options: nosniff
content-encoding: gzip
x-77-cache: HIT
x-cache: MISS
x-accel-date: 1712751308
x-xss-protection: 1; mode=block
x-77-nzt: EggB1GY4sQFBDAGckiEnAfcVtwQA
x-accel-expires: @1713356108
x-77-age: 309013
x-sp-ma: sp-ma-0
last-modified: Wed, 10 Apr 2024 12:11:33 GMT
server: CDN77-Turbo
etag: W/"1dcf3-615bcf07e54f0"
x-77-nzt-ray: 1cb09c0e68b5f336e1391b66d7cb2735
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
x-sp-pr: lpr-04
cache-control: max-age=604800
expires: Wed, 17 Apr 2024 12:15:08 GMT

GET
H3 200 sp-push-worker-fb.js Show response
naturellanews.live/ 72 B
531 B 59ms
59ms XHR
application/javascript 172.67.165.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://naturellanews.live/sp-push-worker-fb.js
Requested by: Host: web.webpushs.com
URL: https://web.webpushs.com/js/push/39911ead0a389eca54769a238422516b_1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a719f91d199b250a3e0748fa579d15ae2384c8fc2062268e18561708ac60281

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://naturellanews.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:05:21 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 10 Apr 2024 12:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66167f67-48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1XSRQldpioLJ86p%2BQ%2FqurY%2BpUsHV1EdCVFCk4WCBP4bAsJXzwFsfwwcmljJvNuQcPATD2vXSQQ71xLt96caXKzG2Xlp9s%2B3quPCL1f4wvWMFvxrClli7RBTs%2Bw5OgWFoQy5ANZk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 874021643c073802-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 favicon.ico
naturellanews.live/ 555 B
603 B 54ms
54ms Other
text/html 172.67.165.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://naturellanews.live/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://naturellanews.live/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 02:05:21 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LZ2Lej41JCQsOuO%2BMG1GVQLDSVaI2QRXo2yPFY4Fb%2B%2FQfh0IaDTWuz%2BqURKZDGVmIQBZletopv%2BfcPJbUx5uQi8gsGdug8zvqTlMoeexbV2E2c%2BqGvuc05lO12D%2BJ7UatGV0fF8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 874021644c0e3802-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://naturellanews.live/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

naturellanews.live
web.webpushs.com
172.67.165.231
2606:4700:3031::6815:31be
2a02:6ea0:c700::21
25d960d73c1379aaa09a316c6e453457bf31218efb6853a8020ed7bc865fbded
2a719f91d199b250a3e0748fa579d15ae2384c8fc2062268e18561708ac60281
338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf
d11be608f440a879a566d9c3eac9cb421be8c8ced23c8f6bc8f0e7516d26b34e

naturellanews.live Open in urlscan Pro 2606:4700:3031::6815:31be Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

4 Requests

100 %HTTPS

67 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

39 kBTransfer

120 kBSize

0 Cookies

0 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

naturellanews.live Open in urlscan Pro
2606:4700:3031::6815:31be Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

39 kB
Transfer

120 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions