Report - cyvareolua.com/

Report Overview

Visited public
2023-12-04 04:36:35
Tags
URL
cyvareolua.com/
Finishing URL
cyvareolua.com/
IP / ASN
104.21.15.174
#13335 CLOUDFLARENET
Title
Sztuka ryzyka inwestycyjnego: analiza, ocena i droga do sukcesu

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cyvareolua.com	unknown	unknown	No data	No data	16 kB	6.4 MB	172.67.206.160
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-03 07:59:58	441 B	32 kB	172.217.21.170
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-03 05:48:43	3.3 kB	188 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-03 06:08:10	945 B	12 kB	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed
2023-12-04	medium	cyvareolua.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 172.217.21.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 16:01 Times Seen205888 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	cyvareolua.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	ScriptElement	1.2 kB	2023-03-07	2025-05-11
Pretty URL cyvareolua.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 172.67.206.160 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 16:06 Times Seen68489 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	cyvareolua.com/	ScriptElement	475 B	2023-11-29	2024-08-20
Pretty URL cyvareolua.com/ IP 172.67.206.160 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-29 09:16 Last Seen2024-08-20 17:29 Times Seen4 Hash e231dcf81ccdaaeee949dd80d7b46941 821f6f74674bf1d5d62fdebd1f2a51c4b1ec9b54 5457c85e75cb9b1677b34a4cf0d4b427fc246546f875c5cc7e3ded20c58a4868 Loading...

	cyvareolua.com/	ScriptElement	475 B	2023-11-29	2024-08-20
Pretty URL cyvareolua.com/ IP 172.67.206.160 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-29 09:16 Last Seen2024-08-20 17:29 Times Seen4 Hash f807f97f457ca280428be9d734529d42 ed940c0d21e8b0b9f9cf8f33ce4bc6ba3e8985e1 663d45a0bf1c4d7cf3948a0c0d993068ea00125451f7318a7760ae9203dcd5ff Loading...

	cyvareolua.com/files-work/js-work/jquery.fancybox.min.js	ScriptElement	68 kB	2023-03-07	2025-05-11
Pretty URL cyvareolua.com/files-work/js-work/jquery.fancybox.min.js IP 172.67.206.160 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 14:30 Times Seen5447 Hash 49a6b4d019a934bcf83f0c397eba82d8 6181412e73966696d08e1e5b1243a572d0f22ba6 cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf Loading...

	cyvareolua.com/	ScriptElement	5.3 kB	2023-11-29	2024-08-20
Pretty URL cyvareolua.com/ IP 172.67.206.160 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-29 09:16 Last Seen2024-08-20 17:29 Times Seen4 Hash 3b5d8c47acd78a02adc097f4a23d878b 1678ee43afeab23c9ceadf439127da0d9c83531e 4c869f5d5d0bbe0210a73b57b115398fbb400288bff15a3a0dcd8427957c8418 Loading...

HTTP Transactions (40)

URL IP Response Size

cyvareolua.com/gallery/4-gallery.jpg

172.67.206.160

200 OK

42 kB

URL GET HTTP/3
cyvareolua.com/gallery/4-gallery.jpg
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x480, components 3\012- data
Size
42 kB (42253 bytes)
Hash
341be511e6a0897d3fe8e54e8cdc9f3b
6270ff57304fcb16ca291196a9c7370299b9d021
f90300d519df4f27ec5539fcf0e2128ef9ab18320dbf9b2bebea823bec28c08c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gallery/4-gallery.jpg HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: image/jpeg
content-length: 42253
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPpZ47Z9D9zJC4%2F3YJUC0p28TYiY271EcsGMYXVfCyGfwKsW1chCFU8GYwo4jtk8cAOYL21h69MMQA2d8WlqtRRvlvg8yZF10tDEcj%2ByrgGqp7EE6KL1P57lLz1RngRnhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebdd9856b5-OSL
alt-svc: h3=":443"; ma=86400

cyvareolua.com/avatar/m-0.jpg

172.67.206.160

200 OK

51 kB

URL GET HTTP/3
cyvareolua.com/avatar/m-0.jpg
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x800, components 3\012- data
Size
51 kB (50733 bytes)
Hash
a9ce60fe79e45d7d010619f3358842c9
06daba80f22cf6012b91e9ec039e5fbb65214d73
a55efb4df71c57ae4b40b55b1aecfdf0aace0f5ecbcd6e5af7f7fa7e3832e7b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatar/m-0.jpg HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: image/jpeg
content-length: 50733
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OaEa5WqDqe%2BUpFl3rSAS5aHJgjXdC1AcpRTaNer8pE4AzH6uGoHJ%2BmKlQ5g%2BjcbpozcnWXE%2FJloiA7w4DY8mCOQ%2F%2BEj8VdcRT4QMG3EOFV1Oa03AOokQk7x%2BEO0cYHQSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebdd9256b5-OSL
alt-svc: h3=":443"; ma=86400

cyvareolua.com/avatar/m-1.jpg

172.67.206.160

200 OK

58 kB

URL GET HTTP/3
cyvareolua.com/avatar/m-1.jpg
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x800, components 3\012- data
Size
58 kB (58417 bytes)
Hash
28dfee517a839d861f7e258c2833ed88
d8742f12e708f7b50356012f3bff606661952bf4
b291100aca8cdaa5042e3e79f9ef2eee1bdbdc8b15392752bd5b7893595e903c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatar/m-1.jpg HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: image/jpeg
content-length: 58417
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ne34s35sh9kAmsB7cJyFR4ft4sKKBVyYuKepeoMaNQUNzGADwcnxa2mgZDCHw2NU4HrqR75XBwtcIFNPVbeJmiIlsFeLNo9o4kFWboBlkfs4Ps4uTFxNb4ZJuCwsgfKjVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebdda156b5-OSL
alt-svc: h3=":443"; ma=86400

cyvareolua.com/gallery/6-gallery.jpg

172.67.206.160

200 OK

68 kB

URL GET HTTP/3
cyvareolua.com/gallery/6-gallery.jpg
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1024x768, components 3\012- data
Size
68 kB (67708 bytes)
Hash
bd3860fc4fb81d9587fa0c8ba410f440
431f908ecb2ab1029da5af42ce5c568c0e4986a0
64d3458fb62aefb8e631b9833124cb7e9392104fb05449c1889eb3474a9ed68f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gallery/6-gallery.jpg HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: image/jpeg
content-length: 67708
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LC74g%2BotFgp%2F9RKlMlhW4iZs4I25oiFYwYvl8BMiXSO8GxVFxZF2RnXrRuG02Vs4YsK9EKkO5XgQ4LKOuyFVSTxlnsNftnRjT%2Bi3wSV%2BYfuSwgrzwU4u4THwYo%2BTjpEMqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebdd9956b5-OSL
alt-svc: h3=":443"; ma=86400

cyvareolua.com/gallery/8-gallery.jpg

172.67.206.160

200 OK

68 kB

URL GET HTTP/3
cyvareolua.com/gallery/8-gallery.jpg
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x675, components 3\012- data
Size
68 kB (68046 bytes)
Hash
5fb595177e249b6392e6997dade3e44d
7621f09e41b331d7d502c30994b0a17d14ec6937
e6a2f4fab9563c38ff6070a65f4eb13bae355c4837a3ddde54759562a4bf3f12

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gallery/8-gallery.jpg HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: image/jpeg
content-length: 68046
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j82NfYB0bYA6nVWDSLScp0Nx%2FbvI1ZfdZYM4wJrqlxsjt4a7anj4JBDTyTRsuLImMsixHfwbcG%2FR15qEQ0CP17Em7oTV4mNJrlC0njTtwqp51%2FxXyL35uZp7Hij2K6kPEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebdd9a56b5-OSL
alt-svc: h3=":443"; ma=86400

cyvareolua.com/gallery/0-gallery.jpg

172.67.206.160

200 OK

119 kB

URL GET HTTP/3
cyvareolua.com/gallery/0-gallery.jpg
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1024x683, components 3\012- data
Size
119 kB (118969 bytes)
Hash
a8cfca668aa6d774ca5badf5f0ec5feb
98707184be16cc4d0f21cb4b9765a8ac68d81fe8
49016a11e14857a6cc9d00c5b91467f6267d099e39455a29ad824178c2dd58f0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gallery/0-gallery.jpg HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: image/jpeg
content-length: 118969
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ZOZ9oThJeNlqr5pauB3lWWjciwHSy4remr5CByflFx7yg249KbF0xhmGGE%2FxjGvpunu7cyTbkMr9XenbU4Kij%2Fe1vNY4T2cu%2B%2FUfDqxiFVuof4lUy2zr1awXGv6pWWvrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebdd9656b5-OSL
alt-svc: h3=":443"; ma=86400

cyvareolua.com/gallery/2-gallery.jpg

172.67.206.160

200 OK

82 kB

URL GET HTTP/3
cyvareolua.com/gallery/2-gallery.jpg
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 900x600, components 3\012- data
Size
82 kB (81771 bytes)
Hash
209b6cff0b0bc5e359ac5e510fa49a34
93213b1e3478490f7ef0782d4193d443e27c60f5
e402323f12efdac9755144421c6720b2170d12285b432e39fe46aff3e9c09d93

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gallery/2-gallery.jpg HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: image/jpeg
content-length: 81771
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gs8%2BQmPm7CsJay6wQ8n12g8UgHSJdE8oJiQIpdfmysZneCc9yHaUuj0fECEMNa9gF6rT002BXF3LRftBlkT5Opfv4Niduj86Ag9opQXTEFUyGogSxAL3TzRkxwv6DI0ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebdd9756b5-OSL
alt-svc: h3=":443"; ma=86400

cyvareolua.com/gallery/10-gallery.jpg

172.67.206.160

200 OK

96 kB

URL GET HTTP/3
cyvareolua.com/gallery/10-gallery.jpg
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x667, components 3\012- data
Size
96 kB (96269 bytes)
Hash
399b7c5512f8ea6d74bf4be7a69dac75
b72e34e724a7bff7b9aba7c9090e445265932ef9
71fb19161e4cadb546c88857acc902afae53d5b4fee346b99c30b907c882fbde

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gallery/10-gallery.jpg HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: image/jpeg
content-length: 96269
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JuebniWfRKYoC8PubuuqXUSsTBXrXSlEwK73RDrNbcaDfwz%2F8qPmZmzgeTXQ36l43Qjs1Ww%2F8KhDW4uPCe3b6O0eSEDOrgG7bduxJI6xZdoNHAs82Z9YFhWOFUVpb4ZVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebdd9b56b5-OSL
alt-svc: h3=":443"; ma=86400

cyvareolua.com/avatar/w-0.jpg

172.67.206.160

200 OK

152 kB

URL GET HTTP/3
cyvareolua.com/avatar/w-0.jpg
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x800, components 3\012- data
Size
152 kB (152275 bytes)
Hash
8519d1caabe19d4cd1b7fc1949be7f94
6bf71751f67d408af768785b7d643712a42b2d6e
9533eea716dff43d171823c757d22b64199919a7892b7bf073ada21d1d18f618

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatar/w-0.jpg HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: image/jpeg
content-length: 152275
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUrOhwdxOIHhgWK2ecPWoOquFHNRRIgFRYCCmt%2BCVGD01FJ0G2klVE7MSGU10I0hg99zoPxUbHJSfxXScKTL1ooOfw3R8F5DDqJF1HJ%2F%2FURiT%2Fnq%2BY0h3%2FerWaaw8MWLmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebdda056b5-OSL
alt-svc: h3=":443"; ma=86400

cyvareolua.com/avatar/w-1.jpg

172.67.206.160

200 OK

196 kB

URL GET HTTP/3
cyvareolua.com/avatar/w-1.jpg
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x800, components 3\012- data
Size
196 kB (196083 bytes)
Hash
258ecf6f265d9eb34c96145eb596a9f6
62e8cd4a969569ee1039837d3cb2c2d6fcc12c11
0212533ebbb41af55f8192ed91eb1030ebbe14deed442f3bd0e3af4ab5ac2c77

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatar/w-1.jpg HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: image/jpeg
content-length: 196083
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftc0ocQqpNdCKIrohP7ThxEqCATZQI2WvqI%2F7abshwjQ%2Bgnyos%2BARj%2BqhOk8N0MrJkVN7vGTbsQZgYupWUdYV6w3sQIMc6%2B9s3HBiGExCQiWDOw17LWh0eqkOCxoObBnlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebdda256b5-OSL
alt-svc: h3=":443"; ma=86400

cyvareolua.com/1704703895.png

172.67.206.160

200 OK

910 kB

URL GET HTTP/3
cyvareolua.com/1704703895.png
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
PNG image data, 1222 x 810, 8-bit/color RGB, non-interlaced\012- data
Size
910 kB (910468 bytes)
Hash
9969da1d30c9c38a123114d2cd211a12
f847c799a3b0cc9bcc0d659fd1af36643590b1a7
256d7d916068fe62d309f58a5f08ce18758d1525ee2b7a20c34d6078b30a4ab3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1704703895.png HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: image/png
content-length: 910468
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gg9PjxCkkewkakCFV2nivJZEIU6BW5OWBCgBiwB0YUAGeNVWAuseTAVRKBlKI%2FzRgv%2FMOcNQ89X6MeAZ5l3S3Wthtk9UUyDOMk3T3AhqXaYo8EqjJEKvR56wudzL42vXwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebdd9556b5-OSL
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

172.217.21.170

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
172.217.21.170:443
ASN
#15169 GOOGLE

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (65447)
Size
31 kB (31017 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:35:32 GMT
expires: Fri, 29 Nov 2024 04:35:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 345643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cyvareolua.com/files-work/js-work/jquery.fancybox.min.js

172.67.206.160

200 OK

107 kB

URL GET HTTP/3
cyvareolua.com/files-work/js-work/jquery.fancybox.min.js
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
HTML document, ASCII text, with very long lines (31972)
Size
107 kB (107079 bytes)
Hash
49a6b4d019a934bcf83f0c397eba82d8
6181412e73966696d08e1e5b1243a572d0f22ba6
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /files-work/js-work/jquery.fancybox.min.js HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0hFTkwvM88qaAl820%2FbEj5G09y3dB%2B0AYIOqUE93KIad4Uwkiq%2ByzFuOoLBf2i6j0sXMpx21p32PRxAV3UJ9sLmYNuqMO5IV2mcp7w5%2FqUiBCbhHn3h5BBiMqWqTCJlLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebdda356b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cyvareolua.com/%7Bstyle-name%7D

172.67.206.160

400 Bad Request

33 kB

URL GET HTTP/3
cyvareolua.com/%7Bstyle-name%7D
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
data
Size
33 kB (33242 bytes)
Hash
4fefa1ec83759234f70bb0235706ab80
4739fb3cb687f22fec0da34088ac4d61fcbef0cb
568c8a405a8d598d4513123098abcc8a0c28682178458179fae313dc9b962cdd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /%7Bstyle-name%7D HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 400 Bad Request
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: text/html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wIR1EkGpZxqq6P6QcKXy67ejsundPxbeu2hETbkb9dybWJqe8Rwu2emncog5D4edQ8DC4Aa11XlJEC7EPynuR5pxVHMomKQooF3rrByE8EdinI%2BpSZbBsel%2FmjcCVIEfgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830158ee2e6356b5-OSL
alt-svc: h3=":443"; ma=86400

cyvareolua.com/files-work/work-css/fonts/bootstrap-icons.woff2?8bd4575acf83c7696dc7a14a966660a3

172.67.206.160

200 OK

85 kB

URL GET HTTP/3
cyvareolua.com/files-work/work-css/fonts/bootstrap-icons.woff2?8bd4575acf83c7696dc7a14a966660a3
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
Web Open Font Format (Version 2), TrueType, length 85044, version 1.0\012- data
Size
85 kB (85044 bytes)
Hash
316400c09c0560b3812e58b3124bbf15
2314d4d73dd9ed7aa2f9d18d45e71ca0440ac0a9
856b3f9e0df4f7061c8948021c7cc6e6263d96c48161e7fe9e4fbefd0c69a085

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /files-work/work-css/fonts/bootstrap-icons.woff2?8bd4575acf83c7696dc7a14a966660a3 HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/files-work/work-css/icons.css
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: font/woff2
content-length: 85044
etag: "6512e8ae-14c34"
last-modified: Tue, 26 Sep 2023 14:20:30 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpBLSmouuAYIW0JM%2F2JGRoqfCIJD7zVVKsQF9ra5imfzt5UM9jCeGSk%2F5TqmiI2bRcG4LcrnM4uw8Nu6YAjZswY3KbWzvxFC4XktWSsbb3Aq8SJ1013bWXBuJRpEZt%2Bfqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158eefea256b5-OSL
alt-svc: h3=":443"; ma=86400

cyvareolua.com/files-work/work-css/bootstrap.css

172.67.206.160

200 OK

24 kB

URL GET HTTP/3
cyvareolua.com/files-work/work-css/bootstrap.css
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
Unicode text, UTF-8 text, with very long lines (65300)
Size
24 kB (24325 bytes)
Hash
dc366fc84a718dedad8673d131a0c868
82a3ba279051724585ab737eaecb462e237aa37e
9eaec9d24b1ee74ba959d3625d10ecb8677f0247da1f3d215fc1e0094b020126

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /files-work/work-css/bootstrap.css HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: text/css
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zE%2Bp%2BLflOOl8lZtH78aSdw3fYBYzPANXFtKebWiGrDiBJvhwUL1vRTb5xv5TnhJX8QISxP5sfTZ47HAgzOTIkY89mJ2mzHXVHZS19BoMwzgnKroMHCW%2F8WDGAiGuhGt5fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebbd8556b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

216.58.207.227

200 OK

28 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 27812, version 1.0\012- data
Size
28 kB (27812 bytes)
Hash
89711a1150919edc93f67f067ef94f62
9f2ac701d67d1ab3a2efe7d4edc663d3d5270fef
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyvareolua.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27812
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:14:00 GMT
expires: Thu, 28 Nov 2024 21:14:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:37:02 GMT
content-type: font/woff2
age: 372136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0\012- data
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyvareolua.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 23:21:56 GMT
expires: Fri, 29 Nov 2024 23:21:56 GMT
cache-control: public, max-age=31536000
age: 278060
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0\012- data
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyvareolua.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 23:21:56 GMT
expires: Fri, 29 Nov 2024 23:21:56 GMT
cache-control: public, max-age=31536000
age: 278060
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cyvareolua.com/logotip.svg

172.67.206.160

200 OK

29 kB

URL GET HTTP/3
cyvareolua.com/logotip.svg
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (4515), with no line terminators
Size
29 kB (29227 bytes)
Hash
dddbca5dc8bb9f5346fe27217c0673f1
9e0447e6764ea0b31a0bafdb0af5fc76e2afa861
744b1b5227ead4bfefa24270f48c02bc87a3c04c9c302d4ca1851ab8a532ab58

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /logotip.svg HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: image/svg+xml
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Wed, 29 Nov 2023 19:53:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6SbbS3tRRU3nc2FFfp2Zkc%2Fr11eJ7FZugubDoyrFUzcULhpvBA%2F%2BiorkD%2BY4TewUiuB7OJlUvdkYN5yIJFAYgJ3u5Vvg2jY1obLqu1Prq62bg%2B6RST3tfKwf63eB4NLXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebdd9156b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0\012- data
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyvareolua.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 23:21:56 GMT
expires: Fri, 29 Nov 2024 23:21:56 GMT
cache-control: public, max-age=31536000
age: 278060
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

216.58.207.227

200 OK

28 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 27812, version 1.0\012- data
Size
28 kB (27812 bytes)
Hash
89711a1150919edc93f67f067ef94f62
9f2ac701d67d1ab3a2efe7d4edc663d3d5270fef
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyvareolua.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27812
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:14:00 GMT
expires: Thu, 28 Nov 2024 21:14:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:37:02 GMT
content-type: font/woff2
age: 372136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cyvareolua.com/bg/1_bg.jpg

172.67.206.160

200 OK

81 kB

URL GET HTTP/3
cyvareolua.com/bg/1_bg.jpg
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x600, components 3\012- data
Size
81 kB (81401 bytes)
Hash
d075ad66b78e3ba82259e8517c96dde1
10880318c668664a2578dc03cc6e728b6cca9fb4
29926fe881feb074ff2cb2b3bd5f7f281e8a4104fb2c2d717e8db6db49aef99a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bg/1_bg.jpg HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:16 GMT
content-type: image/jpeg
content-length: 81401
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0ESfMdmbnX5A74ZnV3r%2FWTZXqlU4ckSd%2Fgruo26t5BXkuF20uOAgoNQ1WMycJf1lMpK8JfAl4dA%2BtHBWQe2YARMu1Nze7niub5HKAdoOQoOXnOXFYNxUwCSASXiRTV11Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158f08f2c56b5-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

216.58.207.227

200 OK

28 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 27812, version 1.0\012- data
Size
28 kB (27812 bytes)
Hash
89711a1150919edc93f67f067ef94f62
9f2ac701d67d1ab3a2efe7d4edc663d3d5270fef
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyvareolua.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27812
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:14:00 GMT
expires: Thu, 28 Nov 2024 21:14:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:37:02 GMT
content-type: font/woff2
age: 372136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cyvareolua.com/video/0-video.mp4

172.67.206.160

206 Partial Content

3.0 MB

URL GET HTTP/3
cyvareolua.com/video/0-video.mp4
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size
3.0 MB (2987849 bytes)
Hash
9a778ce5c19f855e19c395bd1695b280
89d48e61b48d6b3e6f9e053f684dacdca744c7f0
3debaab207b3c381c8662cd89a0811fde7b8b393c637608ed78571991efc0cca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /video/0-video.mp4 HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 206 Partial Content
date: Mon, 04 Dec 2023 04:36:16 GMT
content-type: video/mp4
content-length: 2987849
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:16 GMT
content-range: bytes 0-2987848/2987849
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0J8MkcJZgvUby7MBvRPw4739cYWDpFlhgZzYgxXGAK%2FZFjtrxX%2FDia6pz5iRNBNmpv5nGavXfjWCsFdYuxWfaTZGFVqh84GplqNI8BNt%2BWm0KBYWFQRVDs5WHutOHpPGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158f08f2d56b5-OSL
alt-svc: h3=":443"; ma=86400

cyvareolua.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

172.67.206.160

200 OK

1.2 kB

URL GET HTTP/3
cyvareolua.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
HTML document, ASCII text, with very long lines (1271), with no line terminators
Size
1.2 kB (1239 bytes)
Hash
40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 16:06:21 GMT
etag: W/"65660ffd-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKSBXgbQAtMmei6KX%2FOoat62pMD4tLvZipn0xZlG5rMBf915ts7T7VSczL9moll2MlM53SKqT7q%2FE65Q2oIP%2FKlsW9YUn6IfntxLDMWVHGEjmXUHoiJlJC24BDnrYuOi5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebdd9356b5-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 06 Dec 2023 04:36:15 GMT
cache-control: max-age=172800, public
content-encoding: gzip

cyvareolua.com/images/2.svg

172.67.206.160

200 OK

14 kB

URL GET HTTP/3
cyvareolua.com/images/2.svg
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type

Size
14 kB (13784 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/2.svg HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: image/svg+xml
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnXW%2B2nk%2BH6LVwQR7ar8clgVNtgQ0%2FBQ9b%2FH0ZymZfT0%2FzyK%2B1LpdDaUYGTDaNZE1lIV%2FdtOY4hiY%2FpWMEKjd8WTCnj%2FV%2BecZV68KqtsHEYqi%2FJks1Qs8MEKAGFXJSxBaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebdd9e56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cyvareolua.com/images/0.svg

172.67.206.160

200 OK

2.3 kB

URL GET HTTP/3
cyvareolua.com/images/0.svg
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2347), with no line terminators
Size
2.3 kB (2301 bytes)
Hash
6b8d2dca1c85dcbfcfbce832f01d3c65
127dd688cf0f64e9cafcb14844047531d6c21eed
76883f28ed3af64aed98c1a3f02e497d2cae2c73e54d61fc5663176ae565396b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/0.svg HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: image/svg+xml
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBZCYlODBlMfjgArPPcSICLozutpEc00O9GuTH79hcw2YB2Qhqx6DY7hijfuz3T9gB48RjumMtVuoZJUsDjFIYr%2B1Ix6yqd0uaL3c0uasgjt6y8oS9VG7YHvXu6yHdcn0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebdd9c56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cyvareolua.com/files-work/js-work/jquery.file.min.js

172.67.206.160

200 OK

90 kB

URL GET HTTP/3
cyvareolua.com/files-work/js-work/jquery.file.min.js
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /files-work/js-work/jquery.file.min.js HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkaQKVaA0D0LeEU8CM1XR%2BRs0Sb6phkMybm41u1rT%2FDELVr2kkX%2Br2zndFS0szh4dCB57cCT0JdngPMNCFfNZIAf7slVCmLMdJVzuXgEosN4%2FNnP62S%2FIJsx5EiY%2FNetrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebad8156b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cyvareolua.com/bg/0_bg.jpg

172.67.206.160

200 OK

85 kB

URL GET HTTP/3
cyvareolua.com/bg/0_bg.jpg
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x600, components 3\012- data
Size
85 kB (84766 bytes)
Hash
063858ea0a8ddd585b8e5e68a2767bcf
c312402ac01b8826745dc00506910d3016b0e31d
58512c5f415be5044660b6a82119b875e5eea92ef4366c62ac9bb38d935cc26b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bg/0_bg.jpg HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: image/jpeg
content-length: 84766
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sah4K%2BJrpdPL1%2Ff54Bg8iiFH91F3ynfl1xtwscjHZDo3JLcXUX%2Fi59rFSiF380VxHS0VLQkdqt9CfHEkqL6WSeEKm0wjI6%2FVFX0SsN9PXDzgUYfiNszpp%2B1%2FnkE14Wq4Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158eefe9f56b5-OSL
alt-svc: h3=":443"; ma=86400

cyvareolua.com/files-work/work-css/bootstrap.min.css.map

172.67.206.160

200 OK

424 kB

URL GET HTTP/3
cyvareolua.com/files-work/work-css/bootstrap.min.css.map
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type

Size
424 kB (423467 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /files-work/work-css/bootstrap.min.css.map HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: application/json
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEIjRjiIGyOXbES6%2BaraKZSGwnYfdnkcfY%2FmuZfYv6oFFZbZCuKws8E6WecUlKLq94Zu2vPFKWa4FcDktdc2L5eFHLM%2B%2FdU%2Fs5Zbl9sYemHBhAQcjdDszw5e%2F03aEi2wZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830158ebbd8656b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cyvareolua.com/files-work/work-css/icons.css

172.67.206.160

200 OK

64 kB

URL GET HTTP/3
cyvareolua.com/files-work/work-css/icons.css
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
ASCII text
Size
64 kB (63662 bytes)
Hash
bc4dea65ef13ebbbd036ada3a06655a8
87e39aa5e6d3b7d681ed0a4940727f220ab5b2b4
4d50e61450fa28155c51b28a5eaec80ba68aef637f08d2fd11fedf79c413ef56

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /files-work/work-css/icons.css HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: text/css
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ux7nilx%2BQV8KjpQB3xZAp9M%2BDq8Z2wE5KlMfnoFWuejBQ0Dc0QzSVN40Ej2AD1w%2BHL6l%2FhfuK7aif4yIsofXzeektNkhu6frBW6%2BV%2B28Wqng%2B6Zh7Mp1k6qt4VVzDfccYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebbd8956b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cyvareolua.com/files-work/work-css/bootstrap.min.css.map

172.67.206.160

200 OK

424 kB

URL GET HTTP/3
cyvareolua.com/files-work/work-css/bootstrap.min.css.map
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type

Size
424 kB (423467 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /files-work/work-css/bootstrap.min.css.map HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: application/json
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Wlm0enUP91%2Fu1JFdcqYZ8kNxupw75GpC2p4QyhLVRTRYspKkoFTtzz9BfKUFZ9fhCis%2FQOqhNVYP3ygRCJadQ%2FWjtBts669%2Bo3HW6x2t2%2B2ZG9kYFkmgaMxOH6%2BUMBkIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830158ee2e6256b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cyvareolua.com/images/1.svg

172.67.206.160

200 OK

888 B

URL GET HTTP/3
cyvareolua.com/images/1.svg
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (928), with no line terminators
Size
888 B (888 bytes)
Hash
60b73753bebc3ee3e9b69b08bef5a882
1174e831a8dd2ced2c05fe41f0de3188a3287830
9e998ac83b3f5f6cb1baf0b5814c64194d708b6dda21ced2f2ca5e23887f5069

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/1.svg HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: image/svg+xml
etag: W/"6512e8ae-378"
last-modified: Tue, 26 Sep 2023 14:20:30 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RG1IQINYpi%2BRMl9xs9frjXryAleib2RGzeSQVjx7sm2OM%2BdZM8%2FHO570bG2muODpaQzm4%2Fcfo6JbP9ZVwcOOUgOcnN7pEyAvNc%2BrpG2ye4LK8rIEhKfoVagQ5dxXxU2WIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebdd9d56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cyvareolua.com/files-work/work-css/buttons.css

172.67.206.160

200 OK

3.9 kB

URL GET HTTP/3
cyvareolua.com/files-work/work-css/buttons.css
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
ASCII text, with very long lines (4093), with no line terminators
Size
3.9 kB (3875 bytes)
Hash
c2784691126284b23f3bd51a8c126c21
16cbb5bc9bacce89062bc56b1d3bc1f2ca5f0664
af2a2d281ab87d60028c4f8beafba564a7b4759878a848030ce35d337c16c761

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /files-work/work-css/buttons.css HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: text/css
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNgPU9PwBDkH53ulTYg93IkR09KSEA7DWZAJR2p4xl%2BUXh5GJy6bEZoJpSl988W83VTF%2BCy3%2Fxohe7lBTlKeHT8kuENZCgo3m1fhnUroDLwouXkLPCMfCsooAsgPP8vY2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebad8256b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cyvareolua.com/files-work/work-css/fancybox.css

172.67.206.160

200 OK

17 kB

URL GET HTTP/3
cyvareolua.com/files-work/work-css/fancybox.css
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
ASCII text
Size
17 kB (17412 bytes)
Hash
caf7c408bb13e802cc3566b94f6c6d8d
e43435fb9eaa918f5b8e35c9e110124b8bd13751
3fc93cc3f2dec261a4dbd670cfcf476a15f759d6b9066f30bb65e4082d032fdb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /files-work/work-css/fancybox.css HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: text/css
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THHq2nsGHqHKxQYcfzaw716%2B6kHoT5Sj4Sohv441RxXjNk7VQL13Pi%2F6vX0qB2xNKmApdYUWqz1NBq61axW2Yjf9Epw8%2B%2FCnzWJcac6QWgAqLdNPnjYWprgTi7x4dtAgUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebcd8d56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cyvareolua.com/

172.67.206.160

200 OK

52 kB

URL User Request GET HTTP/2
cyvareolua.com/
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type

Size
52 kB (51912 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:36:14 GMT
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
set-cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ld3s%2BZ%2Fn605W3w27bNNuNbnbUBQVmjSlx%2FV5dfKdZhI1w%2BAInAnO%2BTFfdyRL5a1Em0v%2B7RAjOAxFapJvIdYMEe9wA8d9i7PuDdITWmRRIGSr75Eze9x9ji0ciMjFP5zAcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830158e8db23b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cyvareolua.com/images/3.svg

172.67.206.160

200 OK

2.7 kB

URL GET HTTP/3
cyvareolua.com/images/3.svg
IP
172.67.206.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcyvareolua.com
Fingerprint73:08:B9:28:43:29:96:3B:65:12:03:A9:1F:84:71:31:C4:E7:76:F0
ValidityThu, 12 Oct 2023 08:16:34 GMT - Wed, 10 Jan 2024 08:16:33 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2834), with no line terminators
Size
2.7 kB (2708 bytes)
Hash
71d589aa368a7aed2de6dddc04e20d28
cdba532dc81435faf140c67286d02f53ea1989ef
76e3e1679751699c03d33aa0424b618f126ec74cd1e134a27fedda06a6451e67

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/3.svg HTTP/1.1
Host: cyvareolua.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Cookie: PHPSESSID=7e2b5b2f40c2c3c4aa451628593c4556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:15 GMT
content-type: image/svg+xml
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 04:36:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkSzpvDJFSQeA31%2BAV1opUKD6LUyQz5jwOfUBUJovkc5zt%2FA7uSS%2BenfttmUZsIwWlVhctnoz3dkPr0%2F6qasAfWxdFNwVVAMbv9D2ZDzmSG5DTMXs9%2Bg0sXlLpBAKBfMjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830158ebdd9f56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap

142.250.74.74

200 OK

9.2 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (9375), with no line terminators
Size
9.2 kB (9150 bytes)
Hash
8622a4caff03d8590ff7e1c85daa6bce
58f5afa8c43120e48ea490873e1ea7646e36d6a7
2215765b93823e578f06e0b7a86a90333b6a005e00fdacdae83f1e4c0cd04670

HTTP Headers

GET /css2?family=Montserrat:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 04 Dec 2023 04:36:15 GMT
date: Mon, 04 Dec 2023 04:36:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Luxurious+Script&display=swap

142.250.74.74

200 OK

1.3 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Luxurious+Script&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://cyvareolua.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (1285), with no line terminators
Size
1.3 kB (1258 bytes)
Hash
9e91eee5c3c3cc2af23722dfad253493
5a3afa1e7ebb665a11d38e8eddf5e9846770b92b
42e54cb10dcdfdb9b153eddfc0a0d3016d0fce568ee9fd26ca85962772e08d58

HTTP Headers

GET /css2?family=Luxurious+Script&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cyvareolua.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 04 Dec 2023 04:36:15 GMT
date: Mon, 04 Dec 2023 04:36:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (40)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by