Report - novelastvs.net/ch/

Report Overview

Submitted URL
novelastvs.net/ch/
IP
104.21.33.90
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-25 06:18:03
Access
public
Website Title
Challenge XX Chapter 18 Complete Online
Final URL
novelastvs.net/challenge-xx-chapter-18-complete-online/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
58

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	491 B	2.9 kB	216.58.207.234
novelastvs.net	unknown	unknown	No data	No data	14 kB	785 kB	172.67.160.184
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-25	1.6 kB	58 kB	142.250.74.163
ok.ru	3812	1998-11-03	2017-01-30	2024-04-20	8.8 kB	198 kB	5.61.23.11
st.mycdn.me	31534	2013-03-07	2013-06-14	2024-01-21	2.6 kB	35 kB	217.20.152.226
secure.gravatar.com	1671	2004-07-15	2012-05-22	2024-04-24	467 B	1.9 kB	192.0.73.2
i.mycdn.me	13207	2013-03-07	2014-10-17	2024-04-24	499 B	96 kB	217.20.152.213

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	novelastvs.net/ch/	SwissPass

PhishTank

Scan Date	Severity	Indicator	Alert
2024-04-21	medium	novelastvs.net/ch/	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed
2024-04-25	medium	novelastvs.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (42)

	URL	Size	First Seen	Last Seen
	novelastvs.net/wp-content/themes/sahifa/js/search.js	15 kB	2023-03-07	2024-05-04
Pretty URL novelastvs.net/wp-content/themes/sahifa/js/search.js IP 172.67.160.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:30 Last Seen2024-05-04 06:28:32 Times Seen430 Hash c0753a18f5f80d711e27e808db6ea442 51acbdbea1df8ea6b57873fb17a5e25b30006393 d6c6d0b6440485f2536e96758b074c4713ef69a56511f2af2128f23ce6eebdca Loading...

	ok.ru/res/js/lib/jquery-1.8.3_90be892.js	93 kB	2023-12-05	2024-05-04
Pretty URL ok.ru/res/js/lib/jquery-1.8.3_90be892.js IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 08:15:57 Last Seen2024-05-04 05:46:04 Times Seen50 Hash dcc5f5b9d0f3e32d0e23a90a99438dac 2ad3dcea12e0f120074e01b5aadadf42662186fb 86e9134e8d7fa2b1ed8c666ce06cac65f0a3aa9f6ca4b0918e0fcc63a3cebffd Loading...

	st.mycdn.me/static/music/load-model.web.8818deff.js	154 B	2024-04-17	2024-05-04
Pretty URL st.mycdn.me/static/music/load-model.web.8818deff.js IP 217.20.152.226 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 05:26:53 Last Seen2024-05-04 05:46:04 Times Seen8 Hash a23678762b94f53703676e53621575bf 810a27ca4b9022aae95c4b4af460b2fb140282b0 fe947ceb0d3c895594664225e71b8a1a1fc3da9ce75f95a58c6ff356dbe12aec Loading...

	st.mycdn.me/static/music/shared.web.eccd0138.js	16 kB	2024-04-17	2024-05-04
Pretty URL st.mycdn.me/static/music/shared.web.eccd0138.js IP 217.20.152.226 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 05:26:54 Last Seen2024-05-04 05:46:04 Times Seen7 Hash 016191f9d6db7437485e60802552f489 8446b8ee56cd447503ce4a3d2f8e2e7ae5984b6a 6b0c7d2f89f847e62b1ec5d9b320775ef8c8c7d54db10dca4a6d53d8743477e1 Loading...

	novelastvs.net/challenge-xx-chapter-18-complete-online/	140 B	2024-04-25	2024-04-25
Pretty URL novelastvs.net/challenge-xx-chapter-18-complete-online/ IP 172.67.160.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 08:18:10 Last Seen2024-04-25 08:18:10 Times Seen1 Hash 3e5ee9a01f1ff28034c54200ba823c8c d28b52d3b1b2fbc1aeb6ae488a9cad6d386a7f83 4885a83fbe771132efc7bcad584a3c173ec490545051ebf1e27ebb9552530f40 Loading...

	unknown	46 B	2023-04-11	2024-05-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 22:36:29 Last Seen2024-05-04 10:06:38 Times Seen5952 Hash 5c399557f73fcf0024f42259cf94ee17 d2f46cbd088e9b289e63cc23e2377462c6459e3f 254e737260e5ff4f6043abc4ab52ee1f9ea6e9eab066b5c7ac1665c4cf75692b Loading...

	ok.ru/res/js/app/OKVideo_5067569d.js	17 kB	2024-02-19	2024-05-04
Pretty URL ok.ru/res/js/app/OKVideo_5067569d.js IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-19 03:58:45 Last Seen2024-05-04 05:46:04 Times Seen16 Hash 1b88371636d65d020d19ecac2da8b077 56cb8ef174ee2b07f4ec7fc607e3d08a2b500077 3251ca368718620ca0a2c7467cb7830bb30d47231f8f387cdd58d0738e49ef7d Loading...

	ok.ru/res/js/b/music3_37ce15fb.js	22 kB	2024-04-17	2024-05-04
Pretty URL ok.ru/res/js/b/music3_37ce15fb.js IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 05:26:58 Last Seen2024-05-04 05:46:04 Times Seen8 Hash df158581df241263bcd604150c014d1f 05346a0563366b075d58ca263a4bd2744abf4e80 823b35d62d8b4f830e26dc13345b207dd8d2616f61becb2181fa8f632cf5b4ca Loading...

	st.mycdn.me/static/music/bootstrap.web-0-6-1-1712146367289.js	4.2 kB	2024-04-17	2024-05-04
Pretty URL st.mycdn.me/static/music/bootstrap.web-0-6-1-1712146367289.js IP 217.20.152.226 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 05:26:58 Last Seen2024-05-04 05:46:04 Times Seen8 Hash c0657c12245f04af0a22912aaf232c25 992a8e328420992e2343836ffe1f5521333241d1 57c99d71cba35172b5b130acd8e50c17049b58cf4a4ec0885d0f81ba6b40dff0 Loading...

	novelastvs.net/wp-content/themes/sahifa/js/postviews-cache.js	139 B	2023-03-07	2024-04-25
Pretty URL novelastvs.net/wp-content/themes/sahifa/js/postviews-cache.js IP 172.67.160.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:59 Last Seen2024-04-25 08:18:10 Times Seen92 Hash 76591f91de8e1ba757c75f2ed652aa08 edccb6c8b113f6d1ad76cdba1a2499e13bae45ae e4146dc61fb3064bed9359d9717141388f3a37b1fe3c2bd179c15776e84aff51 Loading...

	ok.ru/videoembed/7330423179879	719 B	2024-04-25	2024-04-25
Pretty URL ok.ru/videoembed/7330423179879 IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 08:18:10 Last Seen2024-04-25 08:18:10 Times Seen1 Hash 9d739f8006d9e769c93b19a7b4af0669 011ae55ec9c37a7842086e909b37fc2800cab02d 350aee8544af9b11917b4e89591f6e0d924d6d536fa7933d6e8e9513ec89d6c8 Loading...

	ok.ru/res/js/b/metrics_b087a7d3.js	26 kB	2024-04-17	2024-04-25
Pretty URL ok.ru/res/js/b/metrics_b087a7d3.js IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 05:24:13 Last Seen2024-04-25 08:18:11 Times Seen6 Hash ff696d0761e9005b905bc9d0bd143eca 0ce8559014addcfa7d20ae1121455a22d1dc78f8 a59fbfc247f7d5d4f644e75cb5a02ff02fe0d5121e58eab05ac4dcb1808fe635 Loading...

	novelastvs.net/challenge-xx-chapter-18-complete-online/	928 B	2024-04-25	2024-04-25
Pretty URL novelastvs.net/challenge-xx-chapter-18-complete-online/ IP 172.67.160.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 08:18:10 Last Seen2024-04-25 08:18:10 Times Seen1 Hash 0fe5ab54368b9d42d129d5642a1c3941 ef22914069aa1a2fade970cb749a1b505fa4f8ee 664975cbd5e29dbbd42bec11cfeb2e4a5823d6158f6120634f1b64bcc6098e62 Loading...

	novelastvs.net/wp-content/themes/sahifa/js/ilightbox.packed.js	80 kB	2023-03-07	2024-05-04
Pretty URL novelastvs.net/wp-content/themes/sahifa/js/ilightbox.packed.js IP 172.67.160.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:29 Last Seen2024-05-04 06:28:32 Times Seen649 Hash 6925324c0c75ab9db234ce7da072faeb 80491389cf716c242334e9d7f2ee9c7ddf2044aa 1f560c3e9fb5beeed86da7d5be1ae459c22af6ec1d58f77e2a89a20063ef7ba2 Loading...

	ok.ru/res/js/app/capture_20f51f05.js	1.6 kB	2024-04-17	2024-05-04
Pretty URL ok.ru/res/js/app/capture_20f51f05.js IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 05:24:11 Last Seen2024-05-04 05:46:04 Times Seen10 Hash 51335d33e305bbc9946ef9478d9040f2 559bd59f588ac8a4279df931f53f7d658cd23cef 6b35ce2d1a3ed202d4d5c2fb05ee2a40cdc245723ecf538e66016aa323749925 Loading...

	ok.ru/web-api/pts/video.player/en	5.1 kB	2023-11-04	2024-04-30
Pretty URL ok.ru/web-api/pts/video.player/en IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-04 21:31:02 Last Seen2024-04-30 15:33:40 Times Seen30 Hash d421939c3c3fd70707b836d508f58a05 c9df53b49843ea33c239b4ffb03c216d411912a8 f186ca6997ac8e4f57d155f5d47123ccc86d91b0597dcf839cf60cf950908aae Loading...

	st.mycdn.me/static/music/model.web.94a82299.js	89 kB	2024-04-17	2024-05-04
Pretty URL st.mycdn.me/static/music/model.web.94a82299.js IP 217.20.152.226 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 05:26:59 Last Seen2024-05-04 05:46:04 Times Seen8 Hash 3c9702fcb75d2e1fd321708c0a5b2712 998e66174da30d14739811934c21db4870dfcbdd a493e0fc7ac1750582b58578bad8e1c92c5d4821403bb8159c340539e08aa6c9 Loading...

	ok.ru/web-api/pts/music.app	20 kB	2024-04-17	2024-05-04
Pretty URL ok.ru/web-api/pts/music.app IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 05:26:55 Last Seen2024-05-04 05:46:03 Times Seen4 Hash a059136b73fbadab16bfab56a0f3fe56 1c152e9dcd91c0d87266df5d563e12a97f61acad e4aaaf5fe9d18445086dfeddf03261f686ac640cab5f5be97fbfebcad2750ccd Loading...

	novelastvs.net/challenge-xx-chapter-18-complete-online/	155 B	2023-03-07	2024-05-04
Pretty URL novelastvs.net/challenge-xx-chapter-18-complete-online/ IP 172.67.160.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24:05 Last Seen2024-05-04 00:35:02 Times Seen148 Hash 7048bc0888d8e5df41387943350286eb 3ad08e2b8bf9ca4e1cef06c91b1972b00ba3239f f073ab390d75e848d5d36829c74d745ab420df05cc54a19527f7e3ebf0304927 Loading...

	novelastvs.net/wp-includes/js/comment-reply.min.js	3.0 kB	2023-03-07	2024-05-04
Pretty URL novelastvs.net/wp-includes/js/comment-reply.min.js IP 172.67.160.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-04 10:43:15 Times Seen29657 Hash 492f2c1a7ea7eb83fe42e0ff7cb51aa2 db36a77f6aaa2063bfbec02c2c0e967438c5a245 e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Loading...

	ok.ru/res/js/classic_91fac55a.js	44 kB	2024-04-17	2024-05-04
Pretty URL ok.ru/res/js/classic_91fac55a.js IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 05:24:12 Last Seen2024-05-04 05:46:04 Times Seen12 Hash d0d6059d6e983408a6762e95ca14ddc6 0b46551bd866fefb046f385539e33d4a6a13a38f 4e9ce3a782692a2b3452f254a28a17bb5936277d9f0cdcfdc1a2035de5b62ee1 Loading...

	ok.ru/videoembed/7330423179879	431 B	2023-03-09	2024-04-30
Pretty URL ok.ru/videoembed/7330423179879 IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 12:59:32 Last Seen2024-04-30 15:33:42 Times Seen99 Hash b1387d0024fd5adf65c52a55581a4de0 3888fe5ad9605bf0c070da780fe481045ad3d9f6 fa137e65898a2e11eb5897f75d392e8028099ed782e07c9bcd73f0e8fcf32e59 Loading...

	ok.ru/res/js/b/primary_f5700b44.js	137 kB	2024-04-25	2024-04-25
Pretty URL ok.ru/res/js/b/primary_f5700b44.js IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 08:18:10 Last Seen2024-04-25 08:18:11 Times Seen2 Hash f1d99006f34f410f69facf972d29dc9c decd6c5ef1687ab194a9bd7bf4d03ac369d17669 ed809b3b1eaeb67f90c823caa41700fbbcc74d4c98ffe2985531e89fd2873f96 Loading...

	ok.ru/res/js/app/CurrentUserCfg_a412e224.js	1.1 kB	2023-06-08	2024-05-04
Pretty URL ok.ru/res/js/app/CurrentUserCfg_a412e224.js IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-08 15:41:04 Last Seen2024-05-04 05:46:04 Times Seen182 Hash db9ed780c05b981a9e3c7e72cd15aadd ff09939d7fe2a55267987a0de51d9c81544942ea 011b7516858ffe5359b854ea3653600ed2dc3b172645cdb2f478230a760cc86f Loading...

	ok.ru/res/js/lib/noext_2f9c7b37.js	551 B	2023-03-07	2024-05-04
Pretty URL ok.ru/res/js/lib/noext_2f9c7b37.js IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:57:21 Last Seen2024-05-04 05:46:04 Times Seen147 Hash 49e131534b7bc45107a6a1f313522bf5 8a4ac5d7eae94949dbb47e0632ecc20e418f4518 c5a7c2b450ec11b8d4e5ec56c14aac3d96b1766c76ed8453437d5228395657dd Loading...

	novelastvs.net/wp-includes/js/jquery/jquery.min.js	88 kB	2023-11-03	2024-05-04
Pretty URL novelastvs.net/wp-includes/js/jquery/jquery.min.js IP 172.67.160.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26:43 Last Seen2024-05-04 10:43:16 Times Seen44007 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	novelastvs.net/challenge-xx-chapter-18-complete-online/	263 B	2023-11-09	2024-05-04
Pretty URL novelastvs.net/challenge-xx-chapter-18-complete-online/ IP 172.67.160.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-09 15:56:19 Last Seen2024-05-04 00:35:02 Times Seen160 Hash 65b2a5e07ef0ef20fdde92c7b901af7b 8565b3f6cb9328e41910f0431959bf4eb15f55c5 adc33cca04b83d45c6962102f6e18d90e6a231c1e9b6967382f8e38bac0498ad Loading...

	ok.ru/basedRequireJsConfig.js?hash=-1709099384	69 kB	2024-04-25	2024-04-25
Pretty URL ok.ru/basedRequireJsConfig.js?hash=-1709099384 IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 08:18:10 Last Seen2024-04-25 08:18:10 Times Seen2 Hash 7f923fad0b0ad9ca51e73fede1218038 5045312fd37c0d703448614c555d903a3f602549 5d8e4e4002af794a80c649a56194a15a25be11a5e64ee36e73d3c133e9966bf0 Loading...

	ok.ru/dynamicRequireJsConfig.js?hash=1636767729	454 B	2024-04-17	2024-05-04
Pretty URL ok.ru/dynamicRequireJsConfig.js?hash=1636767729 IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 05:24:12 Last Seen2024-05-04 05:46:04 Times Seen9 Hash 482accf88cfefb056421d4739b37815e fce8b285853f97e5be801c9b5e56fde050cd475e dae678cf21078e161447968a81884892750f83342abc177eaf43f2a9eb3044e1 Loading...

	ok.ru/videoembed/7330423179879	593 B	2023-04-13	2024-04-25
Pretty URL ok.ru/videoembed/7330423179879 IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-13 02:32:53 Last Seen2024-04-25 08:18:10 Times Seen96 Hash 43f35037f92b2b467e668bd1fbfb2518 2fbd63f243c6f7236dfa5a38202726615ec77af2 037b6019caf2ff21abd29550061d38f6a5d2c8326bcf1342bc5281fa5e0c88c1 Loading...

	ok.ru/res/js/app/PackageRegistry_4f4b8d36.js	591 B	2023-07-09	2024-05-04
Pretty URL ok.ru/res/js/app/PackageRegistry_4f4b8d36.js IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-09 22:06:00 Last Seen2024-05-04 05:46:04 Times Seen16 Hash 4fd83254b3b5f28ebe33db8398dd932a 863216b09709c70ac221594d7b259cd9267289b3 572887ae0296341967befe10529961a9f894915cfb9914b6e66810b19f17b72c Loading...

	novelastvs.net/wp-content/themes/sahifa/js/tie-scripts.js	74 kB	2023-03-07	2024-05-04
Pretty URL novelastvs.net/wp-content/themes/sahifa/js/tie-scripts.js IP 172.67.160.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:29 Last Seen2024-05-04 00:35:02 Times Seen488 Hash e8e2d9640c5b8251f3929f48fb59cf92 4e31e02e0d1a74b147037b86ce4411c9ea0391ad a285337ae3fac1859a2f626f20d9a8d1a46e36e59ef427f85e7deda94afffb62 Loading...

	ok.ru/videoembed/7330423179879	1.8 kB	2024-04-17	2024-04-30
Pretty URL ok.ru/videoembed/7330423179879 IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 05:24:12 Last Seen2024-04-30 15:33:42 Times Seen4 Hash e1fceeb4b6cee97a1eba4c1406bf2b3f 480cb265bcecca29e75d3949adef4611134ac75f 3d8e25aa941d370eb3451b65f8ebba79701ac3e6593d6d08caec1ef26ec59386 Loading...

	ok.ru/res/js/tracerPlaceholder_efa2d703.js	704 B	2024-02-08	2024-05-04
Pretty URL ok.ru/res/js/tracerPlaceholder_efa2d703.js IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-08 21:29:44 Last Seen2024-05-04 05:46:04 Times Seen19 Hash 60e1a63fc3cd6468ccd75daa8094893e 7f8c40028356569083880cf8c78145b1cf73b619 41e3edd228fab0ab623880a450624f1c6f9e072450e038ba4fc8c36cb6dd6153 Loading...

	ok.ru/res/js/lib/require-2.1.11_1ae533d5.js	17 kB	2023-03-08	2024-05-04
Pretty URL ok.ru/res/js/lib/require-2.1.11_1ae533d5.js IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:33:54 Last Seen2024-05-04 05:46:04 Times Seen66 Hash 655360583189d849e7ba35899d11c418 dcd2d66802470c562435c6ec7e59b233acb4ad80 f15499124da99eb1855414911bcad1cefcd6b57a8816f762d11b9e33b9117d92 Loading...

	ok.ru/res/js/app/VideoEmbed_bc0da08a.js	888 B	2023-03-07	2024-05-04
Pretty URL ok.ru/res/js/app/VideoEmbed_bc0da08a.js IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:25 Last Seen2024-05-04 05:46:04 Times Seen205 Hash 956818422a5b489c9dc53b4b8a70d40a 78d2d53d011d23c8c96474f5905bf23b7813a4aa 7bd98f7a6f655b3ed24d60c603470bcdd167df6f54057099a0cdd70f4b079084 Loading...

	ok.ru/res/js/app/pts_487c55a3.js	4.4 kB	2023-12-29	2024-05-04
Pretty URL ok.ru/res/js/app/pts_487c55a3.js IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-29 22:07:36 Last Seen2024-05-04 05:46:04 Times Seen14 Hash e6b437fe55661a1815be026e30ca71c6 80012fcd73514dbc71cdcf14f9c2a0d9802739b1 7c948226f783a759f2da2e4cef73e4d3a6cddca0feee84964813f2a5bec35e27 Loading...

	novelastvs.net/wp-includes/js/jquery/jquery-migrate.min.js	14 kB	2023-05-09	2024-05-04
Pretty URL novelastvs.net/wp-includes/js/jquery/jquery-migrate.min.js IP 172.67.160.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21:05 Last Seen2024-05-04 10:43:15 Times Seen82427 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	novelastvs.net/challenge-xx-chapter-18-complete-online/	365 B	2023-03-07	2024-05-04
Pretty URL novelastvs.net/challenge-xx-chapter-18-complete-online/ IP 172.67.160.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:07:03 Last Seen2024-05-04 00:35:02 Times Seen140 Hash 9994063c15733345d66cef3c840de734 ea3e03962654434179a5bbd498f9608f374c2717 a055d92ebc726406492db38e47c5b79344774d4ded8560d0a558953ca5b16f76 Loading...

	ok.ru/videoembed/7330423179879	50 B	2023-03-07	2024-04-30
Pretty URL ok.ru/videoembed/7330423179879 IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:21:25 Last Seen2024-04-30 15:33:43 Times Seen92 Hash ece72248658f40c607816327de680911 297d9accc66b02c1257b1a47af2ebc3f9513f615 233d3130de0d956d233814ebce74642548f56b5e76aa496190874f66e16219eb Loading...

	st.mycdn.me/static/MegaPlayer/10-12-1/okVideoPlayerUtils.min.js	5.8 kB	2023-05-21	2024-05-04
Pretty URL st.mycdn.me/static/MegaPlayer/10-12-1/okVideoPlayerUtils.min.js IP 217.20.152.226 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-21 20:27:16 Last Seen2024-05-04 05:46:04 Times Seen183 Hash 3eda81a1ec63344c5d5786e4c43f7909 e84b9066d3cd235a892ec70314772aca6fd5d68f b20ef25442f0ebdef70f31c54b73be55310f460bde777c7523a1aa4c5aa620cf Loading...

	ok.ru/res/js/app/GwtConfig_828bddda.js	626 B	2023-06-08	2024-05-04
Pretty URL ok.ru/res/js/app/GwtConfig_828bddda.js IP 5.61.23.11 ASN #47764 LLC VK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-08 15:41:04 Last Seen2024-05-04 05:46:04 Times Seen191 Hash 52abb011cb05ae817b45ccd2b0b19af5 618fbc86477af20933cc93bd0709ff40692377e6 11e74bb775c668e99f0f4236c28645a76a9d14f42a7f3f54ebe24ba7256b649b Loading...

HTTP Transactions (59)

URL IP Response Size

novelastvs.net/wp-content/uploads/2024/03/ennovelas.png

172.67.160.184

200 OK

14 kB

URL GET HTTP/3
novelastvs.net/wp-content/uploads/2024/03/ennovelas.png
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
PNG image data, 311 x 80, 8-bit/color RGBA, non-interlaced
Size
14 kB (13982 bytes)
Hash
bff01216dc18d28f6bd0f2f97cdc121a
4d3b1ba74ef85da5d1538746bc87cf29b6fb3423
063e901fef186022b0c78c0d8fd99a52d66b6eba8f7f507cd940165daf9433d3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/03/ennovelas.png HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:36 GMT
content-type: image/png
content-length: 13982
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 14:00:50 GMT
last-modified: Mon, 18 Mar 2024 18:41:11 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 231405
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IYH4YS5c874vdYzvOp0Qz1e7RbHi27Kxbhen8%2FyCdCWA8QUAQX4HVQoWk7MNj5ZsDKmuBH6rNMrZUFlwLsuAuLgdapozjXd5u9EJMCvIa9Rvn%2F2TH20A1fAZ7nCn8vZojQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c3605df8f56c6-OSL
alt-svc: h3=":443"; ma=86400

novelastvs.net/ch/

172.67.160.184

301 Moved Permanently

503 B

URL User Request GET HTTP/2
novelastvs.net/ch/
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
data
Size
503 B (503 bytes)
Hash
90a0b7b85ba40cbb4d0ef33437792d33
ebbb3cf66708ed76088674d45356a7cc0618138a
ca4b7569f6d4707b0ba6bd481c5b89ed4d6391b357cd5b4db4ffd926965f7838

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	SwissPass
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ch/ HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Thu, 25 Apr 2024 06:17:36 GMT
content-type: text/html; charset=UTF-8
location: https://novelastvs.net/challenge-xx-chapter-18-complete-online/
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zFD4bfSX4xxTpmnevNtXzG9RszTd0oPmHYhH0w22OtwtXsqF71UEP5E%2B3oVlcdfto23K49osngT%2Fy7VebtzD9GpJvnXgsDnueflAwLrJ8bAs%2Bh8nxSpXVGfmiPKSM4KBKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c36005a12569f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

novelastvs.net/wp-content/themes/sahifa/js/search.js

172.67.160.184

200 OK

13 kB

URL GET HTTP/3
novelastvs.net/wp-content/themes/sahifa/js/search.js
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
13 kB (12695 bytes)
Hash
c0753a18f5f80d711e27e808db6ea442
51acbdbea1df8ea6b57873fb17a5e25b30006393
d6c6d0b6440485f2536e96758b074c4713ef69a56511f2af2128f23ce6eebdca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/sahifa/js/search.js HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:36 GMT
content-type: application/javascript
last-modified: Mon, 18 Mar 2024 18:31:46 GMT
vary: Accept-Encoding
etag: W/"65f88892-3aa2"
expires: Thu, 25 Apr 2024 12:22:50 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 21286
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4lOYJH5O2NW68aCc1GHjmHPryalbCE2sSQd5LzeDM%2BJIUGMic7AcjH6fNWpANfOhwC0GV8PM6NcW%2B7WfGh%2FzKGFatKG%2FG1O3YH1QlOQqDjVJpBLGRH%2F%2Fi4PD8XbtrPiJcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c3605ef9956c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

novelastvs.net/wp-content/themes/sahifa/images/patterns/body-bg10.png

172.67.160.184

200 OK

185 B

URL GET HTTP/3
novelastvs.net/wp-content/themes/sahifa/images/patterns/body-bg10.png
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Size
185 B (185 bytes)
Hash
178f0dd993886c692f440d6a6b7d011c
94279b48f233e3f76d44c9a7ab95b7de0e72f5f2
8f4e14fcaf0b8d2f630f442e31cd18bf1d048f16332635c363773a93800e0824

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/sahifa/images/patterns/body-bg10.png HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: image/png
content-length: 185
last-modified: Mon, 18 Mar 2024 18:31:46 GMT
etag: "65f88892-b9"
expires: Sat, 25 May 2024 00:22:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 21287
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9fUPu9vCzel7aRaRLuMNGGyh0Lu0UZLFLHYIHOHeM%2Fom%2BbHtwH64wMH0r%2F%2FiH8bHJLlOGJh2saKeoZqGLnZAM9qYCh%2BRmBLe3%2BVygdnrN5MqerEvoTMNBqAcdwDhOQpmug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c3607089d56c6-OSL
alt-svc: h3=":443"; ma=86400

novelastvs.net/wp-content/themes/sahifa/images/home.png

172.67.160.184

200 OK

1.0 kB

URL GET HTTP/3
novelastvs.net/wp-content/themes/sahifa/images/home.png
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
PNG image data, 30 x 78, 8-bit colormap, non-interlaced
Size
1.0 kB (1022 bytes)
Hash
2ca35c0c6c0a17872bc7c6ef7fb1d6e5
6504abb26cf52c2250ea8e9c5645bb9439cefba9
6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/sahifa/images/home.png HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/wp-content/themes/sahifa/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: image/png
content-length: 1022
last-modified: Mon, 18 Mar 2024 18:31:46 GMT
etag: "65f88892-3fe"
expires: Sat, 25 May 2024 00:22:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 21287
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9zFPLF%2FOh65qJBolyq%2BO3xbgl%2Bwp0XuLkj0PGIvo9CoWsY4vT0K0MVIbJQ%2FLT1DBIimr2%2BZxtNZBF3CKArLtipK4d2MSzKfD1E3rmVAPmjsKTL0dTQCuwVJ%2FnyV2nd%2F5hA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c360718a256c6-OSL
alt-svc: h3=":443"; ma=86400

novelastvs.net/wp-content/themes/sahifa/images/stripe.png

172.67.160.184

200 OK

93 B

URL GET HTTP/3
novelastvs.net/wp-content/themes/sahifa/images/stripe.png
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
PNG image data, 12 x 14, 8-bit/color RGBA, non-interlaced
Size
93 B (93 bytes)
Hash
51386a2f66885faebd7ce34fceee3c7f
d428fb21cb1c35bb8d1a579df9aa7034c62f8e61
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/sahifa/images/stripe.png HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/wp-content/themes/sahifa/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: image/png
content-length: 93
last-modified: Mon, 18 Mar 2024 18:31:46 GMT
etag: "65f88892-5d"
expires: Sat, 25 May 2024 00:22:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 21287
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R2j4M4VmYOZVYdDVrLGWXD%2FkagvPWACjuAG1hsF%2FhRjudz8Rl0N%2B2xWXKhYW0Ry%2BqSD9zx0VDj163IdZICCWUzK3n62GGR9IaGCXexIqaxnS%2FzD17oaNfGwgM0%2FhwdNJqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c360718a356c6-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

142.250.74.163

200 OK

21 kB

URL GET HTTP/2
fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21224, version 1.0
Size
21 kB (21224 bytes)
Hash
13bdfb843f942ccd9f485eb6c0bc1934
2bad44362ff7569f24f2a3df2521b27a97ec1297
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c

HTTP Headers

GET /s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://novelastvs.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 21:41:46 GMT
expires: Tue, 22 Apr 2025 21:41:46 GMT
cache-control: public, max-age=31536000
age: 203751
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/battambang/v24/uk-lEGe7raEw-HjkzZabNsmM9yNQ8w.woff2

142.250.74.163

200 OK

12 kB

URL GET HTTP/2
fonts.gstatic.com/s/battambang/v24/uk-lEGe7raEw-HjkzZabNsmM9yNQ8w.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11464, version 1.0
Size
12 kB (11464 bytes)
Hash
5f68258083ecfbace36582eea969cf9b
efb70c555ba39aef0c3b40cdd18a4122845835ac
eb73dd86b98b1c9fbb39467d27b2b45465e71c04381035f12c900da98fcfcf5f

HTTP Headers

GET /s/battambang/v24/uk-lEGe7raEw-HjkzZabNsmM9yNQ8w.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://novelastvs.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11464
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 04:39:48 GMT
expires: Fri, 25 Apr 2025 04:39:48 GMT
cache-control: public, max-age=31536000
age: 5869
last-modified: Tue, 19 Apr 2022 19:03:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

142.250.74.163

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22376, version 1.0
Size
22 kB (22376 bytes)
Hash
e6af16165f9bfda6aafd0088b8c01daa
c9c0ee8309619643e65ba1b22bfffcd1a7ca1e51
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216

HTTP Headers

GET /s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://novelastvs.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:44:23 GMT
expires: Fri, 25 Apr 2025 02:44:23 GMT
cache-control: public, max-age=31536000
age: 12794
last-modified: Tue, 19 Apr 2022 18:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

novelastvs.net/wp-content/uploads/2024/04/Ganar-o-Servir44-110x75.jpg

172.67.160.184

200 OK

3.8 kB

URL GET HTTP/3
novelastvs.net/wp-content/uploads/2024/04/Ganar-o-Servir44-110x75.jpg
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 110x75, components 3
Size
3.8 kB (3767 bytes)
Hash
d92eff6a811dba4e55bbbd8c2345edaa
14e4ec42a86fa4e5d537670696e82b3a9d05a544
5dde26293bc78ddab1bd5717020408743b191e481b910d0c83c457854dae89ad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/04/Ganar-o-Servir44-110x75.jpg HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: image/jpeg
content-length: 3767
last-modified: Wed, 24 Apr 2024 16:37:38 GMT
etag: "66293552-eb7"
expires: Sat, 25 May 2024 00:22:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 21287
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cEQcuB04De7iBdWhhOpiYRSFcsN0xvgAP8yaZkOL%2BpIcaeHSNjfNa6bjLGSE6dP%2BCaQOGeW7Ioe1ENFw1WIBD%2FPo0IsNktsKwG7Afnh3PS249e3ZPssez4QHkLCDdpNdGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c3608296956c6-OSL
alt-svc: h3=":443"; ma=86400

novelastvs.net/wp-content/uploads/2024/03/Vivir-de-Amor-110x75.jpg

172.67.160.184

200 OK

3.5 kB

URL GET HTTP/3
novelastvs.net/wp-content/uploads/2024/03/Vivir-de-Amor-110x75.jpg
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 110x75, components 3
Size
3.5 kB (3461 bytes)
Hash
b8d5d57c0f6440bbfe571b804faf5e48
e4b0fc2e9d1692a2189e7c9dafb83af832fb4470
40f453f727e3f08ce19f5109781a7a997365b6a338c29ee630f9f2f97cb533c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/03/Vivir-de-Amor-110x75.jpg HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: image/jpeg
content-length: 3461
last-modified: Thu, 21 Mar 2024 07:26:46 GMT
etag: "65fbe136-d85"
expires: Sat, 25 May 2024 00:22:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 21287
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JCb8lj%2Bl38O56KmdUUAo5Y7ILXxSd4nQ%2BtUGdI0v7ZZobjoI6ivYG%2B1J3x77yGcsUVwERvYuuwe3%2FEN5uuCpiOilG6G%2FBR9tuLjGHyLLVpLS%2FNEfISc0O%2FAa7wZfFhceAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c3608296b56c6-OSL
alt-svc: h3=":443"; ma=86400

novelastvs.net/wp-content/uploads/2024/03/Tu-Vida-Es-Mi-110x75.jpg

172.67.160.184

200 OK

3.4 kB

URL GET HTTP/3
novelastvs.net/wp-content/uploads/2024/03/Tu-Vida-Es-Mi-110x75.jpg
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 110x75, components 3
Size
3.4 kB (3410 bytes)
Hash
188170882aa0a82048f97e24ce4aab0b
77ac2f7829fcfb8e092dfd6ec3d77a74fe9da7a2
2aa9cfb2b08440ae165d38a0f070726aebaa3c7e0b3c3d8a8723dec6524c2502

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/03/Tu-Vida-Es-Mi-110x75.jpg HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: image/jpeg
content-length: 3410
last-modified: Thu, 21 Mar 2024 07:33:10 GMT
etag: "65fbe2b6-d52"
expires: Sat, 25 May 2024 00:22:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 21287
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pe289nizZk1L6B7g2NzWoQPirHzjILXlN%2FM%2F3z30JMhGZEkJb8HEds9P6bGm0kFVIOyWV%2FdbDYeH%2F8lr5IfccKFwS%2FXBlSRWNd%2B0KlwkkwhoGPC3qiK2Nu6VuzG5%2FA6goQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c3608297256c6-OSL
alt-svc: h3=":443"; ma=86400

novelastvs.net/wp-content/uploads/2024/04/Al-Sur-del-Corazon-110x75.jpg

172.67.160.184

200 OK

4.0 kB

URL GET HTTP/3
novelastvs.net/wp-content/uploads/2024/04/Al-Sur-del-Corazon-110x75.jpg
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 110x75, components 3
Size
4.0 kB (3973 bytes)
Hash
2bdcb78fdc9568574d8e708793c14917
ea359da2a5fd81a7dbf53cc5f2ee821dfc69370a
405eadd5e3bf1dc6e1cfeb9d50f087c763dfde9a20a75453b5c05faa454c75a1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/04/Al-Sur-del-Corazon-110x75.jpg HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: image/jpeg
content-length: 3973
last-modified: Wed, 24 Apr 2024 16:33:22 GMT
etag: "66293452-f85"
expires: Sat, 25 May 2024 00:22:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 21287
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=23z91%2Bm5dBRbU0%2FBmaFaqHy%2F5KTovjLTh2lRXn8FnZY058MKhDmGSBn0mzKA0U%2F1qBDhKHTB2e4%2BpxOLCise8uRGRebXFPswsEaY8Pby2rTh%2Bv3sPkoMLZgz9XuFrnkjaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c3608296e56c6-OSL
alt-svc: h3=":443"; ma=86400

novelastvs.net/wp-content/themes/sahifa/js/postviews-cache.js

172.67.160.184

200 OK

21 kB

URL GET HTTP/3
novelastvs.net/wp-content/themes/sahifa/js/postviews-cache.js
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
ASCII text, with no line terminators
Size
21 kB (21258 bytes)
Hash
76591f91de8e1ba757c75f2ed652aa08
edccb6c8b113f6d1ad76cdba1a2499e13bae45ae
e4146dc61fb3064bed9359d9717141388f3a37b1fe3c2bd179c15776e84aff51

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/sahifa/js/postviews-cache.js HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: application/javascript
last-modified: Mon, 18 Mar 2024 18:31:46 GMT
etag: W/"65f88892-8b"
expires: Thu, 25 Apr 2024 18:17:37 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fggp93GeOvJnWBXGW%2FLqv%2BzdpsyC1jF1aPQKc3nJ3sJo4lu6uDGF9OVRjaba1Goz4iNYGGNMnAKrNpZtYuRIOzMyNkInubPxyLQ1Kk3G4XtihwaGzOJK%2F%2FOecPh%2BR4GZdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c3605df8e56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

novelastvs.net/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff

172.67.160.184

200 OK

20 kB

URL GET HTTP/3
novelastvs.net/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
Web Open Font Format, CFF, length 19996, version 1.300
Size
20 kB (19996 bytes)
Hash
07db5c04835629ee7284a0481197443d
9f56f7e1b14b89828393aef3ff581a4a22320af0
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/wp-content/themes/sahifa/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: font/woff
content-length: 19996
last-modified: Mon, 18 Mar 2024 18:31:46 GMT
etag: "65f88892-4e1c"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZXZ5z%2F9miqWGaPF4p%2F6%2BqkeqLp%2F0Yzd81ao0%2FyJME12LfFqFimM%2BbrzIGZ8i8aBkTMaoLBvvGbySavX8319VsDwzVCxX1e%2Blz3svrC3GDOnoiA4FHYpuYvppOOyVehvwXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c360748ca56c6-OSL
alt-svc: h3=":443"; ma=86400

novelastvs.net/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0

172.67.160.184

200 OK

77 kB

URL GET HTTP/3
novelastvs.net/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/wp-content/themes/sahifa/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: font/woff2
content-length: 77160
last-modified: Mon, 18 Mar 2024 18:31:46 GMT
etag: "65f88892-12d68"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yx1Gz%2FWmaRb7nf0bQ28QGo%2F%2BR55rva62oitGlXAqCnay3bOEKfeYDWHPnNzE2W6mPg4oy3HHeqSgzcRwJ8PR9rzLUoAPcQhr5QsNc6rBiesYShOKOWKl9w%2FpqKvg%2B1aAvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c360738b656c6-OSL
alt-svc: h3=":443"; ma=86400

novelastvs.net/wp-content/uploads/2024/04/Como-La-Vida-110x75.webp

172.67.160.184

200 OK

4.0 kB

URL GET HTTP/3
novelastvs.net/wp-content/uploads/2024/04/Como-La-Vida-110x75.webp
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 110x75, Scaling: [none]x[none], YUV color, decoders should clamp
Size
4.0 kB (3952 bytes)
Hash
631463f41fa5f7aa67896a169ddc96a6
aa7c59f95ac2c1692587f2e00725aa95395a120c
acd94642c7996dbb5490aeded7dd2bd8fa78a37311bf2535892f6ce963ce24b7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/04/Como-La-Vida-110x75.webp HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: image/webp
content-length: 3952
last-modified: Wed, 24 Apr 2024 16:30:51 GMT
etag: "662933bb-f70"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jSC88GXZuxFmKaPAGwa%2FCqY%2F6W72SgKYoQ%2BLppYjmr7%2FKCA%2BNtTe3SqrfVib5DjwJuFsz%2Bbc0lKQTBeSek1W1PFWARONzWSqQZCBEnGuHq5oT6wHgOFj2X%2BKxPRQ1osfzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c3608296f56c6-OSL
alt-svc: h3=":443"; ma=86400

novelastvs.net/wp-content/uploads/2024/04/Ruzgarli-Tepe-110x75.webp

172.67.160.184

200 OK

2.0 kB

URL GET HTTP/3
novelastvs.net/wp-content/uploads/2024/04/Ruzgarli-Tepe-110x75.webp
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 110x75, Scaling: [none]x[none], YUV color, decoders should clamp
Size
2.0 kB (2016 bytes)
Hash
734191b0d9d78db4eeb9c0770056b8f9
0f250485e836b44ea67053d2c7bbeb9dc13007fc
1fd1a8b52d32a66b1369c448e24355eacfda400b22d73c7742a4c65a09843053

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/04/Ruzgarli-Tepe-110x75.webp HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: image/webp
content-length: 2016
last-modified: Wed, 24 Apr 2024 16:27:20 GMT
etag: "662932e8-7e0"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jfOKw4SqoL7DOt0%2BFtYmP%2BpqVfGgutIqZla3orV1TWve6b3P%2FvTsZBUjl8B4SukT8QiIJoG0Mpu611lLtoAsCKH8FfyzU5YRPwbejSO99zt33tOgJ5HAGtPS5v4N0%2FE%2B%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c3608297456c6-OSL
alt-svc: h3=":443"; ma=86400

ok.ru/res/js/tracerPlaceholder_efa2d703.js

5.61.23.11

200 OK

288 B

URL GET HTTP/2
ok.ru/res/js/tracerPlaceholder_efa2d703.js
IP
5.61.23.11:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT

File type
JavaScript source, ASCII text, with very long lines (638)
Size
288 B (288 bytes)
Hash
60e1a63fc3cd6468ccd75daa8094893e
7f8c40028356569083880cf8c78145b1cf73b619
41e3edd228fab0ab623880a450624f1c6f9e072450e038ba4fc8c36cb6dd6153

HTTP Headers

GET /res/js/tracerPlaceholder_efa2d703.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/7330423179879
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: application/javascript
content-length: 288
last-modified: Mon, 22 Apr 2024 15:27:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Fri, 25 Apr 2025 06:17:37 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

ok.ru/res/js/lib/require-2.1.11_1ae533d5.js

5.61.23.11

200 OK

5.8 kB

URL GET HTTP/2
ok.ru/res/js/lib/require-2.1.11_1ae533d5.js
IP
5.61.23.11:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT

File type
JavaScript source, ASCII text, with very long lines (16739)
Size
5.8 kB (5789 bytes)
Hash
655360583189d849e7ba35899d11c418
dcd2d66802470c562435c6ec7e59b233acb4ad80
f15499124da99eb1855414911bcad1cefcd6b57a8816f762d11b9e33b9117d92

HTTP Headers

GET /res/js/lib/require-2.1.11_1ae533d5.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/7330423179879
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: application/javascript
content-length: 5789
last-modified: Mon, 22 Apr 2024 15:27:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Fri, 25 Apr 2025 06:17:37 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

ok.ru/res/js/classic_91fac55a.js

5.61.23.11

200 OK

12 kB

URL GET HTTP/2
ok.ru/res/js/classic_91fac55a.js
IP
5.61.23.11:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT

File type
JavaScript source, ASCII text, with very long lines (44331)
Size
12 kB (12336 bytes)
Hash
d0d6059d6e983408a6762e95ca14ddc6
0b46551bd866fefb046f385539e33d4a6a13a38f
4e9ce3a782692a2b3452f254a28a17bb5936277d9f0cdcfdc1a2035de5b62ee1

HTTP Headers

GET /res/js/classic_91fac55a.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/7330423179879
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: application/javascript
content-length: 12336
last-modified: Mon, 22 Apr 2024 15:27:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Fri, 25 Apr 2025 06:17:37 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

ok.ru/dynamicRequireJsConfig.js?hash=1636767729

5.61.23.11

200 OK

454 B

URL GET HTTP/2
ok.ru/dynamicRequireJsConfig.js?hash=1636767729
IP
5.61.23.11:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT

File type
ASCII text, with very long lines (454), with no line terminators
Size
454 B (454 bytes)
Hash
482accf88cfefb056421d4739b37815e
fce8b285853f97e5be801c9b5e56fde050cd475e
dae678cf21078e161447968a81884892750f83342abc177eaf43f2a9eb3044e1

HTTP Headers

GET /dynamicRequireJsConfig.js?hash=1636767729 HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/7330423179879
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: application/javascript;charset=UTF-8
content-length: 454
cache-control: max-age=1209600
X-Firefox-Spdy: h2

st.mycdn.me/res/css/prod/videoembed/videoembed.fa0895ad.css

217.20.152.226

200 OK

2.9 kB

URL GET HTTP/2
st.mycdn.me/res/css/prod/videoembed/videoembed.fa0895ad.css
IP
217.20.152.226:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.okcdn.ru
Fingerprint52:15:45:56:FD:96:8F:6A:5F:BD:C4:AE:58:7F:57:AD:CA:BE:AA:F0
ValidityFri, 10 Nov 2023 10:08:51 GMT - Wed, 11 Dec 2024 10:08:50 GMT

File type
ASCII text, with very long lines (14789), with no line terminators
Size
2.9 kB (2948 bytes)
Hash
fa0895ad7ac51ef41982d17054d98892
7e9e6ec150235e73663b58f9e27b5503950f441b
5717a185ef481afc5a96c0256aa0bf1e25fee3b0f01c18463cf4182a49c5d7d2

HTTP Headers

GET /res/css/prod/videoembed/videoembed.fa0895ad.css HTTP/1.1
Host: st.mycdn.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: text/css; charset=utf-8
content-length: 2948
last-modified: Mon, 19 Feb 2024 19:20:38 GMT
vary: Accept-Encoding
content-encoding: br
expires: Fri, 25 Apr 2025 06:17:37 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

secure.gravatar.com/avatar/f834f49ee964b4776d51ec0498895ea9?s=90&d=mm&r=g

192.0.73.2

200 OK

1.4 kB

URL GET HTTP/2
secure.gravatar.com/avatar/f834f49ee964b4776d51ec0498895ea9?s=90&d=mm&r=g
IP
192.0.73.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerSectigo Limited
Subject*.gravatar.com
Fingerprint28:34:17:4E:69:95:4B:B9:70:DF:D4:0F:AA:2C:8D:60:F2:45:E7:D0
ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 90x90, components 3
Size
1.4 kB (1410 bytes)
Hash
6cff656b71acebbc9c33911ce2e27965
9cafcc163f5bd548b5463b5e29a32f2523ecb00f
950ddfdcbb8264a6c53f127daab652b2e6601012df795ff0eea0ad441a010f26

HTTP Headers

GET /avatar/f834f49ee964b4776d51ec0498895ea9?s=90&d=mm&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: image/jpeg
content-length: 1410
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://gravatar.com/avatar/f834f49ee964b4776d51ec0498895ea9?s=90&d=mm&r=g>; rel="canonical"
access-control-allow-origin: *
content-disposition: inline; filename="f834f49ee964b4776d51ec0498895ea9.png"
expires: Thu, 25 Apr 2024 06:22:37 GMT
cache-control: max-age=300
x-nc: HIT arn 2
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
X-Firefox-Spdy: h2

i.mycdn.me/videoPreview?id=6327914924647&type=37&idx=6&tkn=7VbKK9tx24E-GmeIp9iDgcGrG3M&fn=external_8

217.20.152.213

200 OK

96 kB

URL GET HTTP/2
i.mycdn.me/videoPreview?id=6327914924647&type=37&idx=6&tkn=7VbKK9tx24E-GmeIp9iDgcGrG3M&fn=external_8
IP
217.20.152.213:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.okcdn.ru
FingerprintDC:22:FF:A0:25:EF:CB:9F:9E:6F:DB:C7:28:C2:B9:91:FB:1D:6E:5B
ValidityFri, 10 Nov 2023 10:07:55 GMT - Wed, 11 Dec 2024 10:07:54 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 720x405, Scaling: [none]x[none], YUV color, decoders should clamp
Size
96 kB (95810 bytes)
Hash
1345e7168f9961496c91e76f504b156a
8df0ab3a188e1486610f2aa4e12cd5f317323d44
f2bf8adcbb1972459e57a5cfaebbda98f083c45cfa3bd616aa7960533b7faa29

HTTP Headers

GET /videoPreview?id=6327914924647&type=37&idx=6&tkn=7VbKK9tx24E-GmeIp9iDgcGrG3M&fn=external_8 HTTP/1.1
Host: i.mycdn.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: image/webp
content-length: 95810
accept-ranges: bytes
last-modified: Sun, 25 Feb 2024 06:17:37 GMT
cache-control: private, max-age=100000000
expires: Mon, 20 Jan 2025 06:17:37 GMT
etag: "686897696a7c876b7e"
timing-allow-origin: *
access-control-allow-origin: *
x-ok-image: ?1
X-Firefox-Spdy: h2

ok.ru/basedRequireJsConfig.js?hash=-1709099384

5.61.23.11

200 OK

20 kB

URL GET HTTP/2
ok.ru/basedRequireJsConfig.js?hash=-1709099384
IP
5.61.23.11:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
20 kB (20484 bytes)
Hash
7f923fad0b0ad9ca51e73fede1218038
5045312fd37c0d703448614c555d903a3f602549
5d8e4e4002af794a80c649a56194a15a25be11a5e64ee36e73d3c133e9966bf0

HTTP Headers

GET /basedRequireJsConfig.js?hash=-1709099384 HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/7330423179879
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: application/javascript;charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=1209600
content-encoding: br
X-Firefox-Spdy: h2

ok.ru/res/js/app/capture_20f51f05.js

5.61.23.11

200 OK

702 B

URL GET HTTP/2
ok.ru/res/js/app/capture_20f51f05.js
IP
5.61.23.11:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT

File type
JavaScript source, ASCII text, with very long lines (1571)
Size
702 B (702 bytes)
Hash
51335d33e305bbc9946ef9478d9040f2
559bd59f588ac8a4279df931f53f7d658cd23cef
6b35ce2d1a3ed202d4d5c2fb05ee2a40cdc245723ecf538e66016aa323749925

HTTP Headers

GET /res/js/app/capture_20f51f05.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/7330423179879
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: application/javascript
content-length: 702
last-modified: Mon, 22 Apr 2024 15:27:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Fri, 25 Apr 2025 06:17:37 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

novelastvs.net/wp-content/uploads/2024/03/novelastvs.png

172.67.160.184

200 OK

2.1 kB

URL GET HTTP/3
novelastvs.net/wp-content/uploads/2024/03/novelastvs.png
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
PNG image data, 74 x 40, 8-bit/color RGBA, non-interlaced
Size
2.1 kB (2058 bytes)
Hash
c8b1aacb743acfa457fbfb5490024cc0
314143a8e382e687e30cd920f725ec14282022fe
1116ffc30031b54aa2d09cf3d09a6e566186c220e0f589bc2a17ced87985f89f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/03/novelastvs.png HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: image/png
content-length: 2058
last-modified: Mon, 18 Mar 2024 18:35:58 GMT
etag: "65f8898e-80a"
expires: Sat, 25 May 2024 06:17:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=teG7JeY2BcXXX33dKXFnkpgn6pANrV55XT8Lf1mAy2gpKXDT6DQv0MvTNDzjUVPLNskGQOA03zgMagE63kQ7%2FS17Y%2FQOJZSO8CZjBa1Mrb9dqu1PeigXSDMsTQIKcaXQlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c360a0ae956c6-OSL
alt-svc: h3=":443"; ma=86400

novelastvs.net/wp-includes/js/jquery/jquery-migrate.min.js

172.67.160.184

200 OK

5.4 kB

URL GET HTTP/3
novelastvs.net/wp-includes/js/jquery/jquery-migrate.min.js
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
5.4 kB (5366 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:36 GMT
content-type: application/javascript
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
vary: Accept-Encoding
etag: W/"6482bd64-3509"
expires: Thu, 25 Apr 2024 12:22:50 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 21286
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cd6Reem%2BWO0Lv%2FSMMYwpMc%2FFijSX4cOj53ydJW61NaBMHS%2BcTLfoegwb3ysyyLIZ65B6qzQWpyW1w1U6%2FsG%2FHwz9uOIsiWyCubPKSBMRnS2Ak0wgZvLm9ZtEk1EQcjFWxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c3605df8c56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ok.ru/res/js/app/OKVideo_5067569d.js

5.61.23.11

200 OK

5.5 kB

URL GET HTTP/2
ok.ru/res/js/app/OKVideo_5067569d.js
IP
5.61.23.11:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT

File type
JavaScript source, ASCII text, with very long lines (16828)
Size
5.5 kB (5546 bytes)
Hash
1b88371636d65d020d19ecac2da8b077
56cb8ef174ee2b07f4ec7fc607e3d08a2b500077
3251ca368718620ca0a2c7467cb7830bb30d47231f8f387cdd58d0738e49ef7d

HTTP Headers

GET /res/js/app/OKVideo_5067569d.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/7330423179879
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: application/javascript
content-length: 5546
last-modified: Mon, 22 Apr 2024 15:27:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Fri, 25 Apr 2025 06:17:37 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

ok.ru/res/js/b/metrics_b087a7d3.js

5.61.23.11

200 OK

6.6 kB

URL GET HTTP/2
ok.ru/res/js/b/metrics_b087a7d3.js
IP
5.61.23.11:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT

File type
JavaScript source, ASCII text, with very long lines (25578)
Size
6.6 kB (6567 bytes)
Hash
ff696d0761e9005b905bc9d0bd143eca
0ce8559014addcfa7d20ae1121455a22d1dc78f8
a59fbfc247f7d5d4f644e75cb5a02ff02fe0d5121e58eab05ac4dcb1808fe635

HTTP Headers

GET /res/js/b/metrics_b087a7d3.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/7330423179879
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: application/javascript
content-length: 6567
last-modified: Mon, 22 Apr 2024 15:27:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Fri, 25 Apr 2025 06:17:37 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

ok.ru/res/js/lib/jquery-1.8.3_90be892.js

5.61.23.11

200 OK

30 kB

URL GET HTTP/2
ok.ru/res/js/lib/jquery-1.8.3_90be892.js
IP
5.61.23.11:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (36290)
Size
30 kB (29923 bytes)
Hash
dcc5f5b9d0f3e32d0e23a90a99438dac
2ad3dcea12e0f120074e01b5aadadf42662186fb
86e9134e8d7fa2b1ed8c666ce06cac65f0a3aa9f6ca4b0918e0fcc63a3cebffd

HTTP Headers

GET /res/js/lib/jquery-1.8.3_90be892.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/7330423179879
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: application/javascript
content-length: 29923
last-modified: Mon, 22 Apr 2024 15:27:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Fri, 25 Apr 2025 06:17:37 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

ok.ru/res/js/b/primary_f5700b44.js

5.61.23.11

200 OK

35 kB

URL GET HTTP/2
ok.ru/res/js/b/primary_f5700b44.js
IP
5.61.23.11:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (53987)
Size
35 kB (34776 bytes)
Hash
f1d99006f34f410f69facf972d29dc9c
decd6c5ef1687ab194a9bd7bf4d03ac369d17669
ed809b3b1eaeb67f90c823caa41700fbbcc74d4c98ffe2985531e89fd2873f96

HTTP Headers

GET /res/js/b/primary_f5700b44.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/7330423179879
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: application/javascript
content-length: 34776
last-modified: Mon, 22 Apr 2024 15:27:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Fri, 25 Apr 2025 06:17:37 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

st.mycdn.me/static/MegaPlayer/10-12-1/okVideoPlayerUtils.min.js

217.20.152.226

200 OK

2.4 kB

URL GET HTTP/2
st.mycdn.me/static/MegaPlayer/10-12-1/okVideoPlayerUtils.min.js
IP
217.20.152.226:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.okcdn.ru
Fingerprint52:15:45:56:FD:96:8F:6A:5F:BD:C4:AE:58:7F:57:AD:CA:BE:AA:F0
ValidityFri, 10 Nov 2023 10:08:51 GMT - Wed, 11 Dec 2024 10:08:50 GMT

File type
JavaScript source, ASCII text, with very long lines (5735)
Size
2.4 kB (2358 bytes)
Hash
3eda81a1ec63344c5d5786e4c43f7909
e84b9066d3cd235a892ec70314772aca6fd5d68f
b20ef25442f0ebdef70f31c54b73be55310f460bde777c7523a1aa4c5aa620cf

HTTP Headers

GET /static/MegaPlayer/10-12-1/okVideoPlayerUtils.min.js HTTP/1.1
Host: st.mycdn.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 2358
last-modified: Wed, 17 May 2023 19:26:27 GMT
vary: Accept-Encoding
content-encoding: br
expires: Fri, 25 Apr 2025 06:17:37 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

novelastvs.net/wp-content/themes/sahifa/js/ilightbox.packed.js

172.67.160.184

200 OK

31 kB

URL GET HTTP/3
novelastvs.net/wp-content/themes/sahifa/js/ilightbox.packed.js
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
JavaScript source, ASCII text, with very long lines (2026)
Size
31 kB (31385 bytes)
Hash
6925324c0c75ab9db234ce7da072faeb
80491389cf716c242334e9d7f2ee9c7ddf2044aa
1f560c3e9fb5beeed86da7d5be1ae459c22af6ec1d58f77e2a89a20063ef7ba2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/sahifa/js/ilightbox.packed.js HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:36 GMT
content-type: application/javascript
last-modified: Mon, 18 Mar 2024 18:31:46 GMT
vary: Accept-Encoding
etag: W/"65f88892-137ad"
expires: Thu, 25 Apr 2024 12:22:50 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 21286
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QQ3ev5AcqV5pWG2A3DcH2rvzcSMppk7Hv1TDmqdIRHI6ZMRUOBrmmXz7aNO2BpDmsYcouk%2F8mxV9ItYKKPgXLgKLUMfUDatLj0czuCk8yvn%2FR4FEWJ%2Fb5FeWFFJ2v6C7uA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c3605ef9656c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ok.ru/res/js/app/CurrentUserCfg_a412e224.js

5.61.23.11

200 OK

448 B

URL GET HTTP/2
ok.ru/res/js/app/CurrentUserCfg_a412e224.js
IP
5.61.23.11:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT

File type
JavaScript source, ASCII text, with very long lines (1040)
Size
448 B (448 bytes)
Hash
db9ed780c05b981a9e3c7e72cd15aadd
ff09939d7fe2a55267987a0de51d9c81544942ea
011b7516858ffe5359b854ea3653600ed2dc3b172645cdb2f478230a760cc86f

HTTP Headers

GET /res/js/app/CurrentUserCfg_a412e224.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/7330423179879
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: application/javascript
content-length: 448
last-modified: Mon, 22 Apr 2024 15:27:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Fri, 25 Apr 2025 06:17:37 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

ok.ru/res/js/app/GwtConfig_828bddda.js

5.61.23.11

200 OK

335 B

URL GET HTTP/2
ok.ru/res/js/app/GwtConfig_828bddda.js
IP
5.61.23.11:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT

File type
JavaScript source, ASCII text, with very long lines (564)
Size
335 B (335 bytes)
Hash
52abb011cb05ae817b45ccd2b0b19af5
618fbc86477af20933cc93bd0709ff40692377e6
11e74bb775c668e99f0f4236c28645a76a9d14f42a7f3f54ebe24ba7256b649b

HTTP Headers

GET /res/js/app/GwtConfig_828bddda.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/7330423179879
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:38 GMT
content-type: application/javascript
content-length: 335
last-modified: Mon, 22 Apr 2024 15:27:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Fri, 25 Apr 2025 06:17:38 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

ok.ru/res/js/lib/noext_2f9c7b37.js

5.61.23.11

200 OK

293 B

URL GET HTTP/2
ok.ru/res/js/lib/noext_2f9c7b37.js
IP
5.61.23.11:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT

File type
JavaScript source, ASCII text
Size
293 B (293 bytes)
Hash
49e131534b7bc45107a6a1f313522bf5
8a4ac5d7eae94949dbb47e0632ecc20e418f4518
c5a7c2b450ec11b8d4e5ec56c14aac3d96b1766c76ed8453437d5228395657dd

HTTP Headers

GET /res/js/lib/noext_2f9c7b37.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/7330423179879
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:38 GMT
content-type: application/javascript
content-length: 293
last-modified: Mon, 22 Apr 2024 15:27:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Fri, 25 Apr 2025 06:17:38 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

st.mycdn.me/static/music/bootstrap.web-0-6-1-1712146367289.js

217.20.152.226

200 OK

1.1 kB

URL GET HTTP/2
st.mycdn.me/static/music/bootstrap.web-0-6-1-1712146367289.js
IP
217.20.152.226:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.okcdn.ru
Fingerprint52:15:45:56:FD:96:8F:6A:5F:BD:C4:AE:58:7F:57:AD:CA:BE:AA:F0
ValidityFri, 10 Nov 2023 10:08:51 GMT - Wed, 11 Dec 2024 10:08:50 GMT

File type
JavaScript source, ASCII text, with very long lines (4196)
Size
1.1 kB (1121 bytes)
Hash
c0657c12245f04af0a22912aaf232c25
992a8e328420992e2343836ffe1f5521333241d1
57c99d71cba35172b5b130acd8e50c17049b58cf4a4ec0885d0f81ba6b40dff0

HTTP Headers

GET /static/music/bootstrap.web-0-6-1-1712146367289.js HTTP/1.1
Host: st.mycdn.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 1121
last-modified: Wed, 03 Apr 2024 12:18:37 GMT
vary: Accept-Encoding
content-encoding: br
expires: Fri, 25 Apr 2025 06:17:40 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

st.mycdn.me/static/music/load-model.web.8818deff.js

217.20.152.226

200 OK

107 B

URL GET HTTP/2
st.mycdn.me/static/music/load-model.web.8818deff.js
IP
217.20.152.226:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.okcdn.ru
Fingerprint52:15:45:56:FD:96:8F:6A:5F:BD:C4:AE:58:7F:57:AD:CA:BE:AA:F0
ValidityFri, 10 Nov 2023 10:08:51 GMT - Wed, 11 Dec 2024 10:08:50 GMT

File type
JavaScript source, ASCII text
Size
107 B (107 bytes)
Hash
a23678762b94f53703676e53621575bf
810a27ca4b9022aae95c4b4af460b2fb140282b0
fe947ceb0d3c895594664225e71b8a1a1fc3da9ce75f95a58c6ff356dbe12aec

HTTP Headers

GET /static/music/load-model.web.8818deff.js HTTP/1.1
Host: st.mycdn.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 107
last-modified: Wed, 03 Apr 2024 12:18:37 GMT
vary: Accept-Encoding
content-encoding: br
expires: Fri, 25 Apr 2025 06:17:40 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

st.mycdn.me/static/music/model.web.94a82299.js

217.20.152.226

200 OK

20 kB

URL GET HTTP/2
st.mycdn.me/static/music/model.web.94a82299.js
IP
217.20.152.226:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.okcdn.ru
Fingerprint52:15:45:56:FD:96:8F:6A:5F:BD:C4:AE:58:7F:57:AD:CA:BE:AA:F0
ValidityFri, 10 Nov 2023 10:08:51 GMT - Wed, 11 Dec 2024 10:08:50 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
20 kB (20254 bytes)
Hash
3c9702fcb75d2e1fd321708c0a5b2712
998e66174da30d14739811934c21db4870dfcbdd
a493e0fc7ac1750582b58578bad8e1c92c5d4821403bb8159c340539e08aa6c9

HTTP Headers

GET /static/music/model.web.94a82299.js HTTP/1.1
Host: st.mycdn.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 20254
last-modified: Wed, 03 Apr 2024 12:17:49 GMT
vary: Accept-Encoding
content-encoding: br
expires: Fri, 25 Apr 2025 06:17:40 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

st.mycdn.me/static/music/shared.web.eccd0138.js

217.20.152.226

200 OK

5.2 kB

URL GET HTTP/2
st.mycdn.me/static/music/shared.web.eccd0138.js
IP
217.20.152.226:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.okcdn.ru
Fingerprint52:15:45:56:FD:96:8F:6A:5F:BD:C4:AE:58:7F:57:AD:CA:BE:AA:F0
ValidityFri, 10 Nov 2023 10:08:51 GMT - Wed, 11 Dec 2024 10:08:50 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (15622)
Size
5.2 kB (5242 bytes)
Hash
016191f9d6db7437485e60802552f489
8446b8ee56cd447503ce4a3d2f8e2e7ae5984b6a
6b0c7d2f89f847e62b1ec5d9b320775ef8c8c7d54db10dca4a6d53d8743477e1

HTTP Headers

GET /static/music/shared.web.eccd0138.js HTTP/1.1
Host: st.mycdn.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 5242
last-modified: Wed, 03 Apr 2024 12:17:49 GMT
vary: Accept-Encoding
content-encoding: br
expires: Fri, 25 Apr 2025 06:17:40 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

ok.ru/res/js/app/pts_487c55a3.js

5.61.23.11

200 OK

1.7 kB

URL GET HTTP/2
ok.ru/res/js/app/pts_487c55a3.js
IP
5.61.23.11:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (4293)
Size
1.7 kB (1719 bytes)
Hash
e6b437fe55661a1815be026e30ca71c6
80012fcd73514dbc71cdcf14f9c2a0d9802739b1
7c948226f783a759f2da2e4cef73e4d3a6cddca0feee84964813f2a5bec35e27

HTTP Headers

GET /res/js/app/pts_487c55a3.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/7330423179879
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:40 GMT
content-type: application/javascript
content-length: 1719
last-modified: Mon, 22 Apr 2024 15:27:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Fri, 25 Apr 2025 06:17:40 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

ok.ru/res/js/app/PackageRegistry_4f4b8d36.js

5.61.23.11

200 OK

254 B

URL GET HTTP/2
ok.ru/res/js/app/PackageRegistry_4f4b8d36.js
IP
5.61.23.11:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT

File type
JavaScript source, ASCII text, with very long lines (523)
Size
254 B (254 bytes)
Hash
4fd83254b3b5f28ebe33db8398dd932a
863216b09709c70ac221594d7b259cd9267289b3
572887ae0296341967befe10529961a9f894915cfb9914b6e66810b19f17b72c

HTTP Headers

GET /res/js/app/PackageRegistry_4f4b8d36.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/7330423179879
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:40 GMT
content-type: application/javascript
content-length: 254
last-modified: Mon, 22 Apr 2024 15:27:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Fri, 25 Apr 2025 06:17:40 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

ok.ru/web-api/pts/music.app

5.61.23.11

200 OK

20 kB

URL GET HTTP/2
ok.ru/web-api/pts/music.app
IP
5.61.23.11:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT

File type

Size
20 kB (19802 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web-api/pts/music.app HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/7330423179879
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:40 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: bci=-7291505671458344689; Max-Age=2147483647; Expires=Tue, 13 May 2092 09:31:47 GMT; Domain=ok.ru; Path=/; Secure; HttpOnly
_statid=e4f1da82-ba49-46f2-8469-9b0d77d86268; Max-Age=2147483647; Expires=Tue, 13 May 2092 09:31:47 GMT; Domain=ok.ru; Path=/; Secure; HttpOnly
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://cdn.consentmanager.net https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:;  script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://*.consentmanager.net https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru;  worker-src blob: 'self';  connect-src * wss: blob: data:;  font-src * data: blob:; frame-src * blob: 'self';  img-src * data: blob: about:;  media-src * data: blob:;  object-src *;  report-uri /csp/report;
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
etag: W/"269604f7bf758e40e25aa65779414762"
content-disposition: inline;filename=f.txt
content-encoding: br
X-Firefox-Spdy: h2

novelastvs.net/wp-content/themes/sahifa/images/patterns/body-bg7.png

172.67.160.184

200 OK

21 kB

URL GET HTTP/3
novelastvs.net/wp-content/themes/sahifa/images/patterns/body-bg7.png
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
PNG image data, 264 x 264, 8-bit colormap, non-interlaced
Size
21 kB (21146 bytes)
Hash
b40e39a8e3747e74f4dfcf6d88ecc535
17e825efe06f1d04a8a3c398329d51b0ddf14b53
7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/sahifa/images/patterns/body-bg7.png HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/wp-content/themes/sahifa/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: image/png
content-length: 21146
last-modified: Mon, 18 Mar 2024 18:31:46 GMT
etag: "65f88892-529a"
expires: Sat, 25 May 2024 06:17:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uIG1Af69iZbjhYmtVXXa9MCm%2FjD80QWEtZiwkTGjOCdmTjYRdXUx1dMcfalvI1uaBvOLIQA2mOS3K5mDCgkobFfnBIcN%2Fg1mDg9TLRswcmTe6rH7DKRbIIj%2F4EkxSXsw6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c3606e87856c6-OSL
alt-svc: h3=":443"; ma=86400

ok.ru/res/js/b/music3_37ce15fb.js

5.61.23.11

200 OK

22 kB

URL GET HTTP/2
ok.ru/res/js/b/music3_37ce15fb.js
IP
5.61.23.11:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT

File type
JavaScript source, ASCII text, with very long lines (22387)
Size
22 kB (22444 bytes)
Hash
df158581df241263bcd604150c014d1f
05346a0563366b075d58ca263a4bd2744abf4e80
823b35d62d8b4f830e26dc13345b207dd8d2616f61becb2181fa8f632cf5b4ca

HTTP Headers

GET /res/js/b/music3_37ce15fb.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/7330423179879
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: application/javascript
content-length: 5975
last-modified: Mon, 22 Apr 2024 15:27:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Fri, 25 Apr 2025 06:17:37 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

ok.ru/videoembed/7330423179879

5.61.23.11

200 OK

16 kB

URL GET HTTP/2
ok.ru/videoembed/7330423179879
IP
5.61.23.11:443
ASN
#47764 LLC VK

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT

File type

Size
16 kB (16180 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /videoembed/7330423179879 HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
set-cookie: bci=4134470166855530321; Max-Age=2147483647; Expires=Tue, 13 May 2092 09:31:44 GMT; Domain=ok.ru; Path=/; Secure; HttpOnly
_statid=b3e2d284-dd4e-47a3-b4fd-e8d8544fdec8; Max-Age=2147483647; Expires=Tue, 13 May 2092 09:31:44 GMT; Domain=ok.ru; Path=/; Secure; HttpOnly
landref=novelastvs.net; Domain=ok.ru; Path=/; Secure
__last_online=1714025857281; Max-Age=2147483647; Expires=Tue, 13 May 2092 09:31:44 GMT; Path=/; Secure
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://cdn.consentmanager.net https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:;  script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://*.consentmanager.net https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru;  worker-src blob: 'self';  connect-src * wss: blob: data:;  font-src * data: blob:; frame-src * blob: 'self';  img-src * data: blob: about:;  media-src * data: blob:;  object-src *;  report-uri /csp/report;
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
last-modified: Thu, 25 Apr 2024 05:07:09 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: br
X-Firefox-Spdy: h2

novelastvs.net/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css

172.67.160.184

200 OK

7.3 kB

URL GET HTTP/3
novelastvs.net/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
ASCII text, with very long lines (8035), with no line terminators
Size
7.3 kB (7289 bytes)
Hash
35907f969ee6de07725e42ad8698a6c7
8ae7ab2679890a29d5551a1ef5e6422665bc6d4c
ac8bd7c411ed645aef4fb9fa6326673d6169b11af08723b9eae37fa3cb32abbf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:36 GMT
content-type: text/css
last-modified: Mon, 18 Mar 2024 18:31:46 GMT
vary: Accept-Encoding
etag: W/"65f88892-1c79"
expires: Thu, 25 Apr 2024 12:22:50 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 21286
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q2CIT8TT5fYscPZnmR0UKQ%2FXd%2BZcNXG0c4eS%2Fm6ZtVoMkt%2FEVjIiCMdNYgCoJm3Zf61dfFfa1UQpnE1MetyECR71jWWxWUv0ubBsC%2FpzdDzo1MKdVXJ0U%2BVzHyd3Nz9z5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c3605df8856c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Droid%20Sans%3Aregular%2C700%7CBattambang%3Aregular%2C700&display=swap

216.58.207.234

200 OK

2.3 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Droid%20Sans%3Aregular%2C700%7CBattambang%3Aregular%2C700&display=swap
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text, with very long lines (2334), with no line terminators
Size
2.3 kB (2280 bytes)
Hash
26b6ef474aa0c77fb7c6c175157a2e7e
824d837ae88666a0ac0323415822f4acd1bc8ac3
440cdb6559a4cc5ff3c51ffebf34a633877610a5c5d4c72b6a205db4158156fe

HTTP Headers

GET /css?family=Droid%20Sans%3Aregular%2C700%7CBattambang%3Aregular%2C700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 06:17:36 GMT
date: Thu, 25 Apr 2024 06:17:36 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ok.ru/web-api/pts/video.player/en

5.61.23.11

200 OK

5.1 kB

URL GET HTTP/2
ok.ru/web-api/pts/video.player/en
IP
5.61.23.11:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT

File type
Unicode text, UTF-8 text, with very long lines (5670), with no line terminators
Size
5.1 kB (5107 bytes)
Hash
186b13f627c89d7e7e962d96b5d11cbf
77eec48dfcb050f489b125edfde33c105159e2ec
a0e8065dae117f2ac770840cf138304761b17521944c6acc5d58ef1178753de9

HTTP Headers

GET /web-api/pts/video.player/en HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/7330423179879
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:38 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: bci=7774971908706901719; Max-Age=2147483647; Expires=Tue, 13 May 2092 09:31:45 GMT; Domain=ok.ru; Path=/; Secure; HttpOnly
_statid=c841b629-79c0-4806-ae8c-a88b02e932c8; Max-Age=2147483647; Expires=Tue, 13 May 2092 09:31:45 GMT; Domain=ok.ru; Path=/; Secure; HttpOnly
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://cdn.consentmanager.net https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:;  script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://*.consentmanager.net https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru;  worker-src blob: 'self';  connect-src * wss: blob: data:;  font-src * data: blob:; frame-src * blob: 'self';  img-src * data: blob: about:;  media-src * data: blob:;  object-src *;  report-uri /csp/report;
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
etag: W/"3c30877ed2c34ff56d1ec5e88e157638"
content-encoding: br
X-Firefox-Spdy: h2

novelastvs.net/wp-includes/css/dist/block-library/style.min.css

172.67.160.184

200 OK

113 kB

URL GET HTTP/3
novelastvs.net/wp-includes/css/dist/block-library/style.min.css
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type

Size
113 kB (113381 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:36 GMT
content-type: text/css
last-modified: Wed, 24 Apr 2024 15:53:17 GMT
vary: Accept-Encoding
etag: W/"66292aed-1bae5"
expires: Thu, 25 Apr 2024 12:22:50 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 21286
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pTidsQOWnC8lQ47ENvUsuOUPKEpYOWdz4zWCEqjSi%2FggwO56GTz7oJvmuWdyQHTJe%2FMExgZaRrHTJeOh0fIJ69szgq1gDa5oyx57bsTu7Ba7%2BepZD%2BlAlcjgE1nS8v2VRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c3605df8656c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

novelastvs.net/wp-content/themes/sahifa/js/tie-scripts.js

172.67.160.184

200 OK

74 kB

URL GET HTTP/3
novelastvs.net/wp-content/themes/sahifa/js/tie-scripts.js
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
JavaScript source, ASCII text, with very long lines (20062), with CRLF line terminators
Size
74 kB (74081 bytes)
Hash
e8e2d9640c5b8251f3929f48fb59cf92
4e31e02e0d1a74b147037b86ce4411c9ea0391ad
a285337ae3fac1859a2f626f20d9a8d1a46e36e59ef427f85e7deda94afffb62

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/sahifa/js/tie-scripts.js HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:36 GMT
content-type: application/javascript
last-modified: Mon, 18 Mar 2024 18:31:46 GMT
vary: Accept-Encoding
etag: W/"65f88892-12161"
expires: Thu, 25 Apr 2024 12:22:50 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 21286
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fe4wAIxEaR4WoeyC8XF58OsX3MdoNdCVBwzaPt%2BU4ezsrHx%2BzMGI%2FjjpsvdMO0zTZtmJCrc757c66BsyVqI9miw1g8wHmW7g1Tv%2Fs0c0MzM92s4Rkfl0IGRMye6Bl0EyUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c3605df9356c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

novelastvs.net/wp-admin/admin-ajax.php?postviews_id=101&action=postviews&_=1714025857063

172.67.160.184

200 OK

3 B

URL GET HTTP/3
novelastvs.net/wp-admin/admin-ajax.php?postviews_id=101&action=postviews&_=1714025857063
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
fc221309746013ac554571fbd180e1c8
aee544ceddfe7ab69a02f82bdf8ce6ea3862ff02
580811fa95269f3ecd4f22d176e079d36093573680b6ef66fa341e687a15b5da

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-admin/admin-ajax.php?postviews_id=101&action=postviews&_=1714025857063 HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bd2AaMAYbRbt0P5QKdtaXuinSM5ZiX4%2BSFSrTfY11gtNKt3zKi%2BN%2FEs6Y4L3kDgr5RPaY69ZoDXX1wGpgo9ZyhsZf8nC72Qp12R04JkPpMBzSMc8QIVNOg1m%2Bd9b4wb0NA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c3606e87056c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ok.ru/res/js/app/VideoEmbed_bc0da08a.js

5.61.23.11

200 OK

888 B

URL GET HTTP/2
ok.ru/res/js/app/VideoEmbed_bc0da08a.js
IP
5.61.23.11:443
ASN
#47764 LLC VK

Requested by
https://ok.ru/videoembed/7330423179879
Certificate
IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT

File type
JavaScript source, ASCII text, with very long lines (915), with no line terminators
Size
888 B (888 bytes)
Hash
e1bfa7412dfd687ee13772e092c37679
f234287f1469ab541625e2a255c1e8bd20296d44
bd193bcb13a11bc41881338afd9887b42a53d4765b8fe72d82c51c676de92bee

HTTP Headers

GET /res/js/app/VideoEmbed_bc0da08a.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/7330423179879
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: apache
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: application/javascript
content-length: 360
last-modified: Mon, 22 Apr 2024 15:27:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Fri, 25 Apr 2025 06:17:37 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

novelastvs.net/challenge-xx-chapter-18-complete-online/

172.67.160.184

200 OK

49 kB

URL User Request GET HTTP/2
novelastvs.net/challenge-xx-chapter-18-complete-online/
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type

Size
49 kB (48689 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /challenge-xx-chapter-18-complete-online/ HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 06:17:36 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 25 Apr 2024 03:34:17 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zs7dvBmi7GHwN3%2FaqDUd4Ux1SuFMdxQWLRAdd68yBUTWAo%2FbgHVaxRIdOczJlHRPunzWabjuIAbFfw5Wr3cx%2F1svmzhiLh26aHvveLmmWx57dwriNbNHzTqzUQeY41xi0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c36040d50569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

novelastvs.net/wp-includes/js/comment-reply.min.js

172.67.160.184

200 OK

3.0 kB

URL GET HTTP/3
novelastvs.net/wp-includes/js/comment-reply.min.js
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
ASCII text, with very long lines (3056), with no line terminators
Size
3.0 kB (2981 bytes)
Hash
dc7f90d513295c29acc441fe114a2cab
ca9e5069d9afc4aa13ab2e152313dfb476e842ef
f87915c58d8c25473c726646b58d2fe0ba9a136987571e6c810aba3c67b4f74c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/comment-reply.min.js HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:37 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
vary: Accept-Encoding
etag: W/"625095f6-ba5"
expires: Thu, 25 Apr 2024 18:17:37 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qX2li%2FI0k1%2FDARnPKIGa7cupRJ7j0nZz29mtnQclRw4Rw1EaX8ZFA6FG5UHuhfSM6rijXzJ6uPfTk6mFPGuI4ehSTOL5354565FrLCg%2BIis%2BkInfor9eFX7oa%2B7V395HMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c3605ef9856c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

novelastvs.net/wp-includes/js/jquery/jquery.min.js

172.67.160.184

200 OK

88 kB

URL GET HTTP/3
novelastvs.net/wp-includes/js/jquery/jquery.min.js
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
88 kB (87553 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:36 GMT
content-type: application/javascript
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
vary: Accept-Encoding
etag: W/"64ecd5ef-15601"
expires: Thu, 25 Apr 2024 12:22:50 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 21286
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DrfHcixAmzgmoAJMN5FQQ5Ctjlo4z8Q2AVne%2Byp3glknCkSXXR%2F8JrsbS%2BkSS5fDZQDoiWWLlzst4CYuctSXIiz2vyAjoxM%2FR5wGVGW5B3EInJgDVqy7htbIyTy8%2B9PLpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c3605df8a56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

novelastvs.net/wp-content/themes/sahifa/style.css

172.67.160.184

200 OK

203 kB

URL GET HTTP/3
novelastvs.net/wp-content/themes/sahifa/style.css
IP
172.67.160.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Certificate
IssuerLet's Encrypt
Subjectnovelastvs.net
Fingerprint93:8A:84:5F:60:B9:41:3A:51:DC:1E:00:3E:67:92:F1:5B:2E:1A:CE
ValidityMon, 18 Mar 2024 17:21:40 GMT - Sun, 16 Jun 2024 17:21:39 GMT

File type

Size
203 kB (203079 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/sahifa/style.css HTTP/1.1
Host: novelastvs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://novelastvs.net/challenge-xx-chapter-18-complete-online/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 06:17:36 GMT
content-type: text/css
last-modified: Mon, 18 Mar 2024 18:31:46 GMT
vary: Accept-Encoding
etag: W/"65f88892-31947"
expires: Thu, 25 Apr 2024 12:22:50 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 21286
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mzyf44faGZGsc3rm590%2BjYlq3rxyAzusys8UqT1kRukRRmTzy5Fj0JsMKvwB04bJpdShgUu3QEn5vfxvnoD6UmMMVY2KRV9cTFNBHFndeM%2FttogAFR%2F685X3pt%2BsPJELzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c3605df8756c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (42)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL