cyniva.com Open in urlscan Pro
2606:4700:3035::ac43:b0ad Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw
Submission: On May 16 via api (May 16th 2023, 7:35:48 am UTC) from DE — Scanned from DE

Summary HTTP 43 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 18 domains to perform 43 HTTP transactions. The main IP is 2606:4700:3035::ac43:b0ad, located in United States and belongs to CLOUDFLARENET, US. The main domain is cyniva.com.
TLS certificate: Issued by GTS CA 1P5 on April 8th 2023. Valid for: 3 months.

This is the only time cyniva.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3035::ac43:b0ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
3	2606:4700:20:... 2606:4700:20::681a:a27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	99.86.4.76 99.86.4.76	16509 (AMAZON-02) (AMAZON-02)
3	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	52.95.132.194 52.95.132.194	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:e0:... 2606:4700:e0::ac40:6715	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
1	162.243.189.2 162.243.189.2	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
2	54.148.45.68 54.148.45.68	16509 (AMAZON-02) (AMAZON-02)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	104.102.47.181 104.102.47.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
43	20

9 2606:4700:3035::ac43:b0ad (United States)

ASN13335 (CLOUDFLARENET, US)

cyniva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:a27 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.buymeacoffee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.buymeacoffee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-76.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.132.194 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com

newsyapp.s3.ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e0::ac40:6715 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.iconfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

img.icons8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.243.189.2 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: nyc3.digitaloceanspaces.com

bmc-cdn.nyc3.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.148.45.68 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-45-68.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

images.immediate.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.47.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-47-181.deploy.static.akamaitechnologies.com

blog.equinix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.66.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

venturebeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	cyniva.com cyniva.com	533 KB
8	stripe.com js.stripe.com — Cisco Umbrella Rank: 1202 q.stripe.com — Cisco Umbrella Rank: 7069 m.stripe.com — Cisco Umbrella Rank: 1158	119 KB
4	iconfinder.com cdn2.iconfinder.com — Cisco Umbrella Rank: 93095	42 KB
3	gstatic.com fonts.gstatic.com	68 KB
3	wp.com i0.wp.com — Cisco Umbrella Rank: 3706	177 KB
3	buymeacoffee.com cdnjs.buymeacoffee.com — Cisco Umbrella Rank: 68901 cdn.buymeacoffee.com — Cisco Umbrella Rank: 68513	8 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1274	17 KB
1	venturebeat.com venturebeat.com — Cisco Umbrella Rank: 136735	28 KB
1	equinix.com blog.equinix.com	87 KB
1	immediate.co.uk images.immediate.co.uk — Cisco Umbrella Rank: 40085	65 KB
1	digitaloceanspaces.com bmc-cdn.nyc3.digitaloceanspaces.com — Cisco Umbrella Rank: 83126	22 KB
1	icons8.com img.icons8.com — Cisco Umbrella Rank: 33875	3 KB
1	amazonaws.com newsyapp.s3.ap-southeast-2.amazonaws.com	60 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 930	2 KB
1	twimg.com pbs.twimg.com — Cisco Umbrella Rank: 840	37 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	32 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	16 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	852 B
43	18

	Domain	Requested by
9	cyniva.com	cyniva.com
4	cdn2.iconfinder.com	cyniva.com
3	q.stripe.com	cyniva.com
3	fonts.gstatic.com	fonts.googleapis.com
3	i0.wp.com	cyniva.com
3	js.stripe.com	cyniva.com js.stripe.com
2	m.stripe.com	m.stripe.network
2	m.stripe.network	js.stripe.com m.stripe.network
2	cdn.buymeacoffee.com	cyniva.com
1	venturebeat.com	cyniva.com
1	blog.equinix.com	cyniva.com
1	images.immediate.co.uk	cyniva.com
1	bmc-cdn.nyc3.digitaloceanspaces.com	cyniva.com
1	img.icons8.com	cyniva.com
1	newsyapp.s3.ap-southeast-2.amazonaws.com	cyniva.com
1	unpkg.com	cyniva.com
1	pbs.twimg.com	cyniva.com
1	cdnjs.buymeacoffee.com	cyniva.com
1	cdn.jsdelivr.net	cyniva.com
1	cdnjs.cloudflare.com	cyniva.com
1	fonts.googleapis.com	cyniva.com
43	21

This site contains links to these domains. Also see Links.

Domain
academymortgage.com
twitter.com
thecyberexpress.com
netorgft5040429-my.sharepoint.com
www.facebook.com
www.hhs.gov
www.linkedin.com
www.satb.in
www.getinfosec.news
www.byte.info

Subject Issuer	Validity	Valid
*.cyniva.com GTS CA 1P5	`2023-04-08` - `2023-07-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
cdnjs.buymeacoffee.com GTS CA 1P5	`2023-05-05` - `2023-08-03`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-05-12` - `2023-08-13`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.s3-ap-southeast-2.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2024-02-07`	10 months	crt.sh
1004834818.rsc.cdn77.org R3	`2023-04-29` - `2023-07-28`	3 months	crt.sh
*.nyc3.digitaloceanspaces.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2024-05-29`	a year	crt.sh
buymeacoffee.com Cloudflare Inc ECC CA-3	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh
*.220triathlon.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-14` - `2024-01-15`	a year	crt.sh
www.equinix.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-08` - `2023-10-11`	a year	crt.sh
venturebeat.com R3	`2023-03-20` - `2023-06-18`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw
Frame ID: 633C80C28D881167C756B11B3786E63B
Requests: 34 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 68EC87C2D5214AE11C3E15963D5B6C29
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: DBACA24144FD0DC4E389EEF511F74C44
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BlackCat Ransomware Claims Academy Mortgage Cyber Attack ⋅ Cyniva

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

43
Requests

100 %
HTTPS

50 %
IPv6

18
Domains

21
Subdomains

20
IPs

3
Countries

1317 kB
Transfer

3508 kB
Size

6
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://academymortgage.com/about
Title: official website

Search URL Search Domain Scan URL

URL: https://twitter.com/AlvieriD/status/1657802888788209667
Title: Dominic Alvieri tweeted

Search URL Search Domain Scan URL

URL: https://thecyberexpress.com/cyber-news/
Title: cyber

Search URL Search Domain Scan URL

URL: https://thecyberexpress.com/firewall-daily/ransomware/
Title: ransomware attack

Search URL Search Domain Scan URL

URL: https://netorgft5040429-my.sharepoint.com/:w:/g/personal/vishwa_thecyberexpress_com/EVikrt4n129DpV7qySPT4DABoTUTfH6j5seWzClp9Iwv0Q
Title: Department of Justice

Search URL Search Domain Scan URL

URL: https://thecyberexpress.com/
Title: news

Search URL Search Domain Scan URL

URL: https://www.facebook.com/story.php?story_fbid=5863261670404103&id=188800051183655&m_entstream_source=permalink
Title: was awarded for

Search URL Search Domain Scan URL

URL: https://twitter.com/SofiaSZM/status/1657032606636965891
Title: According to a tweet

Search URL Search Domain Scan URL

URL: https://thecyberexpress.com/us-government-regulation-of-ai-businesses/
Title: targeted the USA

Search URL Search Domain Scan URL

URL: https://www.hhs.gov/sites/default/files/royal-blackcat-ransomware-tlpclear.pdf
Title: The report highlighted

Search URL Search Domain Scan URL

URL: https://thecyberexpress.com/constellation-software-cyber-attack-alphv-gang/
Title: vulnerable software

Search URL Search Domain Scan URL

URL: https://thecyberexpress.com/cisa-ics-advisory-addresses-vulnerabilities/
Title: through a vulnerability.

Search URL Search Domain Scan URL

URL: https://thecyberexpress.com/prevent-ransomware-save-the-active-directory/
Title: Active Directory

Search URL Search Domain Scan URL

URL: https://thecyberexpress.com/ransomware-data-leak-ransom-payment-decreases/
Title: ransomware

Search URL Search Domain Scan URL

URL: https://thecyberexpress.com/chuck-brooks-cybersecurity-person-of-the-year/
Title: The Cyber Express

Search URL Search Domain Scan URL

URL: https://twitter.com/cyniva

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack&title=BlackCat%20Ransomware%20Claims%20Academy%20Mortgage%20Cyber%20Attack&summary=ALPHV/BlackCat%20ransomware%20group%20has%20allegedly%20targeted%20the%20Utah-based%20mortgage%20company%20Academy%20Mortgage.The%20official%20website%20of%20Academy%20Mortgage%20was%20&source=https://cyniva.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=645057395962262&display=popup&href=https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=BlackCat%20Ransomware%20Claims%20Academy%20Mortgage%20Cyber%20Attack&url=https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack

Search URL Search Domain Scan URL

URL: http://www.satb.in/20730308/what-are-the-lyrics-to-the-uks-national-anthem-god-save-the-kingqueen
Title: What are the lyrics to the UK’s national anthem, ‘God Save The King/Queen’?

Search URL Search Domain Scan URL

URL: https://www.getinfosec.news/11015753/to-peer-or-not-to-peer-how-to-optimize-the-internet
Title: To Peer or Not to Peer: How to Optimize the Internet

Search URL Search Domain Scan URL

URL: http://www.byte.info/15103836/hidden-door-reveals-its-ai-powered-narrative-game-platform
Title: Hidden Door reveals its AI-powered narrative game platform

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request blackcat-ransomware-claims-academy-mortgage-cyber-attack Show response
cyniva.com/33293920/ 98 KB
25 KB 419ms
352ms Document
text/html 2606:4700:3035::ac43:b0ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:b0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d54261f8397c57ea9b9ffa8f5b5cf674a75e114b1ad66d8d231e10662814768f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7c81f205c8f4915c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 16 May 2023 07:35:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPs79YxswYJFHzisQgUj78b6eGZb9cvHh0p71Ai87TZAcJIBepRkJqdWt9td1FPLNszzkq8fItIP%2BA7D0gHMGi4ScUAPseDthB5M1a%2FJlrKx9cbj5fNvYcNCVJCPKQjMCGGRUS6kvQG%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 3 KB
852 B 77ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7f2d6fa91de80a618910ccc2b98c110dc46b459c956f018dc23cd73411f5905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 May 2023 07:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 May 2023 07:20:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 May 2023 07:35:42 GMT

GET
H2 200 app.css
cyniva.com/css/site/ 69 KB
11 KB 205ms
204ms Stylesheet
text/css 2606:4700:3035::ac43:b0ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyniva.com/css/site/app.css
Requested by: Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:b0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3651bb700f36d47e2fa6db86184117c02c31437963248d398629099ceab1a71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:35:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 10 May 2023 13:08:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"114e5-5fb56915f533d-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBZOnQCcUQhYD1OIrTsO1X8GtkQQr9FMnI%2F0aQD7cYb4WQewV3%2FUBE2eurFIpKvD9BhFQoGDvw3o4EVT9IuB9FmAm8aabbx%2B5Xs2fC0R%2FrKV8rEpwHRoUxofcV6E6YHFe1GN9vFvEhT1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7c81f207fbbb915c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 brunch.css
cyniva.com/css/site/ 10 KB
2 KB 203ms
202ms Stylesheet
text/css 2606:4700:3035::ac43:b0ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyniva.com/css/site/brunch.css
Requested by: Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:b0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de74ca2b87e0ed077e50cc16ef526283b4f7d7b4c8195d7f86248272bdadc79a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:35:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 10 May 2023 13:08:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"29d3-5fb56915f62dd-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dr6HtRGeMJCzCQ2hEbbmF6P7%2BMk%2FgWJho%2Fhyq25fz9ts6e2rhsxEIQKhw3gOqcNAADLgwE6PgO5EmYr66qwWDwCwL9DAeYWRCdAE4%2FcBxux08%2BMPkoXnALmfvQ0x9zFvSkNU01CEwF0X"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7c81f207fbbd915c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 52 KB
16 KB 80ms
34ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js

Requested by

Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2078784
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15508
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-d04c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9F9mBaCePQi9Q7yqQr2N9mQ1IGONtAuMcJteHphuq9%2FNgnvZn6PnBSyYzZfc5RaNBCKEjTwh63FhdmkR6gFkTJFvglFR0aKc9LbiZMlFMnZ5KmBR3CO5r4qrDiWyQgkByZ64Ph71ffPWO%2F0kPRxAKroz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c81f2084e059b8e-FRA
expires: Sun, 05 May 2024 07:35:42 GMT

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.6.0/dist/ 87 KB
32 KB 643ms
209ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.6.0/dist/jquery.min.js

Requested by

Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 May 2023 07:35:42 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3651584
x-jsd-version: 3.6.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32745
x-served-by: cache-fra-eddf8230088-FRA, cache-gig2250074-GIG
x-jsd-version-type: version
etag: W/"15d9d-uC0jjU4x/fYYuuisEabIEsA90NQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 widget.prod.min.js Show response
cdnjs.buymeacoffee.com/1.0.0/ 9 KB
3 KB 92ms
36ms Script
application/javascript 2606:4700:20::681a:a27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.buymeacoffee.com/1.0.0/widget.prod.min.js

Requested by

Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4653bf134592f2877568646ecfed35795014674e5265d85f772db7ea671d6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 159548
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"401acc70d9cd8cf56bc53be78a5ac615"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOAse64dqbRX41gpehN%2ByCpRWqfybFD7wAvdgCqwUUxSsudlQs5qefEu6N1dmWl2jyRZe58PwpIfIzWXtV6qSBgIx3zDVYWvfuAXdovCrhSlSjxKDUk6Vrfa6MKywW6Zi5xFUNqhOzMI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7c81f208ec9c92c9-FRA

GET
H2 200 / Show response
js.stripe.com/v3/ 471 KB
113 KB 97ms
25ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0607447000f16c51d52b2ffdc6b9ab1ba6227b825d9296170120476d463c6f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 16 May 2023 07:34:56 GMT
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 46
x-cache: Hit from cloudfront
last-modified: Mon, 15 May 2023 20:32:58 GMT
server: Cloudfront
etag: W/"75e11db97090971530d16eeed95ca91e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 4TfatldMeW9r2SJY9d62AlK34Qei9_u3oSTyTHUt9o3RIElbrfGGZg==

GET
H2 200 Academy-Mortgage-Cyberattack-2.png
i0.wp.com/thecyberexpress.com/wp-content/uploads/2023/05/ 67 KB
67 KB 212ms
161ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/thecyberexpress.com/wp-content/uploads/2023/05/Academy-Mortgage-Cyberattack-2.png?resize=680%2C444&ssl=1

Requested by

Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

f148130bbc12de4dbb513a62606e0e7c8977cbe093ab5bb80a9834eeb9fe5929

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: MISS hhn 1
date: Tue, 16 May 2023 07:35:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 May 2023 07:35:42 GMT
server: nginx
etag: "0dd47ffa04a8844c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thecyberexpress.com/wp-content/uploads/2023/05/Academy-Mortgage-Cyberattack-2.png>; rel="canonical"
content-length: 68296
expires: Thu, 15 May 2025 19:35:42 GMT

GET
H2 200 FwGy7pLWAAYM0NN
pbs.twimg.com/media/ 36 KB
37 KB 85ms
20ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FwGy7pLWAAYM0NN?format=jpg&name=small

Requested by

Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6711) /

Resource Hash

c7b22738d10b84677abb2cdc8fff2b59d43c428db311e76d8cd9e74af4f10fbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:35:42 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 136546
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 36918
x-response-time: 223
surrogate-key: media media/bucket/2 media/1657802875584512006
last-modified: Sun, 14 May 2023 17:37:40 GMT
server: ECS (frb/6711)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 16ee8c277a2c87ac
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 18cac55cb7b0de1f8faaf140985a800eb1d507976cc25b7b8f0f1adde16e5c17
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Academy-Mortgage-Cyberattack-2.png
i0.wp.com/thecyberexpress.com/wp-content/uploads/2023/05/ 50 KB
50 KB 40ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/thecyberexpress.com/wp-content/uploads/2023/05/Academy-Mortgage-Cyberattack-2.png?w=590&ssl=1

Requested by

Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

86fe384f75722261abf3e071dee54f11e56b2c382bc9956083dc0467eadc14d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 16 May 2023 07:35:42 GMT
x-content-type-options: nosniff
last-modified: Mon, 15 May 2023 05:31:14 GMT
server: nginx
etag: "ed85671b9d17ea79"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thecyberexpress.com/wp-content/uploads/2023/05/Academy-Mortgage-Cyberattack-2.png>; rel="canonical"
content-length: 51240
expires: Wed, 14 May 2025 17:31:14 GMT

GET
H2 200 Academy-Mortgage-Cyberattack-3.png
i0.wp.com/thecyberexpress.com/wp-content/uploads/2023/05/ 60 KB
60 KB 40ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/thecyberexpress.com/wp-content/uploads/2023/05/Academy-Mortgage-Cyberattack-3.png?w=681&ssl=1

Requested by

Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

9ffafa899a83a6fd059e7f4d7864098453a424928b5c2df293794d3d33db4507

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 16 May 2023 07:35:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 May 2023 07:08:32 GMT
server: nginx
etag: "ac198d6767352cb5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thecyberexpress.com/wp-content/uploads/2023/05/Academy-Mortgage-Cyberattack-3.png>; rel="canonical"
content-length: 61228
expires: Thu, 15 May 2025 19:08:32 GMT

GET
H2 200 vue-multiselect.min.css
unpkg.com/vue-multiselect@2.1.0/dist/ 7 KB
2 KB 72ms
30ms Stylesheet
text/css 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/vue-multiselect@2.1.0/dist/vue-multiselect.min.css

Requested by

Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddffc1fb5857d5643c0113e624d013e677a00538184616877dbce212abbbfc41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:35:42 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 9589258
last-modified: Sun, 18 Mar 2018 17:24:25 GMT
fly-request-id: 01FT83NM81WC7K9DZM3MM5E40Q
server: cloudflare
etag: W/"1c46-REXhA/xTGnqKrQ6n7ISPoCcwNxc"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c81f209b9491e68-FRA

GET
H3 200 app.js Show response
cyniva.com/js/site/content/ 2 MB
460 KB 477ms
476ms Script
application/javascript 2606:4700:3035::ac43:b0ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyniva.com/js/site/content/app.js
Requested by: Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04ca51aeac44af3d5f97566535572e5050c751fc6427bda77d7d16141c8373f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:35:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 10 May 2023 13:08:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1b6b5b-5fb5691605cdd-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7%2BhwLXkGkRX9DHysg%2F2%2B%2FlYSE581cXgWCrJ0fFYfCQmuVrTN216BPlFZZHuHlCpgQmUqhReJ8Junpo4jKmPfn6jmKhI5Z6LfTbESrBQgvue4KSXg12uhpkONTprpwsWByhGhh9niqd3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7c81f209eddd2c61-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 73ms
22ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cyniva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:41:45 GMT
x-content-type-options: nosniff
age: 230037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 15:41:45 GMT

GET
H3 200 feather-sprite.svg
cyniva.com/img/ 58 KB
11 KB 374ms
373ms Other
image/svg+xml 2606:4700:3035::ac43:b0ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyniva.com/img/feather-sprite.svg
Requested by: Host: cyniva.com
URL: https://cyniva.com/js/site/content/app.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc2604e4b0c63665fe5c730c319b560b47ef23b9dad0e6a6b5a9192a428afe17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:35:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 14 Dec 2022 11:02:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e76b-5efc7ab0e5eb1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=refAZSXN%2FaZqSrSwTi2eB7oOVJhE9l0PjbMtBdKbIChc5tgwj5dsJfNON6hf6tDAQ4v7kwsbbUxNyFgKQU%2FSKkQ%2F8cNfE83mPs7G4%2FC9lTbuU2i%2FqEco4A0oRpFEmpX%2Bqsqwkj3OYeaA"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7c81f20eab0c2c61-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cyniva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 13:31:10 GMT
x-content-type-options: nosniff
age: 237873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 13:31:10 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 22 KB
22 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cyniva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 21:14:56 GMT
x-content-type-options: nosniff
age: 296447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 21:14:56 GMT

GET
H/1.1 200
OK 3323-cyniva3-1680965857.png
newsyapp.s3.ap-southeast-2.amazonaws.com/production/20238/3323/ 60 KB
60 KB 942ms
324ms Image
image/png 52.95.132.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsyapp.s3.ap-southeast-2.amazonaws.com/production/20238/3323/3323-cyniva3-1680965857.png
Requested by: Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.194 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1e99f2733c4c572e990594cc416cbe434fec13c643adc6970a3cda4996986e9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 07:35:45 GMT
Last-Modified: Sat, 08 Apr 2023 14:57:40 GMT
Server: AmazonS3
x-amz-request-id: 0WCPQ978QVC1427M
ETag: "89a52b424a259a84bc62c0482e1eb971"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 60990
x-amz-id-2: qa2S8nZemTuIC5ms3ECaNmcPCCiMj8UrmqMOvCqaiQAlTJ8adsBT55rLL2qiJ5FB47UWfxKlTMY=

GET
H2 200 Jee-61-512.png
cdn2.iconfinder.com/data/icons/pinterest-ui/48/ 16 KB
16 KB 89ms
35ms Image
image/png 2606:4700:e0::ac40:6715
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.iconfinder.com/data/icons/pinterest-ui/48/Jee-61-512.png

Requested by

Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6715 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c6fef79a44e005fdae76852e6a114b1c80b257e89e7c6a4882866b6f41d3a70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:35:43 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 1437332
content-disposition: inline; filename="2635511.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16248
x-request-id: 1b103cb7-4b33-4c12-bd5f-fe678a8f6d19
last-modified: Thu, 27 Apr 2023 19:49:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBRwj%2F%2B77iNVaLEmj7RM1%2Bzs0693jYUv0F87Y15kbht8C2OEKFG6khHyu8rMLfDtzOIjwu3%2BW%2FkS0JART4f13vOmumDgMYjhWbnFYyYySp8Lj6hLwL%2BP31uUC1xB2oIeiWYtlyutdNjWlXRqRnniTV6m"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c81f20fadecbb67-FRA
expires: Wed, 15 May 2024 07:35:43 GMT

GET
H2 200 twitter.png
img.icons8.com/fluent/96/null/ 2 KB
3 KB 493ms
392ms Image
image/png 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.icons8.com/fluent/96/null/twitter.png

Requested by

Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

16420483ff5c6df72faf45f820ecdc46390557e09a85a1dd54eacd5340714c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 16 May 2023 07:35:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
version: 0.0.29
icon-format: png
x-cache: MISS
x-77-cache: MISS
content-length: 2420
x-77-nzt: AZySIYvhIcKh
not-found-platform: false
icon-size: 96
last-modified: Thu, 09 Mar 2023 10:47:05
from-mongo-cache: false
server: CDN77-Turbo
x-77-nzt-ray: cf8787273a5b46884f32636457421515
vary: Origin
from-redis-cache: false
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=302400
accept-ranges: bytes
icon-id: 5MQ0gPAYYx7a

GET
H2 200 social_style_3_in-512.png
cdn2.iconfinder.com/data/icons/social-icon-3/512/ 11 KB
11 KB 86ms
32ms Image
image/png 2606:4700:e0::ac40:6715
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.iconfinder.com/data/icons/social-icon-3/512/social_style_3_in-512.png

Requested by

Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6715 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb2a8a398b3b51ade971d69b250a52cbd38c5d8f98d3218648f20e485806239c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:35:43 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 496848
content-disposition: inline; filename="730032.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11037
x-request-id: 218bce4a-2afa-4ea9-b4fd-7710081bfc52
last-modified: Mon, 01 May 2023 18:57:24 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlyWCyBtm2xB4ec78PsJrbBPI963LIhZAonML8EzG9SnGg32FpslvyzFldeBJnmvQgsItk9ikqrN4pZiTed5rWqBewkZYNI%2Fc2L0LwmDH32wTPII%2FU3UBEsPiOINDgEc8y%2BXTTim%2B76PF3z13KbRoxhV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c81f20fade4bb67-FRA
expires: Wed, 15 May 2024 07:35:43 GMT

GET
H2 200 social_style_3_facebook-512.png
cdn2.iconfinder.com/data/icons/social-icon-3/512/ 8 KB
8 KB 87ms
33ms Image
image/png 2606:4700:e0::ac40:6715
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.iconfinder.com/data/icons/social-icon-3/512/social_style_3_facebook-512.png

Requested by

Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6715 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1e7b09bf7443e48ec5c23340ac56b1f682d20973e9930811d0097fecc1bfda0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:35:43 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 415748
content-disposition: inline; filename="730028.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8003
x-request-id: de513816-ae0a-4208-bcba-345cba27115e
last-modified: Tue, 02 May 2023 07:30:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8068gTyS7APGem%2BB%2Fu%2FW8SM8CG04kuhs48JUxiyR%2B4AmVM6tCHYTv8uHJlXXGIzSXVAOC%2Fym22OxUcVZ0fHTknO5iwDtpEQSGfpjiU%2F8A%2F%2F82nIkMgtuIwwoeE%2BXNG%2F9BCDYiVM%2BzUUuSzLTbnp5dKXl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c81f20fade6bb67-FRA
expires: Wed, 15 May 2024 07:35:43 GMT

GET
H2 200 social_style_3_twiter-512.png
cdn2.iconfinder.com/data/icons/social-icon-3/512/ 6 KB
6 KB 83ms
30ms Image
image/webp 2606:4700:e0::ac40:6715
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.iconfinder.com/data/icons/social-icon-3/512/social_style_3_twiter-512.png

Requested by

Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6715 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dadb3cc5d2f39d2ce8d7086f952917fa40f2577c89a54977f4223618fc7d0541

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:35:43 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 2358354
cf-polished: origFmt=png, origSize=12958
content-disposition: inline; filename="social_style_3_twiter-512.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5712
x-request-id: 377bfe83-84bd-42fd-b0ca-674bd85d11d0
cf-bgj: imgq:100,h2pri
last-modified: Mon, 17 Apr 2023 17:55:42 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drW9176JEOafVOf3o7Q6jdejhFMIxz1khKso5hFQ%2FAOQHMYkB4qeCTFZzU5CjTWr%2FiYu0XQDuAuO1DIgam1Fo8lEhkqpUGUnbEzvHGztaREj%2FJjSVbsIU5IC%2BHyux55Mj67wDM6elsf6RsutVLQis4mO"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c81f20fade8bb67-FRA
expires: Wed, 15 May 2024 07:35:43 GMT

GET
H3 200 data Show response
cyniva.com/comment/ 2 B
1 KB 321ms
321ms XHR
application/json 2606:4700:3035::ac43:b0ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyniva.com/comment/data?contentId=33293920&siteId=3323&orderBy=updated_at&orderType=desc
Requested by: Host: cyniva.com
URL: https://cyniva.com/js/site/content/app.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json, text/plain, */*
Referer: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw
X-XSRF-TOKEN: eyJpdiI6InlKVXlEcGQzQWJWSHZmUm1uc01IUGc9PSIsInZhbHVlIjoiOHBhQjYrU3IvM1pCTGFmWVNRL3NtOVRWVmlIZXR0ekdtYXNPQUN3RUpLcTMzVFYvV1UyamYvay80bnRBZjJ0MmlmbnpScnZtWXV5TUVkRlA4K0hZem42dmVmTnlodnBtTVNzK2tvSUU2QnRHbU8ycm5tUTI2UmplWDQyMWVFbkwiLCJtYWMiOiI4Mzc2Yjg1N2Q5MmE3M2M2NjU0OGIyNzllYmVjZDBjN2QwMDQ2OTFkNDE3YzU2ODYzMjA2MjA1ZjU3NzJjNTBiIiwidGFnIjoiIn0=
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:35:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApdgZ%2B3%2BlgY5MWUUQwndd7LBVqMTiUWwS0pKMgc9cNtDn9CyGg3jtG4v0e7kELXsS7cOdO3T552tYnfuu6QT5Xe5ESKc0cTNk0Ip81QVlBKMHvvX6pI7tF9XshKH84oxUAqA0p%2FZNr2p"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private
cf-ray: 7c81f20f5bcd2c61-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 related-contents Show response
cyniva.com/content/ 24 KB
9 KB 318ms
318ms XHR
application/json 2606:4700:3035::ac43:b0ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyniva.com/content/related-contents?siteId=3323&contentId=33293920&limit=3
Requested by: Host: cyniva.com
URL: https://cyniva.com/js/site/content/app.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2c0ea9aadfd0aaebcb6f731f90b106d92f87ea1dd59d4af6f6db0079e13a994

Request headers

Accept: application/json, text/plain, */*
Referer: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw
X-XSRF-TOKEN: eyJpdiI6InlKVXlEcGQzQWJWSHZmUm1uc01IUGc9PSIsInZhbHVlIjoiOHBhQjYrU3IvM1pCTGFmWVNRL3NtOVRWVmlIZXR0ekdtYXNPQUN3RUpLcTMzVFYvV1UyamYvay80bnRBZjJ0MmlmbnpScnZtWXV5TUVkRlA4K0hZem42dmVmTnlodnBtTVNzK2tvSUU2QnRHbU8ycm5tUTI2UmplWDQyMWVFbkwiLCJtYWMiOiI4Mzc2Yjg1N2Q5MmE3M2M2NjU0OGIyNzllYmVjZDBjN2QwMDQ2OTFkNDE3YzU2ODYzMjA2MjA1ZjU3NzJjNTBiIiwidGFnIjoiIn0=
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:35:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Vtjkd7MaSr0Vj849aJUjxWiC5bjY7BkH04Jcbmd7EmzwcY5ASR0MQMTzFEgh279TXGcd9nG8FP9tJXq5zZfKQAZ%2BmPHipCcpfxy7AyYR06agKCvPvh7jfxBEzVPSTAqXMFOXShZRu9m"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private
cf-ray: 7c81f20f5bce2c61-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 activity Show response
cyniva.com/auth/ 0
1 KB 357ms
356ms XHR
text/html 2606:4700:3035::ac43:b0ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyniva.com/auth/activity
Requested by: Host: cyniva.com
URL: https://cyniva.com/js/site/content/app.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw
X-XSRF-TOKEN: eyJpdiI6InlKVXlEcGQzQWJWSHZmUm1uc01IUGc9PSIsInZhbHVlIjoiOHBhQjYrU3IvM1pCTGFmWVNRL3NtOVRWVmlIZXR0ekdtYXNPQUN3RUpLcTMzVFYvV1UyamYvay80bnRBZjJ0MmlmbnpScnZtWXV5TUVkRlA4K0hZem42dmVmTnlodnBtTVNzK2tvSUU2QnRHbU8ycm5tUTI2UmplWDQyMWVFbkwiLCJtYWMiOiI4Mzc2Yjg1N2Q5MmE3M2M2NjU0OGIyNzllYmVjZDBjN2QwMDQ2OTFkNDE3YzU2ODYzMjA2MjA1ZjU3NzJjNTBiIiwidGFnIjoiIn0=
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 16 May 2023 07:35:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0TxYfz7Q28c%2FSPPKo0uMsOf10Q7WngfE5JNcSCTbzxyjz5LDWWTn2%2FoYPoO9UOKsM1qAxI9f%2FhHWZ0pwpZLj1lCcQeex3UYRVpwEYGjy3DnqoErxnwms4Kao3puI4FPh0rjgsFT1rkoQ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-ray: 7c81f20f5bd92c61-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 68EC 200 B
1 KB 23ms
23ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cyniva.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2265
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 May 2023 06:57:58 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Thu, 11 May 2023 20:01:43 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-id: TOcqt6vTYRaZGcng5B-GPDBKaYYlgSKd6J_wZi9aGXMqGBD2hmn1Cg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 65d75eb0-2601-4da5-a9a4-9ee67a470a59.woff
bmc-cdn.nyc3.digitaloceanspaces.com/Fonts/ 22 KB
22 KB 2865ms
2646ms Font
application/font-woff 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://bmc-cdn.nyc3.digitaloceanspaces.com/Fonts/65d75eb0-2601-4da5-a9a4-9ee67a470a59.woff

Requested by

Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.243.189.2 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

nyc3.digitaloceanspaces.com

Software

Resource Hash

ab4883df74435cbd0eb4d9ddfa492e7cc2a4be7ceff47fcefe82199aed9c4ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://cyniva.com/
Origin: https://cyniva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:35:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 02 May 2018 07:26:09 GMT
x-amz-request-id: tx0000000000000028ea9d9-006463324f-3bfb3da6-nyc3a
age: 0
etag: "edc05a13a301b3a6e023292eb0762d1c"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=60000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
accept-ranges: bytes
content-length: 22051

GET
H2 200 loader.svg
cdn.buymeacoffee.com/assets/img/widget/ 1 KB
1 KB 92ms
36ms Image
image/svg+xml 2606:4700:20::681a:a27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.buymeacoffee.com/assets/img/widget/loader.svg
Requested by: Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc50845649eef3ca755e444896a607b1dd75260a815da51be1f67d2c2b7ce2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:35:43 GMT
x-amz-version-id: y778U96Hs9yxANBOcjeA5_0EDkx.kP0f
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P2
age: 159539
content-encoding: br
x-amz-meta-sha256: 8dc50845649eef3ca755e444896a607b1dd75260a815da51be1f67d2c2b7ce2d
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 15 Apr 2020 14:21:42 GMT
server: cloudflare
etag: W/"ebcc5bf2ffe21dd55db07a33fe9fce60"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMGUtIgbVsBFQVf7cfbmIThSw2m0r3Se5i02gmPvANQXjjDCikL5vNtIX4tVBfrKXOgxyp4S6yYSuimueoTGMm6uxKiMijaZpolA7DgklGkkH%2B4un0rwzMf0tWS%2BsVUpB2Ye4tIFLh%2BGzppVT7u0Vevn"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 7c81f2100d709a3b-FRA
x-amz-cf-id: s2PC78CBQATW4Nq7bw4smXqCTXTh0b4t27whkgdkiYHaR7gkOkF49w==
x-amz-meta-s3b-last-modified: 20200415T141908Z

GET
H2 200 coffee%20cup.svg
cdn.buymeacoffee.com/widget/assets/ 8 KB
4 KB 79ms
45ms Image
image/svg+xml 2606:4700:20::681a:a27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.buymeacoffee.com/widget/assets/coffee%20cup.svg
Requested by: Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 241e4e553d88785f2ce15f635f3a2f10ed8f6642a4da85e48d17964cbe388152

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:35:43 GMT
x-amz-version-id: pOnwg.pZJ5gG3GmZBjcSPve4ZBA2xNmH
via: 1.1 c25307e8546cc763b82d2dc2ee51258a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP63-P2
age: 159539
content-encoding: br
x-amz-meta-sha256: 241e4e553d88785f2ce15f635f3a2f10ed8f6642a4da85e48d17964cbe388152
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 25 Sep 2020 11:10:28 GMT
server: cloudflare
etag: W/"5572d2019f86ec54861b019efe375dba"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKVAfXDJJ8OEe1DEMw4iGGttqObjeDdjcydDSGp9ZSYO%2Br7uIxBwDULxEJT5syResMZaByb0c2rZLjulbi9FbEYYinIdx7eeEzQioW31%2BFnji5ScFWbkKhwbtTI%2FhHAu6dUMRFWzZkmNeZ4%2Bhv%2FFZ8T6"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 7c81f2101d779a3b-FRA
x-amz-cf-id: FDuCDKdEvgG1tpxrdnIxYUDPVh8ArZeyV9Uaq__LC1oRqWNFk5XGQQ==
x-amz-meta-s3b-last-modified: 20200925T111011Z

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 68EC 631 B
1 KB 22ms
22ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 16 May 2023 06:48:13 GMT
x-content-type-options: nosniff
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2855
x-cache: Hit from cloudfront
content-length: 631
last-modified: Thu, 04 May 2023 20:01:43 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: cctYSz7fSXuoPD7Yqiqh3flK-3JFwmKHdKIRXirHL2inyIPXCdbUnw==

POST
H2 200 csp-report
q.stripe.com/ Frame 68EC 0
717 B 590ms
192ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 May 2023 07:35:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1684222543865178
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1684222543864686
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 68EC 0
717 B 592ms
193ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 May 2023 07:35:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1684222543865234
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1684222543864710
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame DBAC 930 B
1 KB 88ms
29ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 77
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 May 2023 07:35:43 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 65
x-content-type-options: nosniff
x-request-id: a6a79b74-9ea9-48dd-addb-f95f4495e2ee
x-served-by: cache-fra-eddf8230075-FRA
x-timer: S1684222543.442180,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame DBAC 0
492 B 494ms
189ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 May 2023 07:35:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1684222543865003
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1684222543864705
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame DBAC 86 KB
16 KB 22ms
22ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 16 May 2023 07:35:43 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 217
x-cache: HIT
content-length: 16031
x-request-id: 83bfa190-814f-48ff-8e43-830f4b708317
x-served-by: cache-fra-eddf8230075-FRA
server: Fastly
x-timer: S1684222543.469815,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 173

POST
H2 200 6 Show response
m.stripe.com/ Frame DBAC 156 B
671 B 604ms
197ms XHR
application/json 54.148.45.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.45.68 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-45-68.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5e26268392812ef3246cd1dc8cfdbb9e718976d6e5d7017185636728a41dfb17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 May 2023 07:35:44 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1684222544053309
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1684222544052791
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 Proms-last-night-6067700.jpeg
images.immediate.co.uk/production/volatile/sites/24/2020/05/ 65 KB
65 KB 302ms
243ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.immediate.co.uk/production/volatile/sites/24/2020/05/Proms-last-night-6067700.jpeg?quality=90&resize=150,150
Requested by: Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 26b8a4fdca5e39bc68f58bf4215f8c7d6bbd8bd8ab795fd97d56809e518e8f3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:35:43 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: FRA6-C1
age: 0
x-amzn-requestid: e4f7909d-c832-444f-8d32-6c1bb10e4e88
x-cache: Miss from cloudfront, MISS
x-amz-apigw-id: FATMgHFDDoEFZVg=
content-length: 66506
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Tue, 16 May 2023 07:35:43 GMT
x-amzn-trace-id: Root=1-6463324f-0cfccbdb5139286a1a11de44;Sampled=0;lineage=6c674462:0
vary: routing_service_test
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
fastly-geoip-countrycode: DE
accept-ranges: bytes
x-amz-cf-id: w4ERFT1RMOQ98-WystZu-GqJNa6qNaTjfT0Zm-wbM6O4OnyS_6Fh4A==
x-cache-hits: 0

GET
H2 200 AdobeStock_443627497-1024x576.jpeg
blog.equinix.com/wp-content/uploads/2021/11/ 213 KB
87 KB 231ms
166ms Image
image/jpeg 104.102.47.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.equinix.com/wp-content/uploads/2021/11/AdobeStock_443627497-1024x576.jpeg
Requested by: Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.47.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-47-181.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: aeb532f186986abaab75a4d28cd5a6247920b252880d20a7789476da9fa4632c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:35:43 GMT
content-encoding: gzip
last-modified: Wed, 07 Dec 2022 00:07:27 GMT
server: nginx
etag: "638fd93f-35422"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, private, max-age=86400
accept-ranges: bytes
expires: Wed, 17 May 2023 07:35:43 GMT

GET
H2 200 Hidden-Door.jpg
venturebeat.com/wp-content/uploads/2022/03/ 28 KB
28 KB 192ms
135ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2022/03/Hidden-Door.jpg?fit=578%2C274&strip=all

Requested by

Host: cyniva.com
URL: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

13d1354164ef1342b9d0ae809fd6347c12ecf697d945e13f014c6274a39f2000

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:35:43 GMT
strict-transport-security: max-age=31536000
x-rq: hhn2 109 200 443
last-modified: Tue, 16 May 2023 07:35:43 GMT
server: nginx
etag: "c10a0d7f84988e58"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 28356

GET
H3 200 feather-sprite.svg
cyniva.com/img/ 58 KB
12 KB 31ms
31ms Other
image/svg+xml 2606:4700:3035::ac43:b0ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyniva.com/img/feather-sprite.svg
Requested by: Host: cyniva.com
URL: https://cyniva.com/js/site/content/app.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc2604e4b0c63665fe5c730c319b560b47ef23b9dad0e6a6b5a9192a428afe17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyniva.com/33293920/blackcat-ransomware-claims-academy-mortgage-cyber-attack?via=tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:35:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 11:02:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3
etag: W/"e76b-5efc7ab0e5eb1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APATrocex3%2FDBTca%2FPW2iON9dJE43VS4rOFNyKYtYtaz%2BKyz4ukDriZcN9WxZnHxu3uVateX1advWSEZgVr7%2F6YbmDXRgTRisTDuDRhJ3v%2BwuXVDKDDyJJy9SUg%2BH2xv%2F0O1VQi%2FM4O1"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7c81f221e8572c61-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 6 Show response
m.stripe.com/ Frame DBAC 156 B
670 B 196ms
196ms XHR
application/json 54.148.45.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.45.68 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-45-68.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5e26268392812ef3246cd1dc8cfdbb9e718976d6e5d7017185636728a41dfb17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 May 2023 07:35:47 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1684222547946619
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1684222547946314
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cyniva.com/	1970-01-20 11:51:48	Name: visited Value: 1
cyniva.com/	1970-01-20 11:50:29	Name: XSRF-TOKEN Value: eyJpdiI6IlpWcW5ocW9INnhUL1U5clhlWFBZVXc9PSIsInZhbHVlIjoiY3BER2JKRmdrSGZRNG1qbk9vc0NNdkRuZjBiM0N4dUplUGx3SmIwb1FiRjlBNXBwSktFUFBuc3VXZDZMYUZzc0hweHg0THRtb3FSRXFUUlZWcFhQYjhNMmhjbzJHQS9nRXBQR1NIbmpoR3ExeWllSk9HUG5JRU84S0Fqb3h3NDMiLCJtYWMiOiJkNDY0YTczMTc4MjZiN2JjMjJlZTdhNzJiNzJmY2ViYjkwNjkwNmIzNDkyMzU2YTEzZmY2MjY3NDhjMGU0OWVjIiwidGFnIjoiIn0%3D
cyniva.com/	1970-01-20 11:50:29	Name: newsy_session Value: eyJpdiI6Im5zTDdTZlJVR0xwT1FRbUFhbVBianc9PSIsInZhbHVlIjoielRkNWc2OThsSXZoaXZKS29xSmQ2SHFqWmhmbFMvZUIvSFYwZHlvMkRhY2xRTjd5OUZtazA1eHNVVWtmRFd4ejlTMUx1bW1NWUxjR3VEQXZybXFxTVljK1VGdE9DOUhIM1ZDbjh4MGUrMHVtcWpQL1BFcHZiajhPeUhIWUxQR2UiLCJtYWMiOiJlNGU3YTJlZGRlNDFhNDg3M2JlODIzZDY5MDczMjZjMWY0ZDc3MGY3Njc2NzE0YjQyMjk5ODI4YWEyZjcxODkwIiwidGFnIjoiIn0%3D
m.stripe.com/	1970-01-20 21:26:22	Name: m Value: aacbbc29-ecbc-4db8-b4f3-973d662253964d31a8
.cyniva.com/	1970-01-20 20:35:58	Name: __stripe_mid Value: cc365480-2671-4446-b7d3-1c0811c8c73d45118e
.cyniva.com/	1970-01-20 11:50:24	Name: __stripe_sid Value: bff21be0-52b1-4d77-a081-2fc775f70a1190fe73

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.equinix.com
bmc-cdn.nyc3.digitaloceanspaces.com
cdn.buymeacoffee.com
cdn.jsdelivr.net
cdn2.iconfinder.com
cdnjs.buymeacoffee.com
cdnjs.cloudflare.com
cyniva.com
fonts.googleapis.com
fonts.gstatic.com
i0.wp.com
images.immediate.co.uk
img.icons8.com
js.stripe.com
m.stripe.com
m.stripe.network
newsyapp.s3.ap-southeast-2.amazonaws.com
pbs.twimg.com
q.stripe.com
unpkg.com
venturebeat.com
104.102.47.181
151.101.128.176
151.101.194.137
162.243.189.2
192.0.66.2
192.0.77.2
2606:2800:134:1a0d:1429:742:782:b6
2606:4700:20::681a:a27
2606:4700:3035::ac43:b0ad
2606:4700::6810:7baf
2606:4700::6811:180e
2606:4700:e0::ac40:6715
2a00:1450:4001:810::2003
2a00:1450:4001:82a::200a
2a02:6ea0:c700::18
2a04:4e42:200::485
52.95.132.194
54.148.45.68
54.187.159.182
99.86.4.76
04ca51aeac44af3d5f97566535572e5050c751fc6427bda77d7d16141c8373f2
0607447000f16c51d52b2ffdc6b9ab1ba6227b825d9296170120476d463c6f22
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
13d1354164ef1342b9d0ae809fd6347c12ecf697d945e13f014c6274a39f2000
16420483ff5c6df72faf45f820ecdc46390557e09a85a1dd54eacd5340714c79
1e99f2733c4c572e990594cc416cbe434fec13c643adc6970a3cda4996986e9b
241e4e553d88785f2ce15f635f3a2f10ed8f6642a4da85e48d17964cbe388152
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
26b8a4fdca5e39bc68f58bf4215f8c7d6bbd8bd8ab795fd97d56809e518e8f3a
3c6fef79a44e005fdae76852e6a114b1c80b257e89e7c6a4882866b6f41d3a70
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5e26268392812ef3246cd1dc8cfdbb9e718976d6e5d7017185636728a41dfb17
86fe384f75722261abf3e071dee54f11e56b2c382bc9956083dc0467eadc14d4
8dc50845649eef3ca755e444896a607b1dd75260a815da51be1f67d2c2b7ce2d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9ffafa899a83a6fd059e7f4d7864098453a424928b5c2df293794d3d33db4507
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
ab4883df74435cbd0eb4d9ddfa492e7cc2a4be7ceff47fcefe82199aed9c4ed0
aeb532f186986abaab75a4d28cd5a6247920b252880d20a7789476da9fa4632c
b1e7b09bf7443e48ec5c23340ac56b1f682d20973e9930811d0097fecc1bfda0
b3651bb700f36d47e2fa6db86184117c02c31437963248d398629099ceab1a71
b7f2d6fa91de80a618910ccc2b98c110dc46b459c956f018dc23cd73411f5905
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c7b22738d10b84677abb2cdc8fff2b59d43c428db311e76d8cd9e74af4f10fbc
cc2604e4b0c63665fe5c730c319b560b47ef23b9dad0e6a6b5a9192a428afe17
d4653bf134592f2877568646ecfed35795014674e5265d85f772db7ea671d6e4
d54261f8397c57ea9b9ffa8f5b5cf674a75e114b1ad66d8d231e10662814768f
dadb3cc5d2f39d2ce8d7086f952917fa40f2577c89a54977f4223618fc7d0541
ddffc1fb5857d5643c0113e624d013e677a00538184616877dbce212abbbfc41
de74ca2b87e0ed077e50cc16ef526283b4f7d7b4c8195d7f86248272bdadc79a
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e2c0ea9aadfd0aaebcb6f731f90b106d92f87ea1dd59d4af6f6db0079e13a994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2a8a398b3b51ade971d69b250a52cbd38c5d8f98d3218648f20e485806239c
f148130bbc12de4dbb513a62606e0e7c8977cbe093ab5bb80a9834eeb9fe5929
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

cyniva.com Open in urlscan Pro 2606:4700:3035::ac43:b0ad Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

100 %HTTPS

50 %IPv6

18 Domains

21 Subdomains

20 IPs

3 Countries

1317 kBTransfer

3508 kBSize

6 Cookies

22 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cyniva.com Open in urlscan Pro
2606:4700:3035::ac43:b0ad Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

100 %
HTTPS

50 %
IPv6

18
Domains

21
Subdomains

20
IPs

3
Countries

1317 kB
Transfer

3508 kB
Size

6
Cookies

43 HTTP transactions
0 data transactions