| my.rtmark.net/gid.js?userId=vtf05i2h2t1u7b5rbpgcesd15v5pxn | 139.45.195.8 | 200 OK | 63 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=vtf05i2h2t1u7b5rbpgcesd15v5pxn IP139.45.195.8:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hashdf52f2878833ec932457edbd69b1128e 22be220523ea2fda2ce4698fa292c0b1376ca781 3ba96adc205c91731dfdf8c3b145717caa3c098249aaa14627661fbba3e66e8f
GET /gid.js?userId=vtf05i2h2t1u7b5rbpgcesd15v5pxn HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ofsnivyan.com/
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: application/json; charset=utf-8
content-length: 63
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=vtf05i2h2t1u7b5rbpgcesd15v5pxn; expires=Fri, 25 Apr 2025 22:07:06 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/_next/static/chunks/2734.6269ca0cf725ea17.js | 188.114.97.1 | 200 OK | 1.7 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/2734.6269ca0cf725ea17.js IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (4147), with no line terminators Hash48072be51722d2894982d56f13a52372 c1fbbdcb8b12079d61205284dec041f93390f47b b0ab49765bb74cdb8c46c171f3adad413e1934203046a3ca23d4872c892894d5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2734.6269ca0cf725ea17.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 15:12:16 GMT
vary: Accept-Encoding
etag: W/"662a72d0-1033"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 2204
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u0RBIdUCNrAoJCHLqj5ONGMTMC3MM%2BwIFhY%2BC5KKg%2FF85cZFKaUtEDATMRetVGXnLDBwGdQqvT1GSAdBFRX9nuqjnTI2DMMXbeSV8OllfNYAzSxH%2FIvHcomPk8YJxlv3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e24fe90b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ofsnivyan.com/
Content-Type: application/json
Content-Length: 216
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: bfd115ac97a7e58e3a82207525f9b7e6
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=146e2c14-1b4b-4bb4-9448-ee1f74a11cb0 | 37.48.68.71 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=146e2c14-1b4b-4bb4-9448-ee1f74a11cb0 IP37.48.68.71:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=146e2c14-1b4b-4bb4-9448-ee1f74a11cb0 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1331
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 25 Apr 2024 22:07:07 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://ofsnivyan.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| ofsnivyan.com/zone?&pub=0&zone_id=7175841&is_mobile=false&domain=ofsnivyan.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=72143d59-c158-4dcd-9f4c-a1d61dfb070b&action=prerequest | 188.114.97.1 | 200 OK | 0 B |
URL POST HTTP/3ofsnivyan.com/zone?&pub=0&zone_id=7175841&is_mobile=false&domain=ofsnivyan.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=72143d59-c158-4dcd-9f4c-a1d61dfb070b&action=prerequest IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=7175841&is_mobile=false&domain=ofsnivyan.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=72143d59-c158-4dcd-9f4c-a1d61dfb070b&action=prerequest HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Cookie: OAID=vtf05i2h2t1u7b5rbpgcesd15v5pxn; syncedCookie=true; oaidts=1714082826
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:07 GMT
content-length: 0
x-trace-id: 21ea5d2a99a4db1a3403783ab6afaa8e
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=myeQItUWp90ibR03AIhSSx5bjFQSOL95KC9%2FSpCcbEZe0fReVM5lrUTzncWz3UXc6%2FH0b3lQRw%2F6cYvS%2Fe2guMgv2T7%2FqFLrMVV39f3ABNQ3YBCmtcyoqMBcTeumEuPy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e589460b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ofsnivyan.com/
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 22:07:07 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/favicon.ico | 188.114.97.1 | 204 No Content | 0 B |
URL GET HTTP/3ofsnivyan.com/favicon.ico IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Cookie: OAID=vtf05i2h2t1u7b5rbpgcesd15v5pxn; syncedCookie=true; oaidts=1714082826
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Thu, 25 Apr 2024 22:07:07 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 4255
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EdZz3AUIPeoD94nBML%2BNFP8i3bmPnG5OZgnytnL%2B1GAJjLbCu28SPcAU45biopNwJoW52Qp6BwAg2ZuBc%2BBQVll7UNBJR9zHD%2F%2BIlmShkf8rYa2r6K7nNgmRyNX7j2yD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a1a4e6c9bf0b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/framework-8940d626f3bfb7e9.js | 188.114.97.1 | 200 OK | 10 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/framework-8940d626f3bfb7e9.js IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (25995), with no line terminators Hash33a34c525e2bee14a166fe1289835308 4afb650772181930d19dca9a41490beea5087932 bebac61ce044debeb2025b1fbf1c95f1b9a4bc97d0702676dea22b0bb689b555
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/framework-8940d626f3bfb7e9.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 15:12:16 GMT
vary: Accept-Encoding
etag: W/"662a72d0-658b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 4291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HHfXRK9gNC74Y8%2FQKcfRfXHY0l1Vj4mwxP7YuKO1YYywojxmswpi8HCjsQAvQ7j6He1rXRTnZZJPDV%2Fx%2FW1CmubMjvAGdXQn1AWihjE%2FG0V1%2FPjTP5X8N9Aft%2FZVjwOJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e12f600b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/9787.32846937d0160cf7.js | 188.114.97.1 | 200 OK | 6.8 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/9787.32846937d0160cf7.js IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (1761), with no line terminators Hash0b47bad6a8778bdc8cd3dec268938624 246ca006b4bdb919f3f1e8fd567a8631f5a136d9 1bb773520bd8d662232b89b67a6ae04556b715b90239d9c443502219b71a2471
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/9787.32846937d0160cf7.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 15:12:16 GMT
vary: Accept-Encoding
etag: W/"662a72d0-6e1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 2204
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pZdfGhYTjk3skY9PWHwYypQn0C9LMizI1sEEJsJIVkERn1zp%2BP9RiInhQTdx5RuRV3hylKB4U8ktlN6qPa6JGDLxOBtQAaegCu11oRs3x9KoavaMZXiYGSZlcex59qAC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e25ff20b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/prhu88fhWjcFxMpI6LI5_/_buildManifest.js | 188.114.97.1 | 200 OK | 7.5 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/prhu88fhWjcFxMpI6LI5_/_buildManifest.js IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeASCII text, with very long lines (1605), with no line terminators Hash4a0ba7194e87f13cd94bbde8d8afb837 8ebdf287b41148fadcddc878a2d3c75255c5d55d 240c3751c47d15cd5f908114ce203156059b9f3e27f489b1ebcd9fab0d1936ca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/prhu88fhWjcFxMpI6LI5_/_buildManifest.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 15:12:16 GMT
vary: Accept-Encoding
etag: W/"662a72d0-645"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 4254
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FL5b1rgcwH5QS55tsB23EqYIeG74KiqznasAweyIBUQaK9JPmOyFl8nFxYMZ3PepMmSNbAjpfCowll80cdjEMGbJavztdSs%2FoUgcrM7Cwo66cBP%2FGoSOQ0OjKhIlVuj2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e12f690b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/system-message/50/ | 188.114.97.1 | 200 OK | 7.2 kB |
URL User Request GET HTTP/2ofsnivyan.com/system-message/50/ IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeHTML document, ASCII text, with very long lines (7692), with no line terminators Hasha449cb30169ea82ab6142bb0d6b418dc dcb73da7892651eb80f772192c20fc1dbb4d6062 e5c1ca65b72161e1b9a7527a99e02dcefdcf786cd5f686a9fa0768b47b3f1e44
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /system-message/50/ HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: text/html
last-modified: Thu, 25 Apr 2024 15:12:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vh9q%2BP9aPnqvjgmxv7nqKMfcDAeJlqOi1FHHwgt%2BZEuaGn94jMb4ftXYrzKlUlE6EX1Xusjr4VBr0X1K0QawwwDdJNqr9kF3q10qByejMd2FyLG%2Bo%2FNd8f90J7asq3T4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4dedf31569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/_next/static/chunks/3091.8141ef861c4fae96.js | 188.114.97.1 | 200 OK | 2.4 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/3091.8141ef861c4fae96.js IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (2431), with no line terminators Hashaff0a51ad60c666bf1f7f27ddff14217 9677799390dc5667eeda431957d59b25d6a40946 f495db20d41fe12519423d9776481cd5c3f1dabc346ea304b8a7201b032d4e87
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3091.8141ef861c4fae96.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 15:12:16 GMT
vary: Accept-Encoding
etag: W/"662a72d0-951"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FB%2FICHYraoYcJ8tQ7RtOFIgPHz3rufR93F50eblTZbzj6IC65izKT7V29G6j%2BzUmzRb1wCAXXTMPpOjmWZZGGoW4hlwvMA3Q%2BwrijJUdu9nzJrOr4%2BHybijr6ee1z7j%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e25fee0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/custom | 188.114.97.1 | 200 OK | 39 B |
IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashc16023891530fbce40f0a1244c3af01c e15d9dff768d82673e5e797a8395d1fa7d9049b7 c7d0061f2d2b9eb7b65b547c4bdf03f5f332cf34021bc972f64b6ad58d3a121a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 300
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Cookie: OAID=vtf05i2h2t1u7b5rbpgcesd15v5pxn; syncedCookie=true; oaidts=1714082826
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:07 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: acb8e42048616c034dae6cb56301424a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=stR5rCFeNeNjS85d%2F8QDfJzc%2FIEo5UM%2FdTmPtSbvOETRUdjo418hvEoZ1h2mPjcxJNi97R1gIjjQy7Uh06nhybbKoL74b8EfCH4zFV3y6G4mORsl5lN1ljMTHQD3LnQS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e589450b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/main-beb6af9e60a8e042.js | 188.114.97.1 | 200 OK | 109 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/main-beb6af9e60a8e042.js IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size109 kB (108887 bytes) Hash44ec1451f689d71d5f33a10d4aa44658 0f7e72050b7bf72366d9463a16038ae94e232f46 1708144463d376da261c16eab17b1d2fe5c49351847f43a46c6ae4b347fd9304
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/main-beb6af9e60a8e042.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 15:12:16 GMT
vary: Accept-Encoding
etag: W/"662a72d0-1a957"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 4254
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SVUDWQ6HWrQ%2FXq1eLv3uEgkKggE9zIXYHxb92joHorY5MgwCNtg0aUtGloXgSBYMAojFcuAV0eYHoWoV0gIzuq%2BukJhllrItknvSuEf4aIuxOgLgXTIc8CXPYUfjpNsd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e12f610b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/7903-dd238946c7924507.js | 188.114.97.1 | 200 OK | 32 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/7903-dd238946c7924507.js IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (31896), with no line terminators Hashb5dd343db67bd22544d11da18268f5c3 069b5b221dd75af58d93192460778b3d07835e74 6347f1d4083f7a0a2ac3d8b12aae8832d9ea6914aa6e137d16a4d41869d14ea5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/7903-dd238946c7924507.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 15:12:16 GMT
vary: Accept-Encoding
etag: W/"662a72d0-7c98"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 2208
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aHyfrpCVOZYzAUEm%2BFDI6u0sWw5eLDNf5mJ5Tvfx0xZe8plp5sRXDHHi6SSifLnBgxS2n51FydqlUZPkgUDa8OFE%2FjdGgyLto7MAQ3PXTjsIZLMq30d3ZVEjmLLaY%2BFB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e12f630b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/2090-519478c186a3d867.js | 188.114.97.1 | 200 OK | 11 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/2090-519478c186a3d867.js IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (10752), with no line terminators Hash37545926cc9a6e537b9f3e95d7a16c1e c3cbfe1f9737817eda25770274e97feaf6b8cc68 d3ccc772608b2a03a543da22715903e2b6e2c14c42c2f475a0f483ac3cd64b37
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2090-519478c186a3d867.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 15:12:16 GMT
vary: Accept-Encoding
etag: W/"662a72d0-2a00"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 2206
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0BbDxGPSaJa%2BDxSlLwUKn%2F2pg9OSdo2cFREhGdS7cT6%2B%2Buf86mxNNkdW67ZMP15n9Q4l12jJfuXe%2BuKgUV8x%2Bdfev6KANpGoZp1pHWKabXfKVXLUKp1N3Po5GCPKibLq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e12f660b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdntechone.com/stattag.js | 104.21.36.146 | 200 OK | 19 kB |
URL GET HTTP/2cdntechone.com/stattag.js IP104.21.36.146:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectcdntechone.com Fingerprint3D:20:D4:11:5D:06:B3:63:9C:08:BF:D9:D9:16:22:D5:DC:3B:9A:CB ValidityMon, 22 Apr 2024 03:33:58 GMT - Sun, 21 Jul 2024 03:33:57 GMT
File typeJavaScript source, ASCII text, with very long lines (18452) Hashbec2755dff94190fec0365b0db53807b f98c36e7e9e06325d03fe39c3b98879062fc2704 ccb15ff22ece6946136f1501ab3ae74155399187c8e85beb10399d56bb8e149a
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:04 GMT
etag: W/"65c37cb8-4a9e"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6611
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ToN8FUYq0SbGf3IZANvUjo5ESkU%2F6XlifBZ4%2FzLRtOtRrS6b3itdqn24Qd04GyeTxKLRy3rRle2ZD916VtgJRWjrySm4ymcilwNSjtZcteR2tZWo9VWrT6SlHEJwhLBNvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a1a4e38a7bb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/custom | 188.114.97.1 | 200 OK | 39 B |
IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashc16023891530fbce40f0a1244c3af01c e15d9dff768d82673e5e797a8395d1fa7d9049b7 c7d0061f2d2b9eb7b65b547c4bdf03f5f332cf34021bc972f64b6ad58d3a121a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 297
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Cookie: OAID=vtf05i2h2t1u7b5rbpgcesd15v5pxn; syncedCookie=true; oaidts=1714082826
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:07 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: 34987e7b7410acdffc1121750955bd98
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6sWqIJDQvzRW1%2BAl9s%2F%2FW4E%2BWtixr7C9zLuxvVALJhMfz8BnYqj0909vFJY2zu90I%2Bt8uNv1ni9YMpHuvXM7vtUw3ebyBnWdRqZx14w9hGJ6dVdL89V2Puk20RPaRe8G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e5793e0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js | 188.114.97.1 | 200 OK | 662 B |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (666), with no line terminators Hash49f9c13e383477050c867416e60b3222 eeb57b5af30601d21511ff1eb94001b86d0c6465 1430b1cd7eaade1b7ba5b3a245f9221c0f6067efd03fc812821d0762b5d10ad4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 15:12:16 GMT
vary: Accept-Encoding
etag: W/"662a72d0-296"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 2206
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=547lKRiAfWgbzjb31vOhKgTBCX55BIAO5aMeRIjW26yqkWZh6HnKFQwUs%2BVuXKwqdHCIUH4lY7fCTEcizh7xG%2BH0eH2CCMbsUQCZs8bjeP4nOrbFNr05bhuLV7Aqzb%2Fz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e12f680b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/3978.f48a53d50c258a97.js | 188.114.97.1 | 200 OK | 3.0 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/3978.f48a53d50c258a97.js IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (3033), with no line terminators Hash74bc667253313da76d87a4a986be1be8 9fa4f4b0ef93eb4d387552e257796321d197540f 1c06c61294617665f38c1276deec5d74330236351921feeef0061359cdf139c7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3978.f48a53d50c258a97.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 15:12:16 GMT
vary: Accept-Encoding
etag: W/"662a72d0-b8b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 2204
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P5hFVuSA2vaYWbPeTlqbgfMJoSHhmkOdWs4s54cVYP8ZlDXNss7m1GFlI%2FICJ%2BGgs3ZXuVbvRuaqKZoCnVwHfpLRn9EXMJrYSZ2dhnZG%2FnjtyNQibbZIKZ2GV0FSJoEM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e24fec0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/5057.48c7d5a8740ee05f.js | 188.114.97.1 | 200 OK | 3.3 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/5057.48c7d5a8740ee05f.js IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (3375), with no line terminators Hash8f79b9155b8b6921206c5c92026b7365 50ef9171a052e5428806431761fca7e75044c0dd 497fc3beb3a1f2e5af56019b4051a15204b9a1320622f4e4bc23342dbbfb71b3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5057.48c7d5a8740ee05f.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 15:12:16 GMT
vary: Accept-Encoding
etag: W/"662a72d0-d0d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 2204
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4NLhnq6NDnak69P3JUzfsknbMR2raZrJpQF7timJmitjuXct8CZ9%2BwiVmwH2mQKZqOJ6iR4sRrjUlwgVtYAU798t5MRKKTZsVuftJXOiXhXJJNBcYKxugPVxHlnGzEiV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e25fed0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/4482.769eda623019310d.js | 188.114.97.1 | 200 OK | 3.9 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/4482.769eda623019310d.js IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (4122), with no line terminators Hash5b7e3f831d3b979af4149e026e628a4a c44f8656dae3608287d5bbeea0e7c9c19a122d3b 31dcadbe6e1ada8f9a75cdd16dadb0c1500cc21ba1b98ea028ed41fa930a2b73
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4482.769eda623019310d.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 15:12:16 GMT
vary: Accept-Encoding
etag: W/"662a72d0-f67"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 2204
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2FUfbhMAsJOjmEuhz5qrBsHI8RPMpmJ3GO1tw48uOlP8CEHbTKT9VzhAIm9l36mth5qg5M%2BkK0ISu4YF%2F5%2BCSHMYJXgkBkyjWBcN%2Bjowsl%2FbwRJigC2EaC6%2BEsPoUcl5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e288060b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/css/0bc0cde260d08b97.css | 188.114.97.1 | 200 OK | 1.8 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/css/0bc0cde260d08b97.css IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeASCII text, with very long lines (1843), with no line terminators Hash64b2b4fa42c7d558d735e2cd28ecf88a 03d6da6e55b1201b51689590520da495a9233d67 2fdb3ce9ccba8355040e5ba3dfb2283194acba81858943b5d88f70030dbb71ea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: text/css
last-modified: Thu, 25 Apr 2024 15:12:16 GMT
vary: Accept-Encoding
etag: W/"662a72d0-733"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 4291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e9x7icQPONQRUSUzvX5pSur2Rq%2FcdtHptTqXLMrjZiTS%2BTluOu2WV3XHhLxgYNz6JYruh%2Bt3HTfmL2hR3V3GQr%2FEGZkAfn3cVCdbia3X%2BZfKfNfSUhkYPaWNxeDBB927"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e11f5c0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/pages/_app-779a416495e5a308.js | 188.114.97.1 | 200 OK | 41 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/pages/_app-779a416495e5a308.js IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (40829), with no line terminators Hash43842afba6d436c94e0e48cab1f7c06f 4436202943a1c082b6486040f6434340e75a893e c57c27310d20bfb3452953a5dce4c3ec6e3e280990389badfc58cf3a87598c33
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/_app-779a416495e5a308.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 15:12:16 GMT
vary: Accept-Encoding
etag: W/"662a72d0-9f7d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 4254
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vwx6RyjCxdAQFS56mPnegxeIZyJtzTh6L54MgeB9W%2FO%2Bju2gcTYCksCO43Oa8%2B6RKAkDH5vB0FNUv%2BKNqJpybukZENUCGOaX52rda9cFgvQpSb2Sub6fXePrXA%2BLroxM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e12f620b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/1155-d7686500f009e1a8.js | 188.114.97.1 | 200 OK | 66 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/1155-d7686500f009e1a8.js IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (65462), with no line terminators Hash613f5d49f7d43d94b46505b05e0590c3 e4d44234534d7a70e04140fa59940b23c99d9a86 07f78aaa713b41b3253165b89b449dfe3ad0485e2423b64b5a5d35b2b8b02078
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1155-d7686500f009e1a8.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 15:12:16 GMT
vary: Accept-Encoding
etag: W/"662a72d0-ffb6"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 2206
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JbbQN6b%2BgWcazxXa8qV%2Fxg7q55VJJnt0AlUr2fN%2FLeh8oQb7E9%2FEQxB90%2FsQZrfGTk7QNahk27BUcKIrSfwF6gC6d7HwLAeVEf2vvPmtg47EqVRjHJYjbxTDP8fzSb0k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e12f670b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/sw/universal.js?ab2_ttl=5184000&zoneId=7175841 | 188.114.97.1 | 200 OK | 1.5 kB |
URL GET HTTP/3ofsnivyan.com/sw/universal.js?ab2_ttl=5184000&zoneId=7175841 IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeASCII text, with very long lines (1540), with no line terminators Hash5edd43e1c6126829925eb36cdbaf7af3 e1baae48011f9077aa37e6ab31d4604d41aec303 38945b2621b28329b93e77cc757db7e8def95dd4f4ba1c13862018da2df83411
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw/universal.js?ab2_ttl=5184000&zoneId=7175841 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Cookie: OAID=vtf05i2h2t1u7b5rbpgcesd15v5pxn; syncedCookie=true; oaidts=1714082826
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:07 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 15:12:16 GMT
vary: Accept-Encoding
etag: W/"662a72d0-5b2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 156
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2FpeGzGZYtVHNY9SLuimoL%2FLf%2FWghn7r8ud2uZpE6t26WkDJ5OHsf2v0jyDtqo9wxrG8dZIJiy310pzJ2cPoFe8qBbhTT6rbbJlMNb7BMo%2FtDpLyyV%2FHEj1CFjtpaRAg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e579430b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=&ymid=&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=vtf05i2h2t1u7b5rbpgcesd15v5pxn&os_version=&btz=UTC&bto=0&z=7175841&cdn=1&domain=ofsnivyan.com&ab2=&ab2_ttl=5184000 | 188.114.97.1 | 200 OK | 37 kB |
URL GET HTTP/3ofsnivyan.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=&ymid=&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=vtf05i2h2t1u7b5rbpgcesd15v5pxn&os_version=&btz=UTC&bto=0&z=7175841&cdn=1&domain=ofsnivyan.com&ab2=&ab2_ttl=5184000 IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (37142), with no line terminators Hash32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=&ymid=&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=vtf05i2h2t1u7b5rbpgcesd15v5pxn&os_version=&btz=UTC&bto=0&z=7175841&cdn=1&domain=ofsnivyan.com&ab2=&ab2_ttl=5184000 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Cookie: OAID=vtf05i2h2t1u7b5rbpgcesd15v5pxn; syncedCookie=true; oaidts=1714082826
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:07 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:49:22 GMT
vary: Accept-Encoding
etag: W/"662a3532-9116"
access-control-allow-credentials: true
cache-control: max-age=14400
pragma: no-cache
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kt%2FY77b7gOzD%2Bz9LcAjA1SERkZ9xDkxSHBarxuKyd8SrQS5KjcjS4aWTxYtBzNT%2BzLt%2BndVeaAEw32euTOnp8qiI9egrY%2Fm0nBCajo24YlHFrCNeAYoOxxxHnnwlBg3B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e4b8da0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/7708.8e590fe080714c84.js | 188.114.97.1 | 200 OK | 18 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/7708.8e590fe080714c84.js IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (17791), with no line terminators Hashf1eae50102c9b8e5e1a4f89fd7719bf2 f328fa17a14398bb15161041966052903af7be9e 69f51a141b5b546b1f236974edee6aa5ef86f31a647cd9db2a547fc7fe270dbb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/7708.8e590fe080714c84.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 15:12:16 GMT
vary: Accept-Encoding
etag: W/"662a72d0-457f"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 2209
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uWTevN%2F39S9PTiwAPJAQSQErVO2ZM%2FpXTO5uR2sAPTrYfyyMN0YdVleXucdWVYTbQjNe7kBN5ono63VZE6CkJWbTT%2FHT64HqEFcwPFSuC6f1I8Akv%2FoQ2UTPRLeBF9V7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e11f5d0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/webpack-a2bc5b9348705b8c.js | 188.114.97.1 | 200 OK | 6.3 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/webpack-a2bc5b9348705b8c.js IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (6537), with no line terminators Hash126b569c97e24d6a866b73bd4675e9de 2c33320f6b6ef0c0f650e22fd8dd6ba4a9198056 83a46cf91aa584396d54046d4badb5360b558ea49b4ea5858aae2aef15492375
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/webpack-a2bc5b9348705b8c.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 15:12:16 GMT
vary: Accept-Encoding
etag: W/"662a72d0-1891"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 4291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tg6lIIuBC12%2FF9ZGVJfnjGssnlAiSRC6y56eyq3MTeS154%2FmgPcQs7oOxPyaBpKxASQCxTXDy4wG3md6Z06tX3njiaNbgFStpONgpItvu9mItM4ASGOMwcL3KwEqkK4c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e11f5e0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/custom | 188.114.97.1 | 200 OK | 39 B |
IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashc16023891530fbce40f0a1244c3af01c e15d9dff768d82673e5e797a8395d1fa7d9049b7 c7d0061f2d2b9eb7b65b547c4bdf03f5f332cf34021bc972f64b6ad58d3a121a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 299
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Cookie: OAID=vtf05i2h2t1u7b5rbpgcesd15v5pxn; syncedCookie=true; oaidts=1714082826
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:07 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: 0f2d67698ea1c3e00a734330aab9e0bb
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RGcftyUmWJ8a%2BfWXqjoxoBkWJCLZCGbrVkk7Dpap45nJ2gnMt2dIsmZVAKSpNZgnORAnnBUlYgs6SpmCiwCzBVKpV2hyeRcAIoCJF1CqjwdRgPEnH13RuUp9DM3n2Vjw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e599480b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/prhu88fhWjcFxMpI6LI5_/_ssgManifest.js | 188.114.97.1 | 200 OK | 182 B |
URL GET HTTP/3ofsnivyan.com/_next/static/prhu88fhWjcFxMpI6LI5_/_ssgManifest.js IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeASCII text, with no line terminators Hashca6aa05f78eb6859347a61db067f16dc 444e70f53eb809f0920de921925d854baccdd251 11ca6f5cc9bc3b5e4021fe0fdad57091b6e8b54a5018672cf9d8b6a7e4f0e229
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/prhu88fhWjcFxMpI6LI5_/_ssgManifest.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 15:12:16 GMT
vary: Accept-Encoding
etag: W/"662a72d0-b6"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 4254
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8yVWhYqg94JMlRlZTK3b%2FVWtTYgnCy%2FZh1T33ucB0vXUdLdzeptdDgc3H74QqKD55A7XZzLNQcR1K4I4K%2F3fakqKR%2BU13ZkH%2FDKCvKbSex1mQ26vUDH3NrsfhR3vn8q%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e12f6a0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/5356.cd117ab77e87aa94.js | 188.114.97.1 | 200 OK | 1.3 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/5356.cd117ab77e87aa94.js IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/50/ CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (1340), with no line terminators Hash928a78a6ff2acfdfc2b133e09c23a898 80992f60be4eeaa5e9ee31c4912fc8fd15806007 af03ac8ae373bd61c0ac2106d2837e74bf0f3c2d02682c018909684f3e6af5bf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5356.cd117ab77e87aa94.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:07:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 15:12:16 GMT
vary: Accept-Encoding
etag: W/"662a72d0-512"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 2204
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TNHDp%2FplBJomDkzMb4LgAyJHyjFY6xL6chXqdUBIFU0xE8%2FlnBPSku2uIR6T6haxgywNWM5gpslq1kpW%2BVgpc4pTgMJm4uxYo6uZYjPD5lH%2FUCNL33kwGl1EiaPS9Cas"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1a4e25ff00b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|