| ofsnivyan.com/_next/static/chunks/3091.8141ef861c4fae96.js | 188.114.96.1 | 200 OK | 1.2 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/3091.8141ef861c4fae96.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (2385), with no line terminators Hash8de4ecfc18371e9af83a020ad48a4839 f4cfd9509facd189f8e3487426a36cecfc77c090 954601b08c55f3c2e1c2a0a766e31a55e18b3ee0f6213cd1761decd4e4715f64
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3091.8141ef861c4fae96.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:40 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 15:01:42 GMT
vary: Accept-Encoding
etag: W/"663b93d6-951"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 1864
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tHHT4sb70lDC1KId%2F7U6%2BjUFDU1P59Zy%2FKjKso8WO%2FSf02dAWfpuav%2B3QQYQyQv4K%2BigovWFuodESe%2BtK7FPTiT2kLEdGae%2BiJ4ujvyY%2BPdQp5lGwrP0grkWaFttK3QF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c83232d1c5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/gid.js?userId=ik0xs1weug6sl4rqq1bs2x6jx9nexccl | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=ik0xs1weug6sl4rqq1bs2x6jx9nexccl IP139.45.195.8:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hashaa11bc67556e8da8d88012b917b4d001 7efd27547d0432f265bfe493f9995850fbb4df03 c6184ddb6b4fb64042d6cdc3fac2025fe956bc6ebeacb0dcabf40d453e6baeb5
GET /gid.js?userId=ik0xs1weug6sl4rqq1bs2x6jx9nexccl HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ofsnivyan.com/
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 21:23:40 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=ik0xs1weug6sl4rqq1bs2x6jx9nexccl; expires=Thu, 08 May 2025 21:23:40 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ofsnivyan.com/
Content-Type: application/json
Content-Length: 290
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 21:23:40 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: dd212cf2c837496f99ac59fdb605bd71
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/favicon.ico | 188.114.96.1 | 204 No Content | 0 B |
URL GET HTTP/3ofsnivyan.com/favicon.ico IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Wed, 08 May 2024 21:23:40 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3850
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lBSVzGOeAsfqUeZI7Q5928yXQETmTPYJUF6WCVCpfYlfm4V3et14vYcu3P%2F07XsekBAViinXwaRr3%2FYWZRLxAlre69k03RWC%2B6ypKZhj%2F3UDY8yujIk6W1o4FdKgmtEA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880c8324bef95699-OSL
alt-svc: h3=":443"; ma=86400
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=d9e69e7f-bce3-4e91-9e8a-bde26b0b0d49 | 37.48.68.71 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=d9e69e7f-bce3-4e91-9e8a-bde26b0b0d49 IP37.48.68.71:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=d9e69e7f-bce3-4e91-9e8a-bde26b0b0d49 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1388
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 08 May 2024 21:23:40 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://ofsnivyan.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| ofsnivyan.com/_next/static/chunks/5356.cd117ab77e87aa94.js | 188.114.96.1 | 200 OK | 657 B |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/5356.cd117ab77e87aa94.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (1298), with no line terminators Hash48bc38caebc09f278d740e9a8302bf56 b687105616511f0eb1f493a5ff7cb35e6b445b5e d558e0466151e37fdefda1944ca4860ea0f63fc583e36ed00e2516d52774caa3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5356.cd117ab77e87aa94.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:40 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 15:01:42 GMT
vary: Accept-Encoding
etag: W/"663b93d6-512"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=77Txi5ySDVshgpebUxcYuqF6uIUqgNv89GuZZefJFoQTtgzRh7NZBTFGP1hphfprilF%2FgTMvBpazqnAGtGiuZ84fwFFRgASavEJKj%2BTvni0%2BOsCIWSXr9b0Cnv0b%2BIxC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c83232d285699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6424104&ymid=812184433733145402&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=ik0xs1weug6sl4rqq1bs2x6jx9nexccl&os_version=&btz=UTC&bto=0&z=7250650&cdn=1&domain=ofsnivyan.com&ab2=&ab2_ttl=5184000 | 188.114.96.1 | 200 OK | 14 kB |
URL GET HTTP/3ofsnivyan.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6424104&ymid=812184433733145402&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=ik0xs1weug6sl4rqq1bs2x6jx9nexccl&os_version=&btz=UTC&bto=0&z=7250650&cdn=1&domain=ofsnivyan.com&ab2=&ab2_ttl=5184000 IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (37142), with no line terminators Hash32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6424104&ymid=812184433733145402&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=ik0xs1weug6sl4rqq1bs2x6jx9nexccl&os_version=&btz=UTC&bto=0&z=7250650&cdn=1&domain=ofsnivyan.com&ab2=&ab2_ttl=5184000 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=6424104&var=812184433733145402
Cookie: OAID=ik0xs1weug6sl4rqq1bs2x6jx9nexccl; syncedCookie=true; oaidts=1715203420
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:41 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:49:22 GMT
vary: Accept-Encoding
etag: W/"662a3532-9116"
access-control-allow-credentials: true
cache-control: max-age=14400
pragma: no-cache
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YIv%2FcVA4K5QYupFvYPceBXHfdq1LliV83t96p7V0tCJvo0Z2FcKAw1JF0cLj2GTvsTtGE6Qw7ijzZ6YJzhZRIWtz%2BAGpnCQDNyP1INW0a0vaYimJx1zzyPkMKXx9ZgqY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c83252fab5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash53b1970a0c326b104cab91b1523945a5 247821985d7c133f1e827796d965cf84c9711108 e6351e890ca01d337cabe27e25007f9f19d00b98a1b2ef7225f4eb2fe3a21430
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ofsnivyan.com/
Content-Type: application/json
Content-Length: 1811
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 21:23:41 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/custom | 188.114.96.1 | 200 OK | 39 B |
IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashc16023891530fbce40f0a1244c3af01c e15d9dff768d82673e5e797a8395d1fa7d9049b7 c7d0061f2d2b9eb7b65b547c4bdf03f5f332cf34021bc972f64b6ad58d3a121a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 357
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=6424104&var=812184433733145402
Cookie: OAID=ik0xs1weug6sl4rqq1bs2x6jx9nexccl; syncedCookie=true; oaidts=1715203420
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:41 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: 91b5b0c59537774784add7c3af034705
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PUtPIXUhejceTprbFOUynWh%2BGh8BGidnbTuGbzIK87DztMyR9PFCXRrtg52VXc4BwNNaBffwb4Wf%2BDT1T5lQtY51%2FXsZtkAY6YeP6q%2FjvtB%2FTf0SXwa0UBgRZjgfhHaA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c8326090d5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 | 188.114.96.1 | 200 OK | 7.1 kB |
URL User Request GET HTTP/2ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeHTML document, ASCII text, with very long lines (7652), with no line terminators Hash2297fed868ddea42418e85cf39434408 a4bd7dbb5e14ce5d691cd42cddb4536372798ee6 226e35b5caa32a4d57cd9e1446297139c6f10e9c9c7c923033407d1e81ecab5e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /system-message/59/?z=6424104&var=812184433733145402 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 21:23:40 GMT
content-type: text/html
last-modified: Wed, 08 May 2024 15:01:45 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mppkibQGtgNISuVm8ltGltmSg12cLKssnCpB0KOkfUyHdO8PwEigGxpgTDgLqkN4ynfTAoO4vgHnITxpTkTCVJC%2BEhme1xstbWFXHZ4TRe6CsZbT863F2JARJRI9oCFh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c83202865712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/_next/static/KF_2PsOaUjAWUN4z9o3jF/_buildManifest.js | 188.114.96.1 | 200 OK | 1.6 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/KF_2PsOaUjAWUN4z9o3jF/_buildManifest.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeASCII text, with very long lines (1696), with no line terminators Hashf2be6cff3afaefa780b3704bb1fcb908 b2e148f8f54399924722f46f93e4d3fa5a3bc071 63d67546301401b8cbb879d40d55257bf00fe11cff8010144135101392897e4f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/KF_2PsOaUjAWUN4z9o3jF/_buildManifest.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:40 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 15:01:42 GMT
vary: Accept-Encoding
etag: W/"663b93d6-644"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3851
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZNpIW1g21fEtce0Xv6hQYm5Yfrz3eY0yOlCjSJFUX5Yrjs3Dltz0Bqot2WUZD9jlDCSNW6TbRdKmmY%2Fw77H%2BHd94e4BK%2Fqd%2BEdHRWOMiDF93LDyE4GWxvzp7KE8OacgD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c83227bcf5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/585.334272b77caf2262.js | 188.114.96.1 | 200 OK | 3.9 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/585.334272b77caf2262.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (4120), with no line terminators Hash53b7aef78286c4dd02279461e8d43db4 070bec45dad4bfd1a9bd554ddc60956e0d44b9fb 5d0f3b3a245fad1386f3353ea619b1f6388ebea3826eab024e4f7ed9fa598cfc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/585.334272b77caf2262.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=6424104&var=812184433733145402
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:40 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 15:01:42 GMT
vary: Accept-Encoding
etag: W/"663b93d6-f65"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g7x0MKHCLD0cyErp2bnZNtYoWogu4Gf4QEuueJeCw5PwV7yP9XD76hq67Bl95qalQOWnyrf6gpheyI6leTzuaj2auND4zMD7F0BhUok2JeeFiKwiEV7yMuuv47mLg6yR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c83235d625699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/custom | 188.114.96.1 | 200 OK | 39 B |
IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashc16023891530fbce40f0a1244c3af01c e15d9dff768d82673e5e797a8395d1fa7d9049b7 c7d0061f2d2b9eb7b65b547c4bdf03f5f332cf34021bc972f64b6ad58d3a121a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 354
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=6424104&var=812184433733145402
Cookie: OAID=ik0xs1weug6sl4rqq1bs2x6jx9nexccl; syncedCookie=true; oaidts=1715203420
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:41 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: 0638350b31054555b1bc22066de41b53
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KdrB30e9yfEAS%2FdPUHS2095juMtkJuMdJ4cR7EeR1PTcm3cCE14VapWaclpu6BPlBlvuApOlwXLk0GsndXXLrI6ACvZlgQyHavBVUKWDAd%2FFI0WoMhc0BIQY7PyBPCI8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c832609095699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/4016.ae434573a39b468c.js | 188.114.96.1 | 200 OK | 18 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/4016.ae434573a39b468c.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (17719), with no line terminators Hash36a850019a2198c793d792caf8b0652a 462ed59d5f7a5af1fb02c89e99ffca7d7af03709 ca05680aaa8cb4a03853619897eb03943ca2cceff1a552474c62302afc100976
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4016.ae434573a39b468c.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:40 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 15:01:42 GMT
vary: Accept-Encoding
etag: W/"663b93d6-4537"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EfXpTj6jJmXvmfOChDhGr%2BFI5YPXlX0TBrT431wAQG%2B%2FoeFSX1QlKAj7ePdmrHgBFv4qhsg1OYaWjSj%2FKZmTO2MqdvvDaO1umFDvJ%2FJLjiFQGDenjMnUb9A6N76W8GQg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c83226bb15699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/framework-8940d626f3bfb7e9.js | 188.114.96.1 | 200 OK | 26 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/framework-8940d626f3bfb7e9.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (25995), with no line terminators Hash33a34c525e2bee14a166fe1289835308 4afb650772181930d19dca9a41490beea5087932 bebac61ce044debeb2025b1fbf1c95f1b9a4bc97d0702676dea22b0bb689b555
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/framework-8940d626f3bfb7e9.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:40 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 15:01:42 GMT
vary: Accept-Encoding
etag: W/"663b93d6-658b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3852
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dsRWnMR0j%2FEAU%2FVdOd5%2FvZwNxjRvuypSsTwXmPCOY0d5YvL0DQPslOTcurHCTGLvLh3uQEkUxsMzG7u52LUwfEB74wqKO3hmZFJUuhBEZeB6xP11HtUHnLX%2FZ23enFOE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c83226bb45699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/main-beb6af9e60a8e042.js | 188.114.96.1 | 200 OK | 109 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/main-beb6af9e60a8e042.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size109 kB (108887 bytes) Hash44ec1451f689d71d5f33a10d4aa44658 0f7e72050b7bf72366d9463a16038ae94e232f46 1708144463d376da261c16eab17b1d2fe5c49351847f43a46c6ae4b347fd9304
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/main-beb6af9e60a8e042.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:40 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 15:01:42 GMT
vary: Accept-Encoding
etag: W/"663b93d6-1a957"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3852
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o9a9Hus84D%2FoxwLk1mv1KMrye0ltd4wIesWmIrNW7QyEF0iurv9kl7LWaZPpkrB3aO4334pxGfTjMUUxCOH82VYo2hqRKLXoN9TDQ9HuY3pia8gu1LpGvaK0a4YHZI9m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c83226bb75699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/pages/_app-86b8656d77bdf985.js | 188.114.96.1 | 200 OK | 42 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/pages/_app-86b8656d77bdf985.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (42030), with no line terminators Hash9ced022534116c6aac35ccd0395dd456 71b5b37be93f8f8d6a4337d176e8c986b31b3d64 ed34b5751c10720a7314bd1eb3afc8ba171548d59f9f0377830baa0a7552a03d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/_app-86b8656d77bdf985.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:40 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 15:01:42 GMT
vary: Accept-Encoding
etag: W/"663b93d6-a42e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3852
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QwuEOSvqJcQ6a3apKwBU%2B5cY6DnLgvQux2IIwU1svxL%2FjXYebWKTRHLQ73GeWF6i3R77ukS2PHdghBzWZqlhJBs%2FPhYAPWpbJoAwGu5uwqWYEea1UlAe6elYAxXrE5Pm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c83226bbb5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/webpack-05581b877cc00a6a.js | 188.114.96.1 | 200 OK | 6.3 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/webpack-05581b877cc00a6a.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (6510), with no line terminators Hash5a1bebb2c36a522c4caaf03c9a5841ef 614d24d0201e1829b94fe11e2e955e8b851a8ba2 a109437d847c0630da2947b50d730e01e90cac02262f4c77fe1fa2c66e7c8526
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/webpack-05581b877cc00a6a.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:40 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 15:01:42 GMT
vary: Accept-Encoding
etag: W/"663b93d6-1878"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 6312
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BaNTdLKI5kVGqaE5d1rATwpi0XcPu1J621yTTLETs3%2FDjBmSQWT5yX2SluIfpkeO3kUC4rz3StL8SlP3%2B7oN5LoNkHcARtd32fB9JcrGLQ7p6OE0bBYfSF3YylGGnrTF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c83226bb25699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/7903-dd238946c7924507.js | 188.114.96.1 | 200 OK | 32 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/7903-dd238946c7924507.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (31896), with no line terminators Hashb5dd343db67bd22544d11da18268f5c3 069b5b221dd75af58d93192460778b3d07835e74 6347f1d4083f7a0a2ac3d8b12aae8832d9ea6914aa6e137d16a4d41869d14ea5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/7903-dd238946c7924507.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:40 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 15:01:42 GMT
vary: Accept-Encoding
etag: W/"663b93d6-7c98"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 1958
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vo75Hv7Yv0y0Sz%2BYamfWSB9SqHo%2B5xgOntxEzpx41qDyIQ6twYOaKU9iQKbP14As3hzSQPuwbq1gAvv4UTJ9Ra%2BSWx9Ka6KyvGvLb3JPr0XBdUEDfhdGNEJcqBDxUxp4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c83226bbf5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/2090-519478c186a3d867.js | 188.114.96.1 | 200 OK | 11 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/2090-519478c186a3d867.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (10752), with no line terminators Hash37545926cc9a6e537b9f3e95d7a16c1e c3cbfe1f9737817eda25770274e97feaf6b8cc68 d3ccc772608b2a03a543da22715903e2b6e2c14c42c2f475a0f483ac3cd64b37
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2090-519478c186a3d867.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:40 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 15:01:42 GMT
vary: Accept-Encoding
etag: W/"663b93d6-2a00"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 1958
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8I1XEZ1U74V3LJzzKunyh2wQBRPuL%2FNNzkkLImoMkR3PoNQSL3fX7vB9XTbmDPkz5NbiNnBR%2BwfHVvLCnb76FbMM70VtvckCzAbHkU%2BDlfaMakd0OmridA3%2FBx9%2FGn85"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c83226bc25699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-5ff423d12141b8b9.js | 188.114.96.1 | 200 OK | 911 B |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-5ff423d12141b8b9.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (919), with no line terminators Hashec5e1a576ada32db1f8f4c54aaa7f422 e0d4ff8c1a0dd5cb9ae2072c75278a942f905dd8 d384bed08956f31d7cc718d65bc1dffa916c72fbc3186aef41baf450ef9cd509
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-5ff423d12141b8b9.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:40 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 15:01:42 GMT
vary: Accept-Encoding
etag: W/"663b93d6-38f"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 1958
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YNki32EiopKg1oqWFlHH9PkAWfaZD2qLqmWo2sOJEvXG%2F6NfsWZDBi8DSKmh2fCMctOb%2Bt5CDDFdJN%2FQ03TbXW%2BVvwSWCr7AuH%2Fb1BgioeeoaCohP2KQsKG0K2jEcdDg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c83226bc65699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/KF_2PsOaUjAWUN4z9o3jF/_ssgManifest.js | 188.114.96.1 | 200 OK | 182 B |
URL GET HTTP/3ofsnivyan.com/_next/static/KF_2PsOaUjAWUN4z9o3jF/_ssgManifest.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeASCII text, with no line terminators Hashca6aa05f78eb6859347a61db067f16dc 444e70f53eb809f0920de921925d854baccdd251 11ca6f5cc9bc3b5e4021fe0fdad57091b6e8b54a5018672cf9d8b6a7e4f0e229
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/KF_2PsOaUjAWUN4z9o3jF/_ssgManifest.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:40 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 15:01:42 GMT
vary: Accept-Encoding
etag: W/"663b93d6-b6"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3851
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bpypEbyKvQ2MP3UaRKJR7h9nTT8AsVjppCDKd%2FsH2IvGcG1xmDaTxvJiUomLi0zA1HxBln4YEEFIh07X32aRf3VkyM0ZdRfvRxyMV6Nv%2BAlOsI9wWohJVpKzC6P%2BeW%2FE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c83227bd65699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/system-message/59?z=6424104&var=812184433733145402 | 188.114.96.1 | 301 Moved Permanently | 7.1 kB |
URL User Request GET HTTP/2ofsnivyan.com/system-message/59?z=6424104&var=812184433733145402 IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /system-message/59?z=6424104&var=812184433733145402 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Wed, 08 May 2024 21:23:40 GMT
content-type: text/html
location: http://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ELNqOFeTHMbUSktxxSg%2F%2FT8sU4zfCi%2BLShvTuyqnvsU5AKpZtWfdI5datpyIplAFDvHwSlRF%2BE17WteR74cuJukoms4qo6APmASc2CSwCx3nmUCFsmPMRX7qF4PAkbkz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c831f9f8f712d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/sw/universal.js?var=6424104&ymid=812184433733145402&ab2_ttl=5184000&zoneId=7250650 | 188.114.96.1 | 200 OK | 1.5 kB |
URL GET HTTP/3ofsnivyan.com/sw/universal.js?var=6424104&ymid=812184433733145402&ab2_ttl=5184000&zoneId=7250650 IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeASCII text, with very long lines (1540), with no line terminators Hash5edd43e1c6126829925eb36cdbaf7af3 e1baae48011f9077aa37e6ab31d4604d41aec303 38945b2621b28329b93e77cc757db7e8def95dd4f4ba1c13862018da2df83411
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw/universal.js?var=6424104&ymid=812184433733145402&ab2_ttl=5184000&zoneId=7250650 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=6424104&var=812184433733145402
Cookie: OAID=ik0xs1weug6sl4rqq1bs2x6jx9nexccl; syncedCookie=true; oaidts=1715203420
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:41 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 15:01:42 GMT
vary: Accept-Encoding
etag: W/"663b93d6-5b2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 6903
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D6ncKHnJQbPqIUKwBjglgsO7M19f1Mq%2Bcfrmn1Bmds3qAw%2F1dgQZhZYZMXrfHLZ4rp4Kp7MX6pogb24pKW%2BBjoglAzA11O21bl2%2B19hOxrrmJHS3nXFxG4ob1F3w5O3w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c8326090c5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/css/0bc0cde260d08b97.css | 188.114.96.1 | 200 OK | 1.8 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/css/0bc0cde260d08b97.css IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeASCII text, with very long lines (1843), with no line terminators Hash64b2b4fa42c7d558d735e2cd28ecf88a 03d6da6e55b1201b51689590520da495a9233d67 2fdb3ce9ccba8355040e5ba3dfb2283194acba81858943b5d88f70030dbb71ea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:40 GMT
content-type: text/css
last-modified: Wed, 08 May 2024 15:01:42 GMT
vary: Accept-Encoding
etag: W/"663b93d6-733"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 1995
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d84Herrt4nZIOV8ESW8mqqycCTpFCeL5AX0nJOnu6ldbX%2BE%2BDymi5r91lJgFn9MA2hFvjS7C6OP3DJVy85T75khzEMehUUXVLCxnBNVrlfHe6GzJAvJm15UJgOSQcc%2FM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c83226bae5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/802-fc6c2b0de6438662.js | 188.114.96.1 | 200 OK | 70 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/802-fc6c2b0de6438662.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashbf935c8564cf6e7a803e5adc588f2f95 ef051af348959420802d02a5b75db92c3fb890fb f1c9ed5f31148c7451bcd03b563e3716e37bcd9a0f20d2aea45fb7d1337926d3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/802-fc6c2b0de6438662.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:40 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 15:01:42 GMT
vary: Accept-Encoding
etag: W/"663b93d6-10fb2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 1958
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lON4Cn55SPcIGg4O48Gz0rQi8riMNpS8Y7lHlmx1KGYVGrRZBwxaz%2FHwqvsZ95FCuEEyzNkZs3bG2sUG9%2B9akz3B9QkWTyoh%2Bwgb4qk%2BQ50FrwCN23PUp%2FZcduhr7ugw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c83226bc35699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/2734.6269ca0cf725ea17.js | 188.114.96.1 | 200 OK | 4.1 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/2734.6269ca0cf725ea17.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (4219), with no line terminators Hash98132c6c771aec065d3ab61e5c8c0f53 56484dafed6218ea17ef047fc8cd4c5a342c1890 ae09486720d6d4764b5126f0e26414962ee83eeebdc05db588bb7d86855e8b23
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2734.6269ca0cf725ea17.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:40 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 15:01:42 GMT
vary: Accept-Encoding
etag: W/"663b93d6-1033"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 1080
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pecuN9XAHs1fPLbVG0Zr05KM%2FkdNnJWRI5aSr1z2oCbYUoZlZa78l3u5N%2BAnVgSYL3BUD35Yr4yr4%2FhBn7PSDvB%2FItm5RWOVLjcMOD6zd7wvvuUfr53yMykz5OabcuZK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c83231d125699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdntechone.com/stattag.js | 172.67.195.28 | 200 OK | 19 kB |
URL GET HTTP/2cdntechone.com/stattag.js IP172.67.195.28:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectcdntechone.com Fingerprint3D:20:D4:11:5D:06:B3:63:9C:08:BF:D9:D9:16:22:D5:DC:3B:9A:CB ValidityMon, 22 Apr 2024 03:33:58 GMT - Sun, 21 Jul 2024 03:33:57 GMT
File typeJavaScript source, ASCII text, with very long lines (18452) Hashbec2755dff94190fec0365b0db53807b f98c36e7e9e06325d03fe39c3b98879062fc2704 ccb15ff22ece6946136f1501ab3ae74155399187c8e85beb10399d56bb8e149a
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 21:23:40 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:04 GMT
etag: W/"65c37cb8-4a9e"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2933
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xMNpOO9IIlHHVafD82Q8%2B3QSUrZQzDYDVu%2FWEgJcsEC5PUBKkv4GsvQG6SKA38j7XimKCF2ubsXl56sKRmwz4lw9lTdcpcV8%2ByEn%2BmgIQc8wI0yId52acXc%2FGl0CBUGYLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880c8323a8d85697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/_next/static/chunks/5057.7ec3a668fa27cd9c.js | 188.114.96.1 | 200 OK | 3.3 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/5057.7ec3a668fa27cd9c.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (3374), with no line terminators Hash5a08e14cc8533f0b042b479051240902 f700da69b9609cdcebc9851df5163bece508694a 0cfda09711a3108f9c9086cd0174a1ee3a7179686e464f4225a9428588d8e1d8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5057.7ec3a668fa27cd9c.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:40 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 15:01:42 GMT
vary: Accept-Encoding
etag: W/"663b93d6-d0c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 1080
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6hXu2gio%2FiqDOkHTu8tFTMU06KO87ldCBrB%2Fv%2BseON6eZytfm9QAbeVIWh%2BU%2B0dhIAOISXsRfu%2F5l4%2FIozcRbIn1SQPm%2B45%2B9Lype8QG7PMu3dbrtNORoyJV17AKBqlr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c83232d1a5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/zone?&pub=0&zone_id=7250650&is_mobile=false&domain=ofsnivyan.com&var=6424104&ymid=812184433733145402&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=00b27368-be57-4989-9896-bc701c5b430d&action=prerequest | 188.114.96.1 | 200 OK | 0 B |
URL POST HTTP/3ofsnivyan.com/zone?&pub=0&zone_id=7250650&is_mobile=false&domain=ofsnivyan.com&var=6424104&ymid=812184433733145402&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=00b27368-be57-4989-9896-bc701c5b430d&action=prerequest IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=7250650&is_mobile=false&domain=ofsnivyan.com&var=6424104&ymid=812184433733145402&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=00b27368-be57-4989-9896-bc701c5b430d&action=prerequest HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=6424104&var=812184433733145402
Cookie: OAID=ik0xs1weug6sl4rqq1bs2x6jx9nexccl; syncedCookie=true; oaidts=1715203420
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:41 GMT
content-length: 0
x-trace-id: 2a7116cd91828b68ef7f03a7c15214d0
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gxrEeBIAJkSDMfRjpWHipVqgySoSiwKjRmUW0XyofJPY2f7Ziwtt%2BK9hI%2BRhZM8syThEu6p1kCTV4%2B4eTbpQvtOP7%2BHBaLeVW40IJpu2aLCX0dA7pDhyqTHArMok6z2y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c8326090e5699-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/custom | 188.114.96.1 | 200 OK | 39 B |
IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashc16023891530fbce40f0a1244c3af01c e15d9dff768d82673e5e797a8395d1fa7d9049b7 c7d0061f2d2b9eb7b65b547c4bdf03f5f332cf34021bc972f64b6ad58d3a121a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 356
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=6424104&var=812184433733145402
Cookie: OAID=ik0xs1weug6sl4rqq1bs2x6jx9nexccl; syncedCookie=true; oaidts=1715203420
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:41 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: f1b910cba95ba80895f489c538b8e675
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oRKdrFqGcH9jFU90xILAYF5cKNYbHf007fvZrlJT3IzNcr48F50OSVKBtivRso%2BxseGTwXwD4%2FbA9LCvELY6afll74k5NT7Aw2p4nfTXm7w6Ktth9%2FP6sdtx4HjPQyue"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c8326090f5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/810.a0608c12f2123e1d.js | 188.114.96.1 | 200 OK | 3.0 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/810.a0608c12f2123e1d.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (3074), with no line terminators Hash6cc4490ccff791f29be9ad2e2c0e83b3 ede3303c45d0de176f97822066b186d4e0ca603a 6e703777488800dbe82363bf1e4afae683f2743079eeca4b3119c21eb2f542eb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/810.a0608c12f2123e1d.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:40 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 15:01:42 GMT
vary: Accept-Encoding
etag: W/"663b93d6-bb4"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gv718CTsE8N3MI4hAjpIAoyNhd2qXktG9efoOgLXlUfd%2FdZDMs9jBdIppbBV%2BXL97F4YGngj3fqsZFuWUIpLA82z966cDMMXHlgEEQhItj2EKhVgpCSxOhimNK29qd8P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c83231d145699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/track?dry=false&request_var=812184433733145402&oaid=ik0xs1weug6sl4rqq1bs2x6jx9nexccl&os_version=&var=6424104&var_3=&var_4=&variable2=&ymid=812184433733145402&z=6424104 | 188.114.96.1 | 200 OK | 182 B |
URL GET HTTP/3ofsnivyan.com/track?dry=false&request_var=812184433733145402&oaid=ik0xs1weug6sl4rqq1bs2x6jx9nexccl&os_version=&var=6424104&var_3=&var_4=&variable2=&ymid=812184433733145402&z=6424104 IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=6424104&var=812184433733145402 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashe6246b04b7d99b675f7086e756e1f242 9f3b5f5cb9b34830dc20448a0acc83bcce5d2727 5ecadcf1c19edd16643f48e47f530b024c97a5653f98a47e14c61d5270dd7881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track?dry=false&request_var=812184433733145402&oaid=ik0xs1weug6sl4rqq1bs2x6jx9nexccl&os_version=&var=6424104&var_3=&var_4=&variable2=&ymid=812184433733145402&z=6424104 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ofsnivyan.com/system-message/59?z=6424104&var=812184433733145402
DNT: 1
Connection: keep-alive
Cookie: OAID=ik0xs1weug6sl4rqq1bs2x6jx9nexccl; syncedCookie=true; oaidts=1715203420
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 21:23:41 GMT
content-type: application/json
vary: Accept-Encoding
x-trace-id: b86c8406f0b1ed161a6c74135cc64b71
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PbitDBfsJtdi7byTpf9kaKpbe1NaxG1NSUAkg3JtRsXTSFjA%2BuaCH1dbJPJtG4RRkCNV4mh2nuD5%2B%2BbuCl53e2NbRzWh0efJSNkq5t3RtuvuFZL0ee7lO4lwdr5mpvjJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880c83250f8c5699-OSL
alt-svc: h3=":443"; ma=86400
|
|