| ofsnivyan.com/_next/static/css/0bc0cde260d08b97.css | 104.21.90.194 | 200 OK | 1.2 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/css/0bc0cde260d08b97.css IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeASCII text, with very long lines (1843), with no line terminators Hash64b2b4fa42c7d558d735e2cd28ecf88a 03d6da6e55b1201b51689590520da495a9233d67 2fdb3ce9ccba8355040e5ba3dfb2283194acba81858943b5d88f70030dbb71ea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: text/css
last-modified: Tue, 07 May 2024 16:11:10 GMT
vary: Accept-Encoding
etag: W/"663a529e-733"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 5995
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CcVvyk619q%2BtRj31WlyXwkeYKX0uts5nEnlS5o1HIkmtAC3u4Ls0RvdYXKBS4XM90ESZe5yQRx7beY%2FLaxXQkoEqwfCL6JH4MuNb71RtqXoFihb%2FmeBdThX2v16HN%2FcR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2cd285e712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/main-beb6af9e60a8e042.js | 104.21.90.194 | 200 OK | 33 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/main-beb6af9e60a8e042.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash44ec1451f689d71d5f33a10d4aa44658 0f7e72050b7bf72366d9463a16038ae94e232f46 1708144463d376da261c16eab17b1d2fe5c49351847f43a46c6ae4b347fd9304
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/main-beb6af9e60a8e042.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 16:11:10 GMT
vary: Accept-Encoding
etag: W/"663a529e-1a957"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 5995
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gsExug1vU2mo7FQqhwCzIHFE3VJX3EnwEJMCHgGO7nGyT%2FzOpOSxXVsNi9WawKeMgIVf0MQmsygBEG9tRxr3cRKq5HJXey5P1y4FLeIGdkZSn8XeCzzxf6DOrg7xcVZi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2cd3869712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/pages/_app-77a6ab7dd178be7d.js | 104.21.90.194 | 200 OK | 12 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/pages/_app-77a6ab7dd178be7d.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (41624), with no line terminators Hash85eaf529660a53796f74da36540dd45c cf19d281001d7e20efff136f3f5036ed7688622b 4188ed1531d40419b2a26cd0e1ab62f5e02256b0db82d08fae96cf75c5b160fa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/_app-77a6ab7dd178be7d.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 16:11:10 GMT
vary: Accept-Encoding
etag: W/"663a529e-a298"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tp%2Bw5nGMMS8cAMqer3MksRcbFz4PTVfX8mqV3DIPtyqzNmwTA4QBkQJqqa6zbcFC87lv%2BAHmLlW8MoOmAUjG2%2BUs9Qs8782rKmtJsgLW0bSFQuAOLFsEQCv6o7ERN4q7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2cd386a712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/5356.cd117ab77e87aa94.js | 104.21.90.194 | 200 OK | 721 B |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/5356.cd117ab77e87aa94.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (1298), with no line terminators Hash48bc38caebc09f278d740e9a8302bf56 b687105616511f0eb1f493a5ff7cb35e6b445b5e d558e0466151e37fdefda1944ca4860ea0f63fc583e36ed00e2516d52774caa3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5356.cd117ab77e87aa94.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 16:11:09 GMT
vary: Accept-Encoding
etag: W/"663a529d-512"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 5989
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=USCdiJpk1CuR1qylZPLHv1YgXRxFLkoHkb3G7m9k4V0L0KIxVmNXQnMWA%2BnfKVGlwkUSa7uVbEqD4J3%2F6OjMeyiqm1gvjCj9AemKLqzLpvcXzyYnt5l0%2BeSnEGS4sNEI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2ce290a712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ofsnivyan.com/
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 22:49:02 GMT
content-length: 0
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/_next/static/chunks/5057.7ec3a668fa27cd9c.js | 104.21.90.194 | 200 OK | 1.4 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/5057.7ec3a668fa27cd9c.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typegzip compressed data, from Unix Hash94b04f1440822659a7cdf483954c75da d04905a9a61dfba4c1805cb73c9a05f380dc1922 f08c503e5c565014462c6fc3133d4e93a395fa1f610e63a4608472cff84faa26
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5057.7ec3a668fa27cd9c.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 16:11:09 GMT
vary: Accept-Encoding
etag: W/"663a529d-d0c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3vzcrEJGUNjfgJs755B6V7xL9ldcSBW932YKTP83xivNGEy0LLplIwTcDYQI%2BfNxxxHcMXP%2BZsix%2BMhE4w%2F8vDOu4alkK43yDjpEGFY7YadJz8jHfVCwIbZk%2FafSh0IU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2ce1903712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/favicon.ico | 104.21.90.194 | 204 No Content | 0 B |
URL GET HTTP/3ofsnivyan.com/favicon.ico IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Tue, 07 May 2024 22:49:02 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8oqzSAlmOkkGmreICI5bM5uNuy7N4D0yxc9rRvKG5HK5RflE6uhMisFFrSsBtO6CzhtY2DlIHxEKH5TSupXg4CaFuMyUPZefclQurUN%2BQhNL5A9HU3c7rk4O6AMNaK5I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804c2cf9a32712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/track?dry=false&request_var=811843544011776881&oaid=5wqydktbnjxuhn2lhvpo4m69nt37bye&os_version=&var=5369052&var_3=&var_4=&variable2=&ymid=811843544011776881&z=5369052 | 104.21.90.194 | 200 OK | 589 B |
URL GET HTTP/3ofsnivyan.com/track?dry=false&request_var=811843544011776881&oaid=5wqydktbnjxuhn2lhvpo4m69nt37bye&os_version=&var=5369052&var_3=&var_4=&variable2=&ymid=811843544011776881&z=5369052 IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
Hash518fbbd5a95951cd6212498955368d69 f6b781a48dee7d09f5b29745c4ced1397642bbe1 f8c19e1cf3423fb386d154c3effb94bc2774d81de6af91588f731e2ce2b6a4f8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track?dry=false&request_var=811843544011776881&oaid=5wqydktbnjxuhn2lhvpo4m69nt37bye&os_version=&var=5369052&var_3=&var_4=&variable2=&ymid=811843544011776881&z=5369052 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ofsnivyan.com/system-message/59?z=5369052&var=811843544011776881
DNT: 1
Connection: keep-alive
Cookie: OAID=5wqydktbnjxuhn2lhvpo4m69nt37bye; syncedCookie=true; oaidts=1715122142
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/json
vary: Accept-Encoding
x-trace-id: 4b2ec2171329db65df2e60c29f52a0cb
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tVeLMY1JcoT%2FJlvh00BbOltTm9s5s5BKgdWr0aaQHUFIOhNjJ7m8gQOAyZjdNfDOk%2BeBFX5pWxlrw83oVhniOrtXSdTQRdbarIWPLE6%2Fy58zAyZ4fMd1j5eE74AlQ9ci"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2cfca46712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=4a6ad5a1-3120-47fe-ad5b-9e2ad60ddbb5 | 139.45.195.253 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=4a6ad5a1-3120-47fe-ad5b-9e2ad60ddbb5 IP139.45.195.253:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=4a6ad5a1-3120-47fe-ad5b-9e2ad60ddbb5 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1388
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 07 May 2024 22:49:02 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://ofsnivyan.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| ofsnivyan.com/custom | 104.21.90.194 | 200 OK | 545 B |
IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 354
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=5369052&var=811843544011776881
Cookie: OAID=5wqydktbnjxuhn2lhvpo4m69nt37bye; syncedCookie=true; oaidts=1715122142
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: 81331d4703a3807551042113b227096e
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ggniQNGs3JOFirjdaxwN3nNKEcKxWTxr3oFVd7ZVvEs8yWLFqyOKhnsHVnSAvd2c8Let%2BMcbF2PgFGUS5ZexPW0ohswH6155566iD%2B5%2F9JszuyNPQQ1XoiozjXMeYso"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2d09aae712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/zone?&pub=0&zone_id=7250650&is_mobile=false&domain=ofsnivyan.com&var=5369052&ymid=811843544011776881&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=f8060505-d94c-4bb1-9137-de7b9a4031ed&action=prerequest | 104.21.90.194 | 200 OK | 0 B |
URL POST HTTP/3ofsnivyan.com/zone?&pub=0&zone_id=7250650&is_mobile=false&domain=ofsnivyan.com&var=5369052&ymid=811843544011776881&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=f8060505-d94c-4bb1-9137-de7b9a4031ed&action=prerequest IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=7250650&is_mobile=false&domain=ofsnivyan.com&var=5369052&ymid=811843544011776881&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=f8060505-d94c-4bb1-9137-de7b9a4031ed&action=prerequest HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=5369052&var=811843544011776881
Cookie: OAID=5wqydktbnjxuhn2lhvpo4m69nt37bye; syncedCookie=true; oaidts=1715122142
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-length: 0
x-trace-id: cb93765af9408cc5d1c9f52fa4048f66
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QjTPmOcHI9yuamqg0pwP1DwWA%2BRCOph3Ai6XBEMM7QKlH13aFfueRGlog%2F4PBgkFJxQDonoULJtJWMU4y9eJHt0Ez54o24x0l6aH53L6QTDwFjc8s2ZLeNxPBj6IZWlB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2d0aab7712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/sw/universal.js?var=5369052&ymid=811843544011776881&ab2_ttl=5184000&zoneId=7250650 | 104.21.90.194 | 200 OK | 381 B |
URL GET HTTP/3ofsnivyan.com/sw/universal.js?var=5369052&ymid=811843544011776881&ab2_ttl=5184000&zoneId=7250650 IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
Hash3720f9cee1df8fca36fe99491eab215b 1705d72778aac160278f15d86a8d1aa2bac785bf 08c09c04a09d4a2fe27fc50189a08f18cfe108a3b966d4a36c77819275c0d81d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw/universal.js?var=5369052&ymid=811843544011776881&ab2_ttl=5184000&zoneId=7250650 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=5369052&var=811843544011776881
Cookie: OAID=5wqydktbnjxuhn2lhvpo4m69nt37bye; syncedCookie=true; oaidts=1715122142
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 16:11:10 GMT
vary: Accept-Encoding
etag: W/"663a529e-5b2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3544
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rU%2B1Saxn4LKKX72wFKQLMxkC13zfL27bEr834O6Qlw%2BqtncPDiPKkXD231SxzQHvFR7FhJMSNma%2Bvgy4hPJBZ0z%2F6fZRkcZxZWSSFqwvGMSeSTtYddrS%2BFOHmUTw9s9Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2d09ab1712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd5e3cdb9680a8924e41243cc1ad9aee9 f7c2cd9f40820f21f895591d468d4ebc4fb85131 a14853ca13511986a96c086562b4d95fd0abb7aa48d080cb54bfe939967b4a2b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ofsnivyan.com/
Content-Type: application/json
Content-Length: 1806
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/_next/static/chunks/7903-dd238946c7924507.js | 104.21.90.194 | 200 OK | 13 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/7903-dd238946c7924507.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (31896), with no line terminators Hashb5dd343db67bd22544d11da18268f5c3 069b5b221dd75af58d93192460778b3d07835e74 6347f1d4083f7a0a2ac3d8b12aae8832d9ea6914aa6e137d16a4d41869d14ea5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/7903-dd238946c7924507.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 16:11:10 GMT
vary: Accept-Encoding
etag: W/"663a529e-7c98"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 5993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NHxrbZB8c6%2BlJ6fSY98dx8yPssgzmk2v6pRPMOqdXd6LrLBBlwJmUIVagwNvO9O3Hx0GtRcaJnZz1J8YTbG%2FRhCleGyLXyPzjCej2kugN3v7Vz7QIoZPmNrDcAWIZfcC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2cd386b712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/system-message/59?z=5369052&var=811843544011776881 | 104.21.90.194 | 301 Moved Permanently | 7.1 kB |
URL User Request GET HTTP/2ofsnivyan.com/system-message/59?z=5369052&var=811843544011776881 IP104.21.90.194:443
CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /system-message/59?z=5369052&var=811843544011776881 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Tue, 07 May 2024 22:49:01 GMT
content-type: text/html
location: http://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9fJjjw8W2oqduDqH66P8aRPYh42aDCGY7X8Ql8kPZuxW4KhnS8TvR03J6Dw1IMoZJ8LoDXhamK7NznO%2FE0eWd4WDVXnR%2FvsR8l1Nenk8Qjx9FzSdJ33LcFAghKmztFre"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2c99f80b4f7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/_next/static/chunks/4016.b34d808c2d259f64.js | 104.21.90.194 | 200 OK | 18 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/4016.b34d808c2d259f64.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (17639), with no line terminators Hash1baade0da929e938464e0e06118d08f3 d51b06824e049811b73ce75601695874fb2c2935 93eb1e96f4a042209b295a35043c731a9ac3fde02aebce6fe3db8065ff1cd8a1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4016.b34d808c2d259f64.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 16:11:09 GMT
vary: Accept-Encoding
etag: W/"663a529d-44e7"
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6812
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HWQVC3EdSeHHvcRkkPaVBU86PjM%2FDdz2S%2FnsPPAriVBJav8JWjd5fCfSh%2B0mqfI%2B8w02CgEfWVFsZ7fiEClRXKDqvaJmiJ8itPumse0fNwDxO6qCz7hRII%2F4pGDh8BIY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2cd2861712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/webpack-16c59117a5e33762.js | 104.21.90.194 | 200 OK | 6.3 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/webpack-16c59117a5e33762.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (6510), with no line terminators Hashd81ebd41233b313209c6788f8bf99e9b 879fcb49ae623ffb907e5f7ae831f4d76138c707 57832517a25ef775088811869c48e168c1bcc09ad92ad79c3c2c53c21ac71448
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/webpack-16c59117a5e33762.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 16:11:10 GMT
vary: Accept-Encoding
etag: W/"663a529e-1878"
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 5995
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GemRa5BF%2Be7qj6eIE6SFYPFVK9vqVhIFxam0wM6I0beSbhFxyvkD6zMyOImTQHvbO37cu9Wh5650qxtbC4UY4uERRxGIcPvrjJF2CN9VbHDYq7ZW5WRraOVyUfvJ2iNB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2cd2863712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 | 104.21.90.194 | 200 OK | 7.1 kB |
URL User Request GET HTTP/3ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 IP104.21.90.194:443
CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeHTML document, ASCII text, with very long lines (7652), with no line terminators Hash0dd3d509f963a8d6e286187c48dc8ee7 491f7a7a61c05eca4389728443eda419caee2505 a62c1becd700a2e6ff578f19a08659504ecbae5a13c21cad3b1236163513dac8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /system-message/59/?z=5369052&var=811843544011776881 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:01 GMT
content-type: text/html
last-modified: Tue, 07 May 2024 16:11:12 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tk9YC395AW2X3kYLYOi3NG1vbcUTVi0o2usv2gkAqtW3lxITUTFNhOqpAddWT3yvLFTdrN%2BHE1lfv4oOmt3U2ngPQz7jtxynbccSy0phz86lEz0ScHlF7BYGAsxsIB1K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2ca4eae712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/2090-519478c186a3d867.js | 104.21.90.194 | 200 OK | 11 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/2090-519478c186a3d867.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (10752), with no line terminators Hash37545926cc9a6e537b9f3e95d7a16c1e c3cbfe1f9737817eda25770274e97feaf6b8cc68 d3ccc772608b2a03a543da22715903e2b6e2c14c42c2f475a0f483ac3cd64b37
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2090-519478c186a3d867.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 16:11:09 GMT
vary: Accept-Encoding
etag: W/"663a529d-2a00"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 5993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ajHJTsQLpSGRh9bQlWz8oO3TeI6lUfGxrtRo4t754E2DUpkxjFGkYdKXDJTBVhbZvMbfpnLIdXUDbUactyy1LNqDBfy8APrICxXfBR6mjEAjYjhKEChQPRo3d%2F5qaub"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2cd386d712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/dAaIzUv4XtGx8iX-9U1Nb/_buildManifest.js | 104.21.90.194 | 200 OK | 1.6 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/dAaIzUv4XtGx8iX-9U1Nb/_buildManifest.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeASCII text, with very long lines (1696), with no line terminators Hash355192c5cac7966c2c0ea46afde68c35 1afb3d39fa9e18eef37b2b353581e916b3db4683 a9662fb68ec260744897dc85cf8b13e59a0726e2e353e3a8ef55a13f238982c2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/dAaIzUv4XtGx8iX-9U1Nb/_buildManifest.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 16:11:10 GMT
vary: Accept-Encoding
etag: W/"663a529e-644"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zhpm1V%2Bk7GpkbegBmpmh%2FtFKFaCsjhQgGR6Z%2FFHG%2BQ%2FnNx%2BkwQb8X33Pi9x2RVN77VPvIPValvYiJR5Owkq403L%2BV7Gl%2FNrfuCudx7z5vH4ypeZYdS26CyFWG6cNx8O6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2cd3872712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/3091.8141ef861c4fae96.js | 104.21.90.194 | 200 OK | 2.4 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/3091.8141ef861c4fae96.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (2431), with no line terminators Hashaff0a51ad60c666bf1f7f27ddff14217 9677799390dc5667eeda431957d59b25d6a40946 f495db20d41fe12519423d9776481cd5c3f1dabc346ea304b8a7201b032d4e87
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3091.8141ef861c4fae96.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 16:11:10 GMT
vary: Accept-Encoding
etag: W/"663a529e-951"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xtJQfwU0Ct%2FrGNHL4MRm7itXVPBMwe%2F62cBGW5sQ%2Bsm8rdmKBJ3Kffyk0doGTomG7MH2d0N36pMUbujLUO3TEM9QPlFOaTiQRWZbr9WMf6tmD0OVjD7JajxBkwHQmPu3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2ce2906712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/dAaIzUv4XtGx8iX-9U1Nb/_ssgManifest.js | 104.21.90.194 | 200 OK | 182 B |
URL GET HTTP/3ofsnivyan.com/_next/static/dAaIzUv4XtGx8iX-9U1Nb/_ssgManifest.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeASCII text, with no line terminators Hashca6aa05f78eb6859347a61db067f16dc 444e70f53eb809f0920de921925d854baccdd251 11ca6f5cc9bc3b5e4021fe0fdad57091b6e8b54a5018672cf9d8b6a7e4f0e229
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/dAaIzUv4XtGx8iX-9U1Nb/_ssgManifest.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 16:11:10 GMT
vary: Accept-Encoding
etag: W/"663a529e-b6"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 5992
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FWbuBYHcNjKRCV4JQ3daMt0HbDTBFyjTSV5NULkBX8j7KRbc%2F16zKIObnAC72YRlD7KiMCsjoRAJPSiLBLxRGbXqXvr%2FJkf90kP89ojo7JOAxExkPCZKMfbz%2FWx6KR3R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2cd3874712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/gid.js?userId=5wqydktbnjxuhn2lhvpo4m69nt37bye | 139.45.195.8 | 200 OK | 64 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=5wqydktbnjxuhn2lhvpo4m69nt37bye IP139.45.195.8:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash343e291ba5f73cf6ca635e9646bbb7b8 c94e76c7bbe0584d764456e8a3951b98e3ea440e 62224bbf12abea247267cf240230a5bcaee66742ab596e7d658ea4c1d4fc7301
GET /gid.js?userId=5wqydktbnjxuhn2lhvpo4m69nt37bye HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ofsnivyan.com/
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/json; charset=utf-8
content-length: 64
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5wqydktbnjxuhn2lhvpo4m69nt37bye; expires=Wed, 07 May 2025 22:49:02 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/_next/static/chunks/810.a0608c12f2123e1d.js | 104.21.90.194 | 200 OK | 3.0 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/810.a0608c12f2123e1d.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (3074), with no line terminators Hash6cc4490ccff791f29be9ad2e2c0e83b3 ede3303c45d0de176f97822066b186d4e0ca603a 6e703777488800dbe82363bf1e4afae683f2743079eeca4b3119c21eb2f542eb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/810.a0608c12f2123e1d.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 16:11:10 GMT
vary: Accept-Encoding
etag: W/"663a529e-bb4"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 5989
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tHj7PNbR%2BJxeHFT4yu7utIo22F2mWtJZdYjaHsuHyT44Pn5lSrQoAozBrbKBO9G8BHzPXeZ8KXg4PBVzEETLwQtuJXhreM352kCXxGAdsC2l%2Fb9tUQ5riOo9p%2FhhK4Jr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2ce1901712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=5369052&ymid=811843544011776881&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=5wqydktbnjxuhn2lhvpo4m69nt37bye&os_version=&btz=UTC&bto=0&z=7250650&cdn=1&domain=ofsnivyan.com&ab2=&ab2_ttl=5184000 | 104.21.90.194 | 200 OK | 37 kB |
URL GET HTTP/3ofsnivyan.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=5369052&ymid=811843544011776881&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=5wqydktbnjxuhn2lhvpo4m69nt37bye&os_version=&btz=UTC&bto=0&z=7250650&cdn=1&domain=ofsnivyan.com&ab2=&ab2_ttl=5184000 IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (37142), with no line terminators Hash32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=5369052&ymid=811843544011776881&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=5wqydktbnjxuhn2lhvpo4m69nt37bye&os_version=&btz=UTC&bto=0&z=7250650&cdn=1&domain=ofsnivyan.com&ab2=&ab2_ttl=5184000 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=5369052&var=811843544011776881
Cookie: OAID=5wqydktbnjxuhn2lhvpo4m69nt37bye; syncedCookie=true; oaidts=1715122142
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:49:22 GMT
vary: Accept-Encoding
etag: W/"662a3532-9116"
access-control-allow-credentials: true
cache-control: max-age=14400
pragma: no-cache
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kwpdiSmJrKUOfYu5ywXFdU5CqGdo6D18xFPPAekmlj7XjA01vtCTUG1Ou1Td7AvbIEsIqeDp8VtomD5BqGnM2dlwY4hbNbCuihLnlC7OAWD2XhiWkozqyOewU2cmrQ6c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2cfea52712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/framework-8940d626f3bfb7e9.js | 104.21.90.194 | 200 OK | 26 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/framework-8940d626f3bfb7e9.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (25995), with no line terminators Hash33a34c525e2bee14a166fe1289835308 4afb650772181930d19dca9a41490beea5087932 bebac61ce044debeb2025b1fbf1c95f1b9a4bc97d0702676dea22b0bb689b555
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/framework-8940d626f3bfb7e9.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 16:11:10 GMT
vary: Accept-Encoding
etag: W/"663a529e-658b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 5995
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WGrqyub%2BVz48csbFBk69AOOnDQfJGeB0Mom5Rx5NLmjXT2RGSZYLpg%2BIlah9F5Biuq0YzarVWcm4UqLr2PloADBYjKFvWEUaokGq66Lyo0GBUvE4LF0gY90OjVmyOMHy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2cd2867712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/802-957a719378528c6a.js | 104.21.90.194 | 200 OK | 69 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/802-957a719378528c6a.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash67ff0c30478f2fde5f99f9fed6b54d62 9a33b56729184164417c46bcd36c299e05a0fe95 1a896453de2a387b23019831c5bdb91687c69f7d16a163fc33300f685c4f162a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/802-957a719378528c6a.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 16:11:10 GMT
vary: Accept-Encoding
etag: W/"663a529e-10c0e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vgbxq5a%2BPcJXdiaNMGjQjR%2BW3KL0XqXKOc0rR214aEcmkhAOHPwbi04jxDkgY6FuK00UiCUT1he%2Fo%2Bf3BqyUh31gSmAzBTN2ICnhwcbT2fYBlTzeSNwDI4f18pRjfbUw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2cd386e712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/2734.6269ca0cf725ea17.js | 104.21.90.194 | 200 OK | 4.1 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/2734.6269ca0cf725ea17.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (4219), with no line terminators Hash98132c6c771aec065d3ab61e5c8c0f53 56484dafed6218ea17ef047fc8cd4c5a342c1890 ae09486720d6d4764b5126f0e26414962ee83eeebdc05db588bb7d86855e8b23
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2734.6269ca0cf725ea17.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 16:11:09 GMT
vary: Accept-Encoding
etag: W/"663a529d-1033"
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 5989
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=66TRwOmdfcwZzU8wgVI1KtmK6bdyNvcAMryelW471Sl92HaZ8vuf3W4QN%2B0H7ymjsxV62voNzOdgppytfEQM7mgUF6%2BZzxCVwu7OOpQWGZmHgWLv2V89FhlQQTSMYOfv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2ce1900712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdntechone.com/stattag.js | 188.114.97.1 | 200 OK | 19 kB |
URL GET HTTP/2cdntechone.com/stattag.js IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectcdntechone.com Fingerprint3D:20:D4:11:5D:06:B3:63:9C:08:BF:D9:D9:16:22:D5:DC:3B:9A:CB ValidityMon, 22 Apr 2024 03:33:58 GMT - Sun, 21 Jul 2024 03:33:57 GMT
File typeJavaScript source, ASCII text, with very long lines (18452) Hashbec2755dff94190fec0365b0db53807b f98c36e7e9e06325d03fe39c3b98879062fc2704 ccb15ff22ece6946136f1501ab3ae74155399187c8e85beb10399d56bb8e149a
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:04 GMT
etag: W/"65c37cb8-4a9e"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 957
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yLtnF5W%2FiTyDyudVF4gCUnH8s4k6xBbeXHt%2Fuwjc7r%2F9Pp9okS4vndPlGKWCcnrzwClRnvZXv%2BOrQouBpG4xnoWJqNh%2FcVbn6Knce6L9aYvrLnpGwPXzWSEWHg8mUdLJXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804c2cee93b56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-f51e2daac4d078b4.js | 104.21.90.194 | 200 OK | 661 B |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-f51e2daac4d078b4.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (665), with no line terminators Hashf8e52c06430c8d613af8c236a1972a4a 8ac071e6c0908ee068e453ae47a6598d733d9a1a 7f75dbe159ba344bd4495842a3c902c147703b5f4835885f3a9e13f879cdcddc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-f51e2daac4d078b4.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 16:11:10 GMT
vary: Accept-Encoding
etag: W/"663a529e-295"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 5992
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jpE5VKcluqLal1lJZd%2FNZT1LDIdNVCvBRt%2FOA8zZMFVHyOY%2BQKF3LNjmK1a65jXe8JpabMpKFlxxv3d93zY4Yk3tiJmBQxieAKMd6PRqITLH%2BsFFBAHR1V3JG45IUvRR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2cd3870712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/585.334272b77caf2262.js | 104.21.90.194 | 200 OK | 3.9 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/585.334272b77caf2262.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=811843544011776881 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (4120), with no line terminators Hash53b7aef78286c4dd02279461e8d43db4 070bec45dad4bfd1a9bd554ddc60956e0d44b9fb 5d0f3b3a245fad1386f3353ea619b1f6388ebea3826eab024e4f7ed9fa598cfc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/585.334272b77caf2262.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=5369052&var=811843544011776881
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 22:49:02 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 16:11:10 GMT
vary: Accept-Encoding
etag: W/"663a529e-f65"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 5988
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4s212e5hzO7HK%2B7ndYcqShEmyWkY5gM%2BM%2BUGMcA%2Fa4O1nj3tpuSS54978N4uE3R55la9XQzFh7MTAVFklQ2ypYaBgl%2BIs2WVPZjHFvQUzAeCNolzaJ1kaqHxWD3VjcbI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c2ce6933712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|