| cdntechone.com/stattag.js | 188.114.97.1 | 200 OK | 7.9 kB |
URL GET HTTP/2cdntechone.com/stattag.js IP188.114.97.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectcdntechone.com Fingerprint3D:20:D4:11:5D:06:B3:63:9C:08:BF:D9:D9:16:22:D5:DC:3B:9A:CB ValidityMon, 22 Apr 2024 03:33:58 GMT - Sun, 21 Jul 2024 03:33:57 GMT
File typeJavaScript source, ASCII text, with very long lines (18452) Hashbec2755dff94190fec0365b0db53807b f98c36e7e9e06325d03fe39c3b98879062fc2704 ccb15ff22ece6946136f1501ab3ae74155399187c8e85beb10399d56bb8e149a
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:04 GMT
etag: W/"65c37cb8-4a9e"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1824
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Ycc5wXn00kAIy6xxJhErc67PTwDFhNfgbKSnBjNv9EMZMxnJ4sM7XogV76cd9J0QlaEVx%2BOb8wHYC74y6ErjuNXSdJwurN5Ttvv6BaeaoTaDwK8zKVFvdw6i19do5966g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa1f6b8f76b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/_next/static/chunks/2734.6269ca0cf725ea17.js | 188.114.96.1 | 200 OK | 2.2 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/2734.6269ca0cf725ea17.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (4147), with no line terminators Hash48072be51722d2894982d56f13a52372 c1fbbdcb8b12079d61205284dec041f93390f47b b0ab49765bb74cdb8c46c171f3adad413e1934203046a3ca23d4872c892894d5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2734.6269ca0cf725ea17.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 15:01:44 GMT
vary: Accept-Encoding
etag: W/"662bc1d8-1033"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dkgSxMZ73oGb%2FNFzH3aiUvdbjYaiVuP4PPM7eVDy2Ly7GcrhUm968rmm77YEAz8LzV2NiAEMIbzUl3pB35HxW%2FCZNhseuZmqUTPZH0YUqJlgN8zwi42je4Ix4bO4ml%2Fa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f6b0d571c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/gid.js?userId=frurlrnvd52f2q50joik3mu2uqonk78 | 139.45.195.8 | 200 OK | 64 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=frurlrnvd52f2q50joik3mu2uqonk78 IP139.45.195.8:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hash69626a3db331559001ca078a5bbdd39d 84da1ea1a1c56c290ebdf8fa2b4e7044c80357e4 89670f369ff764f878e0466f1da32dd6edeefc3c75954bfcc7b9f6fd7ec76ae3
GET /gid.js?userId=frurlrnvd52f2q50joik3mu2uqonk78 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ofsnivyan.com/
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: application/json; charset=utf-8
content-length: 64
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=frurlrnvd52f2q50joik3mu2uqonk78; expires=Sat, 26 Apr 2025 22:48:51 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ofsnivyan.com/
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 22:48:51 GMT
content-length: 0
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ofsnivyan.com/
Content-Type: application/json
Content-Length: 290
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 271a172c8b4ba3a697fdb3ced342c299
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=7f2f2696-3833-46d1-b838-ae0a6414835f | 139.45.195.253 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=7f2f2696-3833-46d1-b838-ae0a6414835f IP139.45.195.253:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=7f2f2696-3833-46d1-b838-ae0a6414835f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1388
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 26 Apr 2024 22:48:52 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://ofsnivyan.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| ofsnivyan.com/zone?&pub=0&zone_id=7250650&is_mobile=false&domain=ofsnivyan.com&var=5369052&ymid=807857247102447660&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=7d1d153d-189f-4621-9dfb-11c929593093&action=prerequest | 188.114.96.1 | 200 OK | 0 B |
URL POST HTTP/3ofsnivyan.com/zone?&pub=0&zone_id=7250650&is_mobile=false&domain=ofsnivyan.com&var=5369052&ymid=807857247102447660&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=7d1d153d-189f-4621-9dfb-11c929593093&action=prerequest IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=7250650&is_mobile=false&domain=ofsnivyan.com&var=5369052&ymid=807857247102447660&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=7d1d153d-189f-4621-9dfb-11c929593093&action=prerequest HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=5369052&var=807857247102447660
Cookie: OAID=frurlrnvd52f2q50joik3mu2uqonk78; syncedCookie=true; oaidts=1714171731
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:52 GMT
content-length: 0
x-trace-id: 24be73a4fc7bd44fbbbf55668e2e11e7
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BX%2FCGMPHGojVC5P22%2Fipmd%2FVnw2Su%2BUJ5FLL1k9u02sk3BkVAsiZGUT8ZvA5W8fgiwH1tV3lL32%2BSK99qWTTn3lu%2BHzBujyAelVXBREHkBBBQzizzy8lIKpSa2%2FnsRXt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f6d6e931c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ofsnivyan.com/
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 22:48:52 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashce839934dba86facabafb014928e5092 fb0f6bebcec0a795b1d5057ba79a2a55e5d2623e 6f523bcc080172115a4928f3eeecce6bb31148fb5caf6dcdd1ad73305912a34b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ofsnivyan.com/
Content-Type: application/json
Content-Length: 1805
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 22:48:52 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/favicon.ico | 188.114.96.1 | 204 No Content | 0 B |
URL GET HTTP/3ofsnivyan.com/favicon.ico IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660
Cookie: OAID=frurlrnvd52f2q50joik3mu2uqonk78; syncedCookie=true; oaidts=1714171731
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 26 Apr 2024 22:48:52 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Y7BTNCm1YeBenh4n%2B450bCxPq1epLe2hgEcMONJrnVfnH%2BgdhmVmRBtFjiW230OO0cUdhlIsO6ym%2FCcgCY2XwvinWXC2StS%2BFe9hQroQttd6G4tCPyGg9kfHJWhsbgO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa1f6e5f091c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/810.3c8446ab4166aeac.js | 188.114.96.1 | 200 OK | 8.3 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/810.3c8446ab4166aeac.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (2997), with no line terminators Hash61131b8a333b875509fbe8f240ff4d62 93b25ff9783f3321a0408cdf69f686f6c439dec0 b01211f54977d65f26a1cf9dd30c9c4e251ad34fc09cfb176259b40af4f0f83d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/810.3c8446ab4166aeac.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 15:01:44 GMT
vary: Accept-Encoding
etag: W/"662bc1d8-bb5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IU1cB4TH3C3HtBjii2osSWzYqR1QrqXLyd%2BtwqBuJEmp9lTTR1pFKgGdM3%2BcjB35EEaYnAtpDX%2FErGdXypGk97aAaFORokg3Zi8pPLbgVKpbEHEkMutluTqtXwB2uJaI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f6b0d5a1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/custom | 188.114.96.1 | 200 OK | 7.7 kB |
IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 357
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=5369052&var=807857247102447660
Cookie: OAID=frurlrnvd52f2q50joik3mu2uqonk78; syncedCookie=true; oaidts=1714171731
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: 1adf4686b4ec0a9604b515bdb89b2bc2
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ORStScO9dsGvi6auAHVgTdQ9tZyaTZIUUiDxrARifNxGF647dFg%2BZNdNllL6ImIUFYokh5tfQSPQ3OQfAiLlqOG9%2BQw2ZNaW378Wiq3XZq6%2BXT0ap5nHK0NuhwsILUs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f6d6e921c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/system-message/59?z=5369052&var=807857247102447660 | 188.114.96.1 | 301 Moved Permanently | 7.2 kB |
URL User Request GET HTTP/2ofsnivyan.com/system-message/59?z=5369052&var=807857247102447660 IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /system-message/59?z=5369052&var=807857247102447660 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: text/html
location: http://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BCvt8iQFjLFpwtO0pL%2B1JLVrzM4N7Fya%2BVQvNp%2BpxSQYi3NiE0F34cj7rU1Z%2B3y%2FUAQGgIY60Btnk8%2FKvCytZbbn4MwHI6P5lVK7ht4ZXFUk5erdu%2BfUiikSyw21HeWC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f677fef56c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/_next/static/chunks/2090-519478c186a3d867.js | 188.114.96.1 | 200 OK | 11 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/2090-519478c186a3d867.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (10752), with no line terminators Hash37545926cc9a6e537b9f3e95d7a16c1e c3cbfe1f9737817eda25770274e97feaf6b8cc68 d3ccc772608b2a03a543da22715903e2b6e2c14c42c2f475a0f483ac3cd64b37
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2090-519478c186a3d867.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 15:01:44 GMT
vary: Accept-Encoding
etag: W/"662bc1d8-2a00"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7jq6473KpH6qo4jiw7Rf4nPE5YasPKNYWsoK1BIseidkTADt4AcJyELWMSfrBjpaosLjyRBk20bo3xHzcpZ%2Be8QKBXImKn4bmphGCvSdiWquDR%2BRFKzKQmtXeTbLjt5P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f69fcb81c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/5057.48c7d5a8740ee05f.js | 188.114.96.1 | 200 OK | 3.3 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/5057.48c7d5a8740ee05f.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (3375), with no line terminators Hash8f79b9155b8b6921206c5c92026b7365 50ef9171a052e5428806431761fca7e75044c0dd 497fc3beb3a1f2e5af56019b4051a15204b9a1320622f4e4bc23342dbbfb71b3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5057.48c7d5a8740ee05f.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 15:01:44 GMT
vary: Accept-Encoding
etag: W/"662bc1d8-d0d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hzhaGtK2SKuwE%2F99J36ebvHyyS4%2BUWLxGNLece%2BVzGJkmlajqYSx2wPCc7J%2F%2FQCQ2TuLkbAZ4VvcQ%2BFwcrEvueDjApVvJDL0edTMSYikBoLzm1AzhpZywQBxTqQbIC%2BI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f6b0d5b1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/css/0bc0cde260d08b97.css | 188.114.96.1 | 200 OK | 1.8 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/css/0bc0cde260d08b97.css IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeASCII text, with very long lines (1843), with no line terminators Hash64b2b4fa42c7d558d735e2cd28ecf88a 03d6da6e55b1201b51689590520da495a9233d67 2fdb3ce9ccba8355040e5ba3dfb2283194acba81858943b5d88f70030dbb71ea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: text/css
last-modified: Fri, 26 Apr 2024 15:01:44 GMT
vary: Accept-Encoding
etag: W/"662bc1d8-733"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pgVvYuUKaIw3yQ52y8gPNU70KNiWw6Q7%2Faay8%2FOzXDNEo6fNEzY0zJ7yL%2FiaF7DYMeHJwxJbxSb9wD%2Fm6XNx42WPB1IEEtI2wwy4i%2FzwAtTe1O55cIOJqc2OJz2CT6xC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f69fcac1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/framework-8940d626f3bfb7e9.js | 188.114.96.1 | 200 OK | 26 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/framework-8940d626f3bfb7e9.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (25995), with no line terminators Hash33a34c525e2bee14a166fe1289835308 4afb650772181930d19dca9a41490beea5087932 bebac61ce044debeb2025b1fbf1c95f1b9a4bc97d0702676dea22b0bb689b555
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/framework-8940d626f3bfb7e9.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 15:01:44 GMT
vary: Accept-Encoding
etag: W/"662bc1d8-658b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iqzq0SvIZDisMLFpiUg7NhaXZYYMfqqwpEw%2Fq0EvCvBn3WCLS0cl9lYY01YV1ojeHKt4nHVi1D8w1uzcUuAIqNHfqMBN5RH2ZePzDoMNX6IQr6TrZnorTtazKUivBKxf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f69fcaf1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/yyvJhceIT5FgmkzmRVxaa/_ssgManifest.js | 188.114.96.1 | 200 OK | 182 B |
URL GET HTTP/3ofsnivyan.com/_next/static/yyvJhceIT5FgmkzmRVxaa/_ssgManifest.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeASCII text, with no line terminators Hashca6aa05f78eb6859347a61db067f16dc 444e70f53eb809f0920de921925d854baccdd251 11ca6f5cc9bc3b5e4021fe0fdad57091b6e8b54a5018672cf9d8b6a7e4f0e229
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/yyvJhceIT5FgmkzmRVxaa/_ssgManifest.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 15:01:44 GMT
vary: Accept-Encoding
etag: W/"662bc1d8-b6"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9zHKQE5vRR67fRI3g6aX0e%2FBCBj8c943MC0bf6JnUrZb7TfEnI7qeq%2FSDMf8K0Iop3isJrempZmLkdHKsgPdEjOl0vdxqIG2c6xrbwHdAMgtBZge%2BnBHfXhxdGZJIfIb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f6a0cbd1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/4482.769eda623019310d.js | 188.114.96.1 | 200 OK | 3.9 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/4482.769eda623019310d.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (4122), with no line terminators Hash5b7e3f831d3b979af4149e026e628a4a c44f8656dae3608287d5bbeea0e7c9c19a122d3b 31dcadbe6e1ada8f9a75cdd16dadb0c1500cc21ba1b98ea028ed41fa930a2b73
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4482.769eda623019310d.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=5369052&var=807857247102447660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 15:01:44 GMT
vary: Accept-Encoding
etag: W/"662bc1d8-f67"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x2perflK%2BYrDQvZr6JFhYHbVdeik7%2FyWxZO1obTptBPS%2F8T89LWbsDAyodZ7TFrfRBatSK6H9zOZOZy07jE1ni8p4SdbxK0AmAIv%2BMCyQLhnG8zTFj%2BB3U2W4FgpqVro"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f6b3d711c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/main-beb6af9e60a8e042.js | 188.114.96.1 | 200 OK | 109 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/main-beb6af9e60a8e042.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size109 kB (108887 bytes) Hash44ec1451f689d71d5f33a10d4aa44658 0f7e72050b7bf72366d9463a16038ae94e232f46 1708144463d376da261c16eab17b1d2fe5c49351847f43a46c6ae4b347fd9304
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/main-beb6af9e60a8e042.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 15:01:44 GMT
vary: Accept-Encoding
etag: W/"662bc1d8-1a957"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nnTfWcsX4RWkb4S9axJIQ9FklHySZTasmAh1uKjVpfE37pCJNEAPtHZ4%2FUl0mpXnSytEtEdVulqi8FM8qVd7fyhcY5JjWqP1TskFUxoZqeukSjXHRqTw2yXJeKbgSYl0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f69fcb01c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/pages/_app-7ac21b6c354dd447.js | 188.114.96.1 | 200 OK | 42 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/pages/_app-7ac21b6c354dd447.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (41515), with no line terminators Hash92ee35a274faa2df0c68f0def06a750e 8131ecf1752dbf3591bf213855896b2618f48734 47929dce053ec819a11270e42aaff07b95e02ee29513b8f5b73cf75f6cdeddd5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/_app-7ac21b6c354dd447.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 15:01:44 GMT
vary: Accept-Encoding
etag: W/"662bc1d8-a22b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vrb8uGJKfX0zVWTVwRHwBP2UZIYrBclCK9y6od%2BAWvaJugcDBgTbArQrHQnyVo5Z3zf3qzaM6k9YZsrj844YpchdyIB%2BmeUJknq2pWJ6r4HZJ3vQVm3cvNQMxruJYCLf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f69fcb21c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/1155-390a2532351c4f67.js | 188.114.96.1 | 200 OK | 67 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/1155-390a2532351c4f67.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash9a778713931c304364349ecd7dc3a396 93faed463ed0e811830c382b1867960c8157212f 3fd5a39c272d05a5d4465539ddaa5289ef4f8fd95c1955cffef76b17ad1b63e5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1155-390a2532351c4f67.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 15:01:44 GMT
vary: Accept-Encoding
etag: W/"662bc1d8-10749"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=alikIwAJFqQ10kXGV%2BNHqS0rB%2FJ0zN66albADK3ebZ%2BlXCTsYXapDUzdp4bJ4gH%2FaIWMtB4x43m4t69exiU4Y6uPWCFKx4KayhPHFdl8PDBHasyITp4hH3skdCm7Km3K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f69fcba1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/yyvJhceIT5FgmkzmRVxaa/_buildManifest.js | 188.114.96.1 | 200 OK | 1.6 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/yyvJhceIT5FgmkzmRVxaa/_buildManifest.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeASCII text, with very long lines (1697), with no line terminators Hash47223a50454909239f8efa7446bf919e f1b1a1fa3a4a3090e3362917e3447c9fe99b1bbd decf5ef874c904a71333d44168350d13d01f09a5273624b1de5ec6fe40e9df76
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/yyvJhceIT5FgmkzmRVxaa/_buildManifest.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 15:01:44 GMT
vary: Accept-Encoding
etag: W/"662bc1d8-645"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qxt1rK6DJF9UeDInZ4yLTDKvlI6SaHo%2B3Js9lL6suh0u3y5O2Dcs%2Bel%2BpfZ6NThhc3vnuj6M4qi7m5qF4NLlsFSBcVNTJ1I%2BPyqwxkeHC%2FPXDkACHr%2FpBygY4yWJWWtA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f6a0cbc1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=5369052&ymid=807857247102447660&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=frurlrnvd52f2q50joik3mu2uqonk78&os_version=&btz=UTC&bto=0&z=7250650&cdn=1&domain=ofsnivyan.com&ab2=&ab2_ttl=5184000 | 188.114.96.1 | 200 OK | 37 kB |
URL GET HTTP/3ofsnivyan.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=5369052&ymid=807857247102447660&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=frurlrnvd52f2q50joik3mu2uqonk78&os_version=&btz=UTC&bto=0&z=7250650&cdn=1&domain=ofsnivyan.com&ab2=&ab2_ttl=5184000 IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (37142), with no line terminators Hash32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=5369052&ymid=807857247102447660&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=frurlrnvd52f2q50joik3mu2uqonk78&os_version=&btz=UTC&bto=0&z=7250650&cdn=1&domain=ofsnivyan.com&ab2=&ab2_ttl=5184000 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=5369052&var=807857247102447660
Cookie: OAID=frurlrnvd52f2q50joik3mu2uqonk78; syncedCookie=true; oaidts=1714171731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:52 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:49:22 GMT
vary: Accept-Encoding
etag: W/"662a3532-9116"
access-control-allow-credentials: true
cache-control: max-age=14400
pragma: no-cache
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v4RrxMvPpr0dzYKYXhytq25TRg3dJahwpH%2FKQJ%2F59Hl5Lq1dhK5ovdhlPt87JR1GWK2OhL6lXoaJ7dL5jH6Oz5frr0YCg%2FwTxneNE6LzCdbs0Qf3fsgCLc6cimQUavA%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f6cae301c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/5356.cd117ab77e87aa94.js | 188.114.96.1 | 200 OK | 1.3 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/5356.cd117ab77e87aa94.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (1340), with no line terminators Hash928a78a6ff2acfdfc2b133e09c23a898 80992f60be4eeaa5e9ee31c4912fc8fd15806007 af03ac8ae373bd61c0ac2106d2837e74bf0f3c2d02682c018909684f3e6af5bf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5356.cd117ab77e87aa94.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 15:01:44 GMT
vary: Accept-Encoding
etag: W/"662bc1d8-512"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q1sMfcD9hpny510j8p286pyHkyybSi96LGU0naeBaMTNhhoxBgnv3N4m2gVOeLEaAvLIEL7g%2FQavVC1TPIT8j6r8TIleyzrvfH16em9hyXxhK%2BByANCGh5RJ9KxvVmp4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f6b1d641c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/7903-dd238946c7924507.js | 188.114.96.1 | 200 OK | 32 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/7903-dd238946c7924507.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (31896), with no line terminators Hashb5dd343db67bd22544d11da18268f5c3 069b5b221dd75af58d93192460778b3d07835e74 6347f1d4083f7a0a2ac3d8b12aae8832d9ea6914aa6e137d16a4d41869d14ea5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/7903-dd238946c7924507.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 15:01:44 GMT
vary: Accept-Encoding
etag: W/"662bc1d8-7c98"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aOjrxVE0djA8hEgq%2Flkuxqp2hUEa9KgB6mXNxp4suO30Pm44aGz0IRK%2BqOaJ3eZ%2BpZ%2BdGJgSpyKoGoXKudp%2FH8EFcUJzUEoTdmoy5A9oMwAL7himYGK%2B9p6YVqf5qdQY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f69fcb51c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js | 188.114.96.1 | 200 OK | 662 B |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (666), with no line terminators Hash49f9c13e383477050c867416e60b3222 eeb57b5af30601d21511ff1eb94001b86d0c6465 1430b1cd7eaade1b7ba5b3a245f9221c0f6067efd03fc812821d0762b5d10ad4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 15:01:44 GMT
vary: Accept-Encoding
etag: W/"662bc1d8-296"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j3IuiNrKTfJrV4kGbt8N536pDmTHk%2BzzSSPUfSaW4f35hX%2FloXbYAI8UJeQzpg51f9oPIYqJaKwsxnF%2BvtYwnbq%2BxNhQJLtXfPvXZC9GzMiuvFshtOhuIQiA4V%2FQ%2F6mH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f69fcbb1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/track?dry=false&request_var=807857247102447660&oaid=frurlrnvd52f2q50joik3mu2uqonk78&os_version=&var=5369052&var_3=&var_4=&variable2=&ymid=807857247102447660&z=5369052 | 188.114.96.1 | 200 OK | 182 B |
URL GET HTTP/3ofsnivyan.com/track?dry=false&request_var=807857247102447660&oaid=frurlrnvd52f2q50joik3mu2uqonk78&os_version=&var=5369052&var_3=&var_4=&variable2=&ymid=807857247102447660&z=5369052 IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashe6246b04b7d99b675f7086e756e1f242 9f3b5f5cb9b34830dc20448a0acc83bcce5d2727 5ecadcf1c19edd16643f48e47f530b024c97a5653f98a47e14c61d5270dd7881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track?dry=false&request_var=807857247102447660&oaid=frurlrnvd52f2q50joik3mu2uqonk78&os_version=&var=5369052&var_3=&var_4=&variable2=&ymid=807857247102447660&z=5369052 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ofsnivyan.com/system-message/59?z=5369052&var=807857247102447660
DNT: 1
Connection: keep-alive
Cookie: OAID=frurlrnvd52f2q50joik3mu2uqonk78; syncedCookie=true; oaidts=1714171731
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: application/json
vary: Accept-Encoding
x-trace-id: 08bbe44e4abdddd138d588a9544765c5
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WGYQo1Gql7xKQ7E0n57iv%2BVsNgf1po%2B5KO3QOVWEIuzta%2BiMZQ9k6PXUlNz8u54GEo83NtbbU8mN8U%2BoTEhCahOTfKSrXe39jGusn%2FW3HnaPKuO1PXqLTRInQdNt3JaB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f6c8e211c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 | 188.114.96.1 | 200 OK | 7.2 kB |
URL User Request GET HTTP/3ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeHTML document, ASCII text, with very long lines (7692), with no line terminators Hashf9d4a8cd7bc934241b90c64be9c76fbb 7625f16b564e7620180c863c8c8c2e36e841c458 9e026724d181cf0c4cac1cc19f5137b97e5a5e85a6e3a950ba6a3bb19ba641f5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /system-message/59/?z=5369052&var=807857247102447660 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: text/html
last-modified: Fri, 26 Apr 2024 15:01:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A7FeTkX6zSEBq6DW6C83eYtZzMHRPSgXIy8uQ8vfzHW1%2BGJdIoMKu%2Bhamcm0j%2BsmOGE6K8Gi9cMgdzzG3hYwZFU7uHdgdQD5dqKS7gZxVl0dQvcDywfgzerB6fOqi1Iy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f681b651c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/7708.01663eb1e4df2e86.js | 188.114.96.1 | 200 OK | 18 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/7708.01663eb1e4df2e86.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (17692), with no line terminators Hash3138f2eba0a799926d728dcb1d6f871e 068668babcdf9c94a58b6540d796da24d4307fcb 60f058a3b198576ecf2287570a18830669d330631dcd45d69c35f6477e660f3d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/7708.01663eb1e4df2e86.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 15:01:44 GMT
vary: Accept-Encoding
etag: W/"662bc1d8-451c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PL2%2FVi6KCIhP%2B4xHxhe5gewOqQIle1mOsHyWopjqRclFsDR%2BquiQ36NsK0FFQj4IQ6EKOcMILBUU2mHB7YI%2By8HlIFP5923iGk9RwtDWk2JmhtrS4yQA1LyOgWiy0eLY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f69fcad1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/webpack-e25f2040ecff6324.js | 188.114.96.1 | 200 OK | 6.3 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/webpack-e25f2040ecff6324.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (6511), with no line terminators Hashb4333a87397e4ec15bf43de57e7a8018 fa3ed61c3a2ea8307e9dbaeb0a002145fe311016 b326aa4eb8160acae34a34daf6de9c39eafaea8657b6e27398500c2fc73090be
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/webpack-e25f2040ecff6324.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 15:01:44 GMT
vary: Accept-Encoding
etag: W/"662bc1d8-1879"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 4212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ij9ukHdjNUN3xuZE2%2BKSxjbe3kGIuF7Q924Yx4qYRJoGC2%2B%2FYkSt20KRkybd3VBzYnL37LOvawv7JGRJeOnO9FS9FednBdkxEulFqWsC%2BKnQma5M1th1z0823cigkST%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f69fcae1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/3091.8141ef861c4fae96.js | 188.114.96.1 | 200 OK | 2.4 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/3091.8141ef861c4fae96.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (2431), with no line terminators Hashaff0a51ad60c666bf1f7f27ddff14217 9677799390dc5667eeda431957d59b25d6a40946 f495db20d41fe12519423d9776481cd5c3f1dabc346ea304b8a7201b032d4e87
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3091.8141ef861c4fae96.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:51 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 15:01:44 GMT
vary: Accept-Encoding
etag: W/"662bc1d8-951"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zf4%2F8GKS6t3xebej4EJ6joiGiboS86fkoY8z%2BLBATx2w9iAg8XokDif0LCg7j0%2F%2B3D55Eyd85Sj41N7N6WOd9%2F%2BXBRLi0Lh71gJ8tdq%2F6pV87wUJlLGmZ4sjYvTxhASQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f6b0d5f1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/sw/universal.js?var=5369052&ymid=807857247102447660&ab2_ttl=5184000&zoneId=7250650 | 188.114.96.1 | 200 OK | 1.5 kB |
URL GET HTTP/3ofsnivyan.com/sw/universal.js?var=5369052&ymid=807857247102447660&ab2_ttl=5184000&zoneId=7250650 IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=807857247102447660 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeASCII text, with very long lines (1540), with no line terminators Hash5edd43e1c6126829925eb36cdbaf7af3 e1baae48011f9077aa37e6ab31d4604d41aec303 38945b2621b28329b93e77cc757db7e8def95dd4f4ba1c13862018da2df83411
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw/universal.js?var=5369052&ymid=807857247102447660&ab2_ttl=5184000&zoneId=7250650 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=5369052&var=807857247102447660
Cookie: OAID=frurlrnvd52f2q50joik3mu2uqonk78; syncedCookie=true; oaidts=1714171731
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:48:52 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 15:01:44 GMT
vary: Accept-Encoding
etag: W/"662bc1d8-5b2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k6%2FLikJ%2BX7DKpuwRy67RhI%2FryMNFL32X2hgOpxsR8xlLo3zQJOB7ReKxiq0fSoJSyoxCEjnL%2BcogO0bdBqhV7Oz7COamtGa6490aAPZzydHu16Vlnf7uz2vmqTPW7tmc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa1f6d6e8f1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|