| ofsnivyan.com/_next/static/chunks/810.a0608c12f2123e1d.js | 104.21.90.194 | 200 OK | 2.0 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/810.a0608c12f2123e1d.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typegzip compressed data, from Unix Hash61acb2889d255231674ce4f5937d1eee e5a81ed1925bb039bbb1350486bfefb987e417ac d4171e4601dc5b0269bd9159a56ea5785466a1fd465271862894aac1451a9b87
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/810.a0608c12f2123e1d.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:05 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: W/"663cf76e-bb4"
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U4RXpNPmN6moj58F223RzXPLzFfW019%2FJpKuhl0B%2BPvCQOYbrmxuFMGBU97AklqOero%2F%2B6eQ8Lx0pyIbynqKufHo71h1fOasDolbbpDbIMIeic3xLfz8x%2Frmzxdr%2BuYa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881840241842b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/4016.ae434573a39b468c.js | 104.21.90.194 | 200 OK | 16 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/4016.ae434573a39b468c.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (17719), with no line terminators Hash36a850019a2198c793d792caf8b0652a 462ed59d5f7a5af1fb02c89e99ffca7d7af03709 ca05680aaa8cb4a03853619897eb03943ca2cceff1a552474c62302afc100976
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4016.ae434573a39b468c.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:05 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: W/"663cf76e-4537"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PbrJ7EVfZ80CX0E4wWgSailpqkyLBlRTDJaoKNATtpsQuPQi3CUDhSA8T6ejAe3kWvVMZkiybUyNAOJfHNR36IlwxkgOQDsCwDJAXgnSgEaYAYB8uP8z2Dt0pZzOlfkA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881840230e9eb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/5057.7ec3a668fa27cd9c.js | 104.21.90.194 | 200 OK | 1.5 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/5057.7ec3a668fa27cd9c.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (3340), with no line terminators Hash62cc5f4477926fbc35a59f52062beda3 bb1a9878bdf7cb712febe660a71b9f14bbaa6506 078f52a425dbda5b56c9994c6d6735a0d03ef6335cff7fc616ed87865d40eefd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5057.7ec3a668fa27cd9c.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:05 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: W/"663cf76e-d0c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 4718
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ql5tW%2FYpnM3ed%2Bi3%2Fhlw1s5uGyRylwvgmLEZreszUhel07roaScCxSCjXEify%2FIDsp2sH0aryrlsoHmbEvWaVoiY4TGvMDoTbEaon1bdEQOjPEGgdeIGxj188Qhe8rwi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881840242852b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/2734.6269ca0cf725ea17.js | 104.21.90.194 | 200 OK | 1.7 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/2734.6269ca0cf725ea17.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (4147), with no line terminators Hash48072be51722d2894982d56f13a52372 c1fbbdcb8b12079d61205284dec041f93390f47b b0ab49765bb74cdb8c46c171f3adad413e1934203046a3ca23d4872c892894d5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2734.6269ca0cf725ea17.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:05 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: W/"663cf76e-1033"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 4718
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H80RPzAprHUo3COBHMHhWlLCTI9diNhXITjk%2FKFIeQeV2pY0YWBsd56HDebpU2jBRlOvwESCdOjYgjER2FhXc%2F5SmOttbfD3QR%2FM4KIUuAqIyynuCPi0qhcbq63MOtHe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184024183fb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ofsnivyan.com/
Content-Type: application/json
Content-Length: 290
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 07:35:05 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 9254db08e99735bde9fd2c11b73dc2a9
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/favicon.ico | 104.21.90.194 | 204 No Content | 0 B |
URL GET HTTP/3ofsnivyan.com/favicon.ico IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 10 May 2024 07:35:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 5914
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FAqzri3XLCq%2F4zbxl2OES6NzbXR3Ir%2BL%2Fj3RW7WtOswjYtSRcnffF8v%2F4HZNRqltg8i0FvfNN02cNQl66Uqz%2BSjHzoaSSoK%2BIeR%2F0UQlov6UtLX2NTQGKe%2Bc8g2133l2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184025aabbb4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=dff763ec-e6ee-4d03-a477-93fe6a7d5bbb | 139.45.195.253 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=dff763ec-e6ee-4d03-a477-93fe6a7d5bbb IP139.45.195.253:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=dff763ec-e6ee-4d03-a477-93fe6a7d5bbb HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1388
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 10 May 2024 07:35:06 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://ofsnivyan.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| ofsnivyan.com/zone?&pub=0&zone_id=7250650&is_mobile=false&domain=ofsnivyan.com&var=5369052&ymid=812700673572606459&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=5c56f4b8-fe47-4435-abf3-b5e3a05674e9&action=prerequest | 104.21.90.194 | 200 OK | 0 B |
URL POST HTTP/3ofsnivyan.com/zone?&pub=0&zone_id=7250650&is_mobile=false&domain=ofsnivyan.com&var=5369052&ymid=812700673572606459&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=5c56f4b8-fe47-4435-abf3-b5e3a05674e9&action=prerequest IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=7250650&is_mobile=false&domain=ofsnivyan.com&var=5369052&ymid=812700673572606459&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=5c56f4b8-fe47-4435-abf3-b5e3a05674e9&action=prerequest HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=5369052&var=812700673572606459
Cookie: OAID=dsw38u77q38c1cvgkc3fjo8gut71muyq; syncedCookie=true; oaidts=1715326505
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:06 GMT
content-length: 0
x-trace-id: 1b6151776d1228c1ed2c04f4e6157f44
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5F7np9RUPgX0YtP9x6FEtTjfzjgxu3eEe6jy0qfO%2FnZ4TO7UsOxa9z6IFhk3xiMrqsDQm2VE%2F1WW4KDFZOMIyIGw83shetAQZtnTmv3MSCNthDmOB16Tq%2FNpw51cJqve"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184026fcd1b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/track?dry=false&request_var=812700673572606459&oaid=dsw38u77q38c1cvgkc3fjo8gut71muyq&os_version=&var=5369052&var_3=&var_4=&variable2=&ymid=812700673572606459&z=5369052 | 104.21.90.194 | 200 OK | 498 B |
URL GET HTTP/3ofsnivyan.com/track?dry=false&request_var=812700673572606459&oaid=dsw38u77q38c1cvgkc3fjo8gut71muyq&os_version=&var=5369052&var_3=&var_4=&variable2=&ymid=812700673572606459&z=5369052 IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
Hash518fbbd5a95951cd6212498955368d69 f6b781a48dee7d09f5b29745c4ced1397642bbe1 f8c19e1cf3423fb386d154c3effb94bc2774d81de6af91588f731e2ce2b6a4f8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track?dry=false&request_var=812700673572606459&oaid=dsw38u77q38c1cvgkc3fjo8gut71muyq&os_version=&var=5369052&var_3=&var_4=&variable2=&ymid=812700673572606459&z=5369052 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ofsnivyan.com/system-message/59?z=5369052&var=812700673572606459
DNT: 1
Connection: keep-alive
Cookie: OAID=dsw38u77q38c1cvgkc3fjo8gut71muyq; syncedCookie=true; oaidts=1715326505
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:05 GMT
content-type: application/json
vary: Accept-Encoding
x-trace-id: 54176f81a3d3405dff3cee588a3c604e
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1hjBc%2Fwr0vQTvu8Bqyjy5T9UJyK7v9dPXmGTHLmazJKp9zNc38LF6khWr7qaMe17uiH231VrEolpWnbMYBSCTV2XLdtyOmmbOAUpHJC7GMoahKNeRweyDu1lw6l4q1oT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184025fb39b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/custom | 104.21.90.194 | 200 OK | 136 B |
IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 356
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=5369052&var=812700673572606459
Cookie: OAID=dsw38u77q38c1cvgkc3fjo8gut71muyq; syncedCookie=true; oaidts=1715326505
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:06 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: c4886450c03f6c1dfcc685ed06c30ded
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uc1XxtKJvbvApAHQgaJgrrGIP%2FoM6YVBJ%2Fh67P1N46cKsTD28%2FwdodUnIujdAH5qnXvoD%2FjG3LQ3afFspec9MdulKfpwxlBU1PSGO6D2K8R9hX0dasFgOxtZ7qepewD5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184026fcd7b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/g2g7SIlJPWzfKopgAep8x/_ssgManifest.js | 104.21.90.194 | 200 OK | 607 B |
URL GET HTTP/3ofsnivyan.com/_next/static/g2g7SIlJPWzfKopgAep8x/_ssgManifest.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeASCII text, with no line terminators Hashd78f02cd11637a888af548f5e270c3af 9c90b573305ec9d6d2e7e74837c641a863d991b4 2357fd3fc3972384c0c7a714da244191da43a7bf5d91fd865a30d2deb0b6b517
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/g2g7SIlJPWzfKopgAep8x/_ssgManifest.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:05 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: W/"663cf76e-b6"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 4719
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S1YrO7HlfjqxwamugfwkVkBcUZ4ELDJvTa4u1TasQ0Yb5g6dksDmBHpbs%2BKyaKI4f6W0tdRscIfvr7LwXwltE68p%2BqKLDIH%2F4bZ%2B72vAATJsMtd2SVwfB9vShNIqQ9Rr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881840232ee6b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=5369052&ymid=812700673572606459&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=dsw38u77q38c1cvgkc3fjo8gut71muyq&os_version=&btz=UTC&bto=0&z=7250650&cdn=1&domain=ofsnivyan.com&ab2=&ab2_ttl=5184000 | 104.21.90.194 | 200 OK | 21 kB |
URL GET HTTP/3ofsnivyan.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=5369052&ymid=812700673572606459&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=dsw38u77q38c1cvgkc3fjo8gut71muyq&os_version=&btz=UTC&bto=0&z=7250650&cdn=1&domain=ofsnivyan.com&ab2=&ab2_ttl=5184000 IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (37142), with no line terminators Hash32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=5369052&ymid=812700673572606459&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=dsw38u77q38c1cvgkc3fjo8gut71muyq&os_version=&btz=UTC&bto=0&z=7250650&cdn=1&domain=ofsnivyan.com&ab2=&ab2_ttl=5184000 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=5369052&var=812700673572606459
Cookie: OAID=dsw38u77q38c1cvgkc3fjo8gut71muyq; syncedCookie=true; oaidts=1715326505
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:49:22 GMT
vary: Accept-Encoding
etag: W/"662a3532-9116"
access-control-allow-credentials: true
cache-control: max-age=14400
pragma: no-cache
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3MgyolF5oWMDfZC88%2BQCno3kbsuVKygzpMO0tXt53hWwBEgsQ2H11AmTOAKdNdnYzSe1TsnMID1ylYSwIUZkAP7Iiu6u06dbWlnloHGrnve3zQzcZvA%2FsO9XpvjjIwxS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881840260b66b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/custom | 104.21.90.194 | 200 OK | 10 kB |
IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 357
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=5369052&var=812700673572606459
Cookie: OAID=dsw38u77q38c1cvgkc3fjo8gut71muyq; syncedCookie=true; oaidts=1715326505
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:06 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: 148993f6e3047edef403ab69318789a3
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oOBZ5%2BuSGGp8MOR10pe9pYT%2BWgmvuUaSTjJad8OrDziFUPBuTxxSVNYfrR6oGQoUgwZafOXNhVmHPVNX3SRFDzWtQLmN%2B2DtCeBl05ZzViE1QjyWLZl9fiig6L9KsKv3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184026eccdb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/3091.8141ef861c4fae96.js | 104.21.90.194 | 200 OK | 2.4 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/3091.8141ef861c4fae96.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (2431), with no line terminators Hashaff0a51ad60c666bf1f7f27ddff14217 9677799390dc5667eeda431957d59b25d6a40946 f495db20d41fe12519423d9776481cd5c3f1dabc346ea304b8a7201b032d4e87
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3091.8141ef861c4fae96.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:05 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: W/"663cf76e-951"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 4718
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y6ceAtKbUKTkOWGCkfPFk7TM007RXlCabniFRFwnPUqSu2mpsQ4R6QrDgE%2BaF6xuS6WKK2k880SJ%2F7CWxaLVXdxscCQoCDpOnXPP9dRYKneV0AlbNmgTH7afBaReNo9B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881840242856b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdntechone.com/stattag.js | 188.114.96.1 | 200 OK | 19 kB |
URL GET HTTP/2cdntechone.com/stattag.js IP188.114.96.1:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectcdntechone.com Fingerprint3D:20:D4:11:5D:06:B3:63:9C:08:BF:D9:D9:16:22:D5:DC:3B:9A:CB ValidityMon, 22 Apr 2024 03:33:58 GMT - Sun, 21 Jul 2024 03:33:57 GMT
File typeJavaScript source, ASCII text, with very long lines (18452) Hashbec2755dff94190fec0365b0db53807b f98c36e7e9e06325d03fe39c3b98879062fc2704 ccb15ff22ece6946136f1501ab3ae74155399187c8e85beb10399d56bb8e149a
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:35:05 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:04 GMT
etag: W/"65c37cb8-4a9e"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3515
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9dRnaoKuLgX%2BRk4Eu6Vyy4GZ5vO4p%2B6XyQj9V9%2F8zFK9qetycQ3oiDJ76PKbrGReO1BW%2FhU79mQahCIWMrkTboB2R3I5RajoT%2BeITq%2FMy1wDuu8MmvsKQTFDSrJKRrZ8uA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184024ce0b56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/_next/static/chunks/5356.cd117ab77e87aa94.js | 104.21.90.194 | 200 OK | 1.3 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/5356.cd117ab77e87aa94.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (1340), with no line terminators Hash928a78a6ff2acfdfc2b133e09c23a898 80992f60be4eeaa5e9ee31c4912fc8fd15806007 af03ac8ae373bd61c0ac2106d2837e74bf0f3c2d02682c018909684f3e6af5bf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5356.cd117ab77e87aa94.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:05 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: W/"663cf76e-512"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HQ5wCRO9M1mO8MkRBuZ6C%2BY5eFdjuXcI7sB%2BMAlvsMjl04sFTotrHhHdjm3WdOL5tNUahBf72RiahcQLqJaVYE6lQ8llAAFmcMbqmNbv7XcturC%2BHm9Mx0V5G6aRjBJc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881840243865b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/sw/universal.js?var=5369052&ymid=812700673572606459&ab2_ttl=5184000&zoneId=7250650 | 104.21.90.194 | 200 OK | 1.5 kB |
URL GET HTTP/3ofsnivyan.com/sw/universal.js?var=5369052&ymid=812700673572606459&ab2_ttl=5184000&zoneId=7250650 IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeASCII text, with very long lines (1540), with no line terminators Hash5edd43e1c6126829925eb36cdbaf7af3 e1baae48011f9077aa37e6ab31d4604d41aec303 38945b2621b28329b93e77cc757db7e8def95dd4f4ba1c13862018da2df83411
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw/universal.js?var=5369052&ymid=812700673572606459&ab2_ttl=5184000&zoneId=7250650 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=5369052&var=812700673572606459
Cookie: OAID=dsw38u77q38c1cvgkc3fjo8gut71muyq; syncedCookie=true; oaidts=1715326505
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:06 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: W/"663cf76e-5b2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 5044
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GOoGCBVwx4lPqURu%2BhFxQbGAyYowp%2F1PjWk8yrIq91Ixz1eAmoiOwA4z3RpWq9xdYG2mwo%2BWM10Cax5zc2xAoOcI1PFHolAZWU6VmMAv330FjQUZEjXCAENmg8RSgoKR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184026ecbdb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/2090-519478c186a3d867.js | 104.21.90.194 | 200 OK | 11 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/2090-519478c186a3d867.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (10752), with no line terminators Hash37545926cc9a6e537b9f3e95d7a16c1e c3cbfe1f9737817eda25770274e97feaf6b8cc68 d3ccc772608b2a03a543da22715903e2b6e2c14c42c2f475a0f483ac3cd64b37
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2090-519478c186a3d867.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:05 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: W/"663cf76e-2a00"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 4720
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BCjTHFFeNnDgzYTTtx8GU%2FBipnF3l0kRkBn6Y3ZahxtF4ZZK2hfFOB8s2BwJlnq5L%2FYWxm2AbzZl%2BsCfunAt8qxB6diPZK4tj48z08EUg%2FJmXEJbndCGeEdYd2g5j2SX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881840232ec9b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/585.334272b77caf2262.js | 104.21.90.194 | 200 OK | 3.9 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/585.334272b77caf2262.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (4120), with no line terminators Hash53b7aef78286c4dd02279461e8d43db4 070bec45dad4bfd1a9bd554ddc60956e0d44b9fb 5d0f3b3a245fad1386f3353ea619b1f6388ebea3826eab024e4f7ed9fa598cfc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/585.334272b77caf2262.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59?z=5369052&var=812700673572606459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:05 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: W/"663cf76e-f65"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ykxy4mHcRzeM%2BBLg65rJhD17Yew5%2BViTruCvQbWBsDl5yg1ShDM5A0weJa9FcikvTjn%2F4L6PZDnN2FDqMy2hR%2BXog4CkKhcDZcQQtTv7aBRuACX6%2FsQjTw4zqKX02qe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881840245895b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 | 104.21.90.194 | 200 OK | 7.1 kB |
URL User Request GET HTTP/2ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 IP104.21.90.194:443
CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeHTML document, ASCII text, with very long lines (7653), with no line terminators Hashf3b61b2c930c8164bc11f682ce008ec8 63fe5a73051b2be5253e1fb802dba2ffb26d37f8 f6b9a18a9dd77a70c2fe645112f1c07d4ba50404993d609963a4aadc93c53746
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /system-message/59/?z=5369052&var=812700673572606459 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:35:05 GMT
content-type: text/html
last-modified: Thu, 09 May 2024 16:18:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TjO9TI5a%2BPgTEdeGshlpEz%2Bf8cHifryE8Kr7H2ehWTtnvwcNcWxyFLCSapkDJeW6Z46gcGgM%2Bs%2FwFsgzo6eFi54TbZiBeTbI8J%2BbG3BQB1nPy%2BzQgCAj4xFqar%2FHXFkV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184020d8e556c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/_next/static/chunks/framework-8940d626f3bfb7e9.js | 104.21.90.194 | 200 OK | 26 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/framework-8940d626f3bfb7e9.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (25995), with no line terminators Hash33a34c525e2bee14a166fe1289835308 4afb650772181930d19dca9a41490beea5087932 bebac61ce044debeb2025b1fbf1c95f1b9a4bc97d0702676dea22b0bb689b555
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/framework-8940d626f3bfb7e9.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:05 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: W/"663cf76e-658b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 4720
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1pCaymTWOgRPSfdpBQWhTB6%2FvJUrt1b%2F%2BEp6%2B5FjfUqZ1b9%2F4o3Sd4APLoedVeYoTBCC9MvDNjORCVWStTNXAY%2BBbQJ%2B8DVJ9RUciA4i%2BOCNYiU8GRROV6vn1UGYtgQX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881840231ea6b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/4335-5557379f7c2b30ed.js | 104.21.90.194 | 200 OK | 70 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/4335-5557379f7c2b30ed.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash54aa0993bb34a71e492eaed38efc7c8b 3185f861694705ed9c05e8dc4fc7732f94e87f59 83dc6ca07cdda08afdbfe76f6b6433626031e2f86091c0a250c0985a44ca9674
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4335-5557379f7c2b30ed.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:05 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: W/"663cf76e-110e6"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 4720
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BYLACXQr7UVk1SZiiq6z6Kjcp8SO%2B7C4F6wM2Muks%2F6xouIHGrc1gZBPg1cHWFrGDyw%2BAKgNe%2FiXmEwf1JYhZ7%2B8WaMk2yLoY4urXEYyVldmIaxak7%2FCRQlqEZ%2FpjVuS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881840232ecfb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-77d5ed7065d28538.js | 104.21.90.194 | 200 OK | 912 B |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-77d5ed7065d28538.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (920), with no line terminators Hash12f940033f2f01b95b36673be81dc04d b681fdfb79066c0ca08de689f6426c7cfc023e45 cf53e13d24cf17bc1580086ffa76fa823ab12c11bb4a071a146c853929708386
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-77d5ed7065d28538.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:05 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: W/"663cf76e-390"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 4720
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G2Q4gS5ZggnXfawjkhbStfwcYDO%2F5wBWYwIP7Ltp6NuhAOZGU%2BA6EwGM%2FxJ1OEzSwd0K%2B2VK%2Bw8Rn8Xcz5eB96iBRgTCEftxE9s63S%2Fp%2Bo28%2B0sVx6vX2d1%2BYXdgGYmE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881840232ed3b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/g2g7SIlJPWzfKopgAep8x/_buildManifest.js | 104.21.90.194 | 200 OK | 1.6 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/g2g7SIlJPWzfKopgAep8x/_buildManifest.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeASCII text, with very long lines (1697), with no line terminators Hash0b15ca730ea863b907b94b1b72491be6 885534f8a1acee1f5ade1d8df31e9713d00d51b5 526d2932142b78f7359cfb11fe5e78e0ad8c1b13affaf94387d2503685907187
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/g2g7SIlJPWzfKopgAep8x/_buildManifest.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:05 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: W/"663cf76e-645"
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 4720
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e2KelLhFWV7o9qzOPRNDVadkPBn%2FWNHdtzMWTbrddG%2BbbRvEXokTrg6buQXdiO8GxNuoIgiyZN59tHxHibDS4CgPzGf8so%2FfhwuxBdOWs0UjbyN%2Fmc0ABUh%2FsboXhTEn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881840232ed7b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/gid.js?userId=dsw38u77q38c1cvgkc3fjo8gut71muyq | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=dsw38u77q38c1cvgkc3fjo8gut71muyq IP139.45.195.8:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashdb7904c7a903c704da1e5a09b59beb32 96f5c9b4409ef8e543df0106e830f7b3b68a6b8e 9ea160efe10e03af7889120e36831a9b5da522359c864944410797f875d34d8c
GET /gid.js?userId=dsw38u77q38c1cvgkc3fjo8gut71muyq HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ofsnivyan.com/
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 07:35:05 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=dsw38u77q38c1cvgkc3fjo8gut71muyq; expires=Sat, 10 May 2025 07:35:05 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/_next/static/css/0bc0cde260d08b97.css | 104.21.90.194 | 200 OK | 1.8 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/css/0bc0cde260d08b97.css IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeASCII text, with very long lines (1843), with no line terminators Hash64b2b4fa42c7d558d735e2cd28ecf88a 03d6da6e55b1201b51689590520da495a9233d67 2fdb3ce9ccba8355040e5ba3dfb2283194acba81858943b5d88f70030dbb71ea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:05 GMT
content-type: text/css
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: W/"663cf76e-733"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 5915
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sMTw3v1yW76MqzAt2wD%2Fzkc9EPUXWXKC5WfeZ3c0MwUpftCPDowoxWVmbjasp0lb1k6Mi29pWt34bZGzDRU3m1MPiWLzVXJDlE7PJC6N5pxYZkH45Rr6iT%2BmJyBcwJqi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881840230e93b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/webpack-c6481c346939b033.js | 104.21.90.194 | 200 OK | 6.3 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/webpack-c6481c346939b033.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (6509), with no line terminators Hashf714130aecf9816f7c6d55e289768782 605dcaf4dade278011068cd0a1b270223efef3b9 e493d4da813cda17e1429330d2aaf9f0e6a4005a41e8ebd736023d9d4af4d33e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/webpack-c6481c346939b033.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:05 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: W/"663cf76e-1877"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 4720
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QSTi%2FagN5399MboScszHUZSgJyUtpbXNDEhzu7DZ2ILxo6cxHFNGh6TdnQsLRR1RyVhc5Mg2dQg2oAbhVa79htBK7maLSYyJu3t67JnpY83aEez3rSDx3GJ3Vf%2B7UnSp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881840231ea3b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/main-beb6af9e60a8e042.js | 104.21.90.194 | 200 OK | 109 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/main-beb6af9e60a8e042.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size109 kB (108887 bytes) Hash44ec1451f689d71d5f33a10d4aa44658 0f7e72050b7bf72366d9463a16038ae94e232f46 1708144463d376da261c16eab17b1d2fe5c49351847f43a46c6ae4b347fd9304
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/main-beb6af9e60a8e042.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:05 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: W/"663cf76e-1a957"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 5915
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oV5hjDcXqUCASXZuedSLrnTBxY%2FBJzL0SIsasB6mm%2BVqvt7cxnp3YgjwnaHn6sQ6fadhrky%2BwNXkiRlxUVh3RAALsn0AErQesDYDjDSTKEYVeDxS2SIbWZWquC54siCl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881840231eabb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ofsnivyan.com/_next/static/chunks/pages/_app-1a7794b4b3bf3b57.js | 104.21.90.194 | 200 OK | 42 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/pages/_app-1a7794b4b3bf3b57.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (42111), with no line terminators Hash5b7462752cec4dd35b1bf18f7df811cc aec8d61860c8c78eb2f2c5621b662d49f47a3ef3 55c73aad539702281fea154e0906ba4d0958c68de10d413c196c68eb63c39da5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/_app-1a7794b4b3bf3b57.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:05 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: W/"663cf76e-a47f"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 4720
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ba0HH9GHDLq6QxTJ0GcKiFhZ1hCeMLD8GYqoSyNgwhEk2x9OkQwF41K1XiGfOGTII6RFdaJLwStYQ8hUfuLVFlwRxz00JbqCHAtxhAFEAoVipsO1HQCBgckmUoti76zR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881840231eb6b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ofsnivyan.com/
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 07:35:06 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/system-message/59?z=5369052&var=812700673572606459 | 104.21.90.194 | 301 Moved Permanently | 7.1 kB |
URL User Request GET HTTP/2ofsnivyan.com/system-message/59?z=5369052&var=812700673572606459 IP104.21.90.194:443
CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /system-message/59?z=5369052&var=812700673572606459 HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 10 May 2024 07:35:05 GMT
content-type: text/html
location: http://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DWelkXP3LGlg%2B8tqDDuyCm0wsyvu8X0Ab4Uyv%2B09j%2BvIQgxiMiIotTke2vw6samzjaJNUfr3E4MW5uF%2F40iDvvIjDKemz89f1K1ENWlDW3oLcSfQbwJ0E5vDkjSvU9%2Fl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881840202fc856c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ofsnivyan.com/_next/static/chunks/7903-dd238946c7924507.js | 104.21.90.194 | 200 OK | 32 kB |
URL GET HTTP/3ofsnivyan.com/_next/static/chunks/7903-dd238946c7924507.js IP104.21.90.194:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerGoogle Trust Services LLC Subjectofsnivyan.com FingerprintE2:64:70:52:E2:73:D1:AD:67:D5:B8:63:A0:56:8D:C0:83:9D:EA:38 ValidityThu, 21 Mar 2024 20:34:04 GMT - Wed, 19 Jun 2024 20:34:03 GMT
File typeJavaScript source, ASCII text, with very long lines (31896), with no line terminators Hashb5dd343db67bd22544d11da18268f5c3 069b5b221dd75af58d93192460778b3d07835e74 6347f1d4083f7a0a2ac3d8b12aae8832d9ea6914aa6e137d16a4d41869d14ea5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/7903-dd238946c7924507.js HTTP/1.1
Host: ofsnivyan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:35:05 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: W/"663cf76e-7c98"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 4720
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jjfujOxN8%2FpF5VOLO7tchSDXg1Q03AEkrQnf%2Bq0CMgUfEOlHE6hD6sIl2AURDK7zEUUjmSIwcf4%2B0FziGiEhac6pBRgzEJv63%2BOt1peLt92EomgfmRQHffwU3fABb9Z7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881840231ebcb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://ofsnivyan.com/system-message/59/?z=5369052&var=812700673572606459 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash39cad8512f83019261ec2af9d984b99a 73930d1a5c88faa91af7ea832cd791b808514e9d 88ca78ed1c9e11810067ca314ada76ffc7eebc41dbf42e16afb80439099fd5a6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ofsnivyan.com/
Content-Type: application/json
Content-Length: 1811
Origin: https://ofsnivyan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 07:35:06 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ofsnivyan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|