URL User Request GET HTTP/2IP95.211.117.215:443 ASN#60781 LeaseWeb Netherlands B.V.
CertificateIssuerLet's Encrypt Subjectlysyfyj.com FingerprintBB:7C:B9:67:5C:F3:4E:07:A2:AF:9F:CA:D3:82:E3:E4:97:26:D4:CA ValidityFri, 09 Feb 2024 18:23:44 GMT - Thu, 09 May 2024 18:23:43 GMT
File typeASCII text, with no line terminators Hash32682312d17c7cbf18e73594f5570319 60e22121bdd0bc71cdb2bae2a3aa577006b2eae9 e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php HTTP/1.1
Host: lysyfyj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 11
date: Wed, 24 Apr 2024 18:36:46 GMT
location: http://ww1.lysyfyj.com
server: Cowboy
set-cookie: sid=9b06beba-0269-11ef-8df4-3ec1551bb81f; path=/; domain=.lysyfyj.com; expires=Mon, 12 May 2092 21:50:53 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
|
URL User Request GET HTTP/1.1IP208.91.196.145:80 ASN#40034 CONFLUENCE-NETWORK-INC
File typeHTML document, ASCII text, with very long lines (443), with CRLF line terminators Hashcdd93e474ffab76ba0188fda94734210 630aa6dbeb62177b3dbd9a6841266fb3689fd113 66e9ef636e696c37b48d0d06929b93db998797b537c6150bfbe40eedd1a68a44
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: ww1.lysyfyj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 18:36:46 GMT
Server: Apache
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_dpeNkBtuxYm/MBZs/bZeUU3s4/koLZ8CKRrVuExOAQCoG+Ba51AcHGx/+c/uadYGFJhrh38uGdoujyuOdbwbLg==
Content-Length: 1922
Keep-Alive: timeout=5, max=122
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
| ww1.lysyfyj.com/?fp=ZbSrv2i18YnNfPNSqSsC6n0jQLvcDPBy65hKrYcVeZd%2B%2BSax%2FWJCH22b2vsFoAkfXOw0kvlTUBxGiNLmnjo7SzOMj6mnQ0Txr04lFJFaa1lzF49bu%2BAofS4jL4kXh9IOK%2FPhgxZ4Z%2Bw5sOyMJYDOcbzl3%2B2Fbl%2B45%2BWl41pTKOWAHt%2BBiqTBCpm3%2BUQas%2BgJnSiviHmYF9nL7zdVD1Xb4hsjHOgxpd93IhnLHxwBBA1FjNPNPFp9G17XWKPcXXKNBe9Wuls1MUyz2Yb6llP2Og%3D%3D&poru=lL%2FTHaDL0%2BASDNkLUsN%2FTJNHeOzJzHu9wApqlIl41Tk%3D&_opnslfp=1& | 208.91.196.145 | 403 Forbidden | 300 B |
URL GET HTTP/1.1ww1.lysyfyj.com/?fp=ZbSrv2i18YnNfPNSqSsC6n0jQLvcDPBy65hKrYcVeZd%2B%2BSax%2FWJCH22b2vsFoAkfXOw0kvlTUBxGiNLmnjo7SzOMj6mnQ0Txr04lFJFaa1lzF49bu%2BAofS4jL4kXh9IOK%2FPhgxZ4Z%2Bw5sOyMJYDOcbzl3%2B2Fbl%2B45%2BWl41pTKOWAHt%2BBiqTBCpm3%2BUQas%2BgJnSiviHmYF9nL7zdVD1Xb4hsjHOgxpd93IhnLHxwBBA1FjNPNPFp9G17XWKPcXXKNBe9Wuls1MUyz2Yb6llP2Og%3D%3D&poru=lL%2FTHaDL0%2BASDNkLUsN%2FTJNHeOzJzHu9wApqlIl41Tk%3D&_opnslfp=1& IP208.91.196.145:80 ASN#40034 CONFLUENCE-NETWORK-INC
File typeHTML document, ASCII text, with CRLF line terminators Hash223b20db4a730e5c0299917875cabb3a c83426b5b7a84aa24e0d3deb8f11f4dcdbf94683 4e26e42b5abe5d3c466febe191ce1549bb6831f43814a5ad0baa43ad0d09640e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?fp=ZbSrv2i18YnNfPNSqSsC6n0jQLvcDPBy65hKrYcVeZd%2B%2BSax%2FWJCH22b2vsFoAkfXOw0kvlTUBxGiNLmnjo7SzOMj6mnQ0Txr04lFJFaa1lzF49bu%2BAofS4jL4kXh9IOK%2FPhgxZ4Z%2Bw5sOyMJYDOcbzl3%2B2Fbl%2B45%2BWl41pTKOWAHt%2BBiqTBCpm3%2BUQas%2BgJnSiviHmYF9nL7zdVD1Xb4hsjHOgxpd93IhnLHxwBBA1FjNPNPFp9G17XWKPcXXKNBe9Wuls1MUyz2Yb6llP2Og%3D%3D&poru=lL%2FTHaDL0%2BASDNkLUsN%2FTJNHeOzJzHu9wApqlIl41Tk%3D&_opnslfp=1& HTTP/1.1
Host: ww1.lysyfyj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww1.lysyfyj.com/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 24 Apr 2024 18:36:47 GMT
Server: Apache
Content-Length: 300
Keep-Alive: timeout=5, max=126
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
| ww1.lysyfyj.com/favicon.ico | 208.91.196.145 | 404 Not Found | 10 B |
URL GET HTTP/1.1ww1.lysyfyj.com/favicon.ico IP208.91.196.145:80 ASN#40034 CONFLUENCE-NETWORK-INC
File typeASCII text, with no line terminators Hash6608dd3e21ca3beabd4bdfa625a0b221 e926d0f8694a4bc4013308afaca7af51e4c9fd9f c75eb01138771bfb2a5517aeae882356733782767c4560cc9601c34d2591ca75
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: ww1.lysyfyj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww1.lysyfyj.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Wed, 24 Apr 2024 18:36:47 GMT
Server: Apache
Content-Length: 10
Keep-Alive: timeout=5, max=126
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|