lysyfyj.com/OcihZ/login.php/
95.211.219.65200 OK 488 B URL User Request GET HTTP/1.1 lysyfyj.com/OcihZ/login.php/
IP 95.211.219.65:80
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (488), with no line terminators
Hash 98f8e338fc0ebba5095cee6bc288c23e
79b1bae838fc8a286dccf842f1913ddd6361dac2
7b71c5e788c0e6fe2fb10eea245e66917e8b361ab5fd2f31c267a3e55ec8ef3e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /OcihZ/login.php/ HTTP/1.1
Host: lysyfyj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 488
content-type: text/html; charset=utf-8
date: Fri, 02 Jun 2023 01:03:33 GMT
server: nginx
set-cookie: sid=4c4f8102-00e1-11ee-b136-ffef3bfa6fe8; path=/; domain=.lysyfyj.com; expires=Wed, 20 Jun 2091 04:17:41 GMT; max-age=2147483647; HttpOnly
lysyfyj.com/OcihZ/login.php/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY4NTY3NTAxNCwiaWF0IjoxNjg1NjY3ODE0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydGliM3NoZ3RwNmhoMGJmcWMwZzliOGIiLCJuYmYiOjE2ODU2Njc4MTQsInRzIjoxNjg1NjY3ODE0MzA0NDczfQ.tBO8yYCy1WBMFqHtVIi40Obvt9FtKeZ30DGBcwSYAXI&sid=4c4f8102-00e1-11ee-b136-ffef3bfa6fe8
0.0.0.0 0 B URL User Request GET lysyfyj.com/OcihZ/login.php/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY4NTY3NTAxNCwiaWF0IjoxNjg1NjY3ODE0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydGliM3NoZ3RwNmhoMGJmcWMwZzliOGIiLCJuYmYiOjE2ODU2Njc4MTQsInRzIjoxNjg1NjY3ODE0MzA0NDczfQ.tBO8yYCy1WBMFqHtVIi40Obvt9FtKeZ30DGBcwSYAXI&sid=4c4f8102-00e1-11ee-b136-ffef3bfa6fe8
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /OcihZ/login.php/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY4NTY3NTAxNCwiaWF0IjoxNjg1NjY3ODE0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydGliM3NoZ3RwNmhoMGJmcWMwZzliOGIiLCJuYmYiOjE2ODU2Njc4MTQsInRzIjoxNjg1NjY3ODE0MzA0NDczfQ.tBO8yYCy1WBMFqHtVIi40Obvt9FtKeZ30DGBcwSYAXI&sid=4c4f8102-00e1-11ee-b136-ffef3bfa6fe8 HTTP/1.1
Host: lysyfyj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lysyfyj.com/OcihZ/login.php/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: sid=4c4f8102-00e1-11ee-b136-ffef3bfa6fe8
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
lysyfyj.com/OcihZ/login.php/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY4NTY3NTAxNCwiaWF0IjoxNjg1NjY3ODE0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydGliM3NoZ3RwNmhoMGJmcWMwZzliOGIiLCJuYmYiOjE2ODU2Njc4MTQsInRzIjoxNjg1NjY3ODE0MzA0NDczfQ.tBO8yYCy1WBMFqHtVIi40Obvt9FtKeZ30DGBcwSYAXI&sid=4c4f8102-00e1-11ee-b136-ffef3bfa6fe8
0.0.0.0 0 B URL User Request GET lysyfyj.com/OcihZ/login.php/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY4NTY3NTAxNCwiaWF0IjoxNjg1NjY3ODE0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydGliM3NoZ3RwNmhoMGJmcWMwZzliOGIiLCJuYmYiOjE2ODU2Njc4MTQsInRzIjoxNjg1NjY3ODE0MzA0NDczfQ.tBO8yYCy1WBMFqHtVIi40Obvt9FtKeZ30DGBcwSYAXI&sid=4c4f8102-00e1-11ee-b136-ffef3bfa6fe8
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /OcihZ/login.php/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY4NTY3NTAxNCwiaWF0IjoxNjg1NjY3ODE0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydGliM3NoZ3RwNmhoMGJmcWMwZzliOGIiLCJuYmYiOjE2ODU2Njc4MTQsInRzIjoxNjg1NjY3ODE0MzA0NDczfQ.tBO8yYCy1WBMFqHtVIi40Obvt9FtKeZ30DGBcwSYAXI&sid=4c4f8102-00e1-11ee-b136-ffef3bfa6fe8 HTTP/1.1
Host: lysyfyj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lysyfyj.com/OcihZ/login.php/
DNT: 1
Connection: keep-alive
Cookie: sid=4c4f8102-00e1-11ee-b136-ffef3bfa6fe8
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache