tyxod.com.ng/uist/uist.php
192.227.170.162302 Found 229 B URL User Request GET HTTP/1.1 tyxod.com.ng/uist/uist.php
IP 192.227.170.162:80
ASN #36352 AS-COLOCROSSING
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1a4708621eebc57f2c4bc6e7c009b0cd
ec1acd5e585b353b8265d5b0dde27df8e7768c9b
c7549d9df549a7e5cf06e0564e690eedbadaec718b4c450e35291a7e8140036d
Analyzer Verdict Alert fortinet Malware
threatfox QakBot
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uist/uist.php HTTP/1.1
Host: tyxod.com.ng
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Wed, 12 Apr 2023 13:59:40 GMT
Server: Apache
Location: http://tyxod.com.ng/cgi-sys/suspendedpage.cgi
Content-Length: 229
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
tyxod.com.ng/cgi-sys/suspendedpage.cgi
192.227.170.162200 OK 2.1 kB URL User Request GET HTTP/1.1 tyxod.com.ng/cgi-sys/suspendedpage.cgi
IP 192.227.170.162:80
ASN #36352 AS-COLOCROSSING
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 13d05f3f2f0d2372e9af0af82359a26a
7b67c52a8309a4d03a053416845b5152592d5b12
41b1d7538280dbd2ae05e0bb51673d94f7b7f44a12d28719dd3ca4732f7b0bf0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /cgi-sys/suspendedpage.cgi HTTP/1.1
Host: tyxod.com.ng
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 12 Apr 2023 13:59:40 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 161790a687cab983532f263fff75708d
f41780628dffcdc203b1933dbcd2ec6a69fb5633
f1d60b3b6ce8d0b3de1b91100962296f6d71682379000ca0035ea9bc0243b020
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Apr 2023 13:59:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 161790a687cab983532f263fff75708d
f41780628dffcdc203b1933dbcd2ec6a69fb5633
f1d60b3b6ce8d0b3de1b91100962296f6d71682379000ca0035ea9bc0243b020
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Apr 2023 13:59:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.whogohost.net/micro/suspended-website/css/responsive.css
37.139.9.46200 OK 620 B URL GET HTTP/1.1 static.whogohost.net/micro/suspended-website/css/responsive.css
IP 37.139.9.46:443
ASN #14061 DIGITALOCEAN-ASN
Requested by http://tyxod.com.ng/cgi-sys/suspendedpage.cgi
Certificate IssuerLet's Encrypt
Subjectstatic.whogohost.net
Fingerprint64:8E:6F:7B:89:2B:2E:2D:58:02:E3:41:05:22:CA:E3:8C:9C:95:74
ValidityTue, 28 Mar 2023 11:12:21 GMT - Mon, 26 Jun 2023 11:12:20 GMT
File type ASCII text, with CRLF line terminators
Hash 9e4dce9a5e4609394b9d0de10d25c30b
bc1a4a8ea42af8c2b4b7f8b0a50deb1db005366f
77e68e38713e5df2ba4b88ac1c15492f3185d42da8a9b49c9970e23a32202941
GET /micro/suspended-website/css/responsive.css HTTP/1.1
Host: static.whogohost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tyxod.com.ng/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 12 Apr 2023 13:59:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 11 Feb 2020 11:58:59 GMT
Accept-Ranges: bytes
Expires: Fri, 12 May 2023 13:59:40 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Access-Control-Allow-Origin: https://www.whogohost.com
Content-Length: 620
Content-Type: text/css
Set-Cookie: whogohostyxorp=S2|ZDa5T|ZDa5T; path=/
Cache-Control: max-age=2592000, private
static.whogohost.net/micro/suspended-website/js/scripts.js
37.139.9.46200 OK 1.6 kB URL GET HTTP/1.1 static.whogohost.net/micro/suspended-website/js/scripts.js
IP 37.139.9.46:443
ASN #14061 DIGITALOCEAN-ASN
Requested by http://tyxod.com.ng/cgi-sys/suspendedpage.cgi
Certificate IssuerLet's Encrypt
Subjectstatic.whogohost.net
Fingerprint64:8E:6F:7B:89:2B:2E:2D:58:02:E3:41:05:22:CA:E3:8C:9C:95:74
ValidityTue, 28 Mar 2023 11:12:21 GMT - Mon, 26 Jun 2023 11:12:20 GMT
File type ASCII text, with CRLF line terminators
Hash d2c0b804c83742e7e044c99bef2241b2
f989f4b24eaf786890f4e88e617bbe1d308f2332
abc2ff8e2dfb283864c43ca721f184dac39072d8ea1b4c89e1d409f03844ad71
GET /micro/suspended-website/js/scripts.js HTTP/1.1
Host: static.whogohost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tyxod.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 12 Apr 2023 13:59:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 11 Feb 2020 11:58:59 GMT
Accept-Ranges: bytes
Expires: Fri, 12 May 2023 13:59:40 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Access-Control-Allow-Origin: https://www.whogohost.com
Content-Length: 1562
Content-Type: application/javascript
Set-Cookie: whogohostyxorp=S2|ZDa5T|ZDa5T; path=/
Cache-Control: max-age=2592000, private
static.whogohost.net/micro/suspended-website/js/jquery-3.1.1.min.js
37.139.9.46200 OK 30 kB URL GET HTTP/1.1 static.whogohost.net/micro/suspended-website/js/jquery-3.1.1.min.js
IP 37.139.9.46:443
ASN #14061 DIGITALOCEAN-ASN
Requested by http://tyxod.com.ng/cgi-sys/suspendedpage.cgi
Certificate IssuerLet's Encrypt
Subjectstatic.whogohost.net
Fingerprint64:8E:6F:7B:89:2B:2E:2D:58:02:E3:41:05:22:CA:E3:8C:9C:95:74
ValidityTue, 28 Mar 2023 11:12:21 GMT - Mon, 26 Jun 2023 11:12:20 GMT
File type ASCII text, with very long lines (32030)
Hash 7102e595184d6778dec8e2da1124250d
232bb0acc928682a93325412d2db837e6018ea45
9de6eb4616e280acb40ed48a08f31caad5aa965107d3343b500b6fca8975cbcb
GET /micro/suspended-website/js/jquery-3.1.1.min.js HTTP/1.1
Host: static.whogohost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tyxod.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 12 Apr 2023 13:59:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 11 Feb 2020 11:58:59 GMT
Accept-Ranges: bytes
Expires: Fri, 12 May 2023 13:59:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Access-Control-Allow-Origin: https://www.whogohost.com
Content-Length: 30079
Content-Type: application/javascript
Set-Cookie: whogohostyxorp=S1|ZDa5T|ZDa5T; path=/
Cache-Control: max-age=2592000, private
static.whogohost.net/micro/suspended-website/css/jquery.classycountdown.css
37.139.9.46200 OK 311 B URL GET HTTP/1.1 static.whogohost.net/micro/suspended-website/css/jquery.classycountdown.css
IP 37.139.9.46:443
ASN #14061 DIGITALOCEAN-ASN
Requested by http://tyxod.com.ng/cgi-sys/suspendedpage.cgi
Certificate IssuerLet's Encrypt
Subjectstatic.whogohost.net
Fingerprint64:8E:6F:7B:89:2B:2E:2D:58:02:E3:41:05:22:CA:E3:8C:9C:95:74
ValidityTue, 28 Mar 2023 11:12:21 GMT - Mon, 26 Jun 2023 11:12:20 GMT
Hash 0cb384def64505c92d6619f279cb7bd6
f1c03fb1bce006636c85c995adfe6f94e904fafa
abcead17228226902d5408be04f9328d98fc9747475aa62c2600f2cdb1ed16aa
GET /micro/suspended-website/css/jquery.classycountdown.css HTTP/1.1
Host: static.whogohost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tyxod.com.ng/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 12 Apr 2023 13:59:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 11 Feb 2020 11:58:59 GMT
Accept-Ranges: bytes
Expires: Fri, 12 May 2023 13:59:40 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Access-Control-Allow-Origin: https://www.whogohost.com
Content-Length: 311
Content-Type: text/css
Set-Cookie: whogohostyxorp=S2|ZDa5T|ZDa5T; path=/
Cache-Control: max-age=2592000, private
static.whogohost.net/micro/suspended-website/css/ionicons.css
37.139.9.46200 OK 8.9 kB URL GET HTTP/1.1 static.whogohost.net/micro/suspended-website/css/ionicons.css
IP 37.139.9.46:443
ASN #14061 DIGITALOCEAN-ASN
Requested by http://tyxod.com.ng/cgi-sys/suspendedpage.cgi
Certificate IssuerLet's Encrypt
Subjectstatic.whogohost.net
Fingerprint64:8E:6F:7B:89:2B:2E:2D:58:02:E3:41:05:22:CA:E3:8C:9C:95:74
ValidityTue, 28 Mar 2023 11:12:21 GMT - Mon, 26 Jun 2023 11:12:20 GMT
File type Unicode text, UTF-8 text, with very long lines (20244)
Hash 10e6596e761583c3e369b47c69572b0f
3f7a36335f2a9f7d716a762007b70ac421fbb5db
2a69eb48610857fc618c8cec0afd67ac75f48daad0e52717f0eaba1249a60f4c
GET /micro/suspended-website/css/ionicons.css HTTP/1.1
Host: static.whogohost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tyxod.com.ng/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 12 Apr 2023 13:59:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 11 Feb 2020 11:58:59 GMT
Accept-Ranges: bytes
Expires: Fri, 12 May 2023 13:59:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Access-Control-Allow-Origin: https://www.whogohost.com
Content-Length: 8867
Content-Type: text/css
Set-Cookie: whogohostyxorp=S1|ZDa5T|ZDa5T; path=/
Cache-Control: max-age=2592000, private
static.whogohost.net/micro/suspended-website/css/styles.css
37.139.9.46200 OK 1.7 kB URL GET HTTP/1.1 static.whogohost.net/micro/suspended-website/css/styles.css
IP 37.139.9.46:443
ASN #14061 DIGITALOCEAN-ASN
Requested by http://tyxod.com.ng/cgi-sys/suspendedpage.cgi
Certificate IssuerLet's Encrypt
Subjectstatic.whogohost.net
Fingerprint64:8E:6F:7B:89:2B:2E:2D:58:02:E3:41:05:22:CA:E3:8C:9C:95:74
ValidityTue, 28 Mar 2023 11:12:21 GMT - Mon, 26 Jun 2023 11:12:20 GMT
File type ASCII text, with CRLF line terminators
Hash d44b7ab4591f8d0035781bb4bf7c61d4
fa5697171248b7e967a4cd75c9c8b33b405f4b86
d70917d42e1785454ee1378d3f3e68ff6df43af7fb6efb3a516bcb6bc8d6743c
GET /micro/suspended-website/css/styles.css HTTP/1.1
Host: static.whogohost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tyxod.com.ng/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 12 Apr 2023 13:59:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 11 Feb 2020 11:58:59 GMT
Accept-Ranges: bytes
Expires: Fri, 12 May 2023 13:59:40 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Access-Control-Allow-Origin: https://www.whogohost.com
Content-Length: 1683
Content-Type: text/css
Set-Cookie: whogohostyxorp=S2|ZDa5T|ZDa5T; path=/
Cache-Control: max-age=2592000, private
static.whogohost.net/micro/suspended-website/js/jquery.countdown.min.js
37.139.9.46200 OK 2.4 kB URL GET HTTP/1.1 static.whogohost.net/micro/suspended-website/js/jquery.countdown.min.js
IP 37.139.9.46:443
ASN #14061 DIGITALOCEAN-ASN
Requested by http://tyxod.com.ng/cgi-sys/suspendedpage.cgi
Certificate IssuerLet's Encrypt
Subjectstatic.whogohost.net
Fingerprint64:8E:6F:7B:89:2B:2E:2D:58:02:E3:41:05:22:CA:E3:8C:9C:95:74
ValidityTue, 28 Mar 2023 11:12:21 GMT - Mon, 26 Jun 2023 11:12:20 GMT
File type ASCII text, with very long lines (4136)
Hash a68628065a86702a4e1e6fbd80080451
837a875a970610f3922a59081a3cbabee19ace3f
e26df89d152868d65d41bda19ab42634965ec4b9d60b38c9246423223446ba15
GET /micro/suspended-website/js/jquery.countdown.min.js HTTP/1.1
Host: static.whogohost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tyxod.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 12 Apr 2023 13:59:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 11 Feb 2020 11:58:59 GMT
Accept-Ranges: bytes
Expires: Fri, 12 May 2023 13:59:40 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Access-Control-Allow-Origin: https://www.whogohost.com
Content-Length: 2373
Content-Type: application/javascript
Set-Cookie: whogohostyxorp=S2|ZDa5T|ZDa5T; path=/
Cache-Control: max-age=2592000, private
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 050c7347515fd2221f7d297b33a9aa5c
a8d7b94084ceeb054c3085c681f8cd5f72bd4fc4
34edc6a07cd8fd2117cb12821723b2e71ddfb2434bac56c73515baf1a81ab837
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Apr 2023 13:59:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 050c7347515fd2221f7d297b33a9aa5c
a8d7b94084ceeb054c3085c681f8cd5f72bd4fc4
34edc6a07cd8fd2117cb12821723b2e71ddfb2434bac56c73515baf1a81ab837
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Apr 2023 13:59:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 050c7347515fd2221f7d297b33a9aa5c
a8d7b94084ceeb054c3085c681f8cd5f72bd4fc4
34edc6a07cd8fd2117cb12821723b2e71ddfb2434bac56c73515baf1a81ab837
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Apr 2023 13:59:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:443
Requested by http://tyxod.com.ng/cgi-sys/suspendedpage.cgi
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://tyxod.com.ng
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 07 Apr 2023 13:55:28 GMT
expires: Sat, 06 Apr 2024 13:55:28 GMT
cache-control: public, max-age=31536000
age: 432253
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.227200 OK 7.7 kB URL GET HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 216.58.207.227:443
Requested by http://tyxod.com.ng/cgi-sys/suspendedpage.cgi
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://tyxod.com.ng
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Apr 2023 10:35:12 GMT
expires: Wed, 10 Apr 2024 10:35:12 GMT
cache-control: public, max-age=31536000
age: 98669
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL GET HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:443
Requested by http://tyxod.com.ng/cgi-sys/suspendedpage.cgi
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://tyxod.com.ng
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 08 Apr 2023 13:07:53 GMT
expires: Sun, 07 Apr 2024 13:07:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
age: 348708
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 050c7347515fd2221f7d297b33a9aa5c
a8d7b94084ceeb054c3085c681f8cd5f72bd4fc4
34edc6a07cd8fd2117cb12821723b2e71ddfb2434bac56c73515baf1a81ab837
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Apr 2023 13:59:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tyxod.com.ng/favicon.ico
192.227.170.162302 Found 229 B IP 192.227.170.162:80
ASN #36352 AS-COLOCROSSING
Requested by http://tyxod.com.ng/cgi-sys/suspendedpage.cgi
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1a4708621eebc57f2c4bc6e7c009b0cd
ec1acd5e585b353b8265d5b0dde27df8e7768c9b
c7549d9df549a7e5cf06e0564e690eedbadaec718b4c450e35291a7e8140036d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: tyxod.com.ng
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tyxod.com.ng/cgi-sys/suspendedpage.cgi
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Wed, 12 Apr 2023 13:59:41 GMT
Server: Apache
Location: http://tyxod.com.ng/cgi-sys/suspendedpage.cgi
Content-Length: 229
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
fonts.googleapis.com/css?family=Open+Sans:400,700%7CPoppins:400,500
142.250.74.106200 OK 2.4 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700%7CPoppins:400,500
IP 142.250.74.106:443
Requested by http://tyxod.com.ng/cgi-sys/suspendedpage.cgi
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint77:43:87:91:D0:0A:64:BD:84:1C:9A:F5:10:86:8E:8E:04:F1:F9:A3
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
Hash b6e0e995d6eea45a1b1e8718b211ce0f
de39464fbb748d0cec9c9b6d1f4150a3f8989024
437cc7315c2548f14cd48cf8ed82b6b8ce029252e76f2e57ce4f4549fd20313d
GET /css?family=Open+Sans:400,700%7CPoppins:400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tyxod.com.ng/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 12 Apr 2023 13:59:40 GMT
date: Wed, 12 Apr 2023 13:59:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tyxod.com.ng/cgi-sys/suspendedpage.cgi
192.227.170.162200 OK 2.1 kB URL User Request GET HTTP/1.1 tyxod.com.ng/cgi-sys/suspendedpage.cgi
IP 192.227.170.162:80
ASN #36352 AS-COLOCROSSING
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 13d05f3f2f0d2372e9af0af82359a26a
7b67c52a8309a4d03a053416845b5152592d5b12
41b1d7538280dbd2ae05e0bb51673d94f7b7f44a12d28719dd3ca4732f7b0bf0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /cgi-sys/suspendedpage.cgi HTTP/1.1
Host: tyxod.com.ng
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tyxod.com.ng/cgi-sys/suspendedpage.cgi
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 12 Apr 2023 13:59:41 GMT
Server: Apache
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
www.whogohost.com/assets/images/ad/get-a-free-domain.jpg
37.139.9.46200 OK 132 kB URL GET HTTP/1.1 www.whogohost.com/assets/images/ad/get-a-free-domain.jpg
IP 37.139.9.46:443
ASN #14061 DIGITALOCEAN-ASN
Requested by http://tyxod.com.ng/cgi-sys/suspendedpage.cgi
Certificate IssuerUnizeto Technologies S.A.
Subjectwhogohost.com
FingerprintCA:CC:0E:FC:F6:88:FB:65:CC:14:D6:C8:1E:71:7B:D5:43:60:F5:34
ValidityWed, 14 Sep 2022 14:22:57 GMT - Thu, 14 Sep 2023 08:34:58 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x1000, components 3\012- data
Size 132 kB (131869 bytes)
Hash df926e499d2d51c51cd39975168119df
0a86506bdd63f8a00770e55b1534976d103e2427
3e5038cc16191b41ea04e51eee3ada192e6d88302c235f9dace6f543d6db289d
GET /assets/images/ad/get-a-free-domain.jpg HTTP/1.1
Host: www.whogohost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.whogohost.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 12 Apr 2023 13:59:41 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 11 Feb 2020 09:51:51 GMT
Accept-Ranges: bytes
Content-Length: 131869
Expires: Thu, 11 Apr 2024 13:59:41 GMT
Content-Security-Policy: frame-ancestors 'self'
Access-Control-Allow-Origin: https://www.whogohost.com
Content-Type: image/jpeg
Set-Cookie: whogohostyxorp=S1|ZDa5U|ZDa5U; path=/
Cache-Control: max-age=31536000, private