Report - dhiymtfuygayt.cc/

Report Overview

Visited public
2025-06-03 11:45:30
Tags
Submit Tags
URL
dhiymtfuygayt.cc/
Finishing URL
dhiymtfuygayt.cc/
IP / ASN
172.67.200.50
#13335 CLOUDFLARENET
Title
dhiymtfuygayt.cc/

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dhiymtfuygayt.cc	unknown	2024-11-05	2025-06-03	2025-06-03	924 B	4.5 kB	104.21.60.186
grzy.klavo1.xyz	unknown	2025-05-15	2025-05-28	2025-05-28	1.3 kB	1.6 MB	104.233.166.178

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-03	medium	dhiymtfuygayt.cc	Sinkholed
2025-06-03	medium	dhiymtfuygayt.cc	Sinkholed

ThreatFox

No alerts detected

JavaScript (1)

	URL	From	Size	First Seen	Last Seen
	dhiymtfuygayt.cc/	ScriptElement	825 B	2025-05-28	2025-06-12
Pretty URL dhiymtfuygayt.cc/ IP 104.21.60.186 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-28 18:57 Last Seen2025-06-12 10:52 Times Seen3 Hash 886637ba418957a2350ac291be09f238 e881d7fbcb967dc3f8af659085c85ecc3d092dfb fa364641911072bfaaa3a1ee3375a5ba22dd29e4c23f72296bc9d3c735e3aea6 Loading...

HTTP Transactions (5)

URL IP Response Size

GET dhiymtfuygayt.cc/

104.21.60.186

200 OK

2.9 kB

URL User Request GET
dhiymtfuygayt.cc/
IP
104.21.60.186:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectdhiymtfuygayt.cc
Fingerprint39:B9:86:33:0A:F7:89:DF:F0:0B:8E:9B:D8:BD:C3:E7:D4:30:34:F6
ValidityThu, 01 May 2025 02:03:31 GMT - Wed, 30 Jul 2025 03:01:46 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
2.9 kB (2858 bytes)
Hash
761b4ec7e9cfbe971d4fab625aa0753e
57b40cafb1b96c3e867df4046d1d38b0f47f48de
ce8d0d715b48492b33321b34434c6cb95816b80b864be3369a37766087bd59aa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: dhiymtfuygayt.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 03 Jun 2025 11:45:08 GMT
content-type: text/html
server: cloudflare
last-modified: Wed, 21 May 2025 13:59:20 GMT
vary: Accept-Encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
strict-transport-security: max-age=31536000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=TadI3ZBPMGT0bXaXBl3xH9obLQzZmw0MVjiAynmJxwZkGJ0oB8c0RL935mugECAAFTGHVD5wJRfbl%2FR4Vleu6uyLCZIcRUFaM4XBhS%2BFGFo%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 949ef1447dae1afc-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET grzy.klavo1.xyz/c_bg3.png

104.233.166.178

200 OK

914 kB

URL GET
grzy.klavo1.xyz/c_bg3.png
IP
104.233.166.178:443
ASN
#398993 PEG-TY

Requested by
https://dhiymtfuygayt.cc/
Certificate
IssuerLet's Encrypt
Subjectgrzy.klavo1.xyz
FingerprintFA:79:1B:75:4B:AF:90:11:93:3C:4F:97:70:F5:47:46:C2:99:87:E2
ValidityWed, 21 May 2025 12:57:07 GMT - Tue, 19 Aug 2025 12:57:06 GMT

File type
PNG image data, 640 x 905, 8-bit/color RGB, non-interlaced
Size
914 kB (913857 bytes)
Hash
c3d482c066c0d8e428175020ca53eb43
1a0bdbe358a5355b70ab4050737ee3113d9b121e
6c3d7857a0a992ab3d3d6246ab49e8901024862421371e0bc6c1dcbbd7972917

HTTP Headers

GET /c_bg3.png HTTP/1.1
Host: grzy.klavo1.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhiymtfuygayt.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 03 Jun 2025 11:45:09 GMT
content-type: image/png
content-length: 913857
last-modified: Thu, 15 May 2025 19:26:53 GMT
etag: "68263ffd-df1c1"
expires: Thu, 03 Jul 2025 11:45:09 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET grzy.klavo1.xyz/c_bg1.png

104.233.166.178

200 OK

76 kB

URL GET
grzy.klavo1.xyz/c_bg1.png
IP
104.233.166.178:443
ASN
#398993 PEG-TY

Requested by
https://dhiymtfuygayt.cc/
Certificate
IssuerLet's Encrypt
Subjectgrzy.klavo1.xyz
FingerprintFA:79:1B:75:4B:AF:90:11:93:3C:4F:97:70:F5:47:46:C2:99:87:E2
ValidityWed, 21 May 2025 12:57:07 GMT - Tue, 19 Aug 2025 12:57:06 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x905, components 3
Size
76 kB (75590 bytes)
Hash
b750cf99718c2379c53d03ebcefa1388
42d835bc8807d292827effbb301466ceb092760d
55bcfcc83d9ad034750bb583f121ead0c5b3369715665cf5e79c2b1bce2c6d62

HTTP Headers

GET /c_bg1.png HTTP/1.1
Host: grzy.klavo1.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhiymtfuygayt.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 03 Jun 2025 11:45:09 GMT
content-type: image/png
content-length: 75590
last-modified: Thu, 15 May 2025 19:26:53 GMT
etag: "68263ffd-12746"
expires: Thu, 03 Jul 2025 11:45:09 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET grzy.klavo1.xyz/c_bg2.png

104.233.166.178

200 OK

601 kB

URL GET
grzy.klavo1.xyz/c_bg2.png
IP
104.233.166.178:443
ASN
#398993 PEG-TY

Requested by
https://dhiymtfuygayt.cc/
Certificate
IssuerLet's Encrypt
Subjectgrzy.klavo1.xyz
FingerprintFA:79:1B:75:4B:AF:90:11:93:3C:4F:97:70:F5:47:46:C2:99:87:E2
ValidityWed, 21 May 2025 12:57:07 GMT - Tue, 19 Aug 2025 12:57:06 GMT

File type
PNG image data, 640 x 905, 8-bit/color RGBA, non-interlaced
Size
601 kB (600699 bytes)
Hash
566d94ca8c83ab8043dbe1c1cdf291b7
ac64f66fc17dd8b68a908842cceaae5cdde3c8cb
2cf6bb1282bb7b650fadd5a1a8de2a107f2127b7a489a35caec82de55024efd4

HTTP Headers

GET /c_bg2.png HTTP/1.1
Host: grzy.klavo1.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhiymtfuygayt.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 03 Jun 2025 11:45:09 GMT
content-type: image/png
content-length: 600699
last-modified: Thu, 15 May 2025 19:26:53 GMT
etag: "68263ffd-92a7b"
expires: Thu, 03 Jul 2025 11:45:09 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET dhiymtfuygayt.cc/favicon.ico

104.21.60.186

404 Not Found

146 B

URL GET
dhiymtfuygayt.cc/favicon.ico
IP
104.21.60.186:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dhiymtfuygayt.cc/
Certificate
IssuerGoogle Trust Services
Subjectdhiymtfuygayt.cc
Fingerprint39:B9:86:33:0A:F7:89:DF:F0:0B:8E:9B:D8:BD:C3:E7:D4:30:34:F6
ValidityThu, 01 May 2025 02:03:31 GMT - Wed, 30 Jul 2025 03:01:46 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: dhiymtfuygayt.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dhiymtfuygayt.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 03 Jun 2025 11:45:09 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3nq1tnkhUNbI72VY5N%2FRArLY9o0OTQYGqnH4YPCK8RF0ion%2BEal3tFjIZ4sJQM5lO3bNpJ%2F5RL%2FT28bsXbD5DnxmmyAwIENN6hSEdKapvUESXSnSnYemuJJ0%2BxWqNrH%2FSOoG"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 949ef14d7e8c6726-AMS
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=32351&min_rtt=24492&rtt_var=14798&sent=20&recv=18&lost=0&retrans=0&sent_bytes=4191&recv_bytes=1729&delivery_rate=86558&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=1b4f66787a0409c6&ts=1429&x=80"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (5)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers