Report - rhk.nicsigiont.ru/1yAjjVH/

Report Overview

Visitedpublic

2025-02-10 13:01:10

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
rhk.nicsigiont.ru	unknown	2025-01-09	2025-02-10	2025-02-10	1.7 kB	366 kB	172.67.193.138

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	From	Size	First Seen	Last Seen
	rhk.nicsigiont.ru/1yAjjVH/	ScriptElement	363 kB	2025-02-10	2025-02-10
URL rhk.nicsigiont.ru/1yAjjVH/ IP / ASN 172.67.193.138 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2025-02-10 Last Seen 2025-02-10 Times Seen 1 Size 363 kB (363426 bytes) MD5 9f40968e0837a97d3beeebb1b006a942 SHA1 1b4327f7f2038412041891f0ccd2db7507afe323 SHA256 2c36c469297369444a9965e5cb5ae49d73d75d688d4a7d175d7a7f85c701a54f Format Code Loading...

	HASH	FROM	Size	First Seen	Last Seen
	fe84f83319336be0b4f76462c067b20d	DocumentWrite	1.2 kB	2025-01-29	2025-05-07
Introduced by DocumentWrite First Seen 2025-01-29 Last Seen 2025-05-07 Times Seen 579 Size 1.2 kB (1230 bytes) MD5 fe84f83319336be0b4f76462c067b20d SHA1 4f50948daf0e5622ac4be0231fc68661a6f81028 SHA256 f618b7469dd81a43f8024d71d07f020c133066aee463a54f56c752854e63f461 Format Code Loading...

HTTP Transactions (2)

URL IP Response Size

GET rhk.nicsigiont.ru/1yAjjVH/

172.67.193.138

200 OK

364 kB

URL User Request GET HTTPS

rhk.nicsigiont.ru/1yAjjVH/

IP / ASN

172.67.193.138

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (65305)

First Seen2025-02-10

Last Seen2025-02-10

Times Seen1

Size364 kB (363524 bytes)

MD5cf5ccdf411e2a776e949f8eda2cce4d4

SHA1a22e74c7659cb133063dcef31e4772063b23447f

SHA256b661d2eae2ca38c95b0ca62955dd64ecc548b365e883359282eed66e72ed4324

Certificate Info

IssuerGoogle Trust Services

Subjectnicsigiont.ru

Fingerprint12:BF:CE:45:B4:63:B5:DA:E3:41:91:BB:5A:5B:25:B1:01:B8:DB:1C

ValidityFri, 10 Jan 2025 18:31:22 GMT - Thu, 10 Apr 2025 19:28:53 GMT

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /1yAjjVH/ HTTP/1.1
Host: rhk.nicsigiont.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 10 Feb 2025 13:00:40 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=valhmdZavTahaQco8ETGl2Qz%2FaxFmC8T1HAlIilF5VtcLcyKICalEf33dOEZLXphcpwXm%2FM02%2FkLuG%2BSxBb5%2F4LaOSMUzARO6OdNYVcXZ7gDEUXbLVG81mEeqrxrAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
set-cookie: XSRF-TOKEN=eyJpdiI6IkV1eUxEcEtlVlpyNllYRlhmUGxhaFE9PSIsInZhbHVlIjoiSXhYZW5iemFyU2hFVWVHakZwY0wwUHNCYWdZMk82ckR4ajA0NFBIdjd2SFY4R2VJelRmYlJvYmU4anQ2bkxzZjJKdDFKaEY5NHZxODN1Y2tySSt3VzUxZ1dOYlJ4WTZjMHdHdUM3VTFxOXhxVmhTQUxtMjNwazBncWVKWDEvanQiLCJtYWMiOiJmNGI2NWExNGUzZTI0MWEwZGRmYWI5ZmZhMDU5ZmRjNGI3NjM0YjE5NTY3NzRkOGY3NDYyYmZhMTExZTRjMzljIiwidGFnIjoiIn0%3D; expires=Mon, 10-Feb-2025 15:00:40 GMT; Max-Age=7200; path=/; secure; samesite=none
laravel_session=eyJpdiI6IjNDdHlUV3YyaS9RRkFFaVZvZDBHUEE9PSIsInZhbHVlIjoiMWh5SW1BVEpQblh5TjZSVHNacmdjeVdBWUJjVlVrc1BxVW5YQnpQWHpRS0JQMzBqVlozRHNGZGdjS2VURmJSZ0Y2anV5U1BYbWFuTFhqN3ZBRlpRUSsrd0htOVh1cCtkSnBhQU9DeWQ3ckNtOE4zSTBqOUFPdndTOFZsb0ppZFoiLCJtYWMiOiIzMDQyZjY2ZDI2YzZkZDAyODE5NDUzN2E0NDMxYjIxNDM5MDFmYTczZWZhOWVmNTMyNWJhOThlMTM3OWVmNDQxIiwidGFnIjoiIn0%3D; expires=Mon, 10-Feb-2025 15:00:40 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
server: cloudflare
cf-ray: 90fc488cd8290b31-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=5806&min_rtt=5621&rtt_var=1721&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2823&recv_bytes=1398&delivery_rate=500263&cwnd=223&unsent_bytes=0&cid=838d349db4320b1f&ts=327&x=0", cfL4;desc="?proto=TCP&rtt=5728&min_rtt=474&rtt_var=10518&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3277&recv_bytes=1263&delivery_rate=6798122&cwnd=254&unsent_bytes=0&cid=b449ee0b67826e90&ts=460&x=0"
X-Firefox-Spdy: h2

GET rhk.nicsigiont.ru/favicon.ico

172.67.193.138

404 Not Found

0 B

URL GET HTTPS

rhk.nicsigiont.ru/favicon.ico

IP / ASN

172.67.193.138

#13335 CLOUDFLARENET

Requested byhttps://rhk.nicsigiont.ru/1yAjjVH/

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-04

Times Seen5648638

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectnicsigiont.ru

Fingerprint12:BF:CE:45:B4:63:B5:DA:E3:41:91:BB:5A:5B:25:B1:01:B8:DB:1C

ValidityFri, 10 Jan 2025 18:31:22 GMT - Thu, 10 Apr 2025 19:28:53 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: rhk.nicsigiont.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rhk.nicsigiont.ru/1yAjjVH/
Cookie: XSRF-TOKEN=eyJpdiI6IkV1eUxEcEtlVlpyNllYRlhmUGxhaFE9PSIsInZhbHVlIjoiSXhYZW5iemFyU2hFVWVHakZwY0wwUHNCYWdZMk82ckR4ajA0NFBIdjd2SFY4R2VJelRmYlJvYmU4anQ2bkxzZjJKdDFKaEY5NHZxODN1Y2tySSt3VzUxZ1dOYlJ4WTZjMHdHdUM3VTFxOXhxVmhTQUxtMjNwazBncWVKWDEvanQiLCJtYWMiOiJmNGI2NWExNGUzZTI0MWEwZGRmYWI5ZmZhMDU5ZmRjNGI3NjM0YjE5NTY3NzRkOGY3NDYyYmZhMTExZTRjMzljIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNDdHlUV3YyaS9RRkFFaVZvZDBHUEE9PSIsInZhbHVlIjoiMWh5SW1BVEpQblh5TjZSVHNacmdjeVdBWUJjVlVrc1BxVW5YQnpQWHpRS0JQMzBqVlozRHNGZGdjS2VURmJSZ0Y2anV5U1BYbWFuTFhqN3ZBRlpRUSsrd0htOVh1cCtkSnBhQU9DeWQ3ckNtOE4zSTBqOUFPdndTOFZsb0ppZFoiLCJtYWMiOiIzMDQyZjY2ZDI2YzZkZDAyODE5NDUzN2E0NDMxYjIxNDM5MDFmYTczZWZhOWVmNTMyNWJhOThlMTM3OWVmNDQxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Mon, 10 Feb 2025 13:00:40 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nLoELn%2Fdo4uFngYX8C757qPz2HDn88EKbiDMgmmRBubSlpCNh%2F14FAY7MBovYvO8Teep7Pw%2BXIhyi7vXsH9nAw9j5i4Kr2dOKc5JV04Dw4yt8aDBQPtxu9eDB30Fsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
priority: u=6,i=?0
server: cloudflare
cf-ray: 90fc4891cc36b505-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=4601&min_rtt=4594&rtt_var=1737&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2824&recv_bytes=2100&delivery_rate=612209&cwnd=251&unsent_bytes=0&cid=a3eb7a8d9d03f219&ts=22&x=0", cfL4;desc="?proto=QUIC&rtt=4152&min_rtt=2931&rtt_var=1971&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4097&recv_bytes=1803&delivery_rate=202608&cwnd=12000&unsent_bytes=0&cid=d8da558bc2ff523c&ts=521&x=1", cfExtPri, cfHdrFlush;dur=0