| dfik.linkpc.net/Usaabank/hjsjs/ul/signin.php?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https://www.icloud.com/landingv2&response_type=code%20id_token&scope=openid%20profile%20https://www.office.com/v2/OfficeHome.All&response_mode=form_post&nonce=638199132677744493.Mzg3MzNjMDItODNmMy00ZjM0LTkwMWMtOWFjMTU2ODU5N2I3NTEyNWJlOGYtN2E5NS00NGJkLTlkNmEtMjYyZWI1YjJkNDMy&ui_locales=en-US&mkt=en-US&client-request-id=9159d407-9714-437c-a260-9e06802f0fe5&state=-U9RvRXlNehYbStez7qy2PvmdCXKbac2Mz2R-7H9umo5rcZmh0l8kR6hX0Jgtdfypld27agqVcJyE7KcGwg7zQVcXbf2iY57bdPjzq9fCXMwrlFCQs2_uA-24fVzB6Nftu_J2c2xxMeBrFAMZ4H4dUw4XvHGNv4aSVlmELm9_ZJCVHcguVa8hDasnvBQSDPsn2z0urQ4C_QC2_lr-ZgVNBQbUuXA7Ud2zAhF_2RlbwJZxelSbEv7Z1D-WiTH-M83g8Xt4fRc3K8cYYmyiUhSXjOQKbwGAdiozhZaOPQcshY&x-client-SKU=ID_NET6_0&x-client-ver=6.26.1.0 | 91.185.215.11 | 302 Found | 0 B |
URL User Request GET HTTP/1.1dfik.linkpc.net/Usaabank/hjsjs/ul/signin.php?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https://www.icloud.com/landingv2&response_type=code%20id_token&scope=openid%20profile%20https://www.office.com/v2/OfficeHome.All&response_mode=form_post&nonce=638199132677744493.Mzg3MzNjMDItODNmMy00ZjM0LTkwMWMtOWFjMTU2ODU5N2I3NTEyNWJlOGYtN2E5NS00NGJkLTlkNmEtMjYyZWI1YjJkNDMy&ui_locales=en-US&mkt=en-US&client-request-id=9159d407-9714-437c-a260-9e06802f0fe5&state=-U9RvRXlNehYbStez7qy2PvmdCXKbac2Mz2R-7H9umo5rcZmh0l8kR6hX0Jgtdfypld27agqVcJyE7KcGwg7zQVcXbf2iY57bdPjzq9fCXMwrlFCQs2_uA-24fVzB6Nftu_J2c2xxMeBrFAMZ4H4dUw4XvHGNv4aSVlmELm9_ZJCVHcguVa8hDasnvBQSDPsn2z0urQ4C_QC2_lr-ZgVNBQbUuXA7Ud2zAhF_2RlbwJZxelSbEv7Z1D-WiTH-M83g8Xt4fRc3K8cYYmyiUhSXjOQKbwGAdiozhZaOPQcshY&x-client-SKU=ID_NET6_0&x-client-ver=6.26.1.0 IP91.185.215.11:443 ASN#41828 Telemach Slovenija d.o.o.
CertificateIssuerLet's Encrypt Subjectdfik.linkpc.net Fingerprint7B:4D:51:05:11:E7:42:DC:47:57:B9:8A:D7:2E:44:71:4D:2C:5A:23 ValiditySun, 05 May 2024 22:18:50 GMT - Sat, 03 Aug 2024 22:18:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain |
GET /Usaabank/hjsjs/ul/signin.php?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https://www.icloud.com/landingv2&response_type=code%20id_token&scope=openid%20profile%20https://www.office.com/v2/OfficeHome.All&response_mode=form_post&nonce=638199132677744493.Mzg3MzNjMDItODNmMy00ZjM0LTkwMWMtOWFjMTU2ODU5N2I3NTEyNWJlOGYtN2E5NS00NGJkLTlkNmEtMjYyZWI1YjJkNDMy&ui_locales=en-US&mkt=en-US&client-request-id=9159d407-9714-437c-a260-9e06802f0fe5&state=-U9RvRXlNehYbStez7qy2PvmdCXKbac2Mz2R-7H9umo5rcZmh0l8kR6hX0Jgtdfypld27agqVcJyE7KcGwg7zQVcXbf2iY57bdPjzq9fCXMwrlFCQs2_uA-24fVzB6Nftu_J2c2xxMeBrFAMZ4H4dUw4XvHGNv4aSVlmELm9_ZJCVHcguVa8hDasnvBQSDPsn2z0urQ4C_QC2_lr-ZgVNBQbUuXA7Ud2zAhF_2RlbwJZxelSbEv7Z1D-WiTH-M83g8Xt4fRc3K8cYYmyiUhSXjOQKbwGAdiozhZaOPQcshY&x-client-SKU=ID_NET6_0&x-client-ver=6.26.1.0 HTTP/1.1
Host: dfik.linkpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 09 May 2024 17:33:06 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=d8f03a60fb98836480207dd15548c79f; path=/
Location: /cgi-sys/defaultwebpage.cgi
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| dfik.linkpc.net/ | 91.185.215.11 | | 1.3 kB |
IP91.185.215.11:0 ASN#41828 Telemach Slovenija d.o.o.
CertificateIssuerLet's Encrypt Subjectdfik.linkpc.net Fingerprint7B:4D:51:05:11:E7:42:DC:47:57:B9:8A:D7:2E:44:71:4D:2C:5A:23 ValiditySun, 05 May 2024 22:18:50 GMT - Sat, 03 Aug 2024 22:18:49 GMT
File typeHTML document, ASCII text Hash2f72ed636e1051236adb5cdc01f24ee0 6f4a2f915dd42a5f4c68a12f6d2c2c2a9759d0f1 fc16465eed0951f520a00134d0b41d1cf6d46136c1c54948d4fbd096bbde0790
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain |
GET / HTTP/1.1
Host: dfik.linkpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 May 2024 17:33:09 GMT
Server: Apache
Content-Length: 1340
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html;charset=ISO-8859-1
|
|
| dfik.linkpc.net/cgi-sys/defaultwebpage.cgi | 91.185.215.11 | | 6.9 kB |
URL User Request GET dfik.linkpc.net/cgi-sys/defaultwebpage.cgi IP91.185.215.11:0 ASN#41828 Telemach Slovenija d.o.o.
CertificateIssuerLet's Encrypt Subjectdfik.linkpc.net Fingerprint7B:4D:51:05:11:E7:42:DC:47:57:B9:8A:D7:2E:44:71:4D:2C:5A:23 ValiditySun, 05 May 2024 22:18:50 GMT - Sat, 03 Aug 2024 22:18:49 GMT
File typeHTML document, Unicode text, UTF-8 text Hashce463fe9da1453c6479829a0d1f68f06 908d6115cf4b1d63c956dd2d6d5100516552ee8d dcc02d63bc773d4437ffd469250f09cd33fed9b56757fc05145dd4c411800b83
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain |
GET /cgi-sys/defaultwebpage.cgi HTTP/1.1
Host: dfik.linkpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=d8f03a60fb98836480207dd15548c79f
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 May 2024 17:33:11 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
|
|
| dfik.linkpc.net/img-sys/IP_changed.png | 91.185.215.11 | 200 OK | 2.9 kB |
URL GET HTTP/1.1dfik.linkpc.net/img-sys/IP_changed.png IP91.185.215.11:80 ASN#41828 Telemach Slovenija d.o.o.
Requested byhttp://dfik.linkpc.net/cgi-sys/defaultwebpage.cgi
File typePNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced Hashec081653bd4c836483e6d612588d18ec 91c7e4cfa061808881575a875741773a949a9e0a b19da51b5e9c9b29cd8523d85d92e99e4812c891c394929c9bf67557f560672c
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain |
GET /img-sys/IP_changed.png HTTP/1.1
Host: dfik.linkpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dfik.linkpc.net/cgi-sys/defaultwebpage.cgi
Cookie: PHPSESSID=d8f03a60fb98836480207dd15548c79f
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 May 2024 17:33:17 GMT
Server: Apache
Last-Modified: Mon, 21 Mar 2022 16:03:23 GMT
Accept-Ranges: bytes
Content-Length: 2939
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
|
|
| dfik.linkpc.net/img-sys/error-bg-left.png | 91.185.215.11 | 200 OK | 8.1 kB |
URL GET HTTP/1.1dfik.linkpc.net/img-sys/error-bg-left.png IP91.185.215.11:80 ASN#41828 Telemach Slovenija d.o.o.
Requested byhttp://dfik.linkpc.net/cgi-sys/defaultwebpage.cgi
File typePNG image data, 410 x 400, 8-bit/color RGBA, non-interlaced Hashcdbe46a0178886162bdedff35336154e f5acc131f7d3fdfbebfc4a55be73cf51c7638937 862885b79bef22ad5716b2dbfa714d52f628a439f2921bb9520a4630bbea5d4e
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain |
GET /img-sys/error-bg-left.png HTTP/1.1
Host: dfik.linkpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dfik.linkpc.net/cgi-sys/defaultwebpage.cgi
Cookie: PHPSESSID=d8f03a60fb98836480207dd15548c79f
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 May 2024 17:33:17 GMT
Server: Apache
Last-Modified: Mon, 21 Mar 2022 16:03:23 GMT
Accept-Ranges: bytes
Content-Length: 8072
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
|
|
| dfik.linkpc.net/img-sys/server_moved.png | 91.185.215.11 | 200 OK | 3.3 kB |
URL GET HTTP/1.1dfik.linkpc.net/img-sys/server_moved.png IP91.185.215.11:80 ASN#41828 Telemach Slovenija d.o.o.
Requested byhttp://dfik.linkpc.net/cgi-sys/defaultwebpage.cgi
File typePNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced Hashf6590a396da81a8e4cce7ca046874ffd 7e68db322c32ca079b2c836812d3a25204ab93cc 3a22057583d3e17bc94990d92a3425d5510dc5bdb60fe40fafeb405a38f8ed28
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain |
GET /img-sys/server_moved.png HTTP/1.1
Host: dfik.linkpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dfik.linkpc.net/cgi-sys/defaultwebpage.cgi
Cookie: PHPSESSID=d8f03a60fb98836480207dd15548c79f
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 May 2024 17:33:17 GMT
Server: Apache
Last-Modified: Mon, 21 Mar 2022 16:03:23 GMT
Accept-Ranges: bytes
Content-Length: 3327
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
|
|
| dfik.linkpc.net/img-sys/server_misconfigured.png | 91.185.215.11 | 200 OK | 3.2 kB |
URL GET HTTP/1.1dfik.linkpc.net/img-sys/server_misconfigured.png IP91.185.215.11:80 ASN#41828 Telemach Slovenija d.o.o.
Requested byhttp://dfik.linkpc.net/cgi-sys/defaultwebpage.cgi
File typePNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced Hashf79adaf00f83dc9757086cdbe8645ff0 82f37b8be7668eab8e1a06de828cb336799c8134 944120fb6962c7484d769d645e6d830850eead9394f6a84090aed489cfc0c41f
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain |
GET /img-sys/server_misconfigured.png HTTP/1.1
Host: dfik.linkpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dfik.linkpc.net/cgi-sys/defaultwebpage.cgi
Cookie: PHPSESSID=d8f03a60fb98836480207dd15548c79f
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 May 2024 17:33:17 GMT
Server: Apache
Last-Modified: Mon, 21 Mar 2022 16:03:23 GMT
Accept-Ranges: bytes
Content-Length: 3164
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
|
|
| dfik.linkpc.net/img-sys/powered_by_cpanel.svg | 91.185.215.11 | 200 OK | 5.6 kB |
URL GET HTTP/1.1dfik.linkpc.net/img-sys/powered_by_cpanel.svg IP91.185.215.11:80 ASN#41828 Telemach Slovenija d.o.o.
Requested byhttp://dfik.linkpc.net/cgi-sys/defaultwebpage.cgi
File typeSVG Scalable Vector Graphics image Hashc47b4b5200566a2a496a11ba472ec5da 3bd0da9a6ffd62217d3e781fa1356f40d9f91d4c 179a9aa9fff4c52850d9ce34a4c435404ddfd4fefa8aab9a6eb4f47b83f922d9
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain |
GET /img-sys/powered_by_cpanel.svg HTTP/1.1
Host: dfik.linkpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dfik.linkpc.net/cgi-sys/defaultwebpage.cgi
Cookie: PHPSESSID=d8f03a60fb98836480207dd15548c79f
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 May 2024 17:33:17 GMT
Server: Apache
Last-Modified: Mon, 21 Mar 2022 16:03:23 GMT
Accept-Ranges: bytes
Content-Length: 5617
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
|
|
| dfik.linkpc.net/favicon.ico | 91.185.215.11 | 404 Not Found | 315 B |
URL GET HTTP/1.1dfik.linkpc.net/favicon.ico IP91.185.215.11:80 ASN#41828 Telemach Slovenija d.o.o.
Requested byhttp://dfik.linkpc.net/cgi-sys/defaultwebpage.cgi
File typeHTML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain |
GET /favicon.ico HTTP/1.1
Host: dfik.linkpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dfik.linkpc.net/cgi-sys/defaultwebpage.cgi
Cookie: PHPSESSID=d8f03a60fb98836480207dd15548c79f
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Thu, 09 May 2024 17:33:17 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|