| www.googletagmanager.com/gtag/js?id=AW-464971556 | 142.250.74.168 | 200 OK | 77 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=AW-464971556 IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (2165) Hashf3ebe70b67d71ee1a852ed279abe87ea f5ec7009f4cf5eea50326a2d43ebb57dc0c5394e da87eca15fff5db73f674df2ffbca4e4cef675214071d57f6d1c3a9940ec1775
GET /gtag/js?id=AW-464971556 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dik.si/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 13:01:50 GMT
expires: Thu, 18 Apr 2024 13:01:50 GMT
cache-control: private, max-age=900
last-modified: Thu, 18 Apr 2024 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77119
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-872PZL4RZW | 142.250.74.168 | 200 OK | 94 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-872PZL4RZW IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash6c93bba5538e61afeeb1341d14688f0a 0feff2d435f0cbf2c38a311040fbdaae64f770a3 95c4958f6699d1f762febf0bda1ad7b90e2c5b1bf3199e65b482a591276cefdf
GET /gtag/js?id=G-872PZL4RZW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dik.si/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 13:01:50 GMT
expires: Thu, 18 Apr 2024 13:01:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93765
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| | 188.114.96.1 | 200 OK | 29 kB |
URL User Request GET HTTP/2IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectdik.si FingerprintB1:6B:48:01:F3:DC:F0:5F:7D:74:70:DF:89:BB:EA:8B:08:A9:B4:DC ValidityWed, 21 Feb 2024 16:43:21 GMT - Tue, 21 May 2024 16:43:20 GMT
File typeHTML document, ASCII text, with very long lines (41766) Hash40ce99de7a84f413148d44452cf96ca6 f5975b4c8dc992a6afa88fb681c88c19c866f4ac 96b418a9b75434cab607053a353a45ca60d29f440fd9b3eefc128c2fa5dd220d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fnbpayout HTTP/1.1
Host: dik.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 13:01:50 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6InFmK1RwRE13YTRSRlJTcEVscllTaFE9PSIsInZhbHVlIjoiMFRlU2FsU0x6YzZOVUVpbTJYQjdJbFBRcnQrWkVyd0YrMEFBZHR2RTF6NytkeHVkWm9TRE5mcGJ2empwb1FiT2JwYlZqbFlWWkxOcmNqdTdRaVBDRVhPUmcyUzRIbVZmZzU0ZWRheVF2YnpEVmlSRWtJR0JaQ1hDMUFoeU5KU0siLCJtYWMiOiIyNGE3N2I4NGVhOGY2YzNlYTVjYWIzYjY5ZWI2ZTQ2MTVlNWJjOTU0ZmU3YmI3MjdjMGRiZGFhMWVjNDViNjZmIiwidGFnIjoiIn0%3D; expires=Thu, 18-Apr-2024 15:01:50 GMT; Max-Age=7200; path=/; samesite=lax
diksi_session=eyJpdiI6IkR0K3poK0JPdDBxdzF3dFdaVXZVUGc9PSIsInZhbHVlIjoiOXRrRUw1QUVwR3ZsN0tNSU9lRXhvcTlIa2F0Q3RqYkt2TWFJNnlzOFd6MHZNNHlVdG9CZEY4c21mdnY1VmJneWdIbnFRRnNaSHd6NWNrVjl1NTlRWVJwaHZzUUgydjlSaXliQkRjNGpJdTJUc1ZaQk1zd2IwSENMMXVhSFFSdTYiLCJtYWMiOiI5NTliNTY3NzI3ZjI1MDFjMjIzOTBlMDBmYjMwYmFmZmRiYWNmMmE1YWE1OTQzM2VkMjQ2YTJhOWY0MTVhMzMyIiwidGFnIjoiIn0%3D; expires=Thu, 18-Apr-2024 15:01:50 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MQt6I3Smop71%2FL9iRlEHO6lUb2bd2vrm3%2FkSJX8xnj%2B83UIPpZ9sqpDhnEulhxgh%2BcKFTmT0%2Fmm0xA3ArW1eQSKW1CInl9ama2ROOtBMIrgmZcPak%2FzZWtU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8764d87e3a795689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dik.si/favicon/icon-144x144.png | 188.114.96.1 | 200 OK | 1.4 kB |
URL GET HTTP/3dik.si/favicon/icon-144x144.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectdik.si FingerprintB1:6B:48:01:F3:DC:F0:5F:7D:74:70:DF:89:BB:EA:8B:08:A9:B4:DC ValidityWed, 21 Feb 2024 16:43:21 GMT - Tue, 21 May 2024 16:43:20 GMT
File typePNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced Hashfac17b0b38a540a190305f0705215558 26f69e7a177ea2803da9addb4032bd0f0db64b0b 10b25aaa8e1cc66b5e0160020e2932233a27c44f19abc75ff8e433b5e43b6b0e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon/icon-144x144.png HTTP/1.1
Host: dik.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dik.si/fnbpayout
Cookie: XSRF-TOKEN=eyJpdiI6InFmK1RwRE13YTRSRlJTcEVscllTaFE9PSIsInZhbHVlIjoiMFRlU2FsU0x6YzZOVUVpbTJYQjdJbFBRcnQrWkVyd0YrMEFBZHR2RTF6NytkeHVkWm9TRE5mcGJ2empwb1FiT2JwYlZqbFlWWkxOcmNqdTdRaVBDRVhPUmcyUzRIbVZmZzU0ZWRheVF2YnpEVmlSRWtJR0JaQ1hDMUFoeU5KU0siLCJtYWMiOiIyNGE3N2I4NGVhOGY2YzNlYTVjYWIzYjY5ZWI2ZTQ2MTVlNWJjOTU0ZmU3YmI3MjdjMGRiZGFhMWVjNDViNjZmIiwidGFnIjoiIn0%3D; diksi_session=eyJpdiI6IkR0K3poK0JPdDBxdzF3dFdaVXZVUGc9PSIsInZhbHVlIjoiOXRrRUw1QUVwR3ZsN0tNSU9lRXhvcTlIa2F0Q3RqYkt2TWFJNnlzOFd6MHZNNHlVdG9CZEY4c21mdnY1VmJneWdIbnFRRnNaSHd6NWNrVjl1NTlRWVJwaHZzUUgydjlSaXliQkRjNGpJdTJUc1ZaQk1zd2IwSENMMXVhSFFSdTYiLCJtYWMiOiI5NTliNTY3NzI3ZjI1MDFjMjIzOTBlMDBmYjMwYmFmZmRiYWNmMmE1YWE1OTQzM2VkMjQ2YTJhOWY0MTVhMzMyIiwidGFnIjoiIn0%3D; _gcl_au=1.1.1892417297.1713445311; _ga_872PZL4RZW=GS1.1.1713445310.1.0.1713445310.0.0.0; _ga=GA1.1.1708644027.1713445311
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 13:01:51 GMT
content-type: image/png
content-length: 1369
last-modified: Sat, 20 Jan 2024 09:05:18 GMT
etag: "559-60f5ce546c239"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1328
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8yJ%2Buyxt3eHoUXr15z0hUIAw97ei5SfDCbTWu2C%2BKMAH3ILNK66j32gDg8Qc7IBg07207Si%2FfDL7A8spBok8aYLJxmJQkuKJ%2BoMPtWGhJfHRvaY9nmbbB1k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764d88e3db70b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| dik.si/favicon/icon-192x192.png | 188.114.96.1 | 200 OK | 2.1 kB |
URL GET HTTP/3dik.si/favicon/icon-192x192.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectdik.si FingerprintB1:6B:48:01:F3:DC:F0:5F:7D:74:70:DF:89:BB:EA:8B:08:A9:B4:DC ValidityWed, 21 Feb 2024 16:43:21 GMT - Tue, 21 May 2024 16:43:20 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash09d4e64da0f0ddb21363805bf8266513 1b10bdbbda0c85754a175a6c5c432dca0c5bd4be 7d3e419309a4bb97610250d3148d4ce73ae7b4fce0c3eaec55eda7f57eb47d1c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon/icon-192x192.png HTTP/1.1
Host: dik.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dik.si/fnbpayout
Cookie: XSRF-TOKEN=eyJpdiI6InFmK1RwRE13YTRSRlJTcEVscllTaFE9PSIsInZhbHVlIjoiMFRlU2FsU0x6YzZOVUVpbTJYQjdJbFBRcnQrWkVyd0YrMEFBZHR2RTF6NytkeHVkWm9TRE5mcGJ2empwb1FiT2JwYlZqbFlWWkxOcmNqdTdRaVBDRVhPUmcyUzRIbVZmZzU0ZWRheVF2YnpEVmlSRWtJR0JaQ1hDMUFoeU5KU0siLCJtYWMiOiIyNGE3N2I4NGVhOGY2YzNlYTVjYWIzYjY5ZWI2ZTQ2MTVlNWJjOTU0ZmU3YmI3MjdjMGRiZGFhMWVjNDViNjZmIiwidGFnIjoiIn0%3D; diksi_session=eyJpdiI6IkR0K3poK0JPdDBxdzF3dFdaVXZVUGc9PSIsInZhbHVlIjoiOXRrRUw1QUVwR3ZsN0tNSU9lRXhvcTlIa2F0Q3RqYkt2TWFJNnlzOFd6MHZNNHlVdG9CZEY4c21mdnY1VmJneWdIbnFRRnNaSHd6NWNrVjl1NTlRWVJwaHZzUUgydjlSaXliQkRjNGpJdTJUc1ZaQk1zd2IwSENMMXVhSFFSdTYiLCJtYWMiOiI5NTliNTY3NzI3ZjI1MDFjMjIzOTBlMDBmYjMwYmFmZmRiYWNmMmE1YWE1OTQzM2VkMjQ2YTJhOWY0MTVhMzMyIiwidGFnIjoiIn0%3D; _gcl_au=1.1.1892417297.1713445311; _ga_872PZL4RZW=GS1.1.1713445310.1.0.1713445310.0.0.0; _ga=GA1.1.1708644027.1713445311
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 13:01:52 GMT
content-type: image/png
content-length: 2106
last-modified: Sat, 20 Jan 2024 09:05:18 GMT
etag: "83a-60f5ce546f8e9"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilJAnBoKNxTmRoWmGm80dNwnPhYZi4%2Fi0afqrLV8K%2FBtMBEebVDdpP75Wezv%2Fx%2FhzpNMQqhD4aDyxyy60ymShjWizu6UMtUVw4XPrtjr355ObFv4AjX%2BSiE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764d88e3db50b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| dik.si/build/assets/404-2.14c4a897.png | 188.114.96.1 | | 5.9 kB |
URL GET dik.si/build/assets/404-2.14c4a897.png IP188.114.96.1:0
CertificateIssuerLet's Encrypt Subjectdik.si FingerprintB1:6B:48:01:F3:DC:F0:5F:7D:74:70:DF:89:BB:EA:8B:08:A9:B4:DC ValidityWed, 21 Feb 2024 16:43:21 GMT - Tue, 21 May 2024 16:43:20 GMT
File typePNG image data, 516 x 190, 8-bit/color RGBA, non-interlaced Hashdc42df7f2447d30eb00c6157206dfb6e 632a616dd32cf1cfa4b9ced501287239aeedbbf5 14c4a897cdea748534b6788293935781e687fada8e1727148592878a454292f5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /build/assets/404-2.14c4a897.png HTTP/1.1
Host: dik.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dik.si/fnbpayout
Cookie: XSRF-TOKEN=eyJpdiI6InFmK1RwRE13YTRSRlJTcEVscllTaFE9PSIsInZhbHVlIjoiMFRlU2FsU0x6YzZOVUVpbTJYQjdJbFBRcnQrWkVyd0YrMEFBZHR2RTF6NytkeHVkWm9TRE5mcGJ2empwb1FiT2JwYlZqbFlWWkxOcmNqdTdRaVBDRVhPUmcyUzRIbVZmZzU0ZWRheVF2YnpEVmlSRWtJR0JaQ1hDMUFoeU5KU0siLCJtYWMiOiIyNGE3N2I4NGVhOGY2YzNlYTVjYWIzYjY5ZWI2ZTQ2MTVlNWJjOTU0ZmU3YmI3MjdjMGRiZGFhMWVjNDViNjZmIiwidGFnIjoiIn0%3D; diksi_session=eyJpdiI6IkR0K3poK0JPdDBxdzF3dFdaVXZVUGc9PSIsInZhbHVlIjoiOXRrRUw1QUVwR3ZsN0tNSU9lRXhvcTlIa2F0Q3RqYkt2TWFJNnlzOFd6MHZNNHlVdG9CZEY4c21mdnY1VmJneWdIbnFRRnNaSHd6NWNrVjl1NTlRWVJwaHZzUUgydjlSaXliQkRjNGpJdTJUc1ZaQk1zd2IwSENMMXVhSFFSdTYiLCJtYWMiOiI5NTliNTY3NzI3ZjI1MDFjMjIzOTBlMDBmYjMwYmFmZmRiYWNmMmE1YWE1OTQzM2VkMjQ2YTJhOWY0MTVhMzMyIiwidGFnIjoiIn0%3D; _gcl_au=1.1.1892417297.1713445311; _ga_872PZL4RZW=GS1.1.1713445310.1.0.1713445310.0.0.0; _ga=GA1.1.1708644027.1713445311
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 13:01:52 GMT
content-type: image/png
content-length: 5924
last-modified: Fri, 14 Jul 2023 09:48:32 GMT
etag: "1724-6006f5a065c00"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1330
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xqFhtGlfOuGD81VgTuwwFqb1dln1TsFgOfFWigUvSCcS1sZsr2zksg1BITr93Bw3oP8HuAQgnb8LMEfq28pDzFfBAP0Yy6SOnTpWgkudbqtYHpWiDXRAgcw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764d892ca840b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| dik.si/build/assets/404-1.176145e9.png | 188.114.96.1 | 200 OK | 19 kB |
URL GET HTTP/3dik.si/build/assets/404-1.176145e9.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectdik.si FingerprintB1:6B:48:01:F3:DC:F0:5F:7D:74:70:DF:89:BB:EA:8B:08:A9:B4:DC ValidityWed, 21 Feb 2024 16:43:21 GMT - Tue, 21 May 2024 16:43:20 GMT
File typePNG image data, 539 x 400, 8-bit/color RGBA, non-interlaced Hash09ac461516dda937afcbc9a3b623c54d 3990c87ffeedf00b5208a5d1a42460940fcb3a11 176145e91b05856cfdd1fc405af37c35250c80e971908be988f3f73657c9c93b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /build/assets/404-1.176145e9.png HTTP/1.1
Host: dik.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dik.si/fnbpayout
Cookie: XSRF-TOKEN=eyJpdiI6InFmK1RwRE13YTRSRlJTcEVscllTaFE9PSIsInZhbHVlIjoiMFRlU2FsU0x6YzZOVUVpbTJYQjdJbFBRcnQrWkVyd0YrMEFBZHR2RTF6NytkeHVkWm9TRE5mcGJ2empwb1FiT2JwYlZqbFlWWkxOcmNqdTdRaVBDRVhPUmcyUzRIbVZmZzU0ZWRheVF2YnpEVmlSRWtJR0JaQ1hDMUFoeU5KU0siLCJtYWMiOiIyNGE3N2I4NGVhOGY2YzNlYTVjYWIzYjY5ZWI2ZTQ2MTVlNWJjOTU0ZmU3YmI3MjdjMGRiZGFhMWVjNDViNjZmIiwidGFnIjoiIn0%3D; diksi_session=eyJpdiI6IkR0K3poK0JPdDBxdzF3dFdaVXZVUGc9PSIsInZhbHVlIjoiOXRrRUw1QUVwR3ZsN0tNSU9lRXhvcTlIa2F0Q3RqYkt2TWFJNnlzOFd6MHZNNHlVdG9CZEY4c21mdnY1VmJneWdIbnFRRnNaSHd6NWNrVjl1NTlRWVJwaHZzUUgydjlSaXliQkRjNGpJdTJUc1ZaQk1zd2IwSENMMXVhSFFSdTYiLCJtYWMiOiI5NTliNTY3NzI3ZjI1MDFjMjIzOTBlMDBmYjMwYmFmZmRiYWNmMmE1YWE1OTQzM2VkMjQ2YTJhOWY0MTVhMzMyIiwidGFnIjoiIn0%3D; _gcl_au=1.1.1892417297.1713445311; _ga_872PZL4RZW=GS1.1.1713445310.1.0.1713445310.0.0.0; _ga=GA1.1.1708644027.1713445311
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 13:01:52 GMT
content-type: image/png
content-length: 18917
last-modified: Fri, 14 Jul 2023 09:48:32 GMT
etag: "49e5-6006f5a065c00"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1330
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fndZSbTzbrnT1jrElqYMrw9H0tLlDjKuPGMohz5DSJshtcN5%2BGuSJO73rwk3FzguZhRoZa3DQZTiXO2gwUdOMk3zw2BW0pb6gt9LI39kSTOU8HigAhdfX24%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764d892ca880b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| dik.si/cdn-cgi/challenge-platform/scripts/jsd/main.js | 188.114.96.1 | 302 Found | 0 B |
URL GET HTTP/3dik.si/cdn-cgi/challenge-platform/scripts/jsd/main.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectdik.si FingerprintB1:6B:48:01:F3:DC:F0:5F:7D:74:70:DF:89:BB:EA:8B:08:A9:B4:DC ValidityWed, 21 Feb 2024 16:43:21 GMT - Tue, 21 May 2024 16:43:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: dik.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InFmK1RwRE13YTRSRlJTcEVscllTaFE9PSIsInZhbHVlIjoiMFRlU2FsU0x6YzZOVUVpbTJYQjdJbFBRcnQrWkVyd0YrMEFBZHR2RTF6NytkeHVkWm9TRE5mcGJ2empwb1FiT2JwYlZqbFlWWkxOcmNqdTdRaVBDRVhPUmcyUzRIbVZmZzU0ZWRheVF2YnpEVmlSRWtJR0JaQ1hDMUFoeU5KU0siLCJtYWMiOiIyNGE3N2I4NGVhOGY2YzNlYTVjYWIzYjY5ZWI2ZTQ2MTVlNWJjOTU0ZmU3YmI3MjdjMGRiZGFhMWVjNDViNjZmIiwidGFnIjoiIn0%3D; diksi_session=eyJpdiI6IkR0K3poK0JPdDBxdzF3dFdaVXZVUGc9PSIsInZhbHVlIjoiOXRrRUw1QUVwR3ZsN0tNSU9lRXhvcTlIa2F0Q3RqYkt2TWFJNnlzOFd6MHZNNHlVdG9CZEY4c21mdnY1VmJneWdIbnFRRnNaSHd6NWNrVjl1NTlRWVJwaHZzUUgydjlSaXliQkRjNGpJdTJUc1ZaQk1zd2IwSENMMXVhSFFSdTYiLCJtYWMiOiI5NTliNTY3NzI3ZjI1MDFjMjIzOTBlMDBmYjMwYmFmZmRiYWNmMmE1YWE1OTQzM2VkMjQ2YTJhOWY0MTVhMzMyIiwidGFnIjoiIn0%3D; _gcl_au=1.1.1892417297.1713445311; _ga_872PZL4RZW=GS1.1.1713445310.1.0.1713445310.0.0.0; _ga=GA1.1.1708644027.1713445311
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Thu, 18 Apr 2024 13:01:52 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js
cache-control: max-age=300, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M1IpTAL%2BbGCsv5NZyw%2Blbu5wObMmFVgUwkIzSODU1cfgOUeUpe8i6v%2BnCA3mfAtQwKRqR2OGPU3WN4e1LuRdYXSX8N6elFRZKBrM7ve5V6lHcG%2Fmivzbc7Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764d892da9d0b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| dik.si/cdn-cgi/challenge-platform/h/g/jsd/r/8764d87e3a795689 | 188.114.96.1 | 200 OK | 0 B |
URL POST HTTP/3dik.si/cdn-cgi/challenge-platform/h/g/jsd/r/8764d87e3a795689 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectdik.si FingerprintB1:6B:48:01:F3:DC:F0:5F:7D:74:70:DF:89:BB:EA:8B:08:A9:B4:DC ValidityWed, 21 Feb 2024 16:43:21 GMT - Tue, 21 May 2024 16:43:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/g/jsd/r/8764d87e3a795689 HTTP/1.1
Host: dik.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12122
Origin: https://dik.si
DNT: 1
Connection: keep-alive
Referer: https://dik.si/fnbpayout
Cookie: XSRF-TOKEN=eyJpdiI6InFmK1RwRE13YTRSRlJTcEVscllTaFE9PSIsInZhbHVlIjoiMFRlU2FsU0x6YzZOVUVpbTJYQjdJbFBRcnQrWkVyd0YrMEFBZHR2RTF6NytkeHVkWm9TRE5mcGJ2empwb1FiT2JwYlZqbFlWWkxOcmNqdTdRaVBDRVhPUmcyUzRIbVZmZzU0ZWRheVF2YnpEVmlSRWtJR0JaQ1hDMUFoeU5KU0siLCJtYWMiOiIyNGE3N2I4NGVhOGY2YzNlYTVjYWIzYjY5ZWI2ZTQ2MTVlNWJjOTU0ZmU3YmI3MjdjMGRiZGFhMWVjNDViNjZmIiwidGFnIjoiIn0%3D; diksi_session=eyJpdiI6IkR0K3poK0JPdDBxdzF3dFdaVXZVUGc9PSIsInZhbHVlIjoiOXRrRUw1QUVwR3ZsN0tNSU9lRXhvcTlIa2F0Q3RqYkt2TWFJNnlzOFd6MHZNNHlVdG9CZEY4c21mdnY1VmJneWdIbnFRRnNaSHd6NWNrVjl1NTlRWVJwaHZzUUgydjlSaXliQkRjNGpJdTJUc1ZaQk1zd2IwSENMMXVhSFFSdTYiLCJtYWMiOiI5NTliNTY3NzI3ZjI1MDFjMjIzOTBlMDBmYjMwYmFmZmRiYWNmMmE1YWE1OTQzM2VkMjQ2YTJhOWY0MTVhMzMyIiwidGFnIjoiIn0%3D; _gcl_au=1.1.1892417297.1713445311; _ga_872PZL4RZW=GS1.1.1713445310.1.0.1713445310.0.0.0; _ga=GA1.1.1708644027.1713445311
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 13:01:52 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=3M_yepued.Ebs526.KXHEAoDVA1VWg7vb3DnJK_dYY8-1713445312-1.0.1.1-lTFQdKfgg1P4cLvCKtqY2CscatArHfkioMbw5kcgpgHQqI4TjzzBR0jX.fgJx4sShtP65mVjcN4enAJZT.bmBQ; path=/; expires=Fri, 18-Apr-25 13:01:52 GMT; domain=.dik.si; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=12MTOLVNRIpRxyc2%2F8sIv%2BcqQk%2Feeb9hY%2FmFfAlt1leMYt%2BXNMCs3Qf%2FPbVddbYGDpAli%2BJxdbb3tiUzLK5HLZaAE0Em47HKY0wOTSFVvrOEBm2kn7Pbs2k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8764d893cba30b61-OSL
alt-svc: h3=":443"; ma=86400
|
|
| dik.si/build/assets/main.9e8f57d4.css | 188.114.96.1 | 200 OK | 82 kB |
URL GET HTTP/3dik.si/build/assets/main.9e8f57d4.css IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectdik.si FingerprintB1:6B:48:01:F3:DC:F0:5F:7D:74:70:DF:89:BB:EA:8B:08:A9:B4:DC ValidityWed, 21 Feb 2024 16:43:21 GMT - Tue, 21 May 2024 16:43:20 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashcf8a039f1ce68ef0ea967248395c3137 f664725d3a3aaecab83f45b5a6a8f495e68b41af 0fb51fe2c423d3b646e80616d2e6ea0f7e387f6d9bbd07cfb38da0cda795c14f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /build/assets/main.9e8f57d4.css HTTP/1.1
Host: dik.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dik.si/fnbpayout
Cookie: XSRF-TOKEN=eyJpdiI6InFmK1RwRE13YTRSRlJTcEVscllTaFE9PSIsInZhbHVlIjoiMFRlU2FsU0x6YzZOVUVpbTJYQjdJbFBRcnQrWkVyd0YrMEFBZHR2RTF6NytkeHVkWm9TRE5mcGJ2empwb1FiT2JwYlZqbFlWWkxOcmNqdTdRaVBDRVhPUmcyUzRIbVZmZzU0ZWRheVF2YnpEVmlSRWtJR0JaQ1hDMUFoeU5KU0siLCJtYWMiOiIyNGE3N2I4NGVhOGY2YzNlYTVjYWIzYjY5ZWI2ZTQ2MTVlNWJjOTU0ZmU3YmI3MjdjMGRiZGFhMWVjNDViNjZmIiwidGFnIjoiIn0%3D; diksi_session=eyJpdiI6IkR0K3poK0JPdDBxdzF3dFdaVXZVUGc9PSIsInZhbHVlIjoiOXRrRUw1QUVwR3ZsN0tNSU9lRXhvcTlIa2F0Q3RqYkt2TWFJNnlzOFd6MHZNNHlVdG9CZEY4c21mdnY1VmJneWdIbnFRRnNaSHd6NWNrVjl1NTlRWVJwaHZzUUgydjlSaXliQkRjNGpJdTJUc1ZaQk1zd2IwSENMMXVhSFFSdTYiLCJtYWMiOiI5NTliNTY3NzI3ZjI1MDFjMjIzOTBlMDBmYjMwYmFmZmRiYWNmMmE1YWE1OTQzM2VkMjQ2YTJhOWY0MTVhMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 13:01:50 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=82319
etag: W/"1418f-6006f5a065c00-gzip"
last-modified: Fri, 14 Jul 2023 09:48:32 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1331
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kPGNTaIMMsO%2BEfxyjni7iZZ%2B%2BZtTJs3OnQHy0rqjlqCpn%2BQIh812NxnI4A5Sd9MnIx0a5CagfRUYTlrUXJOpVQiO9XbOAAR0w%2FkvP5tYMkLs%2FjOn5Xp9RsU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8764d8860cbf0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| dik.si/build/assets/main.af18942f.js | 188.114.96.1 | 200 OK | 970 kB |
URL GET HTTP/3dik.si/build/assets/main.af18942f.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectdik.si FingerprintB1:6B:48:01:F3:DC:F0:5F:7D:74:70:DF:89:BB:EA:8B:08:A9:B4:DC ValidityWed, 21 Feb 2024 16:43:21 GMT - Tue, 21 May 2024 16:43:20 GMT
Size970 kB (969717 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /build/assets/main.af18942f.js HTTP/1.1
Host: dik.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dik.si/fnbpayout
Cookie: XSRF-TOKEN=eyJpdiI6InFmK1RwRE13YTRSRlJTcEVscllTaFE9PSIsInZhbHVlIjoiMFRlU2FsU0x6YzZOVUVpbTJYQjdJbFBRcnQrWkVyd0YrMEFBZHR2RTF6NytkeHVkWm9TRE5mcGJ2empwb1FiT2JwYlZqbFlWWkxOcmNqdTdRaVBDRVhPUmcyUzRIbVZmZzU0ZWRheVF2YnpEVmlSRWtJR0JaQ1hDMUFoeU5KU0siLCJtYWMiOiIyNGE3N2I4NGVhOGY2YzNlYTVjYWIzYjY5ZWI2ZTQ2MTVlNWJjOTU0ZmU3YmI3MjdjMGRiZGFhMWVjNDViNjZmIiwidGFnIjoiIn0%3D; diksi_session=eyJpdiI6IkR0K3poK0JPdDBxdzF3dFdaVXZVUGc9PSIsInZhbHVlIjoiOXRrRUw1QUVwR3ZsN0tNSU9lRXhvcTlIa2F0Q3RqYkt2TWFJNnlzOFd6MHZNNHlVdG9CZEY4c21mdnY1VmJneWdIbnFRRnNaSHd6NWNrVjl1NTlRWVJwaHZzUUgydjlSaXliQkRjNGpJdTJUc1ZaQk1zd2IwSENMMXVhSFFSdTYiLCJtYWMiOiI5NTliNTY3NzI3ZjI1MDFjMjIzOTBlMDBmYjMwYmFmZmRiYWNmMmE1YWE1OTQzM2VkMjQ2YTJhOWY0MTVhMzMyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 13:01:51 GMT
content-type: application/javascript
last-modified: Fri, 14 Jul 2023 09:48:32 GMT
etag: W/"ecbf5-6006f5a065c00-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h8l8WatLHGx7uNU%2Bj7YeKxqgpcZHSQA08vBIYwxNwmpOWY2LQBNPTqO%2BVVuifaOCkkV8Xqzq5hyuSHn4RnqO6NN1WhwG%2FoNPRHHpsTP0luWCSugVgrWwdVU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8764d8860cc30b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| dik.si/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js | 188.114.96.1 | 200 OK | 7.8 kB |
URL GET HTTP/3dik.si/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectdik.si FingerprintB1:6B:48:01:F3:DC:F0:5F:7D:74:70:DF:89:BB:EA:8B:08:A9:B4:DC ValidityWed, 21 Feb 2024 16:43:21 GMT - Tue, 21 May 2024 16:43:20 GMT
File typeJavaScript source, ASCII text, with very long lines (7849), with no line terminators Hashfd4137832ec1e1bb75dfdec0dacdde65 b6bab740894b6a499611de7ef2ac68cf91cef54c 681bda522836474984887666fd795a11f16c2e47984b00aeef24d7892ef125ba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js HTTP/1.1
Host: dik.si
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InFmK1RwRE13YTRSRlJTcEVscllTaFE9PSIsInZhbHVlIjoiMFRlU2FsU0x6YzZOVUVpbTJYQjdJbFBRcnQrWkVyd0YrMEFBZHR2RTF6NytkeHVkWm9TRE5mcGJ2empwb1FiT2JwYlZqbFlWWkxOcmNqdTdRaVBDRVhPUmcyUzRIbVZmZzU0ZWRheVF2YnpEVmlSRWtJR0JaQ1hDMUFoeU5KU0siLCJtYWMiOiIyNGE3N2I4NGVhOGY2YzNlYTVjYWIzYjY5ZWI2ZTQ2MTVlNWJjOTU0ZmU3YmI3MjdjMGRiZGFhMWVjNDViNjZmIiwidGFnIjoiIn0%3D; diksi_session=eyJpdiI6IkR0K3poK0JPdDBxdzF3dFdaVXZVUGc9PSIsInZhbHVlIjoiOXRrRUw1QUVwR3ZsN0tNSU9lRXhvcTlIa2F0Q3RqYkt2TWFJNnlzOFd6MHZNNHlVdG9CZEY4c21mdnY1VmJneWdIbnFRRnNaSHd6NWNrVjl1NTlRWVJwaHZzUUgydjlSaXliQkRjNGpJdTJUc1ZaQk1zd2IwSENMMXVhSFFSdTYiLCJtYWMiOiI5NTliNTY3NzI3ZjI1MDFjMjIzOTBlMDBmYjMwYmFmZmRiYWNmMmE1YWE1OTQzM2VkMjQ2YTJhOWY0MTVhMzMyIiwidGFnIjoiIn0%3D; _gcl_au=1.1.1892417297.1713445311; _ga_872PZL4RZW=GS1.1.1713445310.1.0.1713445310.0.0.0; _ga=GA1.1.1708644027.1713445311
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 13:01:52 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
content-encoding: br
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u6KZ7dzAc6GwTnOtK8vp8iM2rNxVOOdR%2FddgdMMPTQ5wmCm9wp4Bqh9PzyPdnZRx40owomQVf2mxPIQp8QRyattMiRL5rYhMyLySzxlfSeEmXIsUo6CtY00%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8764d892fad30b61-OSL
alt-svc: h3=":443"; ma=86400
|
|