Report - yfdpco.com/sk-park.php?pid=9PO15V947&dn=offfice.com&ua=Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/134.0.0.0+Safari/537.36&requrl=http://offfice.com/&al=en-US,en;q=0.9,te;q=0.8,kn;q=0.7

Report Overview

Visitedpublic

2025-03-25 09:49:02

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
yfdpco.com	unknown	2025-03-03	2025-03-18	2025-03-18	1.9 kB	2.6 kB	208.91.196.46

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-03-25	medium	yfdpco.com	Sinkholed
2025-03-25	medium	yfdpco.com	Sinkholed
2025-03-25	medium	yfdpco.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (3)

URL IP Response Size

GET yfdpco.com/sk-park.php?pid=9PO15V947&dn=offfice.com&ua=Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/134.0.0.0+Safari/537.36&requrl=http://offfice.com/&al=en-US,en;q=0.9,te;q=0.8,kn;q=0.7

208.91.196.46

403 Forbidden

299 B

URL

IP / ASN

208.91.196.46

#40034 CONFLUENCE-NETWORK-INC

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (329), with no line terminators

First Seen2024-10-11

Last Seen2025-04-05

Times Seen84

Size299 B (299 bytes)

MD5fa32b84534b7a1786b3857375da38504

SHA19a46fa9e5003b5e037ecd7335e52e79cec44ee78

SHA256661f2dacf953cf949a97f907a72f1fc9dc24be706badf0d02d1a3effaef81216

Certificate Info

IssuerLet's Encrypt

Subjectyfdpco.com

Fingerprint11:27:A7:25:C2:B3:A2:D1:26:CC:50:AF:91:B3:7E:94:9B:1C:B6:C3

ValidityMon, 03 Mar 2025 16:23:29 GMT - Sun, 01 Jun 2025 16:23:28 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sk-park.php?pid=9PO15V947&dn=offfice.com&ua=Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/134.0.0.0+Safari/537.36&requrl=http://offfice.com/&al=en-US,en;q=0.9,te;q=0.8,kn;q=0.7 HTTP/1.1
Host: yfdpco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Tue, 25 Mar 2025 09:48:36 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Content-Length: 299
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

208.91.196.46

403 Forbidden

299 B

URL

IP / ASN

208.91.196.46

#40034 CONFLUENCE-NETWORK-INC

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (329), with no line terminators

First Seen2024-10-04

Last Seen2025-04-02

Times Seen82

Size299 B (299 bytes)

MD559d757df8c482408f503730891773f3c

SHA15c55ba6a8071f306493040535b4ce17cc69505d7

SHA25697f97033e3cb0c70d6edfd8482b7d0c420f798d6975871f5ecad24908b689a09

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sk-park.php?pid=9PO15V947&dn=offfice.com&ua=Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/134.0.0.0+Safari/537.36&requrl=http://offfice.com/&al=en-US,en;q=0.9,te;q=0.8,kn;q=0.7 HTTP/1.1
Host: yfdpco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Tue, 25 Mar 2025 09:48:37 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Content-Length: 299
Keep-Alive: timeout=5, max=127
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET yfdpco.com/favicon.ico

208.91.196.46

404 Not Found

10 B

URL

yfdpco.com/favicon.ico

IP / ASN

208.91.196.46

#40034 CONFLUENCE-NETWORK-INC

Requested byhttp://yfdpco.com/sk-park.php?pid=9PO15V947&dn=offfice.com&ua=Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/134.0.0.0+Safari/537.36&requrl=http://offfice.com/&al=en-US,en;q=0.9,te;q=0.8,kn;q=0.7

Resource Info

File typeASCII text, with no line terminators

First Seen2023-04-05

Last Seen2025-07-28

Times Seen11976

Size10 B (10 bytes)

MD56608dd3e21ca3beabd4bdfa625a0b221

SHA1e926d0f8694a4bc4013308afaca7af51e4c9fd9f

SHA256c75eb01138771bfb2a5517aeae882356733782767c4560cc9601c34d2591ca75

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: yfdpco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://yfdpco.com/sk-park.php?pid=9PO15V947&dn=offfice.com&ua=Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/134.0.0.0+Safari/537.36&requrl=http://offfice.com/&al=en-US,en;q=0.9,te;q=0.8,kn;q=0.7
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Tue, 25 Mar 2025 09:48:38 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Content-Length: 10
Keep-Alive: timeout=5, max=110
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1