aulink.linkpc.net/source.php?page=vc
35.189.135.172200 OK 153 B URL GET HTTP/2 aulink.linkpc.net/source.php?page=vc
IP 35.189.135.172:443
Requested by https://rakuten-userb.pages.dev/vc
Certificate IssuerLet's Encrypt
Subjectaulink.publicvm.com
Fingerprint18:51:E1:8F:4D:A2:D4:69:B9:A0:E5:C1:D9:43:F0:65:5A:ED:99:E6
ValidityThu, 30 Mar 2023 01:16:59 GMT - Wed, 28 Jun 2023 01:16:58 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 8305df18a7092cddb14f62bf35bf1583
25371d0f64f5a71dcde9d1452eafd7c1ec9ac25e
348a1dae60cf359414f6c7f20dbea4febdaff87a0b117cdf2dafab29097708a2
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /source.php?page=vc HTTP/1.1
Host: aulink.linkpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rakuten-userb.pages.dev/
Origin: https://rakuten-userb.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 12:36:45 GMT
server: Apache
access-control-allow-origin: *
access-control-allow-methods: POST, GET, DELETE,PATCH,PUT
vary: Accept-Encoding
content-encoding: gzip
content-length: 153
content-type: text/html; charset=utf-8
X-Firefox-Spdy: h2
rakuten-userb.pages.dev/vc
172.66.44.160200 OK 67 B URL User Request GET HTTP/2 rakuten-userb.pages.dev/vc
IP 172.66.44.160:443
Certificate IssuerGoogle Trust Services LLC
Subjectrakuten-userb.pages.dev
Fingerprint1C:6F:47:B5:38:80:91:9F:7E:4A:58:49:88:72:5A:A9:6B:BA:40:F3
ValidityMon, 22 May 2023 12:56:23 GMT - Sun, 20 Aug 2023 12:56:22 GMT
File type HTML document, ASCII text, with no line terminators
Hash 3a5e572eff7b73642bf205ecb903704f
e8d9951c3d380e807fcd4245ae76abe2c587f7de
da7d2418ac86d81f1ae480025f545628cf8c8172269c2be216015419ec425757
Analyzer Verdict Alert phishtank Other
GET /vc HTTP/1.1
Host: rakuten-userb.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 12:36:44 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ccdce00fd1b30bda97470357fa0cf19d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnMsHD0l5md8yiZME%2FMwXpMXrplIiTQVgfOMwkJ1SgbNjp%2BxPpFRyQ4Tl86r8MLbKn5sjH3A4KtlEfkxU6UDmSPE%2Fa9Ht0jRbCk%2BXo6RyjZUfXcDya6psN34IRwBHuVUpoxU6DyvOXtc8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0fbe5dcf311c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
rakuten-userb.pages.dev/assets/js/getpage.js
172.66.44.160200 OK 1.8 kB URL GET HTTP/3 rakuten-userb.pages.dev/assets/js/getpage.js
IP 172.66.44.160:443
Requested by https://rakuten-userb.pages.dev/vc
Certificate IssuerGoogle Trust Services LLC
Subjectrakuten-userb.pages.dev
Fingerprint1C:6F:47:B5:38:80:91:9F:7E:4A:58:49:88:72:5A:A9:6B:BA:40:F3
ValidityMon, 22 May 2023 12:56:23 GMT - Sun, 20 Aug 2023 12:56:22 GMT
File type ASCII text, with very long lines (1961), with no line terminators
Hash 9b78cadb8b208e961217518280118baa
6e7f6dcde583a9e91e695c400708c4fa253ff6b4
30cbca8efaf19abf605b9a0d17a1bb302604838acb5b952963545c64b3fb3072
GET /assets/js/getpage.js HTTP/1.1
Host: rakuten-userb.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rakuten-userb.pages.dev/vc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:36:44 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"3632d06f44c9f4de560ad51912238bd1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZrr5XYn8Mwm8e0cjnh35DPFzB2ZHNVOkcLTMP69y5WbMlLMWsWrFIwKrDU3%2B7G%2Fa1FtG45Tikud3pA3opc3BZBgLFrD%2FkNnkI0PxW6wEFqIeH62nyesGCL1hx94V6eYuWGpZhy28fwMog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0fbe612acc0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
rakuten-userb.pages.dev/favicon.ico
172.66.44.160200 OK 68 B URL GET HTTP/3 rakuten-userb.pages.dev/favicon.ico
IP 172.66.44.160:443
Requested by https://rakuten-userb.pages.dev/vc
Certificate IssuerGoogle Trust Services LLC
Subjectrakuten-userb.pages.dev
Fingerprint1C:6F:47:B5:38:80:91:9F:7E:4A:58:49:88:72:5A:A9:6B:BA:40:F3
ValidityMon, 22 May 2023 12:56:23 GMT - Sun, 20 Aug 2023 12:56:22 GMT
File type HTML document, ASCII text, with no line terminators
Hash eee933840f27efaa003047422dc7618a
67a1c1f82de786128ab12e6e637cab4c85b9434b
51c56e0ae28a24e25409b8f2a55c2136984ba69fbfec20508c75c33b0393ca87
GET /favicon.ico HTTP/1.1
Host: rakuten-userb.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rakuten-userb.pages.dev/vc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:36:46 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"115ed82a84ac73ceda9b11aa91556e64"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uvVXR2zK8nW9GnNudmhRO9CU3H10FvB0bnNcfbVV923T0st%2BDbpfHlx%2FRK6VFcSnBBOHgaYwz1%2BwBN96914YySTF9plv0MU0xOu8enLfNW8yUotpsUtaf%2FZEUCqbTbhMLemT7J%2FSAkhLzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0fbe6f1fc80b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400