| b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/egangs.html | 45.55.112.74 | 200 OK | 7.0 kB |
URL User Request GET HTTP/1.1b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/egangs.html IP45.55.112.74:80 ASN#14061 DIGITALOCEAN-ASN
File typeHTML document, Unicode text, UTF-8 text, with very long lines (12394), with CRLF line terminators Hashd03c98b3bc47741370f83ee41abc3359 830ce5443012d59c3819f89dab0293527ce7fcba 53225c0db8726af03cc500e9ca0dab8ba53d49314b9b326d1e25dcc526965613
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - BankID | OpenPhish | phishing | BankID |
GET /wp-admin/-/Navbankingfiles/egangs.html HTTP/1.1
Host: b-nav2services4norw1y-a3134377073530.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 17 Apr 2024 14:55:19 GMT
Content-Type: text/html
Content-Length: 7021
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 14:58:22 GMT
ETag: "5457-61637f829309f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
|
|
| b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/src/common_auth.css | 45.55.112.74 | 200 OK | 2.2 kB |
URL GET HTTP/1.1b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/src/common_auth.css IP45.55.112.74:80 ASN#14061 DIGITALOCEAN-ASN
Requested byhttp://b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/egangs.html
File typeASCII text, with CRLF line terminators Hashbe2e3c9d73e798faded38476b41d882a a2fef2b649b6b6f417f7303b7376941e1d78ac18 5d4ff4117e8f7f9da541cba635327a05770499b79e51e32e679c2923a4bc27b2
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - BankID |
GET /wp-admin/-/Navbankingfiles/src/common_auth.css HTTP/1.1
Host: b-nav2services4norw1y-a3134377073530.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/egangs.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 17 Apr 2024 14:55:19 GMT
Content-Type: text/css
Content-Length: 2186
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 14:58:22 GMT
ETag: "22d0-61637f829fbbf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
|
|
| b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/src/3625.css | 45.55.112.74 | 200 OK | 882 B |
URL GET HTTP/1.1b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/src/3625.css IP45.55.112.74:80 ASN#14061 DIGITALOCEAN-ASN
Requested byhttp://b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/egangs.html
File typeASCII text, with CRLF line terminators Hashb642d2446a71071d5b575e139439ecd1 7af3425088bb4c9da806ae535736a87c979f809d 304c378b4700d25f783a2a7d6142c0b4d9dd9df890722064788eee96a12999d8
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - BankID |
GET /wp-admin/-/Navbankingfiles/src/3625.css HTTP/1.1
Host: b-nav2services4norw1y-a3134377073530.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/egangs.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 17 Apr 2024 14:55:20 GMT
Content-Type: text/css
Content-Length: 882
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 14:58:22 GMT
ETag: "f64-61637f829f3ef-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
|
|
| b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/src/bidm.css | 45.55.112.74 | 200 OK | 4.4 kB |
URL GET HTTP/1.1b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/src/bidm.css IP45.55.112.74:80 ASN#14061 DIGITALOCEAN-ASN
Requested byhttp://b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/egangs.html
File typeASCII text, with very long lines (1222), with CRLF line terminators Hash15ad390e981075722abd9aed7225e85f 1a6eae25e0a2d52cb6b8bf7fa97367bd985a58f7 31412635ed02fd2c9a9ac4c4d9093c0601a687cfe305aba0dea75c1943d7dd72
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - BankID |
GET /wp-admin/-/Navbankingfiles/src/bidm.css HTTP/1.1
Host: b-nav2services4norw1y-a3134377073530.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/egangs.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 17 Apr 2024 14:55:20 GMT
Content-Type: text/css
Content-Length: 4392
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 14:58:22 GMT
ETag: "a782-61637f829f7d7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
|
|
| www.nav.no/gfx/google-search-nav-logo.png | 155.55.150.1 | 200 OK | 25 kB |
URL GET HTTP/1.1www.nav.no/gfx/google-search-nav-logo.png IP155.55.150.1:443 ASN#2119 Telenor Norge AS
Requested byhttp://b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/egangs.html CertificateIssuerBuypass AS-983163327 Subjectwww.nav.no FingerprintC8:EF:21:9B:F9:57:C5:46:22:76:6F:F0:68:D7:AF:C1:62:85:44:D0 ValidityWed, 06 Mar 2024 10:41:57 GMT - Sat, 08 Mar 2025 22:59:00 GMT
File typePNG image data, 716 x 716, 8-bit/color RGBA, non-interlaced Hashae4c51bf3030abfe6972e39ae27c4e57 d5c4a5c2bff398e27f8f56e41856a57d17d6c322 c241b453517b1675cf759fb714476fc4c2f606863aad5053d3e707a5103dce4a
GET /gfx/google-search-nav-logo.png HTTP/1.1
Host: www.nav.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://b-nav2services4norw1y-a3134377073530.codeanyapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 15:38:21 GMT
Content-Type: image/png
Content-Length: 24609
x-powered-by: Express
cache-control: public,max-age=86400
app-name: nav-enonicxp-frontend
content-security-policy: default-src *.nav.no portal-admin.oera.no; script-src *.nav.no portal-admin.oera.no *.tingtun.no termer.no uxsignals-frontend.uxsignals.app.iterate.no *.psplugin.com *.hotjar.com *.taskanalytics.com nav.boost.ai 'unsafe-inline' 'unsafe-eval'; script-src-elem *.nav.no portal-admin.oera.no *.tingtun.no termer.no uxsignals-frontend.uxsignals.app.iterate.no video.qbrick.com play2.qbrick.com analytics.qbrick.com *.ip-only.net blob: *.psplugin.com *.hotjar.com *.taskanalytics.com nav.boost.ai 'unsafe-inline'; worker-src *.nav.no portal-admin.oera.no blob:; style-src *.nav.no portal-admin.oera.no 'unsafe-inline' *.psplugin.com; font-src *.nav.no portal-admin.oera.no data: video.qbrick.com play2.qbrick.com analytics.qbrick.com *.ip-only.net blob: *.psplugin.com *.hotjar.com cdn.nav.no; img-src *.nav.no portal-admin.oera.no data: video.qbrick.com play2.qbrick.com analytics.qbrick.com *.ip-only.net blob: *.psplugin.com *.vimeocdn.com *.hotjar.com www.vergic.com storage.googleapis.com; object-src video.qbrick.com play2.qbrick.com analytics.qbrick.com *.ip-only.net blob:; connect-src *.nav.no portal-admin.oera.no video.qbrick.com play2.qbrick.com analytics.qbrick.com *.ip-only.net blob: api.uxsignals.com *.boost.ai *.psplugin.com *.hotjar.com *.hotjar.io *.taskanalytics.com; media-src video.qbrick.com play2.qbrick.com analytics.qbrick.com *.ip-only.net blob: ihb.nav.no; child-src blob:; style-src-elem *.nav.no *.psplugin.com 'unsafe-inline'; frame-src *.hotjar.com player.vimeo.com video.qbrick.com;
accept-ranges: bytes
last-modified: Wed, 17 Apr 2024 08:01:35 GMT
etag: W/"6021-18eeb134f18"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Set-Cookie: BIGipServerpool_pr_gcp_navno_lb_https=!CaOwi03Ofp+bsM1EHzgWApt4iOJkeHlm6x0c4ahozuxvpwnVcT62Sd+LkJYpD50cvWSl4NxNqA/wpe4=; path=/; Httponly; Secure
X-UA-Compatible: IE=Edge
X-Content-Type-Options: nosniff
X-Frame-options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
|
|
| www.nav.no/gfx/google-search-nav-logo.png | 155.55.150.1 | 200 OK | 25 kB |
URL GET HTTP/1.1www.nav.no/gfx/google-search-nav-logo.png IP155.55.150.1:443 ASN#2119 Telenor Norge AS
Requested byhttp://b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/egangs.html CertificateIssuerBuypass AS-983163327 Subjectwww.nav.no FingerprintC8:EF:21:9B:F9:57:C5:46:22:76:6F:F0:68:D7:AF:C1:62:85:44:D0 ValidityWed, 06 Mar 2024 10:41:57 GMT - Sat, 08 Mar 2025 22:59:00 GMT
File typePNG image data, 716 x 716, 8-bit/color RGBA, non-interlaced Hashae4c51bf3030abfe6972e39ae27c4e57 d5c4a5c2bff398e27f8f56e41856a57d17d6c322 c241b453517b1675cf759fb714476fc4c2f606863aad5053d3e707a5103dce4a
GET /gfx/google-search-nav-logo.png HTTP/1.1
Host: www.nav.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://b-nav2services4norw1y-a3134377073530.codeanyapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 15:38:21 GMT
Content-Type: image/png
Content-Length: 24609
x-powered-by: Express
cache-control: public,max-age=86400
app-name: nav-enonicxp-frontend
content-security-policy: default-src *.nav.no portal-admin.oera.no; script-src *.nav.no portal-admin.oera.no *.tingtun.no termer.no uxsignals-frontend.uxsignals.app.iterate.no *.psplugin.com *.hotjar.com *.taskanalytics.com nav.boost.ai 'unsafe-inline' 'unsafe-eval'; script-src-elem *.nav.no portal-admin.oera.no *.tingtun.no termer.no uxsignals-frontend.uxsignals.app.iterate.no video.qbrick.com play2.qbrick.com analytics.qbrick.com *.ip-only.net blob: *.psplugin.com *.hotjar.com *.taskanalytics.com nav.boost.ai 'unsafe-inline'; worker-src *.nav.no portal-admin.oera.no blob:; style-src *.nav.no portal-admin.oera.no 'unsafe-inline' *.psplugin.com; font-src *.nav.no portal-admin.oera.no data: video.qbrick.com play2.qbrick.com analytics.qbrick.com *.ip-only.net blob: *.psplugin.com *.hotjar.com cdn.nav.no; img-src *.nav.no portal-admin.oera.no data: video.qbrick.com play2.qbrick.com analytics.qbrick.com *.ip-only.net blob: *.psplugin.com *.vimeocdn.com *.hotjar.com www.vergic.com storage.googleapis.com; object-src video.qbrick.com play2.qbrick.com analytics.qbrick.com *.ip-only.net blob:; connect-src *.nav.no portal-admin.oera.no video.qbrick.com play2.qbrick.com analytics.qbrick.com *.ip-only.net blob: api.uxsignals.com *.boost.ai *.psplugin.com *.hotjar.com *.hotjar.io *.taskanalytics.com; media-src video.qbrick.com play2.qbrick.com analytics.qbrick.com *.ip-only.net blob: ihb.nav.no; child-src blob:; style-src-elem *.nav.no *.psplugin.com 'unsafe-inline'; frame-src *.hotjar.com player.vimeo.com video.qbrick.com;
accept-ranges: bytes
last-modified: Wed, 17 Apr 2024 08:01:35 GMT
etag: W/"6021-18eeb134f18"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Set-Cookie: BIGipServerpool_pr_gcp_navno_lb_https=!aK5uS8eFQMXlURREHzgWApt4iOJkeMml6lesJ5/Kl8ONQgVkzwwgSqbh2krGNBPyUH7OSfnWoK2iTl0=; path=/; Httponly; Secure
X-UA-Compatible: IE=Edge
X-Content-Type-Options: nosniff
X-Frame-options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
|
|
| b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/logo1.png | 45.55.112.74 | 200 OK | 12 kB |
URL GET HTTP/1.1b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/logo1.png IP45.55.112.74:80 ASN#14061 DIGITALOCEAN-ASN
Requested byhttp://b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/egangs.html
File typePNG image data, 2000 x 1200, 8-bit colormap, non-interlaced Hash4ab3ff57598a596163e577fbc9a3550a 544ef9f06469198ec2d01ebaed5bb80621af5af1 7fbcb3628e9d79d89e9350ee5d075818cf0f6763d5fa8763ea78c13902d6691b
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - BankID |
GET /wp-admin/-/Navbankingfiles/logo1.png HTTP/1.1
Host: b-nav2services4norw1y-a3134377073530.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/egangs.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 17 Apr 2024 14:55:20 GMT
Content-Type: image/png
Content-Length: 11908
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 14:58:22 GMT
ETag: "2e84-61637f829ccdf"
Accept-Ranges: bytes
|
|