Overview

URL erikogkriss.no/wp-content/plugins/dpMaintenance/languages/usaa.com.usaa.com.usaa
IP5.249.226.83
ASN
Location Norway
Report completed2018-12-19 03:04:45 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-12-19 2 erikogkriss.no/wp-content/plugins/dpMaintenance/languages/usaa.com.usaa.com.usaa Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 5.249.226.83

Date UQ / IDS / BL URL IP
2018-12-29 06:07:58 +0100
0 - 0 - 1 erikogkriss.no/wp-content/plugins/instapress/ (...) 5.249.226.83
2018-12-28 14:07:45 +0100
0 - 0 - 1 erikogkriss.no/wp-content/plugins/instapress/ (...) 5.249.226.83
2018-12-28 12:06:35 +0100
0 - 0 - 1 erikogkriss.no/wp-content/plugins/instapress/ (...) 5.249.226.83
2018-12-26 10:43:34 +0100
0 - 0 - 1 erikogkriss.no/wp-content/plugins/instapress/ (...) 5.249.226.83
2018-12-26 06:09:00 +0100
0 - 0 - 1 erikogkriss.no/wp-content/plugins/instapress/ (...) 5.249.226.83
2018-12-25 23:42:30 +0100
0 - 0 - 1 erikogkriss.no/wp-content/plugins/dpMaintenan (...) 5.249.226.83
2018-12-25 16:07:34 +0100
0 - 0 - 1 erikogkriss.no/wp-content/plugins/dpMaintenan (...) 5.249.226.83
2018-12-19 11:08:05 +0100
0 - 0 - 1 erikogkriss.no/wp-content/plugins/instapress/ (...) 5.249.226.83
2018-12-18 19:26:33 +0100
0 - 0 - 1 erikogkriss.no/wp-content/plugins/instapress/ (...) 5.249.226.83
2018-12-14 11:14:15 +0100
0 - 0 - 1 erikogkriss.no/wp-content/plugins/instapress/ (...) 5.249.226.83

Last 10 reports on ASN:

Date UQ / IDS / BL URL IP
2019-01-19 18:50:03 +0100
0 - 0 - 2 imine.ru/download/iMine.exe 145.239.149.38
2019-01-19 18:50:03 +0100
0 - 0 - 2 eyalife.info/wp-content/uploads/Jul2018/En_us (...) 34.243.161.127
2019-01-19 18:49:58 +0100
0 - 0 - 22 curlicue.co.za/doc/Rech/DETAILS/Unsere-Rechnu (...) 52.213.10.143
2019-01-19 18:49:49 +0100
0 - 1 - 0 down.263209.com/cx/180619/36/PPJOY%E6%B1%89%E (...) 163.171.133.123
2019-01-19 18:49:37 +0100
0 - 1 - 1 dl.newstaticinfosrv.com/catchplusxyz/allp123/ (...) 64.95.103.184
2019-01-19 18:49:36 +0100
0 - 0 - 1 dl.newstaticinfosrv.com/baplus/full/monet/set (...) 64.95.103.184
2019-01-19 18:49:31 +0100
0 - 0 - 4 fundacionravera.com/Jul2018/US/New-Order-Upco (...) 168.197.51.144
2019-01-19 18:49:14 +0100
0 - 0 - 45 arterra.com.tr/pdf/En/Statement/Invoice-141865 89.252.186.72
2019-01-19 18:49:06 +0100
0 - 0 - 1 dl.newstaticinfosrv.com/25/all/hd/de/setup.exe 64.95.103.184
2019-01-19 18:49:03 +0100
0 - 0 - 5 datnamdanang.vn/doc/EN_en/Statement/Invoice-195891 103.95.197.42

Last 10 reports on domain: erikogkriss.no

Date UQ / IDS / BL URL IP
2018-12-29 06:07:58 +0100
0 - 0 - 1 erikogkriss.no/wp-content/plugins/instapress/ (...) 5.249.226.83
2018-12-28 14:07:45 +0100
0 - 0 - 1 erikogkriss.no/wp-content/plugins/instapress/ (...) 5.249.226.83
2018-12-28 12:06:35 +0100
0 - 0 - 1 erikogkriss.no/wp-content/plugins/instapress/ (...) 5.249.226.83
2018-12-26 10:43:34 +0100
0 - 0 - 1 erikogkriss.no/wp-content/plugins/instapress/ (...) 5.249.226.83
2018-12-26 06:09:00 +0100
0 - 0 - 1 erikogkriss.no/wp-content/plugins/instapress/ (...) 5.249.226.83
2018-12-25 23:42:30 +0100
0 - 0 - 1 erikogkriss.no/wp-content/plugins/dpMaintenan (...) 5.249.226.83
2018-12-25 16:07:34 +0100
0 - 0 - 1 erikogkriss.no/wp-content/plugins/dpMaintenan (...) 5.249.226.83
2018-12-19 11:08:05 +0100
0 - 0 - 1 erikogkriss.no/wp-content/plugins/instapress/ (...) 5.249.226.83
2018-12-18 19:26:33 +0100
0 - 0 - 1 erikogkriss.no/wp-content/plugins/instapress/ (...) 5.249.226.83
2018-12-14 11:14:15 +0100
0 - 0 - 1 erikogkriss.no/wp-content/plugins/instapress/ (...) 5.249.226.83


JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (10)


Request Response
                                        
                                            GET /wp-content/plugins/dpMaintenance/languages/usaa.com.usaa.com.usaa HTTP/1.1 
Host: erikogkriss.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         5.249.226.83
HTTP/1.1 500 Internal Server Error
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx
Date: Wed, 19 Dec 2018 02:04:12 GMT
Content-Length: 541
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   541
Md5:    a703f90b74de8d9614ce3281f07c7a49
Sha1:   690d269b8b1462869515503b3bbf48a55f90f94f
Sha256: 67b1ebeb2d4d949cfaf47191e349d8cdf2f774a6c120bc11f514f942a8294baa

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: erikogkriss.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         5.249.226.83
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 19 Dec 2018 02:04:12 GMT
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/5.4.45
Location: http://facebook.com/ErikOgKriss


--- Additional Info ---
                                        
                                            GET /ErikOgKriss HTTP/1.1 
Host: facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         185.60.216.35
HTTP/1.1 302 Found
Content-Type: text/html; charset="utf-8"
                                        
Location: https://facebook.com/ErikOgKriss
X-FB-Debug: 0EdtEyeeY/BWybdi9y9r5t+e8KB3rvYcalg1VjXOo7WR8/3d1POSQwrwH54Y1GNx1WcKN9RH8ymRDy6VFBAh2w==
Date: Wed, 19 Dec 2018 02:04:12 GMT
Connection: keep-alive
Content-Length: 0


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=165907
Date: Wed, 19 Dec 2018 02:04:12 GMT
Etag: "5c198303-1d7"
Expires: Fri, 21 Dec 2018 00:09:19 GMT
Last-Modified: Tue, 18 Dec 2018 23:30:11 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    d769a7309eeda105dc6c8d49a2acdc02
Sha1:   e130d47620020da22c2faf6c89700658cadad3cf
Sha256: eac36b9505199978e28f2b6ec5549c574603413b60cfe93b07e75adf24fcce3e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=129783
Date: Wed, 19 Dec 2018 02:04:12 GMT
Etag: "5c18f40d-1d7"
Expires: Thu, 20 Dec 2018 14:07:15 GMT
Last-Modified: Tue, 18 Dec 2018 13:20:13 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    4dcbd8ae720e348b91349c742b7eadce
Sha1:   0312513c7349664b007f86192fc50e9bdf137725
Sha256: 668839ee331e29de290448f527359bf0ff9339c169f5cc0f143f44b404bb6898
                                        
                                            GET /ErikOgKriss HTTP/1.1 
Host: facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         185.60.216.35
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset="utf-8"
                                        
Strict-Transport-Security: max-age=15552000; preload
Location: https://www.facebook.com/ErikOgKriss
Access-Control-Expose-Headers: X-FB-Debug, X-Loader-Length
Access-Control-Allow-Credentials: true
Vary: Origin
Access-Control-Allow-Origin: https://facebook.com
Access-Control-Allow-Methods: OPTIONS
X-FB-Debug: SAMgR+JSYh6OG2TK2xXeI1Gh/a+aCpMHA9Pg9QcpTYKtapQhgeysGP7Ot5Zfia2VFlekNDmV0jv8g+iyClFKMA==
Date: Wed, 19 Dec 2018 02:04:13 GMT
Connection: keep-alive
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: erikogkriss.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         5.249.226.83
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 19 Dec 2018 02:04:15 GMT
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/5.4.45
Location: http://facebook.com/ErikOgKriss


--- Additional Info ---
                                        
                                            GET /ErikOgKriss HTTP/1.1 
Host: facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         185.60.216.35
HTTP/1.1 302 Found
Content-Type: text/html; charset="utf-8"
                                        
Location: https://facebook.com/ErikOgKriss
X-FB-Debug: gtR15iZJ8VRYUB4HA46ruknHeHK1YbX3dzYFZokhJnl3zZy+1RSz5TOnpQjudi2gl2l8hOHOftAnWlGvgOPryg==
Date: Wed, 19 Dec 2018 02:04:15 GMT
Connection: keep-alive
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /ErikOgKriss HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         31.13.72.36
HTTP/1.1 200 OK
Content-Type: text/html; charset="utf-8"
                                        
Expires: Sat, 01 Jan 2000 00:00:00 GMT
X-XSS-Protection: 0
Content-Encoding: gzip
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
X-Frame-Options: DENY
Pragma: no-cache
Strict-Transport-Security: max-age=15552000; preload
Access-Control-Expose-Headers: X-FB-Debug, X-Loader-Length
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Vary: Origin, Accept-Encoding
Cache-Control: private, no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: https://www.facebook.com
Access-Control-Allow-Methods: OPTIONS
X-FB-Debug: 7VUuHqgiHo2KvXjX4/HGmnajKc048FP1v30tuu8jBab5yMmHVBEKeKmlnPgFFwHrzJ+bjqGEL3ZoNu0+dfPDGw==
Date: Wed, 19 Dec 2018 02:04:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   634641
Md5:    e7f6d26baa30fa0e897196157cbf7923
Sha1:   a743db1c2dfb6b8fda023a46d7a772c1c7fa7b87
Sha256: 00d2fbd70e99706d5d7f1a5d727eb3106279fcba6f78dde90bf3e3887646461c
                                        
                                            GET /ErikOgKriss HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         31.13.72.36
HTTP/1.1 200 OK
Content-Type: text/html; charset="utf-8"
                                        
Expires: Sat, 01 Jan 2000 00:00:00 GMT
X-XSS-Protection: 0
Content-Encoding: gzip
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
X-Frame-Options: DENY
Pragma: no-cache
Strict-Transport-Security: max-age=15552000; preload
Access-Control-Expose-Headers: X-FB-Debug, X-Loader-Length
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Vary: Origin, Accept-Encoding
Cache-Control: private, no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: https://www.facebook.com
Access-Control-Allow-Methods: OPTIONS
X-FB-Debug: L9fxBYh6j3/S3svRCUdHVdzbrXc9y61BvWmX6zYzBNhgoQiNMVWq6xTyhqTbl7OtmR2CCDoZaVQjXaOTZGPB1w==
Date: Wed, 19 Dec 2018 02:04:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---