| security.royalbrlnkman.com/ | 85.10.159.56 | 200 OK | 97 kB |
URL User Request GET HTTP/2security.royalbrlnkman.com/ IP85.10.159.56:443
CertificateIssuerLet's Encrypt Subjectsecurity.royalbrlnkman.com Fingerprint92:DE:99:77:2A:D5:98:1B:90:34:26:91:34:8D:56:4F:1F:F8:30:A9 ValidityThu, 21 Mar 2024 15:29:42 GMT - Wed, 19 Jun 2024 15:29:41 GMT
File typeHTML document, ASCII text, with very long lines (1124), with CRLF line terminators Hash2af961b739513aad4fda8c156bff5225 191b6c2310c655a6fa2b14074f193a74ba9139d8 240ded00222e277c3863bb5fa68a817815f09cb6522e1322eee6368db25458ae
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET / HTTP/1.1
Host: security.royalbrlnkman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 04:54:55 GMT
content-type: text/html; charset=UTF-8
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js | 142.250.74.106 | 200 OK | 31 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP142.250.74.106:443
Requested byhttps://security.royalbrlnkman.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://security.royalbrlnkman.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:06:13 GMT
expires: Sat, 26 Apr 2025 06:06:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 82122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico | 152.199.23.37 | 200 OK | 17 kB |
URL GET HTTP/2aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico IP152.199.23.37:443
Requested byhttps://security.royalbrlnkman.com/ CertificateIssuerDigiCert Inc Subjectaadcdn.msftauth.net Fingerprint3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT
File typeMS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Hash12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://security.royalbrlnkman.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 2860473
cache-control: public, max-age=31536000
content-md5: EuPayFgGHQiAI7K9SOL6lg==
content-type: image/x-icon
date: Sat, 27 Apr 2024 04:54:55 GMT
etag: 0x8D8731240E548EB
last-modified: Sun, 18 Oct 2020 03:02:30 GMT
server: ECAcc (ska/F738)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 582df77a-301e-0028-1b5a-7e9304000000
x-ms-version: 2009-09-19
content-length: 17174
X-Firefox-Spdy: h2
|
|
| security.royalbrlnkman.com/Aanmelden%20bij%20uw%20account_files/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg | 85.10.159.56 | 200 OK | 299 kB |
URL GET HTTP/2security.royalbrlnkman.com/Aanmelden%20bij%20uw%20account_files/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg IP85.10.159.56:443
Requested byhttps://security.royalbrlnkman.com/ CertificateIssuerLet's Encrypt Subjectsecurity.royalbrlnkman.com Fingerprint92:DE:99:77:2A:D5:98:1B:90:34:26:91:34:8D:56:4F:1F:F8:30:A9 ValidityThu, 21 Mar 2024 15:29:42 GMT - Wed, 19 Jun 2024 15:29:41 GMT
File typeSVG Scalable Vector Graphics image Size299 kB (298712 bytes) Hasha9cc2824ef3517b6c4160dcf8ff7d410 8db9aebad84ca6e4225bfdd2458ff3821cc4f064 34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /Aanmelden%20bij%20uw%20account_files/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg HTTP/1.1
Host: security.royalbrlnkman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://security.royalbrlnkman.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 04:54:55 GMT
content-type: image/svg+xml
last-modified: Sun, 24 Jan 2021 19:02:16 GMT
etag: W/"201-5b9aa0f536cd7"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-nl.min_zztkcqiy8pcr8p4zqmzo6q2.js | 152.199.23.37 | 200 OK | 13 kB |
URL GET HTTP/2aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-nl.min_zztkcqiy8pcr8p4zqmzo6q2.js IP152.199.23.37:443
Requested byhttps://security.royalbrlnkman.com/ CertificateIssuerDigiCert Inc Subjectaadcdn.msftauth.net Fingerprint3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (32009) Hashcf3b4a0aa232f29091f0fe3342664ee9 1bbfe94be638701a66ee6fbaa64508e846d0171a fcf3159c8789d7b5d1f31855c7f70284e906aaa4a9f66376cba71aee1f18904c
GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-nl.min_zztkcqiy8pcr8p4zqmzo6q2.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://security.royalbrlnkman.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 2737389
cache-control: public, max-age=31536000
content-md5: k/6U2H/z+Hk3mhE67BfMjg==
content-type: application/x-javascript
date: Sat, 27 Apr 2024 04:54:55 GMT
etag: 0x8D8B274BB4C7165
last-modified: Wed, 06 Jan 2021 18:56:10 GMT
server: ECAcc (ska/F6B4)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 09a12f4d-901e-001e-5179-7f4819000000
x-ms-version: 2009-09-19
content-length: 12697
X-Firefox-Spdy: h2
|
|
| aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_rayhgcterrtxpnvapp3erg2.css | 152.199.23.37 | 200 OK | 20 kB |
URL GET HTTP/2aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_rayhgcterrtxpnvapp3erg2.css IP152.199.23.37:443
Requested byhttps://security.royalbrlnkman.com/ CertificateIssuerDigiCert Inc Subjectaadcdn.msftauth.net Fingerprint3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (61177) Hash440ca18024de46b4d73e7540a4fdde46 c4ff7af4e1558e081df52c1e61a5d63d0be577c7 ea6449d448a48495c557755af39701567925ceafc30e06fba05f65e723c91aa3
GET /ests/2.1/content/cdnbundles/converged.v2.login.min_rayhgcterrtxpnvapp3erg2.css HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://security.royalbrlnkman.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 2816265
cache-control: public, max-age=31536000
content-md5: +rPQJ6BWMovrMLNrlexvKQ==
content-type: text/css
date: Sat, 27 Apr 2024 04:54:55 GMT
etag: 0x8D88DD061D3546B
last-modified: Sat, 21 Nov 2020 03:49:00 GMT
server: ECAcc (ska/F686)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 4bd6eb98-a01e-0005-7fc1-7edd2c000000
x-ms-version: 2009-09-19
content-length: 19595
X-Firefox-Spdy: h2
|
|
| security.royalbrlnkman.com/Aanmelden%20bij%20uw%20account_files/converged.v2.login.min_rayhgcterrtxpnvapp3erg2.css | 85.10.159.56 | 200 OK | 24 kB |
URL GET HTTP/2security.royalbrlnkman.com/Aanmelden%20bij%20uw%20account_files/converged.v2.login.min_rayhgcterrtxpnvapp3erg2.css IP85.10.159.56:443
Requested byhttps://security.royalbrlnkman.com/ CertificateIssuerLet's Encrypt Subjectsecurity.royalbrlnkman.com Fingerprint92:DE:99:77:2A:D5:98:1B:90:34:26:91:34:8D:56:4F:1F:F8:30:A9 ValidityThu, 21 Mar 2024 15:29:42 GMT - Wed, 19 Jun 2024 15:29:41 GMT
File typeASCII text, with very long lines (61177) Hash440ca18024de46b4d73e7540a4fdde46 c4ff7af4e1558e081df52c1e61a5d63d0be577c7 ea6449d448a48495c557755af39701567925ceafc30e06fba05f65e723c91aa3
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /Aanmelden%20bij%20uw%20account_files/converged.v2.login.min_rayhgcterrtxpnvapp3erg2.css HTTP/1.1
Host: security.royalbrlnkman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://security.royalbrlnkman.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 04:54:55 GMT
content-type: text/css
last-modified: Sun, 24 Jan 2021 19:02:16 GMT
etag: W/"1a494-5b9aa0f55ddd8"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_rayhgcterrtxpnvapp3erg2.css | 152.199.23.37 | 200 OK | 20 kB |
URL GET HTTP/2aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_rayhgcterrtxpnvapp3erg2.css IP152.199.23.37:443
Requested byhttps://security.royalbrlnkman.com/ CertificateIssuerDigiCert Inc Subjectaadcdn.msftauth.net Fingerprint3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (61177) Hash440ca18024de46b4d73e7540a4fdde46 c4ff7af4e1558e081df52c1e61a5d63d0be577c7 ea6449d448a48495c557755af39701567925ceafc30e06fba05f65e723c91aa3
GET /ests/2.1/content/cdnbundles/converged.v2.login.min_rayhgcterrtxpnvapp3erg2.css HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://security.royalbrlnkman.com/
Origin: https://security.royalbrlnkman.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 2816270
cache-control: public, max-age=31536000
content-md5: +rPQJ6BWMovrMLNrlexvKQ==
content-type: text/css
date: Sat, 27 Apr 2024 04:55:00 GMT
etag: 0x8D88DD061D3546B
last-modified: Sat, 21 Nov 2020 03:49:00 GMT
server: ECAcc (ska/F686)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 4bd6eb98-a01e-0005-7fc1-7edd2c000000
x-ms-version: 2009-09-19
content-length: 19595
X-Firefox-Spdy: h2
|
|
| aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-nl.min_zztkcqiy8pcr8p4zqmzo6q2.js | 152.199.23.37 | 200 OK | 13 kB |
URL GET HTTP/2aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-nl.min_zztkcqiy8pcr8p4zqmzo6q2.js IP152.199.23.37:443
Requested byhttps://security.royalbrlnkman.com/ CertificateIssuerDigiCert Inc Subjectaadcdn.msftauth.net Fingerprint3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (32009) Hashcf3b4a0aa232f29091f0fe3342664ee9 1bbfe94be638701a66ee6fbaa64508e846d0171a fcf3159c8789d7b5d1f31855c7f70284e906aaa4a9f66376cba71aee1f18904c
GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-nl.min_zztkcqiy8pcr8p4zqmzo6q2.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://security.royalbrlnkman.com/
Origin: https://security.royalbrlnkman.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 2737394
cache-control: public, max-age=31536000
content-md5: k/6U2H/z+Hk3mhE67BfMjg==
content-type: application/x-javascript
date: Sat, 27 Apr 2024 04:55:00 GMT
etag: 0x8D8B274BB4C7165
last-modified: Wed, 06 Jan 2021 18:56:10 GMT
server: ECAcc (ska/F6B4)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 09a12f4d-901e-001e-5179-7f4819000000
x-ms-version: 2009-09-19
content-length: 12697
X-Firefox-Spdy: h2
|
|
| security.royalbrlnkman.com/Aanmelden%20bij%20uw%20account_files/convergedlogin_pfetchsessionsprogress_867283b09411371549f8.js.download | 85.10.159.56 | 200 OK | 15 kB |
URL GET HTTP/2security.royalbrlnkman.com/Aanmelden%20bij%20uw%20account_files/convergedlogin_pfetchsessionsprogress_867283b09411371549f8.js.download IP85.10.159.56:443
Requested byhttps://security.royalbrlnkman.com/ CertificateIssuerLet's Encrypt Subjectsecurity.royalbrlnkman.com Fingerprint92:DE:99:77:2A:D5:98:1B:90:34:26:91:34:8D:56:4F:1F:F8:30:A9 ValidityThu, 21 Mar 2024 15:29:42 GMT - Wed, 19 Jun 2024 15:29:41 GMT
File typeJavaScript source, ASCII text, with very long lines (14265) Hash6946ceeb085e33d8cb719e0e12f43194 e955fb682f76050b7e15ac06be7081edf4ad8010 6c7ae732d92021dc9fb1ff3921a2ebfbe1b91fc6d24a967a232e30847b23ebbd
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /Aanmelden%20bij%20uw%20account_files/convergedlogin_pfetchsessionsprogress_867283b09411371549f8.js.download HTTP/1.1
Host: security.royalbrlnkman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://security.royalbrlnkman.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 04:54:55 GMT
content-type: application/javascript
last-modified: Sun, 24 Jan 2021 19:02:16 GMT
etag: W/"3b86-5b9aa0f56c839"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| login.live.com/Me.htm?v=3 | 20.190.181.0 | 200 OK | 0 B |
URL GET HTTP/1.1login.live.com/Me.htm?v=3 IP20.190.181.0:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://security.royalbrlnkman.com/ CertificateIssuerDigiCert Inc Subjectlogin.live.com Fingerprint82:2F:20:E4:BD:99:37:36:52:F8:AF:FC:4D:86:73:BA:3A:7A:65:3E ValidityFri, 29 Mar 2024 00:00:00 GMT - Sat, 29 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Me.htm?v=3 HTTP/1.1
Host: login.live.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://security.royalbrlnkman.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=315360000
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Tue, 25 Apr 2034 04:54:56 GMT
Vary: Accept-Encoding
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: C553_BL2
x-ms-request-id: 6acc77f1-5491-4f59-b929-b547dfab3083
PPServer: PPV: 30 H: BL02EPF0001D9EC V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Set-Cookie: uaid=e07dc3e1e425498f8039265f94d2a078; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSPRequ=id=N<=1714193696&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Date: Sat, 27 Apr 2024 04:54:55 GMT
Content-Length: 1132
|
|
| security.royalbrlnkman.com/Aanmelden%20bij%20uw%20account_files/convergedlogin_ppassword_78acf2374e910b5f7d7f.js.download | 85.10.159.56 | 200 OK | 17 kB |
URL GET HTTP/2security.royalbrlnkman.com/Aanmelden%20bij%20uw%20account_files/convergedlogin_ppassword_78acf2374e910b5f7d7f.js.download IP85.10.159.56:443
Requested byhttps://security.royalbrlnkman.com/ CertificateIssuerLet's Encrypt Subjectsecurity.royalbrlnkman.com Fingerprint92:DE:99:77:2A:D5:98:1B:90:34:26:91:34:8D:56:4F:1F:F8:30:A9 ValidityThu, 21 Mar 2024 15:29:42 GMT - Wed, 19 Jun 2024 15:29:41 GMT
File typeJavaScript source, ASCII text, with very long lines (16009) Hash1c2d7bc8dfdc2336f4c7ed75d635eb84 5ff0866f60e38b0596ee7e3b0ce76e9b4c1fe9d0 b17101306100f331477da7a38d9a49fac378ea924c2886cb9d9385296034ba08
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /Aanmelden%20bij%20uw%20account_files/convergedlogin_ppassword_78acf2374e910b5f7d7f.js.download HTTP/1.1
Host: security.royalbrlnkman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://security.royalbrlnkman.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 04:54:55 GMT
content-type: application/javascript
last-modified: Sun, 24 Jan 2021 19:02:16 GMT
etag: W/"4256-5b9aa0f565308"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| security.royalbrlnkman.com/Aanmelden%20bij%20uw%20account_files/bannerlogo | 85.10.159.56 | 200 OK | 5.6 kB |
URL GET HTTP/2security.royalbrlnkman.com/Aanmelden%20bij%20uw%20account_files/bannerlogo IP85.10.159.56:443
Requested byhttps://security.royalbrlnkman.com/ CertificateIssuerLet's Encrypt Subjectsecurity.royalbrlnkman.com Fingerprint92:DE:99:77:2A:D5:98:1B:90:34:26:91:34:8D:56:4F:1F:F8:30:A9 ValidityThu, 21 Mar 2024 15:29:42 GMT - Wed, 19 Jun 2024 15:29:41 GMT
File typePNG image data, 280 x 60, 8-bit/color RGB, non-interlaced Hashe0310f2802a3fba55c2661e5ad9f127d ac38722d92b5c077af82914ac22d24a566db89ee ee5b79e29d62b9c34232e6faadbd940edadac749663b19fcbe04cbcea00243fd
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /Aanmelden%20bij%20uw%20account_files/bannerlogo HTTP/1.1
Host: security.royalbrlnkman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://security.royalbrlnkman.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 04:54:55 GMT
content-length: 5647
last-modified: Sun, 24 Jan 2021 19:02:16 GMT
etag: "160f-5b9aa0f54cc68"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| secure.aadcdn.microsoftonline-p.com/c1c6b6c8-hjnu12-pkjyjcivrlnkdxwphn0lnqaqqm2ivhwwg2ce/logintenantbranding/0/illustration?ts=636923089163613975 | 13.107.246.53 | 200 OK | 298 kB |
URL GET HTTP/2secure.aadcdn.microsoftonline-p.com/c1c6b6c8-hjnu12-pkjyjcivrlnkdxwphn0lnqaqqm2ivhwwg2ce/logintenantbranding/0/illustration?ts=636923089163613975 IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://security.royalbrlnkman.com/ CertificateIssuerMicrosoft Corporation Subjectsecure.aadcdn.microsoftonline-p.com FingerprintD4:8E:27:64:06:E3:A5:32:35:EF:30:22:30:78:9D:85:DF:68:95:62 ValidityTue, 27 Feb 2024 15:45:49 GMT - Fri, 21 Feb 2025 15:45:49 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 64x64, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=18, height=7075, bps=0, compression=LZW, PhotometricInterpretation=RGB, description=B 4896vv kassen jan bazen 06-51335128 0174750230, manufacturer=Hasselblad, model=Hasselblad H3D-39, width=10335], baseline, precision 8, 1920x1314, components 3 Size298 kB (298412 bytes) Hash45eae17742baa02f00c51edfe902ed4f c06d3758fccafff4003188ecc5524421de97147f ff5f05e1fc5754e4cb21e0026afd7dee2b231368144b04ab0b23f63bfc47206e
GET /c1c6b6c8-hjnu12-pkjyjcivrlnkdxwphn0lnqaqqm2ivhwwg2ce/logintenantbranding/0/illustration?ts=636923089163613975 HTTP/1.1
Host: secure.aadcdn.microsoftonline-p.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://security.royalbrlnkman.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 Apr 2024 04:54:55 GMT
content-type: image/*
content-length: 298412
cache-control: public, max-age=86400
last-modified: Wed, 01 May 2019 12:01:56 GMT
etag: 0x8D6CE2CCEE875DE
x-ms-request-id: 7797b154-201e-0042-095f-98e22c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240427T045455Z-16c4f695cc595rq5y7mh2hgs8400000009pg0000000007pb
x-fd-int-roxy-purgeid: 50755578
x-cache: TCP_MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| security.royalbrlnkman.com/Aanmelden%20bij%20uw%20account_files/convergedlogin_pcredentialpicker_91d6c0570b2c5d45dd8d.js.download | 85.10.159.56 | 200 OK | 28 kB |
URL GET HTTP/2security.royalbrlnkman.com/Aanmelden%20bij%20uw%20account_files/convergedlogin_pcredentialpicker_91d6c0570b2c5d45dd8d.js.download IP85.10.159.56:443
Requested byhttps://security.royalbrlnkman.com/ CertificateIssuerLet's Encrypt Subjectsecurity.royalbrlnkman.com Fingerprint92:DE:99:77:2A:D5:98:1B:90:34:26:91:34:8D:56:4F:1F:F8:30:A9 ValidityThu, 21 Mar 2024 15:29:42 GMT - Wed, 19 Jun 2024 15:29:41 GMT
File typeJavaScript source, ASCII text, with very long lines (26815) Hash8576629b8bbf024a4d9c02fc567252c2 12d851906bb6d909d38557a8a4f0c13e165bcfea 8bdff723aeebbeba31ea9ea76cb1e646fb0ce31bd66b78189db9b1c9142e7296
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /Aanmelden%20bij%20uw%20account_files/convergedlogin_pcredentialpicker_91d6c0570b2c5d45dd8d.js.download HTTP/1.1
Host: security.royalbrlnkman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://security.royalbrlnkman.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 04:54:55 GMT
content-type: application/javascript
last-modified: Sun, 24 Jan 2021 19:02:16 GMT
etag: W/"6c8c-5b9aa0f56a129"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| security.royalbrlnkman.com/Aanmelden%20bij%20uw%20account_files/convergedlogin_presetpasswordsplitter_eeea541551c1af98b8d0.js.download | 85.10.159.56 | 200 OK | 4.3 kB |
URL GET HTTP/2security.royalbrlnkman.com/Aanmelden%20bij%20uw%20account_files/convergedlogin_presetpasswordsplitter_eeea541551c1af98b8d0.js.download IP85.10.159.56:443
Requested byhttps://security.royalbrlnkman.com/ CertificateIssuerLet's Encrypt Subjectsecurity.royalbrlnkman.com Fingerprint92:DE:99:77:2A:D5:98:1B:90:34:26:91:34:8D:56:4F:1F:F8:30:A9 ValidityThu, 21 Mar 2024 15:29:42 GMT - Wed, 19 Jun 2024 15:29:41 GMT
File typeASCII text, with very long lines (4525), with no line terminators Hash6c03037fa53dd07b567ccae6caccb95f 37182115182a1d619c1c184a7fd18cec8ae1916d cb6eb0c0d756ed1e370919695cc4d347278528e827fd30fb9cbdf874818376a0
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /Aanmelden%20bij%20uw%20account_files/convergedlogin_presetpasswordsplitter_eeea541551c1af98b8d0.js.download HTTP/1.1
Host: security.royalbrlnkman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://security.royalbrlnkman.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 04:54:55 GMT
content-type: application/javascript
last-modified: Sun, 24 Jan 2021 19:02:16 GMT
etag: W/"10fa-5b9aa0f562bf8"
content-encoding: br
X-Firefox-Spdy: h2
|
|