Report - dikkeduim.be/verkkoasiointi.elisa.fi/index.php

Report Overview

Submitted URL
dikkeduim.be/verkkoasiointi.elisa.fi/index.php
IP
37.34.56.167
ASN
#20857 Signet B.V.
Submitted
2022-09-09 20:29:05
Access
public
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
72

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-17T05:10:36Z	594 B	127 B	35.162.110.205
ocsp.usertrust.com	899	2012-05-21T17:43:18Z	2023-03-17T05:10:10Z	330 B	1.0 kB	172.64.155.188
elisa.psplugin.com	unknown			502 B	464 B	46.21.96.230
media-eu2.digital.nuance.com	81879	2019-05-01T23:23:22Z	2023-02-28T13:04:02Z	1.7 kB	8.8 kB	13.107.213.53
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-17T05:09:22Z	993 B	2.1 kB	142.250.74.3
elisa.fi	307775	2015-02-28T21:58:29Z	2023-01-30T23:45:01Z	361 B	16 kB	195.197.95.175
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-17T05:09:04Z	758 B	2.7 kB	143.204.55.35
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-17T05:10:36Z	401 B	5.8 kB	143.204.55.49
dikkeduim.be	unknown			24 kB	3.2 MB	37.34.56.167
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-17T05:10:35Z	321 B	229 B	34.117.237.239
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-17T05:09:02Z	1.3 kB	3.5 kB	23.36.76.226
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-17T08:37:51Z	987 B	2.2 kB	93.184.220.29
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-17T09:12:35Z	388 B	1.8 kB	142.250.74.10
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	624 B	499 B	157.240.200.35
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-17T05:09:15Z	1.6 kB	31 kB	34.120.237.76
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-17T05:10:55Z	358 B	28 kB	157.240.200.14
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-17T06:30:00Z	505 B	18 kB	142.250.74.163
elisa.digital.nuance.com	unknown	2020-03-27T07:40:52Z	2023-01-30T23:44:48Z	2.6 kB	3.1 kB	52.236.144.195

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/index.php	Elisa Corporation

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/index.php	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/hotjar-277632.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/fbevents.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/dt-qCt2lBDMZQovr3nbDqj4xjmZZGcnsG	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/analytics.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/11_73baa2e79fa47372d52d.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/saved_resource	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/10_8beb44b70c6261850695.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/7_b7c3fd57bb6ddec1c62b.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/3_27bacba83e129efbf3cb.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/0_fd6fb076c7290124ed05.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/8_ede0f429d8dd936c987e.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/wurfl.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/mobiilivarmenne-mobile.svg	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/main-294a7ae9089a2dc64d37.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/inqChatLaunch10006878.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/gtm.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/5_899032a72e7c91bc4034.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/modules.875e8181449a9cd033c6.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/box-469cf41adb11dc78be68c1ae7f9457a4.html	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/elisa-nuance.html	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/site_10006878_default.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/ads-blocking-detector.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/inqChatLaunch10006878.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/cbc-min.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/jquery-3.3.1.min.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/postToServer.min.html	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/tcFramework.min.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/1_1206bc67b204ace01e6e.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/open-sans-v10-latin-600.woff2	Phishing
2022-09-09	medium	dikkeduim.be/_/node_modules/elisa-navi/img/new-icons/user.svg	Phishing
2022-09-09	medium	dikkeduim.be/images/login-bg.svg	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/open-sans-v10-latin-600.woff	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/ps.js	Phishing
2022-09-09	medium	dikkeduim.be/verkkoasiointi.elisa.fi/ops/2_4dbef217d48164978b93.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (56)

	URL	Size	First Seen	Last Seen
	dikkeduim.be/verkkoasiointi.elisa.fi/index.php	6.2 kB	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/index.php IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:40 Last Seen2023-03-17 11:31:40 Times Seen1 Hash 18f478766fea20de8579443e7fb52935 bed0bcc63576dbdaf0fdc5225dc074b748d5c156 a769e4c309ac6dc8c665f50e6fb8b44f0d17acdf13efaee290e6caa2c31533e1 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/postToServer.min.html	22 kB	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/postToServer.min.html IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:40 Last Seen2023-03-17 11:31:40 Times Seen1 Hash 2fd5db156026759aa29aed846eee8b76 e818189682f607bbf3407642d40a2d505f576380 a4bb1542a83ab09dd5ea2caeceb046701eb5b40eb953daf27184bef26f9e59d2 Loading...

	elisa.digital.nuance.com/tagserver/cbc-min.js	65 kB	2023-03-07	2023-03-17
Pretty URL elisa.digital.nuance.com/tagserver/cbc-min.js IP 52.236.144.195 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:44:37 Last Seen2023-03-17 11:31:40 Times Seen1 Hash 5c4c1f8a82aca239f431a3bbeeeb3c44 7ce642af8c5a75a1ee941e321f5f3d0e7c182ee1 df03f53ac48b50400c4b964e379eef8bcd899f5399033d8239d0702c069f49e2 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/index.php	431 B	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/index.php IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:40 Last Seen2023-03-17 11:31:40 Times Seen1 Hash 432658ad05ce1ca895bb33d49e160dfa 0bde2517a428c263fc8d6359c87ab760fc18b68f 2c516104e417e27aaffd91b46793cb69510909880b347a0a4199eddc1cde8aeb Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/index.php	227 B	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/index.php IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:40 Last Seen2023-03-17 11:31:40 Times Seen1 Hash 590225e66f42d3381cbdbe60e8226e39 475fd58ab715fe405b6dfe14f9d166f8315db446 8fa718c8719aa1c06e745eed7be6c254d065fe1224aee91ab56637d5d013f7cf Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/hotjar-277632.js	3.8 kB	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/hotjar-277632.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:40 Last Seen2023-03-17 11:31:40 Times Seen1 Hash 495af0502eb0b9bbcdc30428629d2d12 58b41ce29d6cf34bf2f258f11ca2396ac30547cb bdfa7ee315e751fd76a64bd3ee417806f66d9d3e011293987116cd8687d55d13 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/fbevents.js	134 kB	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/fbevents.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:40 Last Seen2023-03-17 11:31:40 Times Seen1 Hash 99728dc6eca6dc24b852fa2a494ae2fc e742c96b16494c4638e4acf53a96c6457d0e1979 55de3afe518aaa0bd7cd9fe6e1751cadb50f1fc6fb1965e73df40434709e403a Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/gtm.js	211 kB	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/gtm.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:40 Last Seen2023-03-17 11:31:40 Times Seen1 Hash fd478d0eac3107c11ab96a0646d2e280 4c206e99a54936ae8f305252ed2a9835e4f347dd ffb0da41e031681a850a81fe4ce15c4365a90431e5c63dda6bf4106779cf7a73 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/index.php	480 B	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/index.php IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:40 Last Seen2023-03-17 11:31:40 Times Seen1 Hash 2f1416a0ef9bd4c3c75f0b83b23cff47 77c9eac25a0341c49d665c9cb8c05a13161b7123 f3f38e06297790c466f08f83c1ca81be3ad42b726b4dfc357aed49cf52a9a847 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/wurfl.js	484 B	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/wurfl.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:40 Last Seen2023-03-17 11:31:40 Times Seen1 Hash 8ba5285a044cf920e293753358845533 dda2a12cd6be80a2957b85477dc57d22542831eb 653a15d8ecaf4c841029206debf7cf842d68ffc3b8bc6f10c0e89e16169eebeb Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/index.php	459 B	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/index.php IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:40 Last Seen2023-03-17 11:31:40 Times Seen1 Hash bf7a2a9fa59db79dc0f99af5ee109f83 99910d04115ff87ddd67819ae23ab283d432b349 6a6d2d4c9df58d89dd3c198ac6bcf9237f8f600ec4e036dc614098af79ac2c42 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/ads-blocking-detector.js	7.0 kB	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/ads-blocking-detector.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:40 Last Seen2023-03-17 11:31:40 Times Seen1 Hash 05f2634be29092c8d4407e69ccf84598 c211f8d26bad2a835b51a43d3f46f5ead267e954 5db0fc73aa07b50ffc0c9ed06762bb842821ece84685db0360acd91d9ad3fb04 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/analytics.js	46 kB	2023-03-08	2023-12-10
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/analytics.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:46:48 Last Seen2023-12-10 02:05:20 Times Seen37 Hash 871c39943ac31c498d591a714a31212c 1d9ff3e3db5eb5293de06df5726f6058f07d98de fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/10_8beb44b70c6261850695.js	74 kB	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/10_8beb44b70c6261850695.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash 4c5e79babaaefe99f2209f72904b575f 1fd6d8144a4acdbc2ce6a4f35e31dbf79fd38ee7 568699bb96384863275e27c2a02f33d2c0e44faae6242e5924bb5545692b0207 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/main-294a7ae9089a2dc64d37.js	142 kB	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/main-294a7ae9089a2dc64d37.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash d4c5e904978e5a5707969884925c00f0 d744bc875d3a340ce439b39a54536770e4c5db52 97d4da3024fa8475bd8561cea2a95a9ce1524642668832079c193c26b7982ad4 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/inqChatLaunch10006878.js	23 kB	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/inqChatLaunch10006878.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash 84105b30eb4acb17b98b563c2dbb7dfb 4c57b08023174a3513a01e668c51cf1f80236c2f cc464907297841fb1bb7e003236e55e1498d7c1462b788d45ec7ea033f9486e7 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/site_10006878_default.js	71 kB	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/site_10006878_default.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash 2b9513d45be9804735cd615cd49452a5 6a92c20db6858b7a57cb7bc6b2bc85a7022d832d aebc68785db08f263a401a71986268e2d9548fb0475a4c29616b9764f111244a Loading...

	connect.facebook.net/signals/config/741615476044750?v=2.9.79&r=stable	300 kB	2023-03-17	2023-03-17
Pretty URL connect.facebook.net/signals/config/741615476044750?v=2.9.79&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash e71e2c1e5d98a3d6989ce0bca9070503 76fe0738e8c995cf560001611442b8059c67e1a8 fdbf54df3ae5c2a6d3720ff1c473dfc8869ab01f11e2adb96a5304750747d756 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/0_fd6fb076c7290124ed05.js	43 kB	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/0_fd6fb076c7290124ed05.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash 7e7f5511e841d3ff8c009d00a78e9922 0cd3a96e171661be943d1669a142ad7dca501c32 dec8e5ac7da314347fd49491c1b8d48298f19d30dac68cd4c0cb0950b5d4f76e Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/5_899032a72e7c91bc4034.js	567 kB	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/5_899032a72e7c91bc4034.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash c1c6dff62bf3b89e6730082a3762605d f17b57640c30a86419ac4d4c1784dfd5aa241f8b c041e50808e4fc3f9f2c373b0d1b3f38d85c061e2012563b394b4ed3f3b65e88 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/11_73baa2e79fa47372d52d.js	449 B	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/11_73baa2e79fa47372d52d.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash 68322b8710f89f2dbadefc04b7333184 4bc39abbd1462a24b7cde8edd9c966dd05e1fd0d 5b88aca1ed4782646b71821e9733b8c3fa45329f9693d206921bfb4612ce4dd5 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/index.php	145 B	2023-03-17	2023-10-29
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/index.php IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-10-29 23:46:05 Times Seen3 Hash 804225b56f700c8d0ef60e10e6dca8d9 60df4930c67c3cd0698ff6c095e1670ee728a368 adc63eaff7ccb4556681c858cfc2057d9ad63419b8bfc64e2edd89112243852e Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/1_1206bc67b204ace01e6e.js	4.9 MB	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/1_1206bc67b204ace01e6e.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash 11c55e481b43b24970e6b90fa0044c24 d4c9d8f35ca9aea5f23093e24debe346b46d09a9 a2bf0e1cf8907c4c5f40d642b3df89169f64bca7534c315146ead14b0f2b104b Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/ps.js	790 kB	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/ps.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash 007e62fe1c7aaf99ab00ffb48d34bf8c 03ada8770e4a5e5b279350aef4f682a75b613089 526909f82332a77a5d75f943e4225af4adffb1febf385a498960ae66e75e8b1d Loading...

	media-eu2.digital.nuance.com/media/launch/site_10006878_default.js?codeVersion=1592467036100	190 kB	2023-03-17	2023-03-17
Pretty URL media-eu2.digital.nuance.com/media/launch/site_10006878_default.js?codeVersion=1592467036100 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash 66105bcb8388eae2c66d8271342e4968 a2fe6be4da87419a038db7072c076fa0df8c605e d77bb856a6bc7f3f46c951f0e984c86bc6346c09ac80ff83f43f816f82919268 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-04-19
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/jquery-3.3.1.min.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-19 00:00:38 Times Seen25656 Hash 4b57cf46dc8cb95c4cca54afc85e9540 05e1ad0cc600a057886deaf237ab6e3d4fcdb5ac a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/7_b7c3fd57bb6ddec1c62b.js	17 kB	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/7_b7c3fd57bb6ddec1c62b.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash f41b6e17c615ac886c8f24d921fc55d7 45d7ab0a1f5d44d9e2413f078c60236d47b91034 dab45257919a825bbee9f7bc2bd383a8f7862b171a7f86d11c707a07ee559b1b Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/modules.875e8181449a9cd033c6.js	379 kB	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/modules.875e8181449a9cd033c6.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash e8bbf00b46e08bfb16badea19b9552e2 7564174e0726b47f76141735b8184015eb607fee 23f41c0c9227bdefcf8e0564962990544adf98a3433206cf2c715f55c37804bd Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/index.php	1.2 kB	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/index.php IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash 75c0ce4ba7a3334c2a4d4dc73ffe5fcf 73e4c0c6de8718bb965cb7088052b96ad2d093c6 7a832758bd4c4d26f0e6e37cf283ee1977ff25b80a2830ddff6ed8aecf620df2 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/index.php	163 B	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/index.php IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash 4763e79b497031e38c8f25b5c84ae8cd 30d5f7e59d4c66a33b4cd9361a122f20815aefef c93310fb5f3a16aa08f27876e82dbd59fda2a8892ffad039bc2d40a6f30dad38 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/cbc-min.js	82 kB	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/cbc-min.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash 9cb346751f9cc47bb699b1067933d4ca 0365d234230b352abe00760a159688ff1498d0f1 666a19a31dfdd8362cfdb474c4393c6fcefe27f40dcfe323ebb37fb8b5c30746 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/8_ede0f429d8dd936c987e.js	8.7 kB	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/8_ede0f429d8dd936c987e.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash 3a68cac477b1a8f9af3927538764018c 5ac74ef1b2bb327f5d09d7fe1fc9033bdc8bc58d a9e229faea6cdc59acb20c02a2873460ef8d9f13f411698a87453552dd74203b Loading...

	connect.facebook.net/en_US/fbevents.js	103 kB	2023-03-07	2023-08-11
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:12:31 Last Seen2023-08-11 03:38:40 Times Seen44 Hash 026f52d67397fda8ff7ddb28ee932f39 44a56e64bfdba3ceff45066d88f3b8f3db2c9ca3 5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/3_27bacba83e129efbf3cb.js	729 B	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/3_27bacba83e129efbf3cb.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash 24a8d4ecae3e7a1f553423779735ff66 c27ba4c46a3dc6fd0439c8bba8c2810db6f8c3e3 651275d8a407bb1fb1752dc0315d7081f141e11e8612f5fae2a9551df9d484b6 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/box-469cf41adb11dc78be68c1ae7f9457a4.html	2.0 kB	2023-03-10	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/box-469cf41adb11dc78be68c1ae7f9457a4.html IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:36:24 Last Seen2023-03-17 11:31:41 Times Seen1 Hash d24a19b23af1a8ddb244533785243c91 115f7b36e92c91b4683d256704f9572e656c372e 5165625245976587d907a7217132bec8d273646245fe253a68b0ffe873901cfb Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/ops/tcFramework.min.js	540 kB	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/ops/tcFramework.min.js IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash b02ac87484af485f0317097141f6c08a d6da6adbb2d1a3f5cf30c6d6113cf0a3b350ac6c 167161dd1c03be8a9ed0fbb8dea9848e8afd8a51431d6e4d457bb3e7de160378 Loading...

	elisa.digital.nuance.com/tagserver/postToServer.min.htm?codeVersion=1592467036100	21 kB	2023-03-07	2023-07-06
Pretty URL elisa.digital.nuance.com/tagserver/postToServer.min.htm?codeVersion=1592467036100 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:04 Last Seen2023-07-06 01:44:31 Times Seen101 Hash ceff19d6f6c2b1a641348fe75922e31d 0f49f9408d2499018f89a9c651dbeb869120ae64 7455230adb5d30b14d3ce23c11e2937451ce1eecb55a592703bbcd2044711cea Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/index.php	242 B	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/index.php IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash c563b227511e9c4e04f0e0e079e18428 ade54859e49154b7956d44b017655d83ae7db6d6 f0b258101c1c92e2f51c8deea44b7a95c7ce52e416ba3d1599e97aef7a68e52d Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/index.php	1.1 kB	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/index.php IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash e73c49a356a9f419c5b77a18b5a8532a e5174417cfc15d6e496ee8c589c74e7eb32d6f66 4c5d4dfe8e642dc7111f16321dce0a49f8847140dbea88a0f8619d4277cef2f3 Loading...

	dikkeduim.be/verkkoasiointi.elisa.fi/index.php	428 B	2023-03-17	2023-03-17
Pretty URL dikkeduim.be/verkkoasiointi.elisa.fi/index.php IP 37.34.56.167 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:41 Last Seen2023-03-17 11:31:41 Times Seen1 Hash b6e6f383743f1d9da1c07145612c25e2 b03bb80355b3928bc5df2b8b70fc1a56cb6c256b b15d1b32838b5981868e6157aba80e0585839a04b90069df527eb5b971207842 Loading...

	media-eu2.digital.nuance.com/media/launch/tcFramework.min.js?codeVersion=1592467036100	517 kB	2023-03-17	2023-03-17
Pretty URL media-eu2.digital.nuance.com/media/launch/tcFramework.min.js?codeVersion=1592467036100 IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:42 Last Seen2023-03-17 11:31:42 Times Seen1 Hash d4d8418b6712a2945c82d56a94708fc2 f9f59710a8570a7742c78ff3f02d792ee138a94a ac93cb2fb7a3f2cf2a890557675e52220c07d3dd24bbb1514bf31cd1bc52a2a1 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 45129e95e19f9bfbf44ec4bcbe04749b	16 B	2023-03-07	2024-04-01
Pretty Observations First Seen2023-03-07 14:53:48 Last Seen2024-04-01 21:28:21 Times Seen28 Hash 45129e95e19f9bfbf44ec4bcbe04749b bb125cf03a5862e576f5ada8642fd70475ff71da 578eed3138c8952acfeb6021f8b0af8ff132ad7b53dd3ba0fe9459ac0abb2fff Loading...

	#2 Eval - 34c8930afcc7bd4975c48e8e5441c8b4	68 B	2023-03-17	2023-03-17
Pretty Observations First Seen2023-03-17 11:31:42 Last Seen2023-03-17 11:31:42 Times Seen1 Hash 34c8930afcc7bd4975c48e8e5441c8b4 a2791cef2909f6251ba791d244815bb74909afcd 432b7eceb078aa16985dcb077cd9813dadf4c662f19c28244f46f4d782b6526d Loading...

	#3 Eval - 34522d38439557674fb333a5b9e5471e	22 B	2023-03-17	2023-03-17
Pretty Observations First Seen2023-03-17 11:31:42 Last Seen2023-03-17 11:31:42 Times Seen1 Hash 34522d38439557674fb333a5b9e5471e f47f7106d97e469a153c83d936ceab59997b92ad 31af4c224a0ee76ee1f5234b81a87be133abd8218f7f26dfe88499b8d568b4d3 Loading...

	#4 Eval - 0a5291cdfc8b0835e4d99cb7840e8258	10 B	2023-03-17	2023-03-17
Pretty Observations First Seen2023-03-17 11:31:42 Last Seen2023-03-17 11:31:42 Times Seen1 Hash 0a5291cdfc8b0835e4d99cb7840e8258 82613d145ddf9bb6935933d1360413e4859efb29 82bdbf111939e91c4a893b24fa2518e949b2b7c616e78707eb93a0b69661bf95 Loading...

	#5 Eval - 512901797a92b422d200e95706cb2aaa	38 kB	2023-03-17	2023-03-17
Pretty Observations First Seen2023-03-17 11:31:42 Last Seen2023-03-17 11:31:42 Times Seen1 Hash 512901797a92b422d200e95706cb2aaa 7017e03dddcd5790c2d915023a048bbe53cb4ff1 8399d474c508d1ebd84776437e77c7ea5e08565c8c49657fec709d81f79b5b8e Loading...

	#6 Eval - 0d6f4bda21970c4777e6f732a142c9e6	149 B	2023-03-07	2024-01-30
Pretty Observations First Seen2023-03-07 14:53:48 Last Seen2024-01-30 10:59:41 Times Seen10 Hash 0d6f4bda21970c4777e6f732a142c9e6 54f8cfc5a94e3ac65cf23773e2e9e7affd7c8fbc 18918adbbec5770e39c2c63e30375c255f5d710435a2de67a76a39dbf71da451 Loading...

	#7 Eval - ba2aa1349f17f28d5240b64246ae5409	47 B	2023-03-07	2023-10-19
Pretty Observations First Seen2023-03-07 23:21:34 Last Seen2023-10-19 01:17:35 Times Seen3 Hash ba2aa1349f17f28d5240b64246ae5409 7f18e5325db277f62cbfca997071f5ab6be077bc bc636a2725c32b464ff63c6e22c15cdb9d249b3a79ad53f683e2fb25fd616737 Loading...

	#8 Eval - ffacf2844a27d5038f7075d14d7feadd	490 B	2023-03-17	2023-03-17
Pretty Observations First Seen2023-03-17 11:31:42 Last Seen2023-03-17 11:31:42 Times Seen1 Hash ffacf2844a27d5038f7075d14d7feadd 795d2825eb2509d32eb8b7ccb9a5d523cc2539d0 b0cc5a8dffd89078d4aa06d42840351940aff4c7e22c2c5f9881f83d53aa94bf Loading...

	#9 Eval - 76ff57a307483f50ec565db654f07cef	19 B	2023-03-17	2023-03-17
Pretty Observations First Seen2023-03-17 11:31:42 Last Seen2023-03-17 11:31:42 Times Seen1 Hash 76ff57a307483f50ec565db654f07cef 707b8ba6492cd6e8e2162956b8c46a2716412958 b631bece3f10fdd924ff152c1df8d10a7e747a3788636689aeb60a2cbf9c1467 Loading...

	#10 Eval - f39174847a2a6afc91945f9403670357	42 B	2023-03-07	2024-04-01
Pretty Observations First Seen2023-03-07 14:53:48 Last Seen2024-04-01 21:28:21 Times Seen28 Hash f39174847a2a6afc91945f9403670357 db34aa01ed4ccee84f15ce71123ecc1255044ec1 8b131429081207f3d73fc759bd23c0020748b51f66ea2e4cc6043be42c219c23 Loading...

	#11 Eval - cbb755e88c390d23df899a0a3d814e57	61 B	2023-03-17	2023-04-28
Pretty Observations First Seen2023-03-17 11:31:42 Last Seen2023-04-28 21:05:36 Times Seen2 Hash cbb755e88c390d23df899a0a3d814e57 003e94bfae1ec813727bb60d682149c1ec766051 574f69e4a91c288d55e129509f4083ee24e7bb35a8615dd040eb4550c4fcf23d Loading...

	#12 Eval - 7c78189390eeb6d96bca08db930d6a0a	44 kB	2023-03-17	2023-03-17
Pretty Observations First Seen2023-03-17 11:31:42 Last Seen2023-03-17 11:31:42 Times Seen1 Hash 7c78189390eeb6d96bca08db930d6a0a 9ea79bf7bbeccd883a6725ee4d484cdd1f6ddadd 46037d3624bbd378f7f8af9b6c65d4c468b4c3fbd4cdcc2b6b209a9a649e62a3 Loading...

	#13 Eval - 57d535a462bcaa0afd1fab9446ce1483	162 B	2023-03-17	2023-03-17
Pretty Observations First Seen2023-03-17 11:31:42 Last Seen2023-03-17 11:31:42 Times Seen1 Hash 57d535a462bcaa0afd1fab9446ce1483 d62ca1ba06c77735822c479bf12fa7f0e5b9590a a610c9975f888550834c7e883635359a37697a30a2bf5e84d04cc907f360a8bb Loading...

	#14 Eval - e8a89d44e27fe65cdf5f05184fa72066	63 kB	2023-03-17	2023-03-17
Pretty Observations First Seen2023-03-17 11:31:42 Last Seen2023-03-17 11:31:42 Times Seen1 Hash e8a89d44e27fe65cdf5f05184fa72066 2400fef339535e1de8acdb896ecae5835f93c19f 9d929e05f816ae0c269d7efb994d716f1645b7599a17af7640bacf980a651b6a Loading...

	#15 Eval - 1b7089cfb74bb9237c8a631ba2be8857	19 kB	2023-03-17	2023-03-17
Pretty Observations First Seen2023-03-17 11:31:42 Last Seen2023-03-17 11:31:42 Times Seen1 Hash 1b7089cfb74bb9237c8a631ba2be8857 42eafc18f7d16f6d22df67834f28258629e3069b ed4746a3315878e344d49d2f2b6b5bea9155f64e95c6c12a3ba771775879f151 Loading...

HTTP Transactions (84)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 20:05:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KiAzmceLsvGzBEsRs-XsHcRrceSntMb8Xc-gok0rQdsnHAJZ8LyUVA==
Age: 1379

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12981
Expires: Sat, 10 Sep 2022 00:05:15 GMT
Date: Fri, 09 Sep 2022 20:28:54 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fDinMZ2CuoWSH4Np5QC3fBowTvX5LjE-sACXVIMXn0naS7vD9HVMQg==
age: 60140
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/index.php

37.34.56.167

200 OK

48 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/index.php
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (50684)
Size
48 kB (47952 bytes)
Hash
f5a3addeed64d5e47f77c7330770352d
d63a06bba3d20f86ef46b506fe01e211b180ffc2
58d7a315eee683007266985a361c6b5c356d97af9f227c3ab2d5d4621f044920

Detections

Analyzer	Verdict	Alert
openphish	Elisa Corporation
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/index.php HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.4.1, Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 47952
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 20:28:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/HCO_opensans_fonts.css

37.34.56.167

200 OK

1.2 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/HCO_opensans_fonts.css
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
ASCII text, with very long lines (410)
Size
1.2 kB (1154 bytes)
Hash
1c594b238ce953c03fa97d2a9bb5c0df
a4a5baae0349beb4d25f0f51b2b850ede1c09686
d5629b8c7cab8d09bf9f7a328ac7b73549844aa0b14ea5d62670c9aab42521f4

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/HCO_opensans_fonts.css HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "f9c775bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 1154
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/hotjar-277632.js

37.34.56.167

200 OK

1.8 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/hotjar-277632.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
ASCII text, with very long lines (2750)
Size
1.8 kB (1835 bytes)
Hash
71c77379eeeb64fbc424f84314941226
5b74f1efc23219473e1e64c5ae5b985941804b8a
faf82384bcc5b4d9f68bd07f241e2cc0848d196d5c78ba731720da63c8219d13

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/hotjar-277632.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "0af35aafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 1835
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/fbevents.js

37.34.56.167

200 OK

32 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/fbevents.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
ASCII text, with very long lines (36355)
Size
32 kB (31898 bytes)
Hash
70ec8fcdb6b9941f7a082782ac3854c4
72d790f26578cc15372c52784db6ab5deabf391d
3a5deec48350ea83e336a3992dbc06d3695d74bbd5d48c2f610217f24fa8c6f8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/fbevents.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "0af35aafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 31898
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/dt-qCt2lBDMZQovr3nbDqj4xjmZZGcnsG

37.34.56.167

404 Not Found

1.2 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/dt-qCt2lBDMZQovr3nbDqj4xjmZZGcnsG
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1245 bytes)
Hash
5343c1a8b203c162a3bf3870d9f50fd4
04b5b886c20d88b57eea6d8ff882624a4ac1e51d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/dt-qCt2lBDMZQovr3nbDqj4xjmZZGcnsG HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 1245
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/analytics.js

37.34.56.167

200 OK

23 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/analytics.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
ASCII text, with very long lines (1350)
Size
23 kB (23026 bytes)
Hash
515e64290c5a08177f542c70ed0380eb
97dc861c1b8206f7d0f13839bbece3e83232a901
cb5e212ed87aff40f39163fb0dde210847b91a62f5fe67ad2193c098bf143223

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/analytics.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "ac7b6d5bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 23026
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 09 Sep 2022 19:56:07 GMT
Expires: Fri, 09 Sep 2022 20:52:54 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7br5ByU1LY-wyBFu-bhvFqbtGvJw52nOiFKthpVGrtnDrvOD3s1ZKw==
Age: 1967

dikkeduim.be/verkkoasiointi.elisa.fi/ops/11_73baa2e79fa47372d52d.js

37.34.56.167

200 OK

412 B

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/11_73baa2e79fa47372d52d.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
ASCII text, with very long lines (449), with no line terminators
Size
412 B (412 bytes)
Hash
343800775a13994f501d8b2207ee5a08
f3e66bafbb5f5d633f26ee2a26793b1cc616d37b
becdaefd3aab28655fb11a3f7a8677fbe3226ea0fd45e029049607549507a860

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/11_73baa2e79fa47372d52d.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "bbc75c5bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 412
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/main-2.294a7ae9089a2dc64d37.css

37.34.56.167

200 OK

1.1 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/main-2.294a7ae9089a2dc64d37.css
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
ASCII text, with very long lines (1306)
Size
1.1 kB (1102 bytes)
Hash
8f28886cfa3b43e6f3d791432d0349ac
e629ccf7ad638b33f6d7744c81a0a2d1bce4a2e3
665f708fa496821590c1bfbd174136fd283af46673de66529a7797b5e0e44f36

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/main-2.294a7ae9089a2dc64d37.css HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "71dc7b5bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 1102
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/main-7.294a7ae9089a2dc64d37.css

37.34.56.167

200 OK

39 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/main-7.294a7ae9089a2dc64d37.css
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
Unicode text, UTF-8 text, with very long lines (64891)
Size
39 kB (39200 bytes)
Hash
7930b015ba7b50e7af4e9b7683ecc42e
29d6a947fedb2703e7db7efd1b65a8a47631ba5e
ecc6277363946b6724ff46171319e1711058b738d1f70f0e3c2192e607a2af13

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/main-7.294a7ae9089a2dc64d37.css HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "a7327e5bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 39200
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/saved_resource

37.34.56.167

404 Not Found

1.2 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/saved_resource
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1245 bytes)
Hash
5343c1a8b203c162a3bf3870d9f50fd4
04b5b886c20d88b57eea6d8ff882624a4ac1e51d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/saved_resource HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 1245
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/10_8beb44b70c6261850695.js

37.34.56.167

200 OK

26 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/10_8beb44b70c6261850695.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
Unicode text, UTF-8 text, with very long lines (65418)
Size
26 kB (25516 bytes)
Hash
a46703adeb5a001d365059c5de172367
a3006c2cee963be17b8d773f2576f8287a045990
9254ba5125ba0249e1e1e8ec2ba37c6d78c003f1d82cb6bc1d5ad4b66abdd9a8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/10_8beb44b70c6261850695.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "bbc75c5bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 25516
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/7_b7c3fd57bb6ddec1c62b.js

37.34.56.167

200 OK

6.2 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/7_b7c3fd57bb6ddec1c62b.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
ASCII text, with very long lines (16638), with no line terminators
Size
6.2 kB (6245 bytes)
Hash
934ef8b3eb8b282f2d5cecbc698625b5
57c3a359f58a619b91473db5e65d5c190d32b710
dcaa06ed198ce9b4b5dc910f2a80ded335df12848ed9c9273f9ef4ca8798aed9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/7_b7c3fd57bb6ddec1c62b.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "ed166b5bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 6245
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/3_27bacba83e129efbf3cb.js

37.34.56.167

200 OK

648 B

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/3_27bacba83e129efbf3cb.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
ASCII text, with very long lines (729), with no line terminators
Size
648 B (648 bytes)
Hash
f335058c7a58cd1be3e5f21d114dec13
21068016142e0061ed10adff06eb26a37eaee6f4
ad2a923a575708d8ae31fb21bf34220d0c3ded711240d67277eef2b5e7be0569

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/3_27bacba83e129efbf3cb.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "ed166b5bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 648
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f1fa8224847ea7d9b4dc8e598fae4142
cb703a2944e58d97dd48a7e56ee9f4510ced78b4
920094aad2886535e2ba9e38d4731f63fbde93038d92b38f0030b0a0f47c2ac8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 20:28:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dikkeduim.be/verkkoasiointi.elisa.fi/ops/0_fd6fb076c7290124ed05.js

37.34.56.167

200 OK

12 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/0_fd6fb076c7290124ed05.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
Unicode text, UTF-8 text, with very long lines (43085), with no line terminators
Size
12 kB (12286 bytes)
Hash
2265bc11292bddeaff0490a720865f7a
d6cca04fb8531d687e1381aac0f592b156e37c0e
9b29648bc5d4d10cf8e47a305a3b026d658395d24e63fdfe54fc0f361c690342

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/0_fd6fb076c7290124ed05.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "bbc75c5bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 12286
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/main-8.294a7ae9089a2dc64d37.css

37.34.56.167

200 OK

743 B

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/main-8.294a7ae9089a2dc64d37.css
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
ASCII text, with very long lines (1289)
Size
743 B (743 bytes)
Hash
db7cfdee88661ae743f17a8c0a7730e3
1bcbbf95e6ef37997d4e552dc814a6f41167d330
d4304cf0f52bde4b6e6a850ef155e37cc2128be56c2bed3501e8740ec23db5f6

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/main-8.294a7ae9089a2dc64d37.css HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "a7327e5bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 743
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d0c56e0b2955a5dd7f37ba4bbf5727b4
f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b
99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5550
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 20:28:54 GMT
Last-Modified: Fri, 09 Sep 2022 18:56:24 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

dikkeduim.be/verkkoasiointi.elisa.fi/ops/translateelement.css

37.34.56.167

200 OK

4.8 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/translateelement.css
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
ASCII text, with very long lines (18670)
Size
4.8 kB (4756 bytes)
Hash
e43520499096a303cb1164dea5fb40cf
621583e9b6881b00c3eb1fcdee48fbe02033b494
93e67022e29a1c15bf75ee768ac348384ea317fae24d4333dc48146338973fb2

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/translateelement.css HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "8f60855bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 4756
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans&display=swap

142.250.74.10

200 OK

1.1 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.1 kB (1087 bytes)
Hash
f787ca8e4da970a2a81e6e8bf93178d5
9109a79f9dabc8104696b3f1d9fb3d8ecc2eb385
a3c9019a499d878e1994a4076059b95034312b1aebdcd335b3ed700b02dfb360

HTTP Headers

GET /css?family=Open+Sans&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Sep 2022 20:28:55 GMT
date: Fri, 09 Sep 2022 20:28:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/8_ede0f429d8dd936c987e.js

37.34.56.167

200 OK

3.6 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/8_ede0f429d8dd936c987e.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8654), with no line terminators
Size
3.6 kB (3579 bytes)
Hash
74d66064a3f9aa12b35d309ffdf413b4
c06a442c348239fe4490900811900ff9d019a61d
a68decc0c19e135f8ed72c5052ecca8c9172e5f88e8ec29966e7c4d1f0d0fe85

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/8_ede0f429d8dd936c987e.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "ac7b6d5bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 3579
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/wurfl.js

37.34.56.167

200 OK

450 B

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/wurfl.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
ASCII text
Size
450 B (450 bytes)
Hash
ba5d30f01a3a4393ed2dc3d58ede6a6d
e39e66bc81345b47b7f52e135811490f11c39dec
2de84af203062d1b5a066bc6f982469ced9e0be5f606e02ee4eec3126bd91a91

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/wurfl.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "8f60855bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 450
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/logo-elisa_2x.png

37.34.56.167

200 OK

5.4 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/logo-elisa_2x.png
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
PNG image data, 240 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
5.4 kB (5351 bytes)
Hash
115c1131616e3f0a7d1918cd3b5327c7
0c1e1aa9aab4fd29e487d9e7a737294c44066c4c
3a91a00eee96f0e0b69e5fd073f38ecdf32adf0c9c90f3c363d1f9d09f1c2e94

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/logo-elisa_2x.png HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "ec85795bafc3d81:0"
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 5351
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/mobiilivarmenne-mobile.svg

37.34.56.167

200 OK

1.6 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/mobiilivarmenne-mobile.svg
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.6 kB (1632 bytes)
Hash
ac3bc1851ff3b6d176bf4ac389f2a4a0
0c661056c05303add92110646ad1d722cbe1d30f
32959ca50def371a0ba95b9316947906e3aa2c0a199ed6edf819d85083a4e180

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/mobiilivarmenne-mobile.svg HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: image/svg+xml
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "a7327e5bafc3d81:0"
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 1632
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/appstore_fi.png

37.34.56.167

200 OK

7.7 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/appstore_fi.png
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
PNG image data, 300 x 89, 8-bit/color RGBA, non-interlaced\012- data
Size
7.7 kB (7687 bytes)
Hash
5dcad3e7e1dfb341dd3d152cd5574420
e6334102331f5100df05343277d98974c73330b8
2eef43b715febbc1dfe91f5a1d3626f2d6a2922338b4aebab019eb9d8845c7e0

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/appstore_fi.png HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "ac7b6d5bafc3d81:0"
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 7687
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/ios-2.png

37.34.56.167

200 OK

139 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/ios-2.png
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
PNG image data, 674 x 1305, 8-bit/color RGBA, non-interlaced\012- data
Size
139 kB (138925 bytes)
Hash
8dc62f41aa239fb27dbaaaa3bf2d6bbe
4b0e441212becb375d0c1a24fe477b973460ba2a
7449f81f8df530e7639266e1936d183cd9cd5e5bf123b85cb3a4bc2243fda283

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/ios-2.png HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "f9c775bafc3d81:0"
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 138925
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/main-294a7ae9089a2dc64d37.js

37.34.56.167

200 OK

56 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/main-294a7ae9089a2dc64d37.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
Unicode text, UTF-8 text, with very long lines (37078), with NEL line terminators
Size
56 kB (56440 bytes)
Hash
89c03763ae2c488c076fdfb7d582138b
586aa2a7bd06c321b780c192fb7e244248dddc33
add1641b1eafc93e5d1e7b3d99150a36bebb0f41c01c3eee934f452f5bdaf994

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/main-294a7ae9089a2dc64d37.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "71dc7b5bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 56440
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/googleplaybadge_fi.png

37.34.56.167

200 OK

17 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/googleplaybadge_fi.png
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
PNG image data, 300 x 89, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (17258 bytes)
Hash
579ab8e9cf8c01d072a2dfeb15b81018
f6c37684877f6175307c2229946bae03d74ef74b
6c1aa48c88469ced30981d74231f279f7c096bcd547df249fd717e7653c5087a

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/googleplaybadge_fi.png HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "8da5745bafc3d81:0"
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 17258
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/inqChatLaunch10006878.js

37.34.56.167

200 OK

8.1 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/inqChatLaunch10006878.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
ASCII text, with very long lines (999)
Size
8.1 kB (8054 bytes)
Hash
4bbd6f11211a2fa4cca043d5c7914d36
bddc33271b5086f323c74107860036e1291664d0
c27545464f4d985e6074d33f6c7f0c85a60ed119b9bf0a971f33038747f30886

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/inqChatLaunch10006878.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "f9c775bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 8054
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/huaweistorebadge_fi.png

37.34.56.167

200 OK

18 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/huaweistorebadge_fi.png
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
PNG image data, 300 x 89, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (17666 bytes)
Hash
01e0a950b62432ef5fb11697ddbc2f6f
bf9175620698513a7cf9f8c9713773b7680ea7da
ec9fa2b3ea71cb08efd672983e5b95274925958e5b49a36b3db646ec9280e985

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/huaweistorebadge_fi.png HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "f9c775bafc3d81:0"
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 17666
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/translate_24dp.png

37.34.56.167

200 OK

825 B

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/translate_24dp.png
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
825 B (825 bytes)
Hash
55ff382a8b09329e3230a1797eb8f5fd
026ae089006a674da7dcc9bf6b986c5d59e75478
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/translate_24dp.png HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "8f60855bafc3d81:0"
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
content-length: 825
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.162.110.205

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.110.205:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: L7nn4KWDJaZIGx1IeVaQOg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KdnfX0bJEcbe3EZrIIbohzkU69M=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8328
Expires: Fri, 09 Sep 2022 22:47:44 GMT
Date: Fri, 09 Sep 2022 20:28:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8328
Expires: Fri, 09 Sep 2022 22:47:44 GMT
Date: Fri, 09 Sep 2022 20:28:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8328
Expires: Fri, 09 Sep 2022 22:47:44 GMT
Date: Fri, 09 Sep 2022 20:28:56 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4532 bytes)
Hash
a5fdeb374d4e3669ce5d9ff2cd22cd19
70ede5692526afd351d134a391383461dafdc64f
10c5d8e41aae1a36525a45375966b5067333f0c7edc176a540fd6527ebe1ad8c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4532
x-amzn-requestid: e5694699-7f38-4542-8808-54bda7ee7d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIMmGGUmIAMF2cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63198e26-1aa6788e24fcfdf0008bee21;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 06:39:34 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: smtzoqnzJiET63xsW_r_-eVNsTK01mGqRbvuwekbqjnzS6Sb1fw9HQ==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:54:58 GMT
etag: "70ede5692526afd351d134a391383461dafdc64f"
content-type: image/jpeg
age: 77638
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/gtm.js

37.34.56.167

200 OK

80 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/gtm.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
data
Size
80 kB (79780 bytes)
Hash
6f4989ba457add5710dec673d7583883
85e28b13fa8504aeb51ee8ac29b3519f7d8f3fc1
fd0feeff9569cba44feb665f852892e31799849caa5fe6d7928016601136e700

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/gtm.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "f9c775bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/main-5.294a7ae9089a2dc64d37.css

37.34.56.167

200 OK

75 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/main-5.294a7ae9089a2dc64d37.css
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
data
Size
75 kB (75319 bytes)
Hash
6a810d8192ed78107a08d13c54a2cf12
e13ba64992abd3ae0ee8ce458c36b1471aaa7792
c2a12c5a35e99845b571388f7594ff1b8b6b44a8615b4e8cad64a03b726d5851

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/main-5.294a7ae9089a2dc64d37.css HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "71dc7b5bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7515 bytes)
Hash
60fa03262bb3728f24a4c7a8177ec788
09dcbdc6043f01dd56920cca3ce3920d0d07b795
e7448f186933f9848f1d55f0e8dba593918846d02fb9cc3a7cd86d69b96a7fde

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7515
x-amzn-requestid: bb6a7928-9bdc-44e7-8478-b415bc504343
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YJu0bGYdoAMF5jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a2b4f-208339fd72e62dff4a2ba339;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 17:50:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: UaU9GK4lcCuAN2WghBDa7f-21dRTA4Fh1tlAmGFMKh4wQOGZlKdmOw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:46:49 GMT
etag: "09dcbdc6043f01dd56920cca3ce3920d0d07b795"
content-type: image/jpeg
age: 81727
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/elisa-styleguide-min.css

37.34.56.167

200 OK

216 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/elisa-styleguide-min.css
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
data
Size
216 kB (215727 bytes)
Hash
96ae614f1bb1f4b367a6c5e2a4321eac
3e52d7baf65f222af85387d9974e8205cf32326a
90d2ab983f1d98240f64f44e630664efed6b48fb5d584d364475112a0caacc17

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/elisa-styleguide-min.css HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "6e52725bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/5_899032a72e7c91bc4034.js

37.34.56.167

200 OK

212 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/5_899032a72e7c91bc4034.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
data
Size
212 kB (212385 bytes)
Hash
18aaa62ff05a115f787139f299020421
19df0551d99142b22c4e57b0a7da722fb37d5096
74e0bfdf5622c8dd51baed34728490cf4e062cf13c99fa4cf40c96030d222938

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/5_899032a72e7c91bc4034.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "ed166b5bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
49bb506fd2087ce606cf1207c22cd7d9
3e41f996bb72070c81dca4833b5b44bff563059d
1edfaa3998425120e4165dfbde171296fae51afe0e1420b9cc1cd68aa638f751

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6407
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 20:28:56 GMT
Last-Modified: Fri, 09 Sep 2022 18:42:09 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/fbevents.js

157.240.200.14

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (26737 bytes)
Hash
8e7e24fb3539746aa8b869558f589615
d8086d86bbd5cfacc3b6a5ef14aa917830e137dd
7304497ee417a664bdea67d7307ca36a36013556b927c3ea5bca6c04b66236ef

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ygurLTyLaz3hqEUe5flwwQQabGZG0f6mvqVqLaNxnXAGYPGxlcZB/N2olE62Y3j7BG7CsmHDv4CKYQbpEvlZLA==
content-length: 26737
x-fb-trip-id: 1679558926
date: Fri, 09 Sep 2022 20:28:56 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/main-1.294a7ae9089a2dc64d37.css

37.34.56.167

200 OK

142 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/main-1.294a7ae9089a2dc64d37.css
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
data
Size
142 kB (142181 bytes)
Hash
6ac792ea50dce56f8dd0783ef6e3838a
f98db051876b1cc4c2787eba8ac1483e107395a9
34fa0eb2a33e098195c7b7d5a9e5725e969e2d5e19fb1232e211398dd789cb1e

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/main-1.294a7ae9089a2dc64d37.css HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "71dc7b5bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/modules.875e8181449a9cd033c6.js

37.34.56.167

200 OK

116 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/modules.875e8181449a9cd033c6.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
data
Size
116 kB (116125 bytes)
Hash
a0d527ebd17ee8f8a3a9d06a9346b47d
f61fb073052c9672db86db9c284a1a43ad2d1ab9
7055927e5bb7f6ad00a54283a3b70fa50f448848d20d7d6d068d64b4bad895ff

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/modules.875e8181449a9cd033c6.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "a7327e5bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0e1f60cbc92010808774913305763d6d
21c37e5a9767ea1a5e8755826d69e249aabeae82
7e978b67d07dec2679d9287740a0ed02c9a976894507c3d6311f4dfdce1771ef

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 279
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 20:28:56 GMT
Etag: "631adc2b-1d7"
Last-Modified: Fri, 09 Sep 2022 20:24:17 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

elisa.fi/favicon.ico

195.197.95.175

200 OK

15 kB

URL HTTP/2
elisa.fi/favicon.ico
IP
195.197.95.175:0
ASN
#719 Elisa Oyj

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
15 kB (15086 bytes)
Hash
f4ade4f1d11fc261fdda912731d782e8
9cb1028bb212bf05c409a52fdfde1acc78347815
e8c7deefbe3451de2cd35d3922e563a852e07f05c057f6b5008229e585b79a70

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: elisa.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 20:28:56 GMT
content-type: image/x-icon
content-length: 15086
last-modified: Mon, 05 Sep 2022 06:18:34 GMT
etag: "631594ba-3aee"
cache-control: max-age=10, must-revalidate
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=IE8
set-cookie: Path=/; HttpOnly; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 20:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

142.250.74.163

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size
17 kB (16740 bytes)
Hash
e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dikkeduim.be
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 18:53:39 GMT
expires: Tue, 05 Sep 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 351319
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 20:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.usertrust.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
4f71abaf5852956259f9a01cf1ff3822
5bab80d0f4e7b3e7930d91d2cc210af956073404
397b6f9978034e3081dcbb7ad80f1b563c199361d033f5dd822a947ed64df3de

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 20:28:58 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 12:05:43 GMT
Expires: Tue, 13 Sep 2022 12:05:42 GMT
Etag: "5bab80d0f4e7b3e7930d91d2cc210af956073404"
Cache-Control: max-age=602860,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 205
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7482ac644f911c06-OSL

elisa.psplugin.com/api/v1/register/2c6b79d9-2f38-4eff-88be-2f74b6fbf70f?json=true

46.21.96.230

405 Method Not Allowed

21 B

URL HTTP/1.1
elisa.psplugin.com/api/v1/register/2c6b79d9-2f38-4eff-88be-2f74b6fbf70f?json=true
IP
46.21.96.230:0
ASN
#42708 GleSYS AB

File type
ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
decb6c2cf800d820459f22ca04d9786b
51dd14a3642575a0b0132b3ebc2e4f0b777e953b
26d39ad9d65a7de27b112974945333342fec3b306da9d315b1d3860aaea063a1

HTTP Headers

POST /api/v1/register/2c6b79d9-2f38-4eff-88be-2f74b6fbf70f?json=true HTTP/1.1
Host: elisa.psplugin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 84
Origin: https://dikkeduim.be
Connection: keep-alive
Referer: https://dikkeduim.be/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 405 Method Not Allowed
date: Fri, 09 Sep 2022 20:28:57 GMT
content-type: application/json; charset=utf-8
content-length: 21
access-control-allow-credentials: true
access-control-allow-origin: https://dikkeduim.be
access-control-max-age: 604800
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-content-type-options: nosniff
set-cookie: vngage.srvid=f43d16ab12f59399; path=/; Secure; SameSite=None

dikkeduim.be/verkkoasiointi.elisa.fi/ops/box-469cf41adb11dc78be68c1ae7f9457a4.html

37.34.56.167

200 OK

1.4 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/box-469cf41adb11dc78be68c1ae7f9457a4.html
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (515)
Size
1.4 kB (1401 bytes)
Hash
40435f357936383bd5c7857461802522
585845df809ea99f8ff5b6062173c0c1a8a6ddbe
56eebc0d7b56157cab3d89d270cab48378b0626b951f1e32ed6acfae36a419dc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/box-469cf41adb11dc78be68c1ae7f9457a4.html HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Cookie: ipaSplitVariation=100; showNewViihdeProductPage=true; mbbTerminationDisabled=false
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: text/html
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "ac7b6d5bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:58 GMT
content-length: 1401
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/elisa-nuance.html

37.34.56.167

200 OK

676 B

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/elisa-nuance.html
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Size
676 B (676 bytes)
Hash
ae79a6dddf783a1b916e0485af2c9b09
d1955d12b9efb1565973101f7332cb8e1b210598
e55c165d6dc86b049c21873829da1887f5761940971a0d8b30ad6424a5c8686a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/elisa-nuance.html HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Cookie: ipaSplitVariation=100; showNewViihdeProductPage=true; mbbTerminationDisabled=false
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: text/html
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "6e52725bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:58 GMT
content-length: 676
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/site_10006878_default.js

37.34.56.167

200 OK

13 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/site_10006878_default.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
Unicode text, UTF-8 text, with very long lines (46766)
Size
13 kB (13012 bytes)
Hash
929c7bbfa323d57dae53270c121f442e
12dfd66fcc7813bd081ba744ab69b507535500fa
9ab30f306f3d7ef3ace0d122ecfb49247ac8457965188b5b86fbbfa59db120d0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/site_10006878_default.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/ops/elisa-nuance.html
Cookie: ipaSplitVariation=100; showNewViihdeProductPage=true; mbbTerminationDisabled=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "b5fa825bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:59 GMT
content-length: 13012
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/ads-blocking-detector.js

37.34.56.167

200 OK

2.4 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/ads-blocking-detector.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
ASCII text
Size
2.4 kB (2442 bytes)
Hash
5fbb4dd503388285ac3b1bee8727926e
f9b20c92df9f5936466367c23d3d0dbc94826f3e
907d923c424385fe2272dec6eae5a3c5d1088370265fd0241abd482ac48b5390

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/ads-blocking-detector.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/ops/elisa-nuance.html
Cookie: ipaSplitVariation=100; showNewViihdeProductPage=true; mbbTerminationDisabled=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "ac7b6d5bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:59 GMT
content-length: 2442
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/inqChatLaunch10006878.js

37.34.56.167

200 OK

6.5 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/inqChatLaunch10006878.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
ASCII text, with very long lines (999)
Size
6.5 kB (6512 bytes)
Hash
0c76308ea89ada46184297f5511fae99
698349f385f04678ddfccde80f526c8d6389c2ab
2a2ace623d18285f284061e3503b99be9a155feeebb35525163bfd3a481883e1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/inqChatLaunch10006878.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/ops/elisa-nuance.html
Cookie: ipaSplitVariation=100; showNewViihdeProductPage=true; mbbTerminationDisabled=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Thu, 08 Sep 2022 18:18:12 GMT
If-None-Match: "f9c775bafc3d81:0"
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "0af35aafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:59 GMT
content-length: 6512
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/cbc-min.js

37.34.56.167

200 OK

29 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/cbc-min.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
ASCII text, with very long lines (572)
Size
29 kB (29153 bytes)
Hash
07e837a704e93f1f7bf6d79252506ef6
553ff3b5fe20c38c0f93b82931e4ea86213e08e3
d2f9d1e24b7b9c08d73bfd918de20a6dd596846ba12a9a02f4dba2cfb3f64770

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/cbc-min.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/ops/elisa-nuance.html
Cookie: ipaSplitVariation=100; showNewViihdeProductPage=true; mbbTerminationDisabled=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "ac7b6d5bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:59 GMT
content-length: 29153
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/jquery-3.3.1.min.js

37.34.56.167

200 OK

39 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/jquery-3.3.1.min.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
ASCII text, with very long lines (65451)
Size
39 kB (38892 bytes)
Hash
c21e1fb1f770470703ab3ba026f45f93
3a8fb33199f6708402362a7d3d04c53d8d6fdf5d
6100ff2a9c555bcb20b0fbbaf71cab2336ed21a53d445329c91d07449efe6d78

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/jquery-3.3.1.min.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/ops/elisa-nuance.html
Cookie: ipaSplitVariation=100; showNewViihdeProductPage=true; mbbTerminationDisabled=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "ec85795bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:59 GMT
content-length: 38892
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/postToServer.min.html

37.34.56.167

200 OK

8.7 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/postToServer.min.html
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- Java source text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (942)
Size
8.7 kB (8737 bytes)
Hash
23915b4f4040f93e755e07b2e8f4b934
f04dce4fd9e67b41e2fc68728eb093cbd0624c8b
882ffddd16d82331db6ac775f89ee436980fb8e5574ad6e737dde4617ad088cf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/postToServer.min.html HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/ops/elisa-nuance.html
Cookie: ipaSplitVariation=100; showNewViihdeProductPage=true; mbbTerminationDisabled=false
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: text/html
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "a7327e5bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:59 GMT
content-length: 8737
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/tcFramework.min.js

37.34.56.167

200 OK

176 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/tcFramework.min.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
ASCII text, with very long lines (3061)
Size
176 kB (176270 bytes)
Hash
116f660c3203f6b3b30cb997a1188cbb
1a6ff674ab69f6be150878eef5036fd3610bc1b4
c0a00e2672b3c60b59b3601013ff2f69741db29d5b3ce058eb5bc7f222bd4924

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/tcFramework.min.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/ops/elisa-nuance.html
Cookie: ipaSplitVariation=100; showNewViihdeProductPage=true; mbbTerminationDisabled=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "8f60855bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:59 GMT
X-Firefox-Spdy: h2

elisa.digital.nuance.com/tagserver/init/isTrustedDomain

52.236.144.195

200 OK

0 B

URL HTTP/2
elisa.digital.nuance.com/tagserver/init/isTrustedDomain
IP
52.236.144.195:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /tagserver/init/isTrustedDomain HTTP/1.1
Host: elisa.digital.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 33
Origin: https://elisa.digital.nuance.com
Connection: keep-alive
Referer: https://elisa.digital.nuance.com/tagserver/postToServer.min.htm?codeVersion=1592467036100
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Sep 2022 20:29:00 GMT
content-type: text/html; charset=utf-8
content-length: 0
server: TouchCommerce Server
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
samesite: Strict
p3p: policyref="http://elisa.digital.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
X-Firefox-Spdy: h2

elisa.digital.nuance.com/tagserver/init/initFramework

52.236.144.195

200 OK

196 B

URL HTTP/2
elisa.digital.nuance.com/tagserver/init/initFramework
IP
52.236.144.195:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JSON data\012- , ASCII text, with no line terminators
Size
196 B (196 bytes)
Hash
bd4d3401ed01dc4f9f78ab066e3ea047
8143486cd6d5b9e4865d41c1aec44a49e4cdcf46
5aa838d3b04fa85dc394c58e45f126672c2a976c306ed5604963a07c694b4e8b

HTTP Headers

POST /tagserver/init/initFramework HTTP/1.1
Host: elisa.digital.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 125
Origin: https://elisa.digital.nuance.com
Connection: keep-alive
Referer: https://elisa.digital.nuance.com/tagserver/postToServer.min.htm?codeVersion=1592467036100
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Sep 2022 20:29:00 GMT
content-type: application/json; charset=UTF-8
content-length: 196
server: TouchCommerce Server
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
samesite: Strict
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
p3p: policyref="http://elisa.digital.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
content-language: en-US
X-Firefox-Spdy: h2

elisa.digital.nuance.com/tagserver/acif/pre-acif.js

52.236.144.195

200 OK

139 B

URL HTTP/2
elisa.digital.nuance.com/tagserver/acif/pre-acif.js
IP
52.236.144.195:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
139 B (139 bytes)
Hash
2fb58b25b9cbaac4638a181264aaddca
41730b360316beb16efedb94bcb4c3610a000d4a
5dc0eea119efe40ef171cd62301f7d20d9997014b354cff9bea250ee5b059eb5

HTTP Headers

GET /tagserver/acif/pre-acif.js HTTP/1.1
Host: elisa.digital.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://dikkeduim.be/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Sep 2022 20:29:00 GMT
content-type: application/javascript
content-length: 139
server: TouchCommerce Server
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
samesite: Strict
cache-control: max-age=3600
p3p: policyref="http://elisa.digital.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
etag: "CZNYrMxQHjq"
last-modified: Wed, 31 Aug 2022 23:05:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

media-eu2.digital.nuance.com/media/sites/10006878/assets/automatons/acif-configs.js

13.107.213.53

200 OK

6.3 kB

URL HTTP/2
media-eu2.digital.nuance.com/media/sites/10006878/assets/automatons/acif-configs.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (26116)
Size
6.3 kB (6257 bytes)
Hash
4d9c101f91c423cf69660484f6818a6f
2baf96d20d6724da5300ee3d1732029832676073
1c839fad399d91dd713f2eed766701806562e33595f1de587dabdeb4fb7001fc

HTTP Headers

GET /media/sites/10006878/assets/automatons/acif-configs.js HTTP/1.1
Host: media-eu2.digital.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://dikkeduim.be/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=3600
content-length: 6257
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 27 May 2020 07:20:52 GMT
accept-ranges: bytes
etag: "6+vWJUwqrbM"
vary: Accept-Encoding
x-cache: TCP_HIT
server: TouchCommerce Server
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
samesite: Strict
x-azure-ref: 0DKIbYwAAAAANxFAzyTKaQKgg7nustkIsTE9OMjFFREdFMTYxNQA2MTBiOWZlMi04OGQ3LTQxNTgtOTNjNi0xNzAzODJjNzg1Mjc=
date: Fri, 09 Sep 2022 20:28:59 GMT
X-Firefox-Spdy: h2

media-eu2.digital.nuance.com/flash/InqFramework.js?codeVersion=1592467036100

13.107.213.53

404 Not Found

217 B

URL HTTP/2
media-eu2.digital.nuance.com/flash/InqFramework.js?codeVersion=1592467036100
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
217 B (217 bytes)
Hash
48990d6a556620a79d6495e5910a4cce
b49dc308a3c32d004b9fb1fb4989782365479e48
1f736e4e1c88788d09a860894256c9b27d39dfc665f072f85b97547c1639b237

HTTP Headers

GET /flash/InqFramework.js?codeVersion=1592467036100 HTTP/1.1
Host: media-eu2.digital.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://dikkeduim.be/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
content-length: 217
content-type: text/html; charset=utf-8
x-cache: TCP_MISS
server: TouchCommerce Server
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
samesite: Strict
x-azure-ref: 0DKIbYwAAAADOS61Sdt0QS6czzs15Qr5/TE9OMjFFREdFMTYxNQA2MTBiOWZlMi04OGQ3LTQxNTgtOTNjNi0xNzAzODJjNzg1Mjc=
date: Fri, 09 Sep 2022 20:28:59 GMT
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=741615476044750&ev=PageView&dl=https%3A%2F%2Fdikkeduim.be%2Fverkkoasiointi.elisa.fi%2Findex.php&rl=&if=false&ts=1662755331039&sw=1280&sh=1024&v=2.9.79&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1662755331038.2063720324&it=1662755330424&coo=false&rqm=GET

157.240.200.35

200 OK

44 B

URL HTTP/2
www.facebook.com/tr/?id=741615476044750&ev=PageView&dl=https%3A%2F%2Fdikkeduim.be%2Fverkkoasiointi.elisa.fi%2Findex.php&rl=&if=false&ts=1662755331039&sw=1280&sh=1024&v=2.9.79&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1662755331038.2063720324&it=1662755330424&coo=false&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
44 B (44 bytes)
Hash
b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

HTTP Headers

GET /tr/?id=741615476044750&ev=PageView&dl=https%3A%2F%2Fdikkeduim.be%2Fverkkoasiointi.elisa.fi%2Findex.php&rl=&if=false&ts=1662755331039&sw=1280&sh=1024&v=2.9.79&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1662755331038.2063720324&it=1662755330424&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
date: Fri, 09 Sep 2022 20:29:00 GMT
expires: Fri, 09 Sep 2022 20:29:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: 
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

elisa.digital.nuance.com/tagserver/incrementality/onEvent

52.236.144.195

200 OK

0 B

URL HTTP/2
elisa.digital.nuance.com/tagserver/incrementality/onEvent
IP
52.236.144.195:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /tagserver/incrementality/onEvent HTTP/1.1
Host: elisa.digital.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 334
Origin: https://elisa.digital.nuance.com
Connection: keep-alive
Referer: https://elisa.digital.nuance.com/tagserver/postToServer.min.htm?codeVersion=1592467036100
Cookie: inqVital_10006878=%7BINQ%3A%7BcustID%3A%221340211334655872731%22%2CclntLag%3A9020%7D%2Cv%3A3%2Cvcnt%3A0%2Cvtime%3A1662755331543%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Sep 2022 20:29:00 GMT
content-type: application/json; charset=UTF-8
content-length: 0
server: TouchCommerce Server
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
samesite: Strict
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
p3p: policyref="http://elisa.digital.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
content-language: en-US
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/1_1206bc67b204ace01e6e.js

37.34.56.167

200 OK

1.3 MB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/1_1206bc67b204ace01e6e.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
data
Size
1.3 MB (1319014 bytes)
Hash
9239c1e6c9e80a7fa6ff96a9dd638a51
9d07158be13896646f7d1574d23d7d5f3e9d6c64
f84f7a22acf8d40960d99384397984ac625a8f52341dd3336ecb06a035af3f3e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/1_1206bc67b204ace01e6e.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "35d665bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/open-sans-v10-latin-600.woff2

37.34.56.167

404 Not Found

53 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/open-sans-v10-latin-600.woff2
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15391), with CRLF, CR, LF line terminators
Size
53 kB (52714 bytes)
Hash
c8e59e05bd90779fadb0c8a9f12f5c06
706d4a59e9dc0d25b188a0c468a6f5849dbe7b49
d1befa1b9669b5262a52b23f978e1a467d122bcbecf3a0e97fc4af3e9a7abf59

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/open-sans-v10-latin-600.woff2 HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/ops/HCO_opensans_fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
server: Microsoft-IIS/10.0
link: <https://dikkeduim.be/wp/wp-json/>; rel="https://api.w.org/"
x-powered-by: PHP/7.4.1, Granaat consultancy
date: Fri, 09 Sep 2022 20:29:00 GMT
content-length: 52714
X-Firefox-Spdy: h2

dikkeduim.be/_/node_modules/elisa-navi/img/new-icons/user.svg

37.34.56.167

404 Not Found

53 kB

URL HTTP/2
dikkeduim.be/_/node_modules/elisa-navi/img/new-icons/user.svg
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15391), with CRLF, CR, LF line terminators
Size
53 kB (52714 bytes)
Hash
3c1c98ec2adb92505ff9de62d757ef4c
da5f9d9460cfd744a3eb20a37ff85819bfb07f0d
e82da5f67bd5e261cc686cddb2fc102cdbde76fee8bf661040e2ef544f2536a2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_/node_modules/elisa-navi/img/new-icons/user.svg HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/ops/main-7.294a7ae9089a2dc64d37.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
server: Microsoft-IIS/10.0
link: <https://dikkeduim.be/wp/wp-json/>; rel="https://api.w.org/"
x-powered-by: PHP/7.4.1, Granaat consultancy
date: Fri, 09 Sep 2022 20:29:00 GMT
content-length: 52714
X-Firefox-Spdy: h2

dikkeduim.be/images/login-bg.svg

37.34.56.167

404 Not Found

53 kB

URL HTTP/2
dikkeduim.be/images/login-bg.svg
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15391), with CRLF, CR, LF line terminators
Size
53 kB (52714 bytes)
Hash
041f102d47d5140fec348617e3753eca
706d7edf68e3f44bb2c2385aa5ed47faacc7330b
80261828560dc261667f8379057cc9b1ae32b97b99fe7e55abc9014b309a28fb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /images/login-bg.svg HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/ops/main-1.294a7ae9089a2dc64d37.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
server: Microsoft-IIS/10.0
link: <https://dikkeduim.be/wp/wp-json/>; rel="https://api.w.org/"
x-powered-by: PHP/7.4.1, Granaat consultancy
date: Fri, 09 Sep 2022 20:29:00 GMT
content-length: 52714
X-Firefox-Spdy: h2

dikkeduim.be/_/node_modules/site-common/common-styles/images/icon_star.png

37.34.56.167

404 Not Found

53 kB

URL HTTP/2
dikkeduim.be/_/node_modules/site-common/common-styles/images/icon_star.png
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15391), with CRLF, CR, LF line terminators
Size
53 kB (52714 bytes)
Hash
4d72271166a237072264fa9410d3a781
59d2c463ca48aa7865e21b66789cb52070ecb839
492a42ea1ef65724cf83963f89b191b9cc879fcb11bde1bc2682a9c99003fb0e

HTTP Headers

GET /_/node_modules/site-common/common-styles/images/icon_star.png HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/ops/main-7.294a7ae9089a2dc64d37.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
server: Microsoft-IIS/10.0
link: <https://dikkeduim.be/wp/wp-json/>; rel="https://api.w.org/"
x-powered-by: PHP/7.4.1, Granaat consultancy
date: Fri, 09 Sep 2022 20:29:01 GMT
content-length: 52714
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/open-sans-v10-latin-600.woff

37.34.56.167

404 Not Found

53 kB

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/open-sans-v10-latin-600.woff
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15391), with CRLF, CR, LF line terminators
Size
53 kB (52714 bytes)
Hash
f8a14f101ce99c2d2c1dcdeef58ecb50
8370174b15a40a799784f3cc1c79a12b94faf3f5
b05b9532a85b0daebcfc205ac607d2a67ceb9556a4b32370e98ee9fc2fc980aa

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/open-sans-v10-latin-600.woff HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/ops/HCO_opensans_fonts.css
Cookie: ipaSplitVariation=100; showNewViihdeProductPage=true; mbbTerminationDisabled=false; _fbp=fb.1.1662755331038.2063720324
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
server: Microsoft-IIS/10.0
link: <https://dikkeduim.be/wp/wp-json/>; rel="https://api.w.org/"
x-powered-by: PHP/7.4.1, Granaat consultancy
date: Fri, 09 Sep 2022 20:29:02 GMT
content-length: 52714
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8b5268-2aac-4f24-b390-b0e7248d123e.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16161 bytes)
Hash
25f5b03125ec15193e9dc0970050c2c5
712d9774b838f4d0ade26b674e8d038295cf3a6b
858d64da226534e5a96cb11fedeee1d1d55c0ac9e54a1f98d10e29be0d39eca8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8b5268-2aac-4f24-b390-b0e7248d123e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 16161
x-amzn-requestid: 041df785-47cb-476f-9c22-d1f776c34bdb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9ThG4uoAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-66d92cab4181c30f66fe59c3;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WB79ZqWSIlt3JU8KdLx7tROSorUqBoLEB7wdLSDotNfYOfz53wEB7w==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:53:13 GMT
age: 81350
etag: "712d9774b838f4d0ade26b674e8d038295cf3a6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/ps.js

37.34.56.167

200 OK

0 B

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/ps.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/ps.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "aa95805bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:55 GMT
X-Firefox-Spdy: h2

media-eu2.digital.nuance.com/media/launch/acif/acif.js

13.107.213.53

200 OK

0 B

URL HTTP/2
media-eu2.digital.nuance.com/media/launch/acif/acif.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /media/launch/acif/acif.js HTTP/1.1
Host: media-eu2.digital.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://dikkeduim.be/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 09 Aug 2022 02:34:18 GMT
accept-ranges: bytes
etag: "+gFEpFGIIgv"
vary: Accept-Encoding
x-cache: TCP_HIT
server: TouchCommerce Server
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
samesite: Strict
x-azure-ref: 0DKIbYwAAAABTUZWeWmGPQq07600yKc/dTE9OMjFFREdFMTYxNQA2MTBiOWZlMi04OGQ3LTQxNTgtOTNjNi0xNzAzODJjNzg1Mjc=
date: Fri, 09 Sep 2022 20:28:59 GMT
X-Firefox-Spdy: h2

media-eu2.digital.nuance.com/media/launch/tcFramework.min.js?codeVersion=1592467036100

13.107.213.53

200 OK

0 B

URL HTTP/2
media-eu2.digital.nuance.com/media/launch/tcFramework.min.js?codeVersion=1592467036100
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /media/launch/tcFramework.min.js?codeVersion=1592467036100 HTTP/1.1
Host: media-eu2.digital.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 06:44:56 GMT
accept-ranges: bytes
etag: "A4D7MakgjyO"
vary: Accept-Encoding
x-cache: TCP_MISS
server: TouchCommerce Server
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
samesite: Strict
x-azure-ref: 0DKIbYwAAAAAz7bb0pUAlRaNVclRV5YMMTE9OMjFFREdFMTYxNQA2MTBiOWZlMi04OGQ3LTQxNTgtOTNjNi0xNzAzODJjNzg1Mjc=
date: Fri, 09 Sep 2022 20:28:59 GMT
X-Firefox-Spdy: h2

elisa.digital.nuance.com/tagserver/cbc-min.js

52.236.144.195

200 OK

0 B

URL HTTP/2
elisa.digital.nuance.com/tagserver/cbc-min.js
IP
52.236.144.195:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tagserver/cbc-min.js HTTP/1.1
Host: elisa.digital.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Sep 2022 20:29:00 GMT
content-type: application/javascript
server: TouchCommerce Server
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
samesite: Strict
cache-control: max-age=3600
p3p: policyref="http://elisa.digital.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
etag: "87wQFvh0MlB"
last-modified: Wed, 31 Aug 2022 23:05:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

dikkeduim.be/verkkoasiointi.elisa.fi/ops/2_4dbef217d48164978b93.js

37.34.56.167

200 OK

0 B

URL HTTP/2
dikkeduim.be/verkkoasiointi.elisa.fi/ops/2_4dbef217d48164978b93.js
IP
37.34.56.167:0
ASN
#20857 Signet B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /verkkoasiointi.elisa.fi/ops/2_4dbef217d48164978b93.js HTTP/1.1
Host: dikkeduim.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dikkeduim.be/verkkoasiointi.elisa.fi/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 18:18:12 GMT
accept-ranges: bytes
etag: "ed166b5bafc3d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: Granaat consultancy
date: Fri, 09 Sep 2022 20:28:54 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (56)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations