Report - certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php

Report Overview

Submitted URL
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
IP
20.199.42.181
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2023-03-19 04:29:32
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
50

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606 B	127 B	34.218.147.141
cdn.tynt.com	7260	2012-05-21T18:51:48Z	2023-03-25T05:09:49Z	398 B	7.8 kB	104.18.36.173
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T18:12:03Z	2.0 kB	5.3 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-25T18:14:26Z	782 B	2.4 kB	35.241.9.150
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com	unknown	2023-03-18T09:11:01Z	2023-03-21T14:57:00Z	14 kB	679 kB	20.199.42.181
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333 B	391 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	3.2 kB	58 kB	34.120.237.76
whos.amung.us	12687	2014-04-02T16:27:13Z	2023-03-25T08:40:42Z	583 B	217 B	172.67.8.141
widgets.amung.us	12623	2012-05-21T21:25:54Z	2023-03-25T12:55:32Z	405 B	414 B	172.67.8.141
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413 B	5.9 kB	34.160.144.191
www.mitid.dk	unknown	2017-04-03T14:46:36Z	2023-03-25T14:32:38Z	5.5 kB	94 kB	95.100.107.87
ic.tynt.com	4300	2013-08-06T03:33:59Z	2023-03-26T09:12:17Z	2.3 kB	1.2 kB	67.202.105.34
de.tynt.com	1252	2013-08-06T03:33:59Z	2023-03-25T06:39:17Z	537 B	404 B	67.202.105.34

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-03-18	medium	certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php	Nordea Bank

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed
2023-03-18	medium	cprapid.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	widgets.amung.us/small.js	8.6 kB	2023-03-08	2024-07-26
Pretty URL widgets.amung.us/small.js IP 172.67.8.141 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:44 Last Seen2024-07-26 07:49:33 Times Seen2940 Hash a41caf5294227669425cd5135a26b2a0 a26a13f88c51c37b58fbd8a6b444e9b9150fae16 2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1 Loading...

	t.dtscout.com/i/?l=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php&j=	2.1 kB	2023-03-07	2024-07-26
Pretty URL t.dtscout.com/i/?l=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php&j= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-07-26 23:30:37 Times Seen5432 Hash 51bd741af3fcc4984d1a753eebfa1141 534664acf69cbbb5c9b97c96b63dd37bdc580da2 3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c Loading...

	certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php	865 B	2023-03-14	2023-04-20
Pretty URL certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php IP 20.199.42.181 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 10:44:09 Last Seen2023-04-20 20:37:41 Times Seen55 Hash 43d760a33f39f20362e2714a89b518e9 df962a799adbbebfb940b17d60c95490d218c3d7 be151e29b3346f2e8d1d219828fcabd8673d9b3f2a06df2c82f7f43f81e0b53d Loading...

	certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php	7.4 kB	2023-03-14	2023-04-06
Pretty URL certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php IP 20.199.42.181 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 10:44:09 Last Seen2023-04-06 08:36:23 Times Seen48 Hash fe63cfe27d06be2d4a1a05f3c6890f2b 814b81e1954b80444cc4763aee6713cbb1b0b1bc 62347c38e10bb2388e18068575cc397edbbbb40802914cea17ed25b94ba12e59 Loading...

	certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php	236 B	2023-03-26	2023-04-20
Pretty URL certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php IP 20.199.42.181 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:22:38 Last Seen2023-04-20 20:37:41 Times Seen63 Hash c9c77ee4f3365bf985af71cfbe56d7d9 1b2cc393ee8e5fd170537a0142338099ee8c55b3 423de8f33e546a89bbaffc472957251586477bdec637afc366496796e6a1e487 Loading...

	cdn.tynt.com/tc.js	18 kB	2023-03-26	2023-06-01
Pretty URL cdn.tynt.com/tc.js IP 104.18.36.173 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 06:14:32 Last Seen2023-06-01 00:32:07 Times Seen1872 Hash 569be2758b9d2b1b2b12b32cb4e77722 c899cb2adea760c6cdb2d471a7408ddbc811e363 b1804777ba20dafab3f354093af8b20442bec0eb61b2d34ea8a735a3bfefa278 Loading...

	t.dtscout.com/pv/?_a=v&_h=certificate.privat.dokument.opdate.20-199-42-181.cprapid.com&_ss=40ynr9pwzp&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=4ec0&_cb=_dtspv.c	52 B	2023-03-26	2023-03-26
Pretty URL t.dtscout.com/pv/?_a=v&_h=certificate.privat.dokument.opdate.20-199-42-181.cprapid.com&_ss=40ynr9pwzp&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=4ec0&_cb=_dtspv.c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 10:15:26 Last Seen2023-03-26 10:15:26 Times Seen1 Hash ddd4306d74d6b9ae4e9b904efb8df8e1 7c41eee701500afbd11d49070a6c5ba75338bd0f 9f234f529cae373e85be7d7cd39f282ab97a641c2c85983add2cec65ce0578cb Loading...

	de.tynt.com/deb/v2?id=w!nordi001&dn=TC&cc=1&r=&pu=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php	4 B	2023-03-07	2024-07-23
Pretty URL de.tynt.com/deb/v2?id=w!nordi001&dn=TC&cc=1&r=&pu=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php IP 67.202.105.34 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-07-23 20:01:56 Times Seen3147 Hash 350fd6ef6446635f7a8f608434a405ec a4b6c275ac2c80ec925b5c0c5c6abb79ba897356 d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179 Loading...

	certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php	352 B	2023-03-08	2023-04-20
Pretty URL certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php IP 20.199.42.181 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:38:06 Last Seen2023-04-20 20:37:41 Times Seen87 Hash 20fb3c0190a762beaea9dc55bb233440 19334f820374a9f1486604884906293932b47971 a826917389ce9f2378f0efcda62a5e800ff9d9e6b49835c427732eecbb24440b Loading...

	certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php	30 B	2023-03-13	2023-04-11
Pretty URL certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php IP 20.199.42.181 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:05:50 Last Seen2023-04-11 19:10:00 Times Seen49 Hash 4affbb1bcd478fcb687610382841ab13 76a99c4aa3b9dd38c7f7391b924b35103cb33e76 f915c2252d54209d99117a7cc549fe9bd7df7555b212541294f3453115e8fd79 Loading...

	whos.amung.us/pingjs/?k=nordi001&t=Nordea%20-%20identifikation&c=s&x=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php&y=&a=0&d=0.743&v=27&r=4570	26 B	2023-03-26	2023-04-17
Pretty URL whos.amung.us/pingjs/?k=nordi001&t=Nordea%20-%20identifikation&c=s&x=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php&y=&a=0&d=0.743&v=27&r=4570 IP 172.67.8.141 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:32:37 Last Seen2023-04-17 14:51:58 Times Seen4 Hash 42eea469442522d40c3d829a5f4059db bc89ae2865e41e87a48ac8794d9088a64f51f2c4 299a106373dfc66a0dc151376cde7bccc69cbeef8824fab2db7e48f4489ded07 Loading...

	unknown	0 B	2023-03-07	2024-07-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-07-27 03:42:09 Times Seen41184165 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php	463 B	2023-03-08	2024-05-07
Pretty URL certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php IP 20.199.42.181 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:23:38 Last Seen2024-05-07 12:37:52 Times Seen63 Hash 12ce6263ec9a8b39052bb88a4d32f022 079864bd3f57d5abaf5dbedd1d1230af550d200e 69c811cc0046ee6925b3f2c92f3a227b2b96746d5ea3b50d61051659f27e0f25 Loading...

	certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php	296 B	2023-03-13	2023-04-11
Pretty URL certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php IP 20.199.42.181 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:40:45 Last Seen2023-04-11 19:10:00 Times Seen50 Hash c0cc0ba63ea76098dbef673319501ca9 2c8af94b1eab461e36fd0f62b11730852cad6fdc 43f4cb716a59b28050fe499c7f64551df523ded2030b8ba9f2fc67c23a636741 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9c6f8328cad252c79720cdebcb48012b	226 B	2023-03-07	2023-05-06
Pretty Observations First Seen2023-03-07 01:03:01 Last Seen2023-05-06 00:45:04 Times Seen958 Hash 9c6f8328cad252c79720cdebcb48012b b853e7b92b0b23aa07f59b4816740de095331d47 bb037a2c6d9cf7fa65d8570beb76b1a31c360826ed6edb8612a584aa1918d62d Loading...

	#2 Eval - b2c2041f8d99c45e0f21474fe4f8b7bc	17 B	2023-03-07	2024-07-27
Pretty Observations First Seen2023-03-07 01:03:01 Last Seen2024-07-27 00:25:01 Times Seen8279 Hash b2c2041f8d99c45e0f21474fe4f8b7bc 0b876666393469c726a2e3edbb29544c03a92154 17f5bfdbae6b35ae8bc3b27c069526d694021fe1e37a8027678e770fbb05e061 Loading...

HTTP Transactions (59)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2857be6f18459c7a4a7f00f6cd6076f1
570609086d72a9be57cde7bfefd25663c1035fba
bd8abb8f420d1e31462fca1d6a7caadf1e2bba6fc7db05684b5811e00e84107f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD8ABB8F420D1E31462FCA1D6A7CAADF1E2BBA6FC7DB05684B5811E00E84107F"
Last-Modified: Fri, 17 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7160
Expires: Sun, 19 Mar 2023 06:28:41 GMT
Date: Sun, 19 Mar 2023 04:29:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3396075e8f2d9ceae3bd11f94111fed8
98ba4ccf6b0e38a91c69b76ac1dc07313773ed1d
e533d6bd6a8080facdff772bcbf359373dab2d5a6fe5eabe64f95e68a8cd23aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E533D6BD6A8080FACDFF772BCBF359373DAB2D5A6FE5EABE64F95E68A8CD23AA"
Last-Modified: Fri, 17 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13628
Expires: Sun, 19 Mar 2023 08:16:29 GMT
Date: Sun, 19 Mar 2023 04:29:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
eddc2a353d39e5ce5c30d7e90b3ed6a5
305e86e4b966344c135c50af9a6509ffd3a83e9e
bd775c38c2e11f1baedde5d92ab17ceaf4c2067f8ea996595a66801758a71813

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD775C38C2E11F1BAEDDE5D92AB17CEAF4C2067F8EA996595A66801758A71813"
Last-Modified: Fri, 17 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16961
Expires: Sun, 19 Mar 2023 09:12:02 GMT
Date: Sun, 19 Mar 2023 04:29:21 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 19 Mar 2023 04:27:01 GMT
content-type: application/json
age: 140
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: SitHvDS7yBG4y6I0kQFhFT1iAPDrnzx0lWSzpudZf3ustTJJs/KtrV8HaSlkLTl9vEs8MGTS6ro=
x-amz-request-id: C8WR1HDAK5T6XVW5
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 19 Mar 2023 03:52:12 GMT
age: 2229
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php

20.199.42.181

200 OK

96 kB

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (43921)
Size
96 kB (95577 bytes)
Hash
29116baf7570b05cc2d82867de7744bc
d43c868c17c6c53054d368e20e8b99f74c7deba8
79a4dd783eb17cd5182ea0270c42b1d913e326f2f0e817ef001e9ab1f75e30c9

Detections

Analyzer	Verdict	Alert
openphish	Nordea Bank
quad9	Sinkholed

HTTP Headers

GET /id/dklogin.php HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 04:29:21 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 04:29:21 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css

20.199.42.181

200 OK

46 kB

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
assembler source, ASCII text
Size
46 kB (46240 bytes)
Hash
b4e3dd72fa889925a82bcf7bbf0efb38
f073ffd6720b2a76790083c6fc434c3560a6cc39
2bbe5dc049d7c24d18fa1623f48772832cbfa6f3281df6b41723b9bd7f3be7f9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /id/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 04:29:21 GMT
Server: Apache
Last-Modified: Mon, 12 Dec 2022 07:05:57 GMT
Accept-Ranges: bytes
Content-Length: 46240
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/partials/js/jquery.js

20.199.42.181

200 OK

272 kB

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/partials/js/jquery.js
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with CRLF line terminators
Size
272 kB (272155 bytes)
Hash
3f24e8505d471bd934a5a68b86971580
876bd436d3b3c1436a8ac17a654e38d062acf45e
4ef5f864f89db7feaaaa5332c0a99d76076af49fef488806541ca2561e4cb379

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /id/partials/js/jquery.js HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 04:29:21 GMT
Server: Apache
Last-Modified: Fri, 05 Feb 2021 08:11:28 GMT
Accept-Ranges: bytes
Content-Length: 272155
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/scripts-5abe3803d3e5a9e3f93b7ca687779a67.js

20.199.42.181

404 Not Found

10 kB

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/scripts-5abe3803d3e5a9e3f93b7ca687779a67.js
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10290 bytes)
Hash
617034d071abf649e6615d95dfa1ea62
28ba9d74f516bf8d46b2645ffa34f3f387ec0e00
4db81d1d2af73aa33fd5a0a7bc4193a5a37e9788a1f46a1a861523944d01f1da

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/scripts-5abe3803d3e5a9e3f93b7ca687779a67.js HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sun, 19 Mar 2023 04:29:21 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/qrcode-0ee52d9cc6e123879ec6846246f9eff0.js

20.199.42.181

404 Not Found

10 kB

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/qrcode-0ee52d9cc6e123879ec6846246f9eff0.js
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10288 bytes)
Hash
40aa2bb1e227788429279a968abca012
b6b8ea4b525be3e633f2423a87f061a8eeb5822b
cafaf856a18cc93a4a45832c534fac0e83f9b32c5396cf61e8e0dddcd55389eb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/qrcode-0ee52d9cc6e123879ec6846246f9eff0.js HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sun, 19 Mar 2023 04:29:21 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/mitid-4aead61655620afca545eded5d36aa1e.svg

20.199.42.181

404 Not Found

10 kB

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/mitid-4aead61655620afca545eded5d36aa1e.svg
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10302 bytes)
Hash
bc58239b9f97a22f4a8f9a87dea3f7cb
7b5de0ab5e83cef954cae4a8a527fa0ff80b4d9c
c31caea60a80a1d38f73f24e8a2797f961e230f48f9c0f42caadcd7b40a8d43e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/mitid-4aead61655620afca545eded5d36aa1e.svg HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sun, 19 Mar 2023 04:29:21 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/codes_app-a89defc476c5ea3f806b6f5360157e81.svg

20.199.42.181

404 Not Found

10 kB

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/codes_app-a89defc476c5ea3f806b6f5360157e81.svg
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10310 bytes)
Hash
75a044df303e8e868fa5c586a04d52ae
983116566a360db32287390073b2003f7fb206e3
e37f53a86a96f36d5a8cab0c65f85953bc7860909684bb4c115ec11414d9836a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/codes_app-a89defc476c5ea3f806b6f5360157e81.svg HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sun, 19 Mar 2023 04:29:21 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/all/aa1ee103968475b48934-3a4d9a8b6adf39716f28af71fc9b030a.woff

20.199.42.181

200 OK

31 kB

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/all/aa1ee103968475b48934-3a4d9a8b6adf39716f28af71fc9b030a.woff
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Web Open Font Format, TrueType, length 31152, version 0.0\012- data
Size
31 kB (31152 bytes)
Hash
3a4d9a8b6adf39716f28af71fc9b030a
5d9acfd762ccd9a4a519951ad008f119741c513b
21a2a17b532837aeafeb95de9f252bfec714028517f79fb4143845ca4d23353c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /id/all/aa1ee103968475b48934-3a4d9a8b6adf39716f28af71fc9b030a.woff HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 04:29:21 GMT
Server: Apache
Last-Modified: Mon, 12 Dec 2022 06:59:54 GMT
Accept-Ranges: bytes
Content-Length: 31152
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/key-ca4ef88caabfc9bc5dc60a9d9fe78fa3.svg

20.199.42.181

404 Not Found

10 kB

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/key-ca4ef88caabfc9bc5dc60a9d9fe78fa3.svg
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10298 bytes)
Hash
0fdc269b7eeffd60859e31ee4a6f0a48
9b877ddeeb02ba25369c1fd31722cde0d72b433c
6afb6995e7b073fe053e986765b3f5cad19e603fcdac26ecf69b5ca5b0989eb8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/key-ca4ef88caabfc9bc5dc60a9d9fe78fa3.svg HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sun, 19 Mar 2023 04:29:21 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/qrt-78c4b15d93ca856686f6b6f3fa0ce872.svg

20.199.42.181

404 Not Found

10 kB

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/qrt-78c4b15d93ca856686f6b6f3fa0ce872.svg
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10298 bytes)
Hash
bff36c07d1a36059fe1bbfb76e9def0c
c03aa20b9debef84e0ed5b01302d3468be235403
1a0f9a5c36ff8d9df514d7da308b0c66085289039972f17d8cc9bb03bd2dbf70

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/qrt-78c4b15d93ca856686f6b6f3fa0ce872.svg HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sun, 19 Mar 2023 04:29:21 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/technical-error-91ca9eec9eed6ed945355d650bb10d41.svg

20.199.42.181

404 Not Found

10 kB

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/technical-error-91ca9eec9eed6ed945355d650bb10d41.svg
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10322 bytes)
Hash
b89f2bafbb7fa289e6e88b34ded1daea
835bf8b0681929d438f8c8dfbf4ca609c85423f3
8369f5c95476e63167e08e6a13c337b5822abe87ef363e5068bf6fd0b3eecd8f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/technical-error-91ca9eec9eed6ed945355d650bb10d41.svg HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sun, 19 Mar 2023 04:29:21 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg

20.199.42.181

404 Not Found

10 kB

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10332 bytes)
Hash
80229f2cc6704fd9337f56cd0b19b03b
e4b60cdc82c6bb0dfe27125b2a9cceb4a5d03a03
a11492e0e6e47fd2d662c115ab0df92692cab4a79ad3fe866edd528517d329c1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sun, 19 Mar 2023 04:29:21 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

www.mitid.dk/mitid-core-client-backend/v1/coreclient.e998ecf45cf7712a1b62.js

95.100.107.87

404 Not Found

209 B

URL HTTP/1.1
www.mitid.dk/mitid-core-client-backend/v1/coreclient.e998ecf45cf7712a1b62.js
IP
95.100.107.87:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
209 B (209 bytes)
Hash
8d49de8f98fb2814cc94efb4fe0cb9e6
f53c40157fb8266456e6dadba5c5a406d835cbfb
cce700ee2e3a8cc9e2b7c71f814ebe83beefdc56248f0ede108b2a15043200eb

HTTP Headers

GET /mitid-core-client-backend/v1/coreclient.e998ecf45cf7712a1b62.js HTTP/1.1
Host: www.mitid.dk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Server: nginx
Content-Type: application/json
X-Correlation-ID: 71333e52-3e3b-4b6f-b877-97b5a1ee8e9a
Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
Content-Disposition: inline;filename=f.txt
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 209
Expires: Sun, 19 Mar 2023 04:29:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 19 Mar 2023 04:29:21 GMT
Connection: keep-alive

www.mitid.dk/mitid-core-client-backend/v1/bootstrapper.a29ccd9579584e71dfba.js

95.100.107.87

404 Not Found

211 B

URL HTTP/1.1
www.mitid.dk/mitid-core-client-backend/v1/bootstrapper.a29ccd9579584e71dfba.js
IP
95.100.107.87:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
211 B (211 bytes)
Hash
d71f1457d26ca6292369d452adf68cb0
6420fc60a39cf5c6662319f10ca30be6ee97727e
e5a8c75b109eb21d52a2b6f133158294ff080ed5b63c36c5892f7cf487c891ee

HTTP Headers

GET /mitid-core-client-backend/v1/bootstrapper.a29ccd9579584e71dfba.js HTTP/1.1
Host: www.mitid.dk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Server: nginx
Content-Type: application/json
X-Correlation-ID: bc3c36e7-0d48-4144-9a8e-bbb582e1ce7b
Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
Content-Disposition: inline;filename=f.txt
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 211
Expires: Sun, 19 Mar 2023 04:29:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 19 Mar 2023 04:29:21 GMT
Connection: keep-alive

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/all/b90f1e1b93f3b23dd79e-11eca7aa5a85ec0c6cc3deba794b264e.woff

20.199.42.181

200 OK

32 kB

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/all/b90f1e1b93f3b23dd79e-11eca7aa5a85ec0c6cc3deba794b264e.woff
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Web Open Font Format, TrueType, length 31772, version 0.0\012- data
Size
32 kB (31772 bytes)
Hash
11eca7aa5a85ec0c6cc3deba794b264e
9bd19e1a9d5859833cbd50f501444c8c2afec2e1
ff28a732b1fc6a547797b7a9a7c29025ae41b74cc5e208232418d9c41fb43c44

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /id/all/b90f1e1b93f3b23dd79e-11eca7aa5a85ec0c6cc3deba794b264e.woff HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 04:29:21 GMT
Server: Apache
Last-Modified: Mon, 12 Dec 2022 06:59:53 GMT
Accept-Ranges: bytes
Content-Length: 31772
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/all/5e73b3c67b0510c4c5cf-6629cb5350d6f3276b2dccc43bd3f397.png

20.199.42.181

200 OK

40 kB

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/all/5e73b3c67b0510c4c5cf-6629cb5350d6f3276b2dccc43bd3f397.png
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 828 x 300, 4-bit colormap, non-interlaced\012- data
Size
40 kB (40339 bytes)
Hash
6629cb5350d6f3276b2dccc43bd3f397
63d964e5caaa541475a4c2da976871a9f9986067
9fc5b5c44107cfc6701be07fa5d5a4d7ab066607dd7ab6e9f396ac709e28424f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /id/all/5e73b3c67b0510c4c5cf-6629cb5350d6f3276b2dccc43bd3f397.png HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 04:29:21 GMT
Server: Apache
Last-Modified: Mon, 07 Nov 2022 21:40:36 GMT
Accept-Ranges: bytes
Content-Length: 40339
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg

20.199.42.181

404 Not Found

10 kB

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10318 bytes)
Hash
e5666c7c183f7cd74a3e7d2d84bd2c80
a6be446b37789e46cbd84d5eab24f810f02f8867
339a6905e26167d7ec097db25dc04460e55d08864c757437a110b630c86d4dfb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sun, 19 Mar 2023 04:29:21 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/no-connection-83f79e2367a313b468986e12a237c346.svg

20.199.42.181

404 Not Found

10 kB

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/no-connection-83f79e2367a313b468986e12a237c346.svg
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10318 bytes)
Hash
0b4a4f838f8c250276d1315f7743f5f6
4f5fc80399341d54beae210854b76c4c44f9e959
ab5d141522e8ebdb7a3e870e9f560fb8cef8b05a01ac9b5b4f2d621fef130001

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/no-connection-83f79e2367a313b468986e12a237c346.svg HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sun, 19 Mar 2023 04:29:21 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg

20.199.42.181

404 Not Found

10 kB

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10304 bytes)
Hash
f4d692a54cc679c87fe67226c606f6ee
bf2497c8fdcb5ebad48781685329b60d0d38a7f8
538f232a912db3ce747f7b5229a693a2c15fdf76361bee20a159e1fb9ad52208

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sun, 19 Mar 2023 04:29:21 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/empty-3857ebe69f653487f8c9d99adde4657f.svg

20.199.42.181

404 Not Found

10 kB

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/empty-3857ebe69f653487f8c9d99adde4657f.svg
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10302 bytes)
Hash
9c167d0bcf919941e1b4df3a58959b39
a9a1330b0ac6d806a42a625c0c7cd11503842045
80932669c61d3d28a3b4da11433e2a9ddf3be1422c9792a4c0a9ae62f600ee01

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/empty-3857ebe69f653487f8c9d99adde4657f.svg HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sun, 19 Mar 2023 04:29:21 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/qrcode-0ee52d9cc6e123879ec6846246f9eff0.js

20.199.42.181

404 Not Found

10 kB

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/qrcode-0ee52d9cc6e123879ec6846246f9eff0.js
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10288 bytes)
Hash
40aa2bb1e227788429279a968abca012
b6b8ea4b525be3e633f2423a87f061a8eeb5822b
cafaf856a18cc93a4a45832c534fac0e83f9b32c5396cf61e8e0dddcd55389eb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/qrcode-0ee52d9cc6e123879ec6846246f9eff0.js HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sun, 19 Mar 2023 04:29:21 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/scripts-5abe3803d3e5a9e3f93b7ca687779a67.js

20.199.42.181

404 Not Found

10 kB

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/scripts-5abe3803d3e5a9e3f93b7ca687779a67.js
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10290 bytes)
Hash
617034d071abf649e6615d95dfa1ea62
28ba9d74f516bf8d46b2645ffa34f3f387ec0e00
4db81d1d2af73aa33fd5a0a7bc4193a5a37e9788a1f46a1a861523944d01f1da

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/scripts-5abe3803d3e5a9e3f93b7ca687779a67.js HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sun, 19 Mar 2023 04:29:21 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

www.mitid.dk/assets/fonts/IBMPlexSans.woff2

95.100.107.87

200 OK

56 kB

URL HTTP/1.1
www.mitid.dk/assets/fonts/IBMPlexSans.woff2
IP
95.100.107.87:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 55936, version 1.0\012- data
Size
56 kB (55936 bytes)
Hash
21ba7afab46a1da80b4a6010d1e577cd
3a8e5c7d9fd8a018110f550bd26c82942da25d83
61bfa80e071153824914399d5f7ca26ec75fcfe3f4ad20e616e88fe6d9544823

HTTP Headers

GET /assets/fonts/IBMPlexSans.woff2 HTTP/1.1
Host: www.mitid.dk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff2
Content-Length: 55936
Last-Modified: Tue, 21 Feb 2023 13:35:51 GMT
ETag: "da80-5f535dbaa5bc0"
Accept-Ranges: bytes
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Origin
Cache-Control: public, max-age=14400
Date: Sun, 19 Mar 2023 04:29:21 GMT
Connection: keep-alive

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/favicon-9a39921b4a8d93d5528b4ccdc5d76e91.ico

20.199.42.181

404 Not Found

10 kB

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/favicon-9a39921b4a8d93d5528b4ccdc5d76e91.ico
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10306 bytes)
Hash
24d0597375d241b1477fdc9938cb3c8e
31f982f4475c471e8482b83c0ddd7c86aa6c7929
34e57ad5211454298112a0ccb9662da8e1ff3efce6335a6f5cb930bf41a10158

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/favicon-9a39921b4a8d93d5528b4ccdc5d76e91.ico HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sun, 19 Mar 2023 04:29:21 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Retry-After, Content-Type, Expires, Alert, Pragma, ETag, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 19 Mar 2023 04:14:32 GMT
age: 889
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0a4b141e90b0fb22cf6d10a6a4fd360d
37b081be1a69edb97a7c562b71474f4d7405d94e
5db17bb0a40658845e03d8237a69458a0576d955006ee224930b0310179af9af

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5DB17BB0A40658845E03D8237A69458A0576D955006EE224930B0310179AF9AF"
Last-Modified: Fri, 17 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4346
Expires: Sun, 19 Mar 2023 05:41:48 GMT
Date: Sun, 19 Mar 2023 04:29:22 GMT
Connection: keep-alive

push.services.mozilla.com/

34.218.147.141

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.218.147.141:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tGk0IJF2aYWAzO1d6l5MXw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UkjZffJ3w1iODqNCqbL+A64jI18=

www.mitid.dk/assets/fonts/IBMPlexSans-Bold.woff

95.100.107.87

200 OK

4.8 kB

URL HTTP/1.1
www.mitid.dk/assets/fonts/IBMPlexSans-Bold.woff
IP
95.100.107.87:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format, TrueType, length 77160, version 0.0\012- data
Size
4.8 kB (4827 bytes)
Hash
29c2ac5a9141d1839b1a38ac739bf2f4
ea9f2c7fb76e056b90ccfc5e4409c13d3c5882a4
bb16df10fa64ef264556307eb56c71610341d0dfc448a4ddae9b96a5f0d9ebbb

HTTP Headers

GET /assets/fonts/IBMPlexSans-Bold.woff HTTP/1.1
Host: www.mitid.dk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff
Content-Length: 77160
Last-Modified: Tue, 21 Feb 2023 13:35:51 GMT
ETag: "12d68-5f535dbaa5bc0"
Accept-Ranges: bytes
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Origin
Cache-Control: public, max-age=14362
Date: Sun, 19 Mar 2023 04:29:21 GMT
Connection: keep-alive

ic.tynt.com/b/p?id=w!nordi001&lm=0&ts=1679200170370&dn=TC&iso=0&pu=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php&t=Nordea%20-%20identifikation

67.202.105.34

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!nordi001&lm=0&ts=1679200170370&dn=TC&iso=0&pu=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php&t=Nordea%20-%20identifikation
IP
67.202.105.34:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!nordi001&lm=0&ts=1679200170370&dn=TC&iso=0&pu=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php&t=Nordea%20-%20identifikation HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 19 Mar 2023 04:29:22 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

de.tynt.com/deb/v2?id=w!nordi001&dn=TC&cc=1&r=&pu=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php

67.202.105.34

200 OK

4 B

URL HTTP/2
de.tynt.com/deb/v2?id=w!nordi001&dn=TC&cc=1&r=&pu=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php
IP
67.202.105.34:0
ASN
#32748 STEADFAST

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

HTTP Headers

GET /deb/v2?id=w!nordi001&dn=TC&cc=1&r=&pu=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=86400
expires: Mon, 20 Mar 2023 04:29:22 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-type: application/javascript
content-length: 4
date: Sun, 19 Mar 2023 04:29:22 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

ic.tynt.com/b/p?id=w!nordi001&lm=0&ts=1679200170370&dn=TC&iso=0&pu=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php

67.202.105.34

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!nordi001&lm=0&ts=1679200170370&dn=TC&iso=0&pu=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php
IP
67.202.105.34:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!nordi001&lm=0&ts=1679200170370&dn=TC&iso=0&pu=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 19 Mar 2023 04:29:22 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

ic.tynt.com/b/p?id=w!nordi001&lm=0&ts=1679200170370&dn=TC&iso=0&pu=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php

67.202.105.34

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!nordi001&lm=0&ts=1679200170370&dn=TC&iso=0&pu=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php
IP
67.202.105.34:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!nordi001&lm=0&ts=1679200170370&dn=TC&iso=0&pu=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 19 Mar 2023 04:29:23 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

ic.tynt.com/b/p?id=w!nordi001&lm=0&ts=1679200170370&dn=TC&iso=0&pu=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php

67.202.105.34

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!nordi001&lm=0&ts=1679200170370&dn=TC&iso=0&pu=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php
IP
67.202.105.34:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!nordi001&lm=0&ts=1679200170370&dn=TC&iso=0&pu=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx/1.16.1
date: Sun, 19 Mar 2023 04:29:23 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

www.mitid.dk/assets/fonts/IBMPlexSans-Bold.woff2

95.100.107.87

200 OK

29 kB

URL HTTP/1.1
www.mitid.dk/assets/fonts/IBMPlexSans-Bold.woff2
IP
95.100.107.87:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 55824, version 1.0\012- data
Size
29 kB (28781 bytes)
Hash
eea9a44a51c0f0bfbcf2c081f09a9177
7bec7b53c2a939751ea54a5f26037f5aa9a6e851
6067612a45cae0b11aad4c44f0237928fb2ca21d052a952e9664bab967ae5f8e

HTTP Headers

GET /assets/fonts/IBMPlexSans-Bold.woff2 HTTP/1.1
Host: www.mitid.dk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff2
Content-Length: 55824
Last-Modified: Tue, 21 Feb 2023 13:35:51 GMT
ETag: "da10-5f535dbaa5bc0"
Accept-Ranges: bytes
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Origin
Cache-Control: public, max-age=14372
Date: Sun, 19 Mar 2023 04:29:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12138
Expires: Sun, 19 Mar 2023 07:51:41 GMT
Date: Sun, 19 Mar 2023 04:29:23 GMT
Connection: keep-alive

cdn.tynt.com/tc.js

104.18.36.173

200 OK

7.4 kB

URL HTTP/2
cdn.tynt.com/tc.js
IP
104.18.36.173:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
7.4 kB (7372 bytes)
Hash
11f2f16defc5939bd7c9603d7ec2795c
74fdd684378f5e8c7144a5dbd838324bf133c60a
dbad20c4962d0ce63d2fd18a2ab2bdd213c686f4b14ea7089568b9c0df5c4c20

HTTP Headers

GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 19 Mar 2023 04:29:22 GMT
content-type: application/javascript
last-modified: Tue, 14 Mar 2023 15:48:17 GMT
vary: Accept-Encoding
etag: W/"64109741-4750"
content-encoding: gzip
cf-cache-status: HIT
age: 132050
expires: Wed, 22 Mar 2023 04:29:22 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 7aa2f956eff40b41-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12138
Expires: Sun, 19 Mar 2023 07:51:41 GMT
Date: Sun, 19 Mar 2023 04:29:23 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe323f22e-6800-4578-a34f-a8fa940499e0.jpeg

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe323f22e-6800-4578-a34f-a8fa940499e0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8189 bytes)
Hash
6645ef8b7e2b10326cc1cb7c76f82769
cc7b05fa466c6ecd6c8a0e0d6ccc96ecbd59aced
1076fa495f0b7cc23922f64cc6a6f596de9a6f08ea7549eef785d804db0be7fc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe323f22e-6800-4578-a34f-a8fa940499e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8189
x-amzn-requestid: 3815c61d-6d05-4794-bd9a-d417d1270527
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_wqgGsdIAMFi6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162e42-6af86b2a21b89d38559ca754;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:33:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: n-Dbnb07Rsh0y_T4UW0VQSyRcV96MehdMiFlhdUtcrCiqZVL5ZVJxg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 21:45:47 GMT
etag: "cc7b05fa466c6ecd6c8a0e0d6ccc96ecbd59aced"
content-type: image/jpeg
age: 24216
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87cb0650-2c5d-4809-8bb9-0a6c7a2b7562.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10913 bytes)
Hash
925c6d8d9b0bd170303c785824f842f6
74127f320b41464959c3d1881aa7056a2bb7c3db
7c87a48bbff78f9f302c77508a3899709dc146ff6a095c548398e710aa6119c7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87cb0650-2c5d-4809-8bb9-0a6c7a2b7562.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10913
x-amzn-requestid: 71cd1b59-f51f-47af-aab3-523716b6b34f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bp_4XGugIAMFtkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640d79ce-2494be625549a22d410f4aa7;Sampled=0
x-amzn-remapped-date: Sun, 12 Mar 2023 07:05:50 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: r9hbB7S9Fi4bfJuPdSnSbInXAGuk2frr-b5qftWJQgFJFDUlCibvew==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 22:12:23 GMT
age: 22620
etag: "74127f320b41464959c3d1881aa7056a2bb7c3db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10338 bytes)
Hash
78453ba98b72eff3879ef163b59c86ed
80519bb3726ee1f9f211344cd433cefaed3a7f2e
61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10338
x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgFGENoAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: bka10YWXvoKBRkwgvJNMzm1SSv_J1USzdugO9lPduHxe2uYFYkXh4w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 04:25:44 GMT
age: 219
etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48ca215f-c7b1-4e8a-adb9-666f63347dca.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (8997 bytes)
Hash
53761c38e423f6990a84c2b59ed352eb
974780a01c5fe24e092b4d8bd08a3a13a17485e1
527145dd60d8944f77d0187e2286fa1ddd12646efbc8e080eefa04825e212c54

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48ca215f-c7b1-4e8a-adb9-666f63347dca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8997
x-amzn-requestid: 9d2de887-7fa9-4a32-88f7-95d73447537c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_wZMGd1IAMFqoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162dd4-1a4e78b86a7075e632de4bf5;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:32:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: ofXGNAvEmGsCA3lg3SeqkQvsgERe8Shqnsx1pGLs_e3w7uTHO0JcMw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 21:45:59 GMT
etag: "974780a01c5fe24e092b4d8bd08a3a13a17485e1"
content-type: image/jpeg
age: 24204
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63fcece5-ac9a-47e4-9587-013a570aedae.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7566 bytes)
Hash
201a7e2a9ec467338a523d1713e333f3
50c909b444039baa961411e64b49e304bfd7a675
f9cb9b0df4e24e104236239b8c9544d225a9ef792d2fce3a713c4eb1611ac14e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63fcece5-ac9a-47e4-9587-013a570aedae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7566
x-amzn-requestid: d25b5304-01ba-465e-aefd-3b859505ea7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_wYJHRWoAMFUQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162dcd-1d173b860c6aac10195bf1a2;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:31:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 1Lj5o4EwgNR26vZEjYI75wlvCZnMNqb65-sA-0IeUTIEIFeghL0HXw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 a3b5bb90516201e5ddd137696b7b0f50.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 21:44:41 GMT
age: 24282
etag: "50c909b444039baa961411e64b49e304bfd7a675"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffb155f3-4b60-4d8c-879f-3b7bd1c5c129.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5311 bytes)
Hash
07289211ce045b31693c7bb59c06f338
210abec1182bb94b9d0e48827ecb8023611c4489
808b7bfa4b75cfb91e003d6375802da7d2719de29d4f64776dea57992b7632c4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffb155f3-4b60-4d8c-879f-3b7bd1c5c129.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5311
x-amzn-requestid: 3e000f36-3e2a-4008-950b-2e9f83306e51
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_w3eFmtIAMF7EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162e95-1b9e4cc8033920ea365de22f;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:35:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: D-ozN3h77HmOeQlqbHfQ5U-L26pifGyxPwnvJuwtRsfS2paMlt4eWg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 21:45:47 GMT
age: 24216
etag: "210abec1182bb94b9d0e48827ecb8023611c4489"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/partials/status.php

20.199.42.181

500 Internal Server Error

0 B

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/partials/status.php
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /id/partials/status.php HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 500 Internal Server Error
Date: Sun, 19 Mar 2023 04:29:24 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/partials/status.php

20.199.42.181

500 Internal Server Error

0 B

URL HTTP/1.1
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/partials/status.php
IP
20.199.42.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /id/partials/status.php HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 500 Internal Server Error
Date: Sun, 19 Mar 2023 04:29:27 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.mitid.dk/assets/fonts/IBMPlexSans-Medium.woff

95.100.107.87

200 OK

0 B

URL HTTP/1.1
www.mitid.dk/assets/fonts/IBMPlexSans-Medium.woff
IP
95.100.107.87:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/fonts/IBMPlexSans-Medium.woff HTTP/1.1
Host: www.mitid.dk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff
Content-Length: 81900
Last-Modified: Tue, 21 Feb 2023 13:35:51 GMT
ETag: "13fec-5f535dbaa5bc0"
Accept-Ranges: bytes
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Origin
Cache-Control: public, max-age=14392
Date: Sun, 19 Mar 2023 04:29:21 GMT
Connection: keep-alive

www.mitid.dk/assets/fonts/IBMPlexSans-SemiBold.woff

95.100.107.87

200 OK

0 B

URL HTTP/1.1
www.mitid.dk/assets/fonts/IBMPlexSans-SemiBold.woff
IP
95.100.107.87:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/fonts/IBMPlexSans-SemiBold.woff HTTP/1.1
Host: www.mitid.dk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff
Content-Length: 82228
Last-Modified: Tue, 21 Feb 2023 13:35:51 GMT
ETag: "14134-5f535dbaa5bc0"
Accept-Ranges: bytes
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Origin
Cache-Control: public, max-age=14400
Date: Sun, 19 Mar 2023 04:29:21 GMT
Connection: keep-alive

whos.amung.us/pingjs/?k=nordi001&t=Nordea%20-%20identifikation&c=s&x=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php&y=&a=0&d=0.743&v=27&r=4570

172.67.8.141

200 OK

0 B

URL HTTP/2
whos.amung.us/pingjs/?k=nordi001&t=Nordea%20-%20identifikation&c=s&x=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php&y=&a=0&d=0.743&v=27&r=4570
IP
172.67.8.141:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pingjs/?k=nordi001&t=Nordea%20-%20identifikation&c=s&x=https%3A%2F%2Fcertificate.privat.dokument.opdate.20-199-42-181.cprapid.com%2Fid%2Fdklogin.php&y=&a=0&d=0.743&v=27&r=4570 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 19 Mar 2023 04:29:22 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7aa2f9549d9e1bfa-OSL
X-Firefox-Spdy: h2

certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/qr_code-c086a1064a1535f8761f7ebef31e5fc5.svg

0 B

URL
certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/assets/images/qr_code-c086a1064a1535f8761f7ebef31e5fc5.svg
IP
:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/qr_code-c086a1064a1535f8761f7ebef31e5fc5.svg HTTP/1.1
Host: certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=35e93c06c9ebd1b9b91f57955c6adf51
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

www.mitid.dk/assets/fonts/IBMPlexSans.woff

95.100.107.87

200 OK

0 B

URL HTTP/1.1
www.mitid.dk/assets/fonts/IBMPlexSans.woff
IP
95.100.107.87:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/fonts/IBMPlexSans.woff HTTP/1.1
Host: www.mitid.dk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff
Content-Length: 77532
Last-Modified: Tue, 21 Feb 2023 13:35:51 GMT
ETag: "12edc-5f535dbaa5bc0"
Accept-Ranges: bytes
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Origin
Cache-Control: public, max-age=14400
Date: Sun, 19 Mar 2023 04:29:21 GMT
Connection: keep-alive

www.mitid.dk/assets/fonts/IBMPlexSans-SemiBold.woff2

95.100.107.87

200 OK

0 B

URL HTTP/1.1
www.mitid.dk/assets/fonts/IBMPlexSans-SemiBold.woff2
IP
95.100.107.87:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/fonts/IBMPlexSans-SemiBold.woff2 HTTP/1.1
Host: www.mitid.dk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff2
Content-Length: 59692
Last-Modified: Tue, 21 Feb 2023 13:35:51 GMT
ETag: "e92c-5f535dbaa5bc0"
Accept-Ranges: bytes
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Origin
Cache-Control: public, max-age=14400
Date: Sun, 19 Mar 2023 04:29:21 GMT
Connection: keep-alive

www.mitid.dk/assets/fonts/IBMPlexSans-Medium.woff2

95.100.107.87

200 OK

0 B

URL HTTP/1.1
www.mitid.dk/assets/fonts/IBMPlexSans-Medium.woff2
IP
95.100.107.87:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/fonts/IBMPlexSans-Medium.woff2 HTTP/1.1
Host: www.mitid.dk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff2
Content-Length: 59228
Last-Modified: Tue, 21 Feb 2023 13:35:51 GMT
ETag: "e75c-5f535dbaa5bc0"
Accept-Ranges: bytes
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Origin
Cache-Control: public, max-age=14396
Date: Sun, 19 Mar 2023 04:29:21 GMT
Connection: keep-alive

widgets.amung.us/small.js

172.67.8.141

200 OK

0 B

URL HTTP/2
widgets.amung.us/small.js
IP
172.67.8.141:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /small.js HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://certificate.privat.dokument.opdate.20-199-42-181.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 19 Mar 2023 04:29:21 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 17:19:26 GMT
etag: W/"63c0411e-2170"
expires: Mon, 20 Mar 2023 04:19:37 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 583
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aa2f9534d381bfa-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML