Overview

URL 20-199-19-234.cprapid.com/beskyttelse/data/neminfo/login.php?&return_url=05cdc0b10f774856f5b1d84ad3d724ba&enrolmentID=ab427d3da48d1b5f658477f01b0cdc50?securessl=true
IP20.199.19.234
ASNMICROSOFT-CORP-MSN-AS-BLOCK
Location France
Report completed2022-10-03 10:17:22 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-03 2 20-199-19-234.cprapid.com/beskyttelse/data/neminfo/frame/login.php Phishing
2022-10-03 2 20-199-19-234.cprapid.com/beskyttelse/data/neminfo/all/scripts-6db7f1f3edd0 (...) Phishing
2022-10-03 2 20-199-19-234.cprapid.com/beskyttelse/data/neminfo/all/nemid-830ab2367a74a4 (...) Phishing
2022-10-03 2 20-199-19-234.cprapid.com/beskyttelse/data/neminfo/all/no-connection-83f79e (...) Phishing
2022-10-03 2 20-199-19-234.cprapid.com/beskyttelse/data/neminfo/all/empty-3857ebe69f6534 (...) Phishing
2022-10-03 2 20-199-19-234.cprapid.com/beskyttelse/data/neminfo/all/something-went-wrong (...) Phishing
2022-10-03 2 20-199-19-234.cprapid.com/beskyttelse/data/neminfo/all/technical-error-91ca (...) Phishing
2022-10-03 2 20-199-19-234.cprapid.com/beskyttelse/data/neminfo/all/cancel-d0c0f9d25ebde (...) Phishing
2022-10-03 2 20-199-19-234.cprapid.com/assets/b90f1e1b93f3b23dd79e-11eca7aa5a85ec0c6cc3d (...) Phishing
2022-10-03 2 20-199-19-234.cprapid.com/assets/aa1ee103968475b48934-3a4d9a8b6adf39716f28a (...) Phishing
2022-10-03 2 20-199-19-234.cprapid.com/beskyttelse/data/neminfo/partials/js/jquery.js Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (18)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS cdn.tynt.com (1) 7260 2012-06-26 16:52:03 UTC 2022-10-03 07:57:26 UTC 104.18.36.173
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-03 08:07:24 UTC 216.137.44.9
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-03 04:56:22 UTC 34.117.237.239
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-10-03 04:57:28 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS ocsp.entrust.net (2) 1208 2013-07-24 12:09:14 UTC 2022-10-03 07:12:04 UTC 104.110.10.32
mnemonic passive DNS t.dtscout.com (2) 11951 2017-01-30 04:52:42 UTC 2022-10-03 09:05:33 UTC 51.161.15.93
mnemonic passive DNS waust.at (1) 38137 2016-01-28 18:24:33 UTC 2022-10-03 02:12:46 UTC 104.26.4.7
mnemonic passive DNS whos.amung.us (1) 12687 2014-04-02 14:27:13 UTC 2022-10-03 09:31:34 UTC 172.67.8.141
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-03 07:33:02 UTC 93.184.220.29
mnemonic passive DNS ic.tynt.com (7) 4300 2013-08-06 01:33:59 UTC 2022-10-03 06:20:47 UTC 67.202.105.33
mnemonic passive DNS 20-199-19-234.cprapid.com (17) 0 2022-09-26 08:25:04 UTC 2022-10-03 06:16:14 UTC 20.199.19.234 Domain (cprapid.com) ranked at: 377998
mnemonic passive DNS ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-10-03 08:03:33 UTC 172.64.155.188
mnemonic passive DNS de.tynt.com (1) 1252 2013-08-06 01:33:59 UTC 2022-10-03 09:39:37 UTC 67.202.105.34
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-10-03 07:33:36 UTC 23.36.76.226
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-03 08:58:12 UTC 18.164.68.8
mnemonic passive DNS identify.nordea.com (1) 764228 2018-07-30 06:32:10 UTC 2022-10-03 07:05:43 UTC 158.233.249.230
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-03 05:10:27 UTC 34.223.168.227
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-03 07:41:14 UTC 34.120.237.76


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 20.199.19.234

Date UQ / IDS / BL URL IP
2022-10-24 21:09:26 +0000
0 - 0 - 13 20-199-19-234.cprapid.com/dpd/program/update. (...) 20.199.19.234
2022-10-24 10:39:32 +0000
0 - 0 - 14 20-199-19-234.cprapid.com/reprogramar/envio/u (...) 20.199.19.234
2022-10-24 07:52:52 +0000
0 - 0 - 14 20-199-19-234.cprapid.com/reprogramar/envio/u (...) 20.199.19.234
2022-10-23 23:28:28 +0000
0 - 0 - 14 20-199-19-234.cprapid.com/reprogramar/envio/u (...) 20.199.19.234
2022-10-23 20:52:22 +0000
0 - 0 - 14 20-199-19-234.cprapid.com/reprogramar/envio/u (...) 20.199.19.234

Last 5 reports on ASN: MICROSOFT-CORP-MSN-AS-BLOCK

Date UQ / IDS / BL URL IP
2022-12-08 16:36:53 +0000
0 - 0 - 1 online1.tingclass.net/download/201102171629.zip 20.247.0.177
2022-12-08 16:15:51 +0000
19 - 0 - 10 portail-orange00.ddns.net/messagerie/36639620 (...) 20.163.29.0
2022-12-08 16:14:58 +0000
19 - 0 - 10 portail-orange00.ddns.net/messagerie/36639620 (...) 20.163.29.0
2022-12-08 15:43:19 +0000
0 - 0 - 3 20.163.9.107/archive/AJUDAVENDEDOR.exe 20.163.9.107
2022-12-08 15:36:57 +0000
0 - 0 - 2 replymen.com/home/index/?token=eyJhIjo4NzA2NT (...) 40.83.145.50

Last 5 reports on domain: cprapid.com

Date UQ / IDS / BL URL IP
2022-12-08 15:36:49 +0000
31 - 0 - 15 cert.info.privatkunde.51-12-50-201.cprapid.co (...) 51.12.50.201
2022-12-08 15:35:14 +0000
7 - 0 - 11 cert.info.privatkunde.51-12-50-201.cprapid.co (...) 51.12.50.201
2022-12-08 15:35:13 +0000
0 - 0 - 11 cert.info.privatkunde.51-12-50-201.cprapid.co (...) 51.12.50.201
2022-12-08 15:35:09 +0000
6 - 0 - 10 cert.info.privatkunde.51-12-50-201.cprapid.co (...) 51.12.50.201
2022-12-08 14:33:11 +0000
0 - 0 - 75 b1.54-238-172-83.cprapid.com/ 54.238.172.83

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-12 09:20:57 +0000
0 - 0 - 11 20-199-19-234.cprapid.com/Afslut/procedure/ne (...) 20.199.19.234
2022-10-12 09:20:51 +0000
0 - 0 - 11 20-199-19-234.cprapid.com/Afslut/procedure/ne (...) 20.199.19.234
2022-10-12 05:08:06 +0000
0 - 0 - 11 20-199-19-234.cprapid.com/Afslut/procedure/ne (...) 20.199.19.234
2022-10-12 04:54:43 +0000
0 - 0 - 11 20-199-19-234.cprapid.com/Afslut/procedure/ne (...) 20.199.19.234
2022-10-11 08:49:43 +0000
0 - 0 - 11 20-199-19-234.cprapid.com/kontrol/konto/nem/i (...) 20.199.19.234


JavaScript

Executed Scripts (8)


Executed Evals (2)

#1 JavaScript::Eval (size: 226, repeated: 1) - SHA256: bb037a2c6d9cf7fa65d8570beb76b1a31c360826ed6edb8612a584aa1918d62d

                                        ({
    '0': [0, -15, 5, 8],
    '1': [-5, -15, 3, 8],
    '2': [-8, -15, 5, 8],
    '3': [-13, -15, 5, 8],
    '4': [-18, -15, 5, 8],
    '5': [-23, -15, 5, 8],
    '6': [-28, -15, 5, 8],
    '7': [-33, -15, 5, 8],
    '8': [-38, -15, 5, 8],
    '9': [-43, -15, 5, 8],
    ',': [-48, -15, 2, 8],
    'o': [-50, -15, 24, 8]
})
                                    

#2 JavaScript::Eval (size: 17, repeated: 1) - SHA256: 17f5bfdbae6b35ae8bc3b27c069526d694021fe1e37a8027678e770fbb05e061

                                        /*@cc_on!@*/
false
                                    

Executed Writes (0)



HTTP Transactions (52)


Request Response
                                        
                                            GET /beskyttelse/data/neminfo/login.php?&return_url=05cdc0b10f774856f5b1d84ad3d724ba&enrolmentID=ab427d3da48d1b5f658477f01b0cdc50?securessl=true HTTP/1.1 
Host: 20-199-19-234.cprapid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         20.199.19.234
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 03 Oct 2022 10:17:11 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (805)
Size:   17588
Md5:    e89aeb42551a76ef04ee50e2f0e830a0
Sha1:   b3ddd2a0df6f865d278de4a865156326638321e1
Sha256: d690fe497f6029b963c867c82bfd6d2a5da8f93807f4ce10bdcfeb7f510bbb44
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3294
Expires: Mon, 03 Oct 2022 11:12:05 GMT
Date: Mon, 03 Oct 2022 10:17:11 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.8
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 10:03:32 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f138cee49761f5f7e3b88ec7b66614ee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: Sb8JbLb7XnJuuHlQQYICRobVtG08DF13ysdsReKCib3uEj6sUXcNuQ==
Age: 819


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.137.44.9
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 03:34:13 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f4d9e5aa78d9bbc69bc2a7f8ca614182.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: iC9XCRAI3B8EWDZrM-Vx_NX5JmRHqwPeRk1R-3Hb202XLReWEQ3JiA==
age: 24235
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 03 Oct 2022 10:17:12 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /beskyttelse/data/neminfo/frame/login.php HTTP/1.1 
Host: 20-199-19-234.cprapid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/beskyttelse/data/neminfo/login.php?&return_url=05cdc0b10f774856f5b1d84ad3d724ba&enrolmentID=ab427d3da48d1b5f658477f01b0cdc50?securessl=true
Upgrade-Insecure-Requests: 1

                                         
                                         20.199.19.234
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 03 Oct 2022 10:17:12 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (882), with CRLF line terminators
Size:   7748
Md5:    51ef66be088235f58a5af22e4ca473df
Sha1:   05dc8ba858e3ca1a3cf3c364fdd0c967e36c21d0
Sha256: d5ad7110e1dbeeebc1f7ff8709f7900faab237052ac9c55aaba2a3cba47c1e88

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /beskyttelse/data/neminfo/all/scripts-6db7f1f3edd0e72b01f4957bf91c3b91.js.download HTTP/1.1 
Host: 20-199-19-234.cprapid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/beskyttelse/data/neminfo/login.php?&return_url=05cdc0b10f774856f5b1d84ad3d724ba&enrolmentID=ab427d3da48d1b5f658477f01b0cdc50?securessl=true

                                         
                                         20.199.19.234
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Mon, 03 Oct 2022 10:17:12 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size:   10251
Md5:    ec7c1b417dd87886fc27723a33f7869c
Sha1:   a926a109c3c8b117fe27fdb3a4185a5487a09e95
Sha256: 2f7c4c3cab9753975a815e43ceafd5583ab0912cd92dcb49b2511b3b4c11b254

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /s.js HTTP/1.1 
Host: waust.at
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/

                                         
                                         104.26.4.7
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Mon, 03 Oct 2022 10:17:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 29 Aug 2022 18:12:58 GMT
etag: W/"630d01aa-2142"
expires: Tue, 04 Oct 2022 09:42:59 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
CF-Cache-Status: HIT
Age: 2053
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuLMaPtACRBFZcBv21EhTOooliEzkZtnlqfI4UnzebrAkx4ETqohOZmq8kBeh6KPKjti1e1y3MwNmMGVnzaqGnK9BS1luctTOdbU2S%2FrmlTKPhJLC%2BaIPjQZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7544ed3acb63b4ed-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (8514), with no line terminators
Size:   3462
Md5:    7ba20d7d8e8f534a8d4b3e4848ba40e8
Sha1:   9757fceb751a25322b2f62ae9e8b9918add51baf
Sha256: 8351897e53bf4e0419e84c7a50076de46c03faa8a16baed3cc999374bf95c0db
                                        
                                            GET /beskyttelse/data/neminfo/all/translateelement.css HTTP/1.1 
Host: 20-199-19-234.cprapid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/beskyttelse/data/neminfo/login.php?&return_url=05cdc0b10f774856f5b1d84ad3d724ba&enrolmentID=ab427d3da48d1b5f658477f01b0cdc50?securessl=true

                                         
                                         20.199.19.234
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 03 Oct 2022 10:17:12 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 18724
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (18670)
Size:   18724
Md5:    15ab5dfc566a9a19f6e89a72b7819e43
Sha1:   064aac1e8bc5a26c5986e40659bc328157ec3b53
Sha256: 5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
                                        
                                            GET /beskyttelse/data/neminfo/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css HTTP/1.1 
Host: 20-199-19-234.cprapid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/beskyttelse/data/neminfo/login.php?&return_url=05cdc0b10f774856f5b1d84ad3d724ba&enrolmentID=ab427d3da48d1b5f658477f01b0cdc50?securessl=true

                                         
                                         20.199.19.234
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 03 Oct 2022 10:17:12 GMT
Server: Apache
Last-Modified: Sat, 06 Aug 2022 15:29:08 GMT
Accept-Ranges: bytes
Content-Length: 46070
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  assembler source, ASCII text
Size:   46070
Md5:    d1aafd46c75fda47a8d4fc4292ec3fcc
Sha1:   d5570e9d09d74ca0b4495992fec5ef86573c4437
Sha256: 068ee6c88c6d2629f9a797dac9288490b736f0c944d9a46d566da7cd8f913a1b
                                        
                                            GET /beskyttelse/data/neminfo/all/nemid-830ab2367a74a48b4e61ce97be19c0bd.svg HTTP/1.1 
Host: 20-199-19-234.cprapid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/beskyttelse/data/neminfo/login.php?&return_url=05cdc0b10f774856f5b1d84ad3d724ba&enrolmentID=ab427d3da48d1b5f658477f01b0cdc50?securessl=true

                                         
                                         20.199.19.234
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Mon, 03 Oct 2022 10:17:12 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 2285
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2285), with no line terminators
Size:   2285
Md5:    830ab2367a74a48b4e61ce97be19c0bd
Sha1:   79cde6c94cedde8c6ce414952a6f71841b890b77
Sha256: 6bb27299ef7a2f71792920ae936f4f0800cf1a43ff5f8b4c835233fde4c1e387

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /beskyttelse/data/neminfo/all/no-connection-83f79e2367a313b468986e12a237c346.svg HTTP/1.1 
Host: 20-199-19-234.cprapid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/beskyttelse/data/neminfo/login.php?&return_url=05cdc0b10f774856f5b1d84ad3d724ba&enrolmentID=ab427d3da48d1b5f658477f01b0cdc50?securessl=true

                                         
                                         20.199.19.234
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Mon, 03 Oct 2022 10:17:12 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 4974
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4974), with no line terminators
Size:   4974
Md5:    83f79e2367a313b468986e12a237c346
Sha1:   6b0d0f5df661c328a99aefa3b9388507f35d7fba
Sha256: 3fc2607b1e133fb89affeca8fa96db25e9af2fa9d2f7960d2a9602df9e96ef72

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /beskyttelse/data/neminfo/all/empty-3857ebe69f653487f8c9d99adde4657f.svg HTTP/1.1 
Host: 20-199-19-234.cprapid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/beskyttelse/data/neminfo/login.php?&return_url=05cdc0b10f774856f5b1d84ad3d724ba&enrolmentID=ab427d3da48d1b5f658477f01b0cdc50?securessl=true

                                         
                                         20.199.19.234
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Mon, 03 Oct 2022 10:17:12 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 1642
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1642), with no line terminators
Size:   1642
Md5:    3857ebe69f653487f8c9d99adde4657f
Sha1:   134737f1f8882726ef1b50546546fa9d1479207c
Sha256: d690ce1d3a1304fff86d11c4f38ad540da84949d881ea0c04b49bcc0f13483e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /beskyttelse/data/neminfo/all/translate_24dp.png HTTP/1.1 
Host: 20-199-19-234.cprapid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/beskyttelse/data/neminfo/login.php?&return_url=05cdc0b10f774856f5b1d84ad3d724ba&enrolmentID=ab427d3da48d1b5f658477f01b0cdc50?securessl=true

                                         
                                         20.199.19.234
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 03 Oct 2022 10:17:12 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 825
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   825
Md5:    55ff382a8b09329e3230a1797eb8f5fd
Sha1:   026ae089006a674da7dcc9bf6b986c5d59e75478
Sha256: 1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
                                        
                                            GET /beskyttelse/data/neminfo/all/something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg HTTP/1.1 
Host: 20-199-19-234.cprapid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/beskyttelse/data/neminfo/login.php?&return_url=05cdc0b10f774856f5b1d84ad3d724ba&enrolmentID=ab427d3da48d1b5f658477f01b0cdc50?securessl=true

                                         
                                         20.199.19.234
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Mon, 03 Oct 2022 10:17:12 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 3104
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3104), with no line terminators
Size:   3104
Md5:    9bbd07dc81f3c2a11d2c7735b416ee18
Sha1:   41ee4ad48472fd2f93f765b87c77a606a04e5a00
Sha256: a386a6170805a64ba2e46bcc37c79500b5207bd708b0d1da83cbcbc483e64cb7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /beskyttelse/data/neminfo/all/technical-error-91ca9eec9eed6ed945355d650bb10d41.svg HTTP/1.1 
Host: 20-199-19-234.cprapid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/beskyttelse/data/neminfo/login.php?&return_url=05cdc0b10f774856f5b1d84ad3d724ba&enrolmentID=ab427d3da48d1b5f658477f01b0cdc50?securessl=true

                                         
                                         20.199.19.234
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Mon, 03 Oct 2022 10:17:12 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 2846
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2846), with no line terminators
Size:   2846
Md5:    91ca9eec9eed6ed945355d650bb10d41
Sha1:   7178a477a6cc3271d5e2927cd2737af55804f576
Sha256: 8a22f5ea2bc34877a3334b91210c881523678eec1e915cf6a4ee261ba58121b1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /beskyttelse/data/neminfo/all/cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg HTTP/1.1 
Host: 20-199-19-234.cprapid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/beskyttelse/data/neminfo/login.php?&return_url=05cdc0b10f774856f5b1d84ad3d724ba&enrolmentID=ab427d3da48d1b5f658477f01b0cdc50?securessl=true

                                         
                                         20.199.19.234
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Mon, 03 Oct 2022 10:17:12 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 3097
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3097), with no line terminators
Size:   3097
Md5:    d0c0f9d25ebde42bbd552c8ad5363f01
Sha1:   97f08f3ee5a37bb5d291cf10fd8e5ce630467522
Sha256: 4f98589b5ad297e797fc12ed5b90a5e9244a17dbc34c5cee66e01ae8c1455d2c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /beskyttelse/data/neminfo/all/banner.png HTTP/1.1 
Host: 20-199-19-234.cprapid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/beskyttelse/data/neminfo/login.php?&return_url=05cdc0b10f774856f5b1d84ad3d724ba&enrolmentID=ab427d3da48d1b5f658477f01b0cdc50?securessl=true

                                         
                                         20.199.19.234
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 03 Oct 2022 10:17:12 GMT
Server: Apache
Last-Modified: Sat, 06 Aug 2022 14:35:04 GMT
Accept-Ranges: bytes
Content-Length: 40339
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 828 x 300, 4-bit colormap, non-interlaced\012- data
Size:   40339
Md5:    6629cb5350d6f3276b2dccc43bd3f397
Sha1:   63d964e5caaa541475a4c2da976871a9f9986067
Sha256: 9fc5b5c44107cfc6701be07fa5d5a4d7ab066607dd7ab6e9f396ac709e28424f
                                        
                                            GET /assets/b90f1e1b93f3b23dd79e-11eca7aa5a85ec0c6cc3deba794b264e.woff HTTP/1.1 
Host: 20-199-19-234.cprapid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/beskyttelse/data/neminfo/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css

                                         
                                         20.199.19.234
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Mon, 03 Oct 2022 10:17:12 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size:   10219
Md5:    5c15e39c09568849edcdb9a035c8e146
Sha1:   88ef07d214646ea66e3783def3ff4ae3b68249ae
Sha256: f7bcb96d37ab467dec4acbf800fdfe8d85386d868b9248918b7919990a21edc1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /assets/aa1ee103968475b48934-3a4d9a8b6adf39716f28af71fc9b030a.woff HTTP/1.1 
Host: 20-199-19-234.cprapid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/beskyttelse/data/neminfo/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css

                                         
                                         20.199.19.234
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Mon, 03 Oct 2022 10:17:12 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size:   10219
Md5:    e1bb30dd47f774b03dbe2dcdd54ddc08
Sha1:   0b238965c4aa6583e66715e77633578be2bc902e
Sha256: d6c32a7e50eb3059a1c8afc362cc1ed9879ad859de041a03f3608b56f82f1bf7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /beskyttelse/data/neminfo/partials/js/jquery.js HTTP/1.1 
Host: 20-199-19-234.cprapid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/beskyttelse/data/neminfo/frame/login.php

                                         
                                         20.199.19.234
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 03 Oct 2022 10:17:12 GMT
Server: Apache
Last-Modified: Fri, 05 Feb 2021 07:11:28 GMT
Accept-Ranges: bytes
Content-Length: 272155
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   272155
Md5:    3f24e8505d471bd934a5a68b86971580
Sha1:   876bd436d3b3c1436a8ac17a654e38d062acf45e
Sha256: 4ef5f864f89db7feaaaa5332c0a99d76076af49fef488806541ca2561e4cb379

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /images/branding/product/2x/translate_24dp.png HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Length: 1842
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 30 Sep 2022 01:28:53 GMT
Expires: Sat, 30 Sep 2023 01:28:53 GMT
Cache-Control: public, max-age=31536000
Age: 290899
Last-Modified: Thu, 14 Oct 2021 09:08:00 GMT


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size:   1842
Md5:    c69c796362406f9e11c7f4bf5bb628da
Sha1:   e489ce95ab56208090868882113d7416abf46775
Sha256: 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
                                        
                                            GET /pingjs/?k=a33fzsonjq&t=Nordea%20identification&c=s&x=http%3A%2F%2F20-199-19-234.cprapid.com%2Fbeskyttelse%2Fdata%2Fneminfo%2Flogin.php%3F%26return_url%3D05cdc0b10f774856f5b1d84ad3d724ba%26enrolmentID%3Dab427d3da48d1b5f658477f01b0cdc50%3Fsecuressl%3Dtrue&y=&a=0&d=0.643&v=27&r=27 HTTP/1.1 
Host: whos.amung.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/

                                         
                                         172.67.8.141
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Mon, 03 Oct 2022 10:17:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7544ed3d0b2e0b49-OSL


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   49
Md5:    5ddf53e51f7a69d9d573d04343e0848f
Sha1:   7f1b9e572230eb9e0c9386bae0213d541a1a9608
Sha256: df3defe7dae9fb4469ec3754f6da14d7ccba5644d876cc764e563ae5251579b6
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.8
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Mon, 03 Oct 2022 09:33:12 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 03 Oct 2022 09:57:26 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 10941cc38a4a46e6d9b0644cce542a52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: wEENcRtWg2npELW-iZJYK8AvvQC89-VJuc9UZoqGYyXcZq3D5OsWPg==
Age: 2659


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 10:17:12 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 05:56:46 GMT
Expires: Sun, 09 Oct 2022 05:56:45 GMT
Etag: "793544bc154458c87f640b9922a5bae2b3a70720"
Cache-Control: max-age=502172,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7544ed3d2b990b39-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.entrust.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.110.10.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
ETag: "354A71C5BD1076E1CEEC2F70F454E05AFD7079AFCDA34B5539445E338406938F"
Last-Modified: Sun, 02 Oct 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Mon, 03 Oct 2022 11:17:12 GMT
Date: Mon, 03 Oct 2022 10:17:12 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1588
Md5:    c8039aafacc352f2d00f9be82aac1b7a
Sha1:   c460d769d32dade42ee49086c6978c92e00b0e73
Sha256: 354a71c5bd1076e1ceec2f70f454e05afd7079afcda34b5539445e338406938f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.entrust.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.110.10.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
ETag: "69D5CE7E225E244DEF460B4361DD2A096B092FB3DC32D768E669ADC8D1874655"
Last-Modified: Sun, 02 Oct 2022 23:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3472
Expires: Mon, 03 Oct 2022 11:15:04 GMT
Date: Mon, 03 Oct 2022 10:17:12 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1585
Md5:    6967dc5f4ea00604702b095dc5cbaff5
Sha1:   f70f5905eb2e01d71880a1f405103df20b836d8d
Sha256: 69d5ce7e225e244def460b4361dd2a096b092fb3dc32d768e669adc8d1874655
                                        
                                            GET /i/?l=http%3A%2F%2F20-199-19-234.cprapid.com%2Fbeskyttelse%2Fdata%2Fneminfo%2Flogin.php%3F%26return_url%3D05cdc0b10f774856f5b1d84ad3d724ba%26enrolmentID%3Dab427d3da48d1b5f658477f01b0cdc50%3Fsecuressl%3Dtrue&j= HTTP/1.1 
Host: t.dtscout.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         51.161.15.93
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 03 Oct 2022 10:17:12 GMT
Transfer-Encoding: chunked
Connection: close
X-S: mtl2
Set-Cookie: m=1; Domain=dtscout.com; Expires=Mon, 03-Oct-2022 11:40:32 GMT; Max-Age=5000; Path=/; SameSite=None; Secure oa=1; Domain=dtscout.com; Expires=Mon, 03-Oct-2022 14:17:12 GMT; Max-Age=14400; Path=/; SameSite=None; Secure df=1664792232; Domain=dtscout.com; Expires=Wed, 11-Jan-2023 10:17:12 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
X-T: 1.465
Expires: Mon, 03 Oct 2022 10:17:11 GMT
Cache-Control: no-cache


--- Additional Info ---
Magic:  ASCII text, with very long lines (2077)
Size:   2079
Md5:    51bd741af3fcc4984d1a753eebfa1141
Sha1:   534664acf69cbbb5c9b97c96b63dd37bdc580da2
Sha256: 3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c
                                        
                                            GET /assets/images/favicon.ico HTTP/1.1 
Host: identify.nordea.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         158.233.249.230
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Mon, 03 Oct 2022 10:17:12 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Thu, 22 Sep 2022 04:19:19 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin
Content-Length: 1150
Strict-Transport-Security: max-age=157680000; includeSubDomains


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    9a39921b4a8d93d5528b4ccdc5d76e91
Sha1:   104a457c782a4f1208b116660746296cb45dcbd6
Sha256: 53ce944ce5a3a9a312816854b4254f5b083d562c45ac63354a00add50fb88cdb
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2894
Cache-Control: 'max-age=158059'
Date: Mon, 03 Oct 2022 10:17:12 GMT
Last-Modified: Mon, 03 Oct 2022 09:28:58 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /pv/?_a=v&_h=20-199-19-234.cprapid.com&_ss=17qd2q00fx&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=3cwu&_cb=_dtspv.c HTTP/1.1 
Host: t.dtscout.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Cookie: m=1; oa=1; df=1664792232
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         51.161.15.93
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 03 Oct 2022 10:17:13 GMT
Transfer-Encoding: chunked
Connection: close
X-T: 0.157
X-C: 0
Expires: Mon, 03 Oct 2022 10:17:12 GMT
Cache-Control: no-cache


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    5a690837560775cf71e1004cbca9a146
Sha1:   27b9224aa2900f4de8b8a18ce153336db8f79bb0
Sha256: 56ea6e0c83d027b40fccff6223689ada9915e7b5de64ff848cd7ec771b78966d
                                        
                                            GET /b/p?id=w!a33fzsonjq&lm=0&ts=1664792232773&dn=TC&iso=0&t=Nordea%20identification HTTP/1.1 
Host: ic.tynt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         67.202.105.33
HTTP/2 204 No Content
                                        
server: nginx/1.16.1
date: Mon, 03 Oct 2022 10:17:13 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NcCLt4K8UplXyqG9WWeUGQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.223.168.227
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: R/Coku4akmjfQxXRr/e/p/rNofg=

                                        
                                            GET /b/p?id=w!a33fzsonjq&lm=0&ts=1664792232773&dn=TC&iso=0&t=Nordea%20identification HTTP/1.1 
Host: ic.tynt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         67.202.105.33
HTTP/2 204 No Content
                                        
server: nginx/1.16.1
date: Mon, 03 Oct 2022 10:17:13 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

                                        
                                            GET /b/p?id=w!a33fzsonjq&lm=0&ts=1664792232773&dn=TC&iso=0&t=Nordea%20identification HTTP/1.1 
Host: ic.tynt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         67.202.105.33
HTTP/2 204 No Content
                                        
server: nginx/1.16.1
date: Mon, 03 Oct 2022 10:17:13 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

                                        
                                            GET /b/p?id=w!a33fzsonjq&lm=0&ts=1664792232773&dn=TC&iso=0 HTTP/1.1 
Host: ic.tynt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         67.202.105.33
HTTP/2 204 No Content
                                        
server: nginx/1.16.1
date: Mon, 03 Oct 2022 10:17:13 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

                                        
                                            GET /deb/v2?id=w!a33fzsonjq&dn=TC&cc=1&r= HTTP/1.1 
Host: de.tynt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         67.202.105.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=86400
expires: Tue, 04 Oct 2022 10:17:13 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length: 4
date: Mon, 03 Oct 2022 10:17:12 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    350fd6ef6446635f7a8f608434a405ec
Sha1:   a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
Sha256: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
                                        
                                            GET /b/p?id=w!a33fzsonjq&lm=0&ts=1664792232773&dn=TC&iso=0 HTTP/1.1 
Host: ic.tynt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         67.202.105.33
HTTP/2 204 No Content
                                        
server: nginx/1.16.1
date: Mon, 03 Oct 2022 10:17:13 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

                                        
                                            GET /b/p?id=w!a33fzsonjq&lm=0&ts=1664792232773&dn=TC&iso=0 HTTP/1.1 
Host: ic.tynt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         67.202.105.33
HTTP/2 204 No Content
                                        
server: nginx/1.16.1
date: Mon, 03 Oct 2022 10:17:13 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

                                        
                                            GET /b/p?id=w!a33fzsonjq&lm=0&ts=1664792232773&dn=TC&iso=0 HTTP/1.1 
Host: ic.tynt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         67.202.105.33
HTTP/2 204 No Content
                                        
server: nginx/1.16.1
date: Mon, 03 Oct 2022 10:17:13 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2413
Expires: Mon, 03 Oct 2022 10:57:27 GMT
Date: Mon, 03 Oct 2022 10:17:14 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2413
Expires: Mon, 03 Oct 2022 10:57:27 GMT
Date: Mon, 03 Oct 2022 10:17:14 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2413
Expires: Mon, 03 Oct 2022 10:57:27 GMT
Date: Mon, 03 Oct 2022 10:17:14 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2413
Expires: Mon, 03 Oct 2022 10:57:27 GMT
Date: Mon, 03 Oct 2022 10:17:14 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb166fe-e146-46cf-a93b-905deefbae87.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3272
x-amzn-requestid: b2ace456-0abd-416c-9c1c-799eb5c73269
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWabG8zIAMF-PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0442-3e61e1e9283bd78e76731b47;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: oHEIG44XMoSu6XEYOPW8LNkvZPbIrgo6KuLHluknV7Hgfv-3IOWL2A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:44:42 GMT
age: 45152
etag: "2926163d332abfb70f9565a45f7546f2efdc7716"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3272
Md5:    9a96da552b7ddb23b1f2fb506de2aed4
Sha1:   2926163d332abfb70f9565a45f7546f2efdc7716
Sha256: 2da0e160e0e8a116ab76614e29609e43d132cc9e56636ad91399f33e53346a23
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _JxPe8uPQIgRKoJxtJAKjXpVy1hCW0rFcs8K_erJOHbVNpw339Pz6w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 45107
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9083
Md5:    523edd86af4757d0bc5fa5b3b8a3596a
Sha1:   8118ee462077c291b9d6f1402b85b55a9ceba8c2
Sha256: c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10839
x-amzn-requestid: 67718257-ee21-44f0-80bd-f15cea37ac5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWcKFD0IAMFV7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044d-09a45a242bf4bdfe0f4608e4;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dOlitYNRYQsyiYLagdUWS2MmO34k8otqQ5yKZ7f4zzbj1HxhAzZoqQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:44:43 GMT
age: 45151
etag: "b105f7bf041365d644c98c7e11ffa75e4656d29d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10839
Md5:    36debc920b17e124779c01af9101a59e
Sha1:   b105f7bf041365d644c98c7e11ffa75e4656d29d
Sha256: f518ccd094d0e187b91cfd36dfb282566c0d088ce13501157dc97c702211d938
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8277
x-amzn-requestid: a7d76241-7da1-4c84-9c73-2e3a71b81b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZTMfEGHiIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63378df9-3727a65235e4dbc60cc11cf0;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 00:46:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 09iwZNlJ5pUQqongHTbgUlh_i1CyHZ6uGvHPV8SfbEGixTWM1A_BoQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 20:14:10 GMT
age: 50584
etag: "43a66cd291d1413d7147a29b2a7b27277a443f0b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8277
Md5:    6a90e53b55500427aed06efa3a9baa8c
Sha1:   43a66cd291d1413d7147a29b2a7b27277a443f0b
Sha256: 2cf5790e81140bc56b46163787f84c54a07f58e90001837624f426aafa8031c5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F780fc623-fddc-49c7-99c9-1dd66ce64db7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8279
x-amzn-requestid: fed6efac-3419-4ecc-89f8-d4c3e0c22915
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWbsHpBIAMFT1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044a-5fc3bf5b7126d4a835d93e3d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7g6tucmoqeX5RFtet3L9XllP1G6fx4RWt5XqTsVvhtxZnPxV0EVpqA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:57:37 GMT
age: 44377
etag: "ced4806b7cc4d08e2c3f1c5e591184f462e86ec2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8279
Md5:    bfb6fbd0b91416a5a7cc7f7d0fcbf27c
Sha1:   ced4806b7cc4d08e2c3f1c5e591184f462e86ec2
Sha256: 9a217da43a32c70ebd39b3076b3c14b16d8931ccebfe5d41139fa706b3b3e149
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TVz3oiy-Z2r9lGFDgsnGNxotvvAPeOaa7LMzqs432QjZpZo-PNt1-g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 20063
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /tc.js HTTP/1.1 
Host: cdn.tynt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.36.173
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 03 Oct 2022 10:17:12 GMT
last-modified: Thu, 21 Jul 2022 14:57:10 GMT
vary: Accept-Encoding
etag: W/"62d96946-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 154666
expires: Thu, 06 Oct 2022 10:17:12 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 7544ed3eb9951c06-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /beskyttelse/data/neminfo/frame/frame.css HTTP/1.1 
Host: 20-199-19-234.cprapid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/beskyttelse/data/neminfo/frame/login.php

                                         
                                         20.199.19.234
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 03 Oct 2022 10:17:12 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 12:58:24 GMT
Accept-Ranges: bytes
Content-Length: 182872
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---