Report - cupme.org/cl/367c72c2265e715e?p1=4164002908&p2=18368&p3=16384&source={source}&site={site}

Report Overview

Submitted URL
cupme.org/cl/367c72c2265e715e?p1=4164002908&p2=18368&p3=16384&source={source}&site={site}
IP
172.67.188.185
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-05 05:00:10
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - Telenor

Detections

urlquery
45
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
prod.digitaltechnology.co	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	693 B	702 B	151.80.42.60
fd.sla-alacrity.com	324278	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	40 kB	52.18.91.147
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	964 B	172.64.155.188
checkout.sla-alacrity.com	655324	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	619 B	1.0 kB	52.17.1.48
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	52 kB	34.120.237.76
telenor.checkout.sla-alacrity.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	17 kB	103 kB	54.72.64.105
cupme.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	420 B	2.0 kB	172.67.188.185
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.160.51.228
dob.payment.io	424851	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.7 kB	1.9 kB	108.128.120.51
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	984 B	143.204.42.156
digitaltechnology.co	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	507 B	651 B	188.165.202.101
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	2.3 kB	192.124.249.41

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	http:https://telenor.checkout.sla-alacrity.com/b2b7be03-4c2b-4c57-bf26-fb53f3801cac	11 B	2023-03-07	2024-04-22
Pretty URL http:https://telenor.checkout.sla-alacrity.com/b2b7be03-4c2b-4c57-bf26-fb53f3801cac IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:32 Last Seen2024-04-22 02:04:18 Times Seen4633 Hash fb64da03291372aed28f8bc4e2fc6aa3 9edacc8d4e92ad967cf0cdff669d815849ea8f0b 553d0321189b23dba5f3670ea4bdb552dce0ebb1a3201e3b094e3f04cf08a7fe Loading...

	http:https://telenor.checkout.sla-alacrity.com/1ca2366e-a3fd-4e42-98d5-219374653080	479 B	2023-03-08	2023-03-08
Pretty URL http:https://telenor.checkout.sla-alacrity.com/1ca2366e-a3fd-4e42-98d5-219374653080 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:40 Last Seen2023-03-08 16:34:40 Times Seen1 Hash f6a2d0d80ac357be72377a2441d72bf7 91d374a2a44f1ab78372a5b540b3a787ee4f15fb 0239b835ce4e43cf2ad1bdd9cb97975eb693ec818dfaf73d8a03bb29b55003c5 Loading...

	http:https://telenor.checkout.sla-alacrity.com/42936b2b-bf9d-4eed-be94-340e309e5d50	8.2 kB	2023-03-08	2023-03-11
Pretty URL http:https://telenor.checkout.sla-alacrity.com/42936b2b-bf9d-4eed-be94-340e309e5d50 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:15 Last Seen2023-03-11 23:52:22 Times Seen1 Hash 6bb2225db7242f47731997bd6195d1ca 72b6f3369f0e17845060766ef4b89a30729d790b 44cd941e990840a3aec24502a783a520bf37008e9368a4b81148a23ff7b15a82 Loading...

	http:https://telenor.checkout.sla-alacrity.com/53a4d8fc-2791-45d4-aaa9-8b5d7d8208db	115 B	2023-03-08	2023-03-08
Pretty URL http:https://telenor.checkout.sla-alacrity.com/53a4d8fc-2791-45d4-aaa9-8b5d7d8208db IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:40 Last Seen2023-03-08 16:34:40 Times Seen1 Hash f9c3339e3997df487240b79fd858d97e be208fe9da5fa022e3860905dcb04fce8568c333 9c91ff3e946b040ed09ca95b57da7be3a00a0e23cc96fc3973e10ef53145c139 Loading...

	http:https://telenor.checkout.sla-alacrity.com/7e6d8065-7cd4-42c2-b97e-bd5840b6bfd2	912 B	2023-03-08	2023-03-08
Pretty URL http:https://telenor.checkout.sla-alacrity.com/7e6d8065-7cd4-42c2-b97e-bd5840b6bfd2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:40 Last Seen2023-03-08 16:34:40 Times Seen1 Hash 2cda21740818415a8e5a50b48e328530 2e47fc2b74cb346ea2bf9f5f45732fc4da4957fa b92aaa7c6b3ee44d0cf477446723150cbadf22123de09e02bec23747e20e88bd Loading...

	http:https://telenor.checkout.sla-alacrity.com/0e39a6fe-c4de-4db2-927e-616520855061	1.9 kB	2023-03-08	2023-03-08
Pretty URL http:https://telenor.checkout.sla-alacrity.com/0e39a6fe-c4de-4db2-927e-616520855061 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:40 Last Seen2023-03-08 16:34:40 Times Seen1 Hash 69cf70eec04779d432e9fa309d82d465 90febcb0569f3b4e0ff093111a8bfdba6fec54dd 34d039be4171e30d464b04840ced25999d258573587ccca16da5445d3f4e66d5 Loading...

	dob.payment.io/v3/consent?token=e7f15fa3-43b2-41c9-8bc0-503164fa903c&errorUrl=https%3A%2F%2Ftelenor.checkout.sla-alacrity.com%2Fcallback%2Ferror%3Fid%3Dd6aa3c40f475198d8b3a64cd74f4d9c0	57 kB	2023-03-08	2023-03-11
Pretty URL dob.payment.io/v3/consent?token=e7f15fa3-43b2-41c9-8bc0-503164fa903c&errorUrl=https%3A%2F%2Ftelenor.checkout.sla-alacrity.com%2Fcallback%2Ferror%3Fid%3Dd6aa3c40f475198d8b3a64cd74f4d9c0 IP 108.128.120.51 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:15 Last Seen2023-03-11 23:52:22 Times Seen1 Hash 066bf4a6ad7efcf4e2c557997e5290d6 f59187e14dcac3e65a6285e8d234d1bfb5fe495a c7f70c451cbd63fe086482af1d148352c96f12525de2f09f7c6c708607694793 Loading...

	digitaltechnology.co/campaign/no/?cid=8&ref=affgg&click_id=4164312900&source=1	213 B	2023-03-08	2023-03-08
Pretty URL digitaltechnology.co/campaign/no/?cid=8&ref=affgg&click_id=4164312900&source=1 IP 188.165.202.101 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:40 Last Seen2023-03-08 16:34:40 Times Seen1 Hash fb4611d65c231b714f6b89ceb2f89963 c75e826f47f10f2bbd00eaca7147efdbdbda8937 c27a2bd491a10d613a5a1a87da8d9dea6f48d387389d0fd1526c2fa96e86c38b Loading...

	telenor.checkout.sla-alacrity.com/assets/es-module-shims.min-00d63bab8ac9742a4abcbecf1d17a40754778ee14aa2bcde069754c5265053e9.js	32 kB	2023-03-08	2023-03-11
Pretty URL telenor.checkout.sla-alacrity.com/assets/es-module-shims.min-00d63bab8ac9742a4abcbecf1d17a40754778ee14aa2bcde069754c5265053e9.js IP 54.72.64.105 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:15 Last Seen2023-03-11 23:52:21 Times Seen1 Hash 6dc0e00e6c7e49ef214c92a5fa1bb713 661d0e9d8ae51ff62852ed547ac1bf485d3bde7b 19daf7f5cd3f50489d8f47069c233c2640469c39aedd847cbeedbb4de463800d Loading...

	telenor.checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=prod.digitaltechnology.co/v1/redirect/no/telnor?transaction_id=e1k0j6uY7fCc	52 B	2023-03-07	2023-04-01
Pretty URL telenor.checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=prod.digitaltechnology.co/v1/redirect/no/telnor?transaction_id=e1k0j6uY7fCc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:32 Last Seen2023-04-01 10:35:53 Times Seen2 Hash 1a98c8d00840ee43f8d14abc75256ae4 75dc3ff178c290492ebb062f27e2c2210ad082fc 74a9d6b9f06d90f1ef31ed1d2b8d99fdb933220b9e3b2f894baf4da688320a8e Loading...

	http:https://telenor.checkout.sla-alacrity.com/e7101427-af68-4f1c-a8ff-d151b07ec0ad	410 B	2023-03-08	2023-03-08
Pretty URL http:https://telenor.checkout.sla-alacrity.com/e7101427-af68-4f1c-a8ff-d151b07ec0ad IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:40 Last Seen2023-03-08 16:34:40 Times Seen1 Hash 07152e8422828b0f23e024f667b5932a 329ded55a6d87d44667d96a265f244e2848343b0 d4403a8a41ced82f7c36e29a953ccd5f6c5a325f167b17e2be7f54c8a8189d2c Loading...

	http:https://telenor.checkout.sla-alacrity.com/56263356-0236-42d9-af16-d36fee377ac3	463 B	2023-03-08	2023-03-08
Pretty URL http:https://telenor.checkout.sla-alacrity.com/56263356-0236-42d9-af16-d36fee377ac3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:40 Last Seen2023-03-08 16:34:40 Times Seen1 Hash 10d078f25f1a59af050381a96c683e78 29f96499750d3ef0e4bc520eb6c987c3a6896947 4fb51f4ed2809227c05de12ea7afbcd2640aaf7c17a253fed4b166b14d243503 Loading...

	http:https://telenor.checkout.sla-alacrity.com/bb5bb14a-8c6b-44c4-9855-715b14f27389	33 kB	2023-03-08	2023-03-11
Pretty URL http:https://telenor.checkout.sla-alacrity.com/bb5bb14a-8c6b-44c4-9855-715b14f27389 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:15 Last Seen2023-03-11 23:52:21 Times Seen1 Hash 508c22a0633fdcd9b755d6659de7d03d 608d4a9195bd0f1c25a05d4ffdedaec2bc9170a4 16095698f67f068090612b6635dc2747d805e83d5d85a4bc13b4b772a303ed73 Loading...

	telenor.checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=prod.digitaltechnology.co/v1/redirect/no/telnor?transaction_id=e1k0j6uY7fCc	20 B	2023-03-08	2024-01-12
Pretty URL telenor.checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=prod.digitaltechnology.co/v1/redirect/no/telnor?transaction_id=e1k0j6uY7fCc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:15 Last Seen2024-01-12 07:16:39 Times Seen8 Hash 027655632f76e80b4b4e6c251a688e1c f93ed3e58ef4ab5c11167ca90605f5d1da91bef8 064d8a8b55cf78c420715f14eaae4e51761dad7ff8ed1e0bd45d2d6ad1a94fbc Loading...

	http:https://telenor.checkout.sla-alacrity.com/750f48da-c803-4037-a142-6ba26a0dfca9	27 B	2023-03-08	2024-04-22
Pretty URL http:https://telenor.checkout.sla-alacrity.com/750f48da-c803-4037-a142-6ba26a0dfca9 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:15 Last Seen2024-04-22 02:04:18 Times Seen4702 Hash b5f3ed2ad24b50a3024219a0ba419cd1 913ae4a4f3534a1323e01834adb53526a5536422 9e62f15d7a4562d68e7b0fbfb8b97cdfa32463b7f548837b30a546301f44bb34 Loading...

	http:https://telenor.checkout.sla-alacrity.com/924d8ff3-1896-4d1f-94da-d9ed5cc49e66	75 kB	2023-03-08	2023-03-11
Pretty URL http:https://telenor.checkout.sla-alacrity.com/924d8ff3-1896-4d1f-94da-d9ed5cc49e66 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:15 Last Seen2023-03-11 23:52:21 Times Seen1 Hash 594b45a566a1110269e193de0549d75e ff528faab35d9dfc872953fed0ba2e71a46e2440 62bd44503146af0552afe383a6778f54e35773881c59109363f7645e681546ee Loading...

	http:https://telenor.checkout.sla-alacrity.com/878813c4-0e18-47da-bb64-d326581a60ca	3.8 kB	2023-03-08	2023-03-08
Pretty URL http:https://telenor.checkout.sla-alacrity.com/878813c4-0e18-47da-bb64-d326581a60ca IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:40 Last Seen2023-03-08 16:34:40 Times Seen1 Hash 809f9b27bf91b354e15f80d9cc6bb6e5 f5fad3f6199511bd2906a950bbca29c581d7c0d7 3c5469f90bacc1a108e9ec04364d7de3cad077fefd627b82f0fe65f29c63cff0 Loading...

		Size	First Seen	Last Seen
	#1 Write - 9fa8157b0a6fe789f54b2c0afd2a8e86	178 B	2023-03-08	2023-03-11
Pretty Observations First Seen2023-03-08 14:35:15 Last Seen2023-03-11 23:52:22 Times Seen1 Hash 9fa8157b0a6fe789f54b2c0afd2a8e86 85b9417002e977406e4702bff731e63eb6583e9c 46bbd79266b82cef550e5c1fe0e81976db0259a37d45f50b2ea2288bb2da3ffe Loading...

HTTP Transactions (52)

URL IP Response Size

cupme.org/cl/367c72c2265e715e?p1=4164002908&p2=18368&p3=16384&source={source}&site={site}

172.67.188.185

302 Found

638 B

URL HTTP/1.1
cupme.org/cl/367c72c2265e715e?p1=4164002908&p2=18368&p3=16384&source={source}&site={site}
IP
172.67.188.185:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
638 B (638 bytes)
Hash
3a9631bc30cba1190a24cc2fa12e97f8
e10691e18abb87ed43e35f44069abdbd5d1588b9
484050013ac35fbc6333513d118c98d6405809abc46f97c460b10ac99cdb6f2b

HTTP Headers

GET /cl/367c72c2265e715e?p1=4164002908&p2=18368&p3=16384&source={source}&site={site} HTTP/1.1
Host: cupme.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Mon, 05 Dec 2022 04:59:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.1.13
Cache-Control: no-cache
Location: https://digitaltechnology.co/campaign/no/?cid=8&ref=affgg&click_id=4164312900&source=1
X-Frame-Options: DENY
Set-Cookie: sbc367c72c2265e715e=eyJpdiI6Ill1bTBzZXdnZHVvNElZVWY3ZEhTOEE9PSIsInZhbHVlIjoiTTY1WE5EeVlOMkFEL0l5MkJpNXAyQT09IiwibWFjIjoiZmI4MTE1MzBhOTI4MTRiNGQwZjZmYzU0NWJkNDk0Y2ZjZDJlYTlhYWM4ZWIxNjU4YmQzZDQ2MGEzNWRiNTA0OSIsInRhZyI6IiJ9; expires=Mon, 05 Dec 2022 05:59:57 GMT; Max-Age=3600; path=/; httponly; samesite=lax
vis=eyJpdiI6IkFDWTA0M0tubFhOVXRwdzBZZm91RUE9PSIsInZhbHVlIjoibGQxK2xXckxQR1l0WDNXMCtoaWh4Zz09IiwibWFjIjoiNjM4NmQ1NzFmOGUxMTQ1ZWMxNDIwNzc3ZTFiYjA3ZGE1YjE3ZjliYmEzZDA1YThkYTQyMzY1Njc5YmIxZjkwZiIsInRhZyI6IiJ9; expires=Sun, 05 Mar 2023 04:59:57 GMT; Max-Age=7776000; path=/; httponly; samesite=lax
Expires: Thu, 01 Jan 1970 00:00:01 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etZpkxZt6Z0OBEl0QgDY%2Fie8%2FzAOyWeWsPhrr7kPQCZ7p6NcxIwBAIglKjDTbGJ5aPJaaXYWqDehFMcfuHETWnD%2FGO4R0G%2FuBNWltctwYFcWfI2DtDm%2F3rsdXso%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774a37252efffac4-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7718
Expires: Mon, 05 Dec 2022 07:08:35 GMT
Date: Mon, 05 Dec 2022 04:59:57 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5275
Cache-Control: max-age=111555
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:59:57 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:59:12 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19557
Expires: Mon, 05 Dec 2022 10:25:54 GMT
Date: Mon, 05 Dec 2022 04:59:57 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 04:18:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2491
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Kt0Y4loidlvjTbg0RwTUgnynshVbT3Mv4c+vqzz0kL9oNI1Am8zgpfyc4NCylNz8dGTG5jLE12Fzj/cPLaCtew==
x-amz-request-id: 47J0308V8452SZAC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 04:47:50 GMT
age: 727
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:59:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 04:11:19 GMT
cache-control: public,max-age=3600
age: 2919
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5268
Cache-Control: max-age=106481
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:59:58 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:34:39 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.160.51.228

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.160.51.228:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /DXUiEGe/RWF5VBF6b+p7A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: o6BFRO6jaDhe6lf+gpzKK9NmOm0=

digitaltechnology.co/campaign/no/?cid=8&ref=affgg&click_id=4164312900&source=1

188.165.202.101

200 OK

248 B

URL HTTP/1.1
digitaltechnology.co/campaign/no/?cid=8&ref=affgg&click_id=4164312900&source=1
IP
188.165.202.101:0
ASN
#16276 OVH SAS

File type
HTML document text\012- exported SGML document, ASCII text
Size
248 B (248 bytes)
Hash
c9ad01fa1ed49d0e4644ca2498874b0f
35454bf9a1ddb0a49a9682c57ed03e2d672aaac4
bc5f41cecf5a90c333f6eaa88e5c3490f7f0f801a939aefbe9c3c54e9efa771d

HTTP Headers

GET /campaign/no/?cid=8&ref=affgg&click_id=4164312900&source=1 HTTP/1.1
Host: digitaltechnology.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 04:59:59 GMT
Server: Apache/2.4.37 (centos)
X-Powered-By: PHP/7.2.24
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: : 1;mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Feature-Policy: self
Set-Cookie: LSW_WEB01=LSW_WEB01; path=/

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
8034fa95bc49902476c84688e7bf4693
0422997b6784694cc9d2577ce56bf2968de509ed
dc37efd2c9c1994e155ab9d23055ba74212a392f0d47de65b8cef5968f271d82

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 04:59:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 19:17:44 GMT
Expires: Sun, 11 Dec 2022 19:17:43 GMT
Etag: "0422997b6784694cc9d2577ce56bf2968de509ed"
Cache-Control: max-age=569263,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774a3727a93f0b51-OSL

prod.digitaltechnology.co/consent/request?productId=1176&responseUrl=https%3A%2F%2Fnorway.docubay.com%2F%3Fmsisdn%3D47xxxxxxx&trafficSource=ADV&trxid=5b45913949c3f3f9d62e8066e72c9eb8

151.80.42.60

302

0 B

URL HTTP/1.1
prod.digitaltechnology.co/consent/request?productId=1176&responseUrl=https%3A%2F%2Fnorway.docubay.com%2F%3Fmsisdn%3D47xxxxxxx&trafficSource=ADV&trxid=5b45913949c3f3f9d62e8066e72c9eb8
IP
151.80.42.60:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

GET /consent/request?productId=1176&responseUrl=https%3A%2F%2Fnorway.docubay.com%2F%3Fmsisdn%3D47xxxxxxx&trafficSource=ADV&trxid=5b45913949c3f3f9d62e8066e72c9eb8 HTTP/1.1
Host: prod.digitaltechnology.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitaltechnology.co/campaign/no/?cid=8&ref=affgg&click_id=4164312900&source=1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

HTTP/1.1 302 
Location: http://checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http%3A%2F%2Fprod.digitaltechnology.co%2Fv1%2Fredirect%2Fno%2Ftelnor%3Ftransaction_id%3De1k0j6uY7fCc
Content-Language: en-US
Content-Length: 0
Date: Mon, 05 Dec 2022 04:59:58 GMT
Connection: close
Server: TEST
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: : 1;mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Feature-Policy: self
Set-Cookie: JSESSIONID=D6EC805FA194976D1FA445C43A7B28A2; Path=/; HttpOnly
LSW_WEB01=LSW_WEB01; path=/

checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http%3A%2F%2Fprod.digitaltechnology.co%2Fv1%2Fredirect%2Fno%2Ftelnor%3Ftransaction_id%3De1k0j6uY7fCc

52.17.1.48

302 Found

364 B

URL HTTP/1.1
checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http%3A%2F%2Fprod.digitaltechnology.co%2Fv1%2Fredirect%2Fno%2Ftelnor%3Ftransaction_id%3De1k0j6uY7fCc
IP
52.17.1.48:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document, ASCII text, with very long lines (364), with no line terminators
Size
364 B (364 bytes)
Hash
e87e61beffd5cd49a5ef853200857cd7
0fdb443f91ad4cd2988f4142c6e557d0b553ea3e
95c9a3a226e9bbbf5be2af12cb254d9b0847a10b447f315006c3e6feea16349d

HTTP Headers

GET /purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http%3A%2F%2Fprod.digitaltechnology.co%2Fv1%2Fredirect%2Fno%2Ftelnor%3Ftransaction_id%3De1k0j6uY7fCc HTTP/1.1
Host: checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Mon, 05 Dec 2022 04:59:59 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.21.4
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Location: https://telenor.checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http://prod.digitaltechnology.co/v1/redirect/no/telnor?transaction_id=e1k0j6uY7fCc
Cache-Control: no-cache
X-Request-Id: 3cac6e99-e698-43b9-bd6d-184b20a48a2b
X-Runtime: 0.010731
Vary: Origin

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5647
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:59:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5647
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:59:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5647
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:59:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5647
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:59:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5647
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:59:59 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7853 bytes)
Hash
dafdb4fe91795a9e16baebb085ccd818
f5ed5d03e6969f81349ad78fde0e71390a4ed391
f535ce45d68317bad15513d3cd3d21d2c0ef12e93d6ac19cc07b704ee1651f51

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7853
x-amzn-requestid: fa079a7e-1e93-41d6-bb16-2703077a0cb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGrKEGFoAMFnBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6388517a-076131847c129c197e84901b;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:02:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Cri6Vf6-INRisbFQ4ITZ7f8RIvomQXQ-TjkjWAOkkUhmI1yhHIbTYA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 08:10:52 GMT
age: 74948
etag: "f5ed5d03e6969f81349ad78fde0e71390a4ed391"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8469 bytes)
Hash
2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kf_hcK2d2YFhladZn1S4cyGq7vLTSKdWgPUTNT0M9LwHXuOV-nlgGw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:07 GMT
age: 25673
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad33fba3-ee62-4ef5-9330-0bd0a142dd92.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6236 bytes)
Hash
c9e228ec099cad3eea0fb1656da3536f
532cf52021a6cdb7b7963e9108b41590f58276fe
8e54f09dd66fdc35e5f54100cf6c56abf88cb7e724b08092e7ce82720d423135

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad33fba3-ee62-4ef5-9330-0bd0a142dd92.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6236
x-amzn-requestid: 0215aac5-7c44-43b0-b2e9-baddeed42fe0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjiXEEXiIAMFqIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ae42d-5961705726e81a4e3b6a91c9;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 05:52:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ToFwGweqIr6TeGKj1mw8gMfun_defm7BE11XM-gKfL5NsEbJKC2iMg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:15:59 GMT
age: 24241
etag: "532cf52021a6cdb7b7963e9108b41590f58276fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7028 bytes)
Hash
9b475d52dd164b9cc0efbecfd58282b6
973e77db7fb34c60e08719dc7196d865e8831cb2
3985e24217a2bd811a0ea9bf0223eb0cda31604986f3467fae028a086a8b827e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7028
x-amzn-requestid: 4d20bc36-d129-468d-b30d-f6b571d528af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKz6G86oAMF9oA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abe7f-5f9353c04487352b64ba3bf8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:11:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GnsrHp9gMnOF7C1LS_suYeIrdrXQyAAvdrROmuVBRoI8xd6Dujlq_A==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 03:26:36 GMT
age: 5604
etag: "973e77db7fb34c60e08719dc7196d865e8831cb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6173 bytes)
Hash
3130c86c084c4c925fb9179dfa5c145d
203f27660f3885d5c1bc68a535baef4e48ff6582
faf2c48c2286fe2149908947de9037640007d32e13694c1261f610250caf3f8f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6173
x-amzn-requestid: dc73ee0d-b1ec-407f-8e98-3ba264725ee3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqHqwIAMFwqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-56d74e8d45baa9e87136708f;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gp9v8CfWmPctcSly9jWOxy0VCbBOE-CZs9z636yfpgpVi8eNt_PVvg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "203f27660f3885d5c1bc68a535baef4e48ff6582"
content-type: image/jpeg
age: 25891
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9825 bytes)
Hash
37b58bb09c00b591c2819c89e371d927
aa487f4a7767cb4591fe620592da65bde90c0aa2
9b7791d79d1e9702c23e63450d556e7f1f287f4d02788fc147822c1d90f64657

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9825
x-amzn-requestid: 1ab366f4-78f2-4aaa-af7b-aa203c2d8234
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_1ZE23IAMFnhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1355-35c7b5bb6e4623e93900810c;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iTF4eWWXKKT97b6S9ONW7NopJ8hXWdOe9y3IwzVF7J9m2eJlT43bCg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:04 GMT
age: 25856
etag: "aa487f4a7767cb4591fe620592da65bde90c0aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.41

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.41:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
20dd022c5f76a9b5fc7e843757feb6ab
e2fa5501ae4b9aa8fd6cbf3cd29d80dca64f1524
75f27253304a338f07542931f87a34983123dce2fdc55675e5151b6f56700739

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 05 Dec 2022 04:59:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 04 Dec 2022 21:13:18 GMT
Expires: Mon, 05 Dec 2022 21:13:18 GMT
ETag: "e2fa5501ae4b9aa8fd6cbf3cd29d80dca64f1524"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

telenor.checkout.sla-alacrity.com/assets/tailwind-f9b7d004f09d04874f4228e500e0a5ac1ec12899ff30c3c7d6a635b8a3011e67.css

54.72.64.105

200 OK

2.5 kB

URL HTTP/2
telenor.checkout.sla-alacrity.com/assets/tailwind-f9b7d004f09d04874f4228e500e0a5ac1ec12899ff30c3c7d6a635b8a3011e67.css
IP
54.72.64.105:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (10270)
Size
2.5 kB (2537 bytes)
Hash
c04b0ab99213ae3642beae2ac7f87a86
8f4523383fd4f2f9255d4ecbc0438aefb1dce209
041905d0d38c16faf840fb9254f1844515c1464fca446c17f17f121158a3e1cb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

GET /assets/tailwind-f9b7d004f09d04874f4228e500e0a5ac1ec12899ff30c3c7d6a635b8a3011e67.css HTTP/1.1
Host: telenor.checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telenor.checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http://prod.digitaltechnology.co/v1/redirect/no/telnor?transaction_id=e1k0j6uY7fCc
Connection: keep-alive
Cookie: _checkout_telenor_session=p4fCP7MaEGtVDnmFCXkZNnP3qt95whC6p61ODarhhtC5lH%2BqL%2F19rGlutNMo985FyJRCInbdU6tohzBeVGIBmMdlIHN%2FTnXCDXErumUlK5N9tAQrWguxEujB%2BZqSJGLEPuczuYvr218PuKtr2gVpwxyi6dSrVaOd4CZ6mOlfeoEz%2FeQldOY2MVRXITUD1wOD48613dcdX01PNSwQEPh2dMzagJ3UPmhJ%2BF8K%2B7BJ%2BC%2FsBwZM4ANM6SB1diOlOXV%2F1HFm1PduLirmgfBryIkOK56FNC587IQ5SjpirHzSHH7%2F--5TzlDMxlepiqxOpq--YYwg%2F1xkMZ%2FwTK1FzRB88Q%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:00 GMT
content-type: text/css
content-length: 2537
server: nginx/1.21.4
last-modified: Tue, 22 Nov 2022 10:57:39 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

telenor.checkout.sla-alacrity.com/assets/application-e659e1a0d2dcc91d56eddcca4f93f92fd0442b4faecd20fde43719c7bd4fc36b.css

54.72.64.105

200 OK

706 B

URL HTTP/2
telenor.checkout.sla-alacrity.com/assets/application-e659e1a0d2dcc91d56eddcca4f93f92fd0442b4faecd20fde43719c7bd4fc36b.css
IP
54.72.64.105:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
706 B (706 bytes)
Hash
92dc36d696640dd370a24bd0d38e8a57
30a3942a3d18e53b6db56ef36bf372df5d5e8989
5d575ad602719a85301374d7c27bd6784fa10c9dae170b5cb33f1c9a40087340

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

GET /assets/application-e659e1a0d2dcc91d56eddcca4f93f92fd0442b4faecd20fde43719c7bd4fc36b.css HTTP/1.1
Host: telenor.checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telenor.checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http://prod.digitaltechnology.co/v1/redirect/no/telnor?transaction_id=e1k0j6uY7fCc
Connection: keep-alive
Cookie: _checkout_telenor_session=p4fCP7MaEGtVDnmFCXkZNnP3qt95whC6p61ODarhhtC5lH%2BqL%2F19rGlutNMo985FyJRCInbdU6tohzBeVGIBmMdlIHN%2FTnXCDXErumUlK5N9tAQrWguxEujB%2BZqSJGLEPuczuYvr218PuKtr2gVpwxyi6dSrVaOd4CZ6mOlfeoEz%2FeQldOY2MVRXITUD1wOD48613dcdX01PNSwQEPh2dMzagJ3UPmhJ%2BF8K%2B7BJ%2BC%2FsBwZM4ANM6SB1diOlOXV%2F1HFm1PduLirmgfBryIkOK56FNC587IQ5SjpirHzSHH7%2F--5TzlDMxlepiqxOpq--YYwg%2F1xkMZ%2FwTK1FzRB88Q%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:00 GMT
content-type: text/css
content-length: 706
server: nginx/1.21.4
last-modified: Tue, 22 Nov 2022 10:57:39 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

telenor.checkout.sla-alacrity.com/assets/inter-font-8c3e82affb176f4bca9616b838d906343d1251adc8408efe02cf2b1e4fcf2bc4.css

54.72.64.105

200 OK

1.6 kB

URL HTTP/2
telenor.checkout.sla-alacrity.com/assets/inter-font-8c3e82affb176f4bca9616b838d906343d1251adc8408efe02cf2b1e4fcf2bc4.css
IP
54.72.64.105:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (519)
Size
1.6 kB (1607 bytes)
Hash
86745b2429e4866652f5186e30be3203
4086aecd5d9e56d814480d6fae63d8b1937994bf
8e91248ae998ad184472e2c069e27e6799fefccc86b080a0e38b77d8005d2a90

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

GET /assets/inter-font-8c3e82affb176f4bca9616b838d906343d1251adc8408efe02cf2b1e4fcf2bc4.css HTTP/1.1
Host: telenor.checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telenor.checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http://prod.digitaltechnology.co/v1/redirect/no/telnor?transaction_id=e1k0j6uY7fCc
Connection: keep-alive
Cookie: _checkout_telenor_session=p4fCP7MaEGtVDnmFCXkZNnP3qt95whC6p61ODarhhtC5lH%2BqL%2F19rGlutNMo985FyJRCInbdU6tohzBeVGIBmMdlIHN%2FTnXCDXErumUlK5N9tAQrWguxEujB%2BZqSJGLEPuczuYvr218PuKtr2gVpwxyi6dSrVaOd4CZ6mOlfeoEz%2FeQldOY2MVRXITUD1wOD48613dcdX01PNSwQEPh2dMzagJ3UPmhJ%2BF8K%2B7BJ%2BC%2FsBwZM4ANM6SB1diOlOXV%2F1HFm1PduLirmgfBryIkOK56FNC587IQ5SjpirHzSHH7%2F--5TzlDMxlepiqxOpq--YYwg%2F1xkMZ%2FwTK1FzRB88Q%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:00 GMT
content-type: text/css
content-length: 1607
server: nginx/1.21.4
last-modified: Tue, 22 Nov 2022 10:57:39 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

telenor.checkout.sla-alacrity.com/assets/es-module-shims.min-00d63bab8ac9742a4abcbecf1d17a40754778ee14aa2bcde069754c5265053e9.js

54.72.64.105

200 OK

11 kB

URL HTTP/2
telenor.checkout.sla-alacrity.com/assets/es-module-shims.min-00d63bab8ac9742a4abcbecf1d17a40754778ee14aa2bcde069754c5265053e9.js
IP
54.72.64.105:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (31512)
Size
11 kB (10867 bytes)
Hash
ffc905f143a2582f0e569cb9a2d2074a
bae4fef1e3c2e90eeea4f19f01abbf981e3a8a02
d3a6cdd18e3135b2cdcc17e09d35bb02ca8f0c64120f6e111ad3a457a9946b22

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

GET /assets/es-module-shims.min-00d63bab8ac9742a4abcbecf1d17a40754778ee14aa2bcde069754c5265053e9.js HTTP/1.1
Host: telenor.checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telenor.checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http://prod.digitaltechnology.co/v1/redirect/no/telnor?transaction_id=e1k0j6uY7fCc
Connection: keep-alive
Cookie: _checkout_telenor_session=p4fCP7MaEGtVDnmFCXkZNnP3qt95whC6p61ODarhhtC5lH%2BqL%2F19rGlutNMo985FyJRCInbdU6tohzBeVGIBmMdlIHN%2FTnXCDXErumUlK5N9tAQrWguxEujB%2BZqSJGLEPuczuYvr218PuKtr2gVpwxyi6dSrVaOd4CZ6mOlfeoEz%2FeQldOY2MVRXITUD1wOD48613dcdX01PNSwQEPh2dMzagJ3UPmhJ%2BF8K%2B7BJ%2BC%2FsBwZM4ANM6SB1diOlOXV%2F1HFm1PduLirmgfBryIkOK56FNC587IQ5SjpirHzSHH7%2F--5TzlDMxlepiqxOpq--YYwg%2F1xkMZ%2FwTK1FzRB88Q%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:00 GMT
content-type: application/javascript
content-length: 10867
server: nginx/1.21.4
last-modified: Tue, 22 Nov 2022 10:57:39 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

telenor.checkout.sla-alacrity.com/assets/Inter-roman.latin.var-4b87a3d384ea557b10afa9570b753eda868b12b5e51eea0977ffa6e641998f6a.woff2

54.72.64.105

200 OK

52 kB

URL HTTP/2
telenor.checkout.sla-alacrity.com/assets/Inter-roman.latin.var-4b87a3d384ea557b10afa9570b753eda868b12b5e51eea0977ffa6e641998f6a.woff2
IP
54.72.64.105:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 51896, version 3.983\012- data
Size
52 kB (51896 bytes)
Hash
dec25f4c0751dfa3830eb3d9edbdc8ba
f4cf732763710b1578dcb10fada6484284e39ac3
5156501c82759bb0891d4a37c4eb6bce023623d762572a946c56a17d8ae37bd8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

GET /assets/Inter-roman.latin.var-4b87a3d384ea557b10afa9570b753eda868b12b5e51eea0977ffa6e641998f6a.woff2 HTTP/1.1
Host: telenor.checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://telenor.checkout.sla-alacrity.com/assets/inter-font-8c3e82affb176f4bca9616b838d906343d1251adc8408efe02cf2b1e4fcf2bc4.css
Cookie: _checkout_telenor_session=p4fCP7MaEGtVDnmFCXkZNnP3qt95whC6p61ODarhhtC5lH%2BqL%2F19rGlutNMo985FyJRCInbdU6tohzBeVGIBmMdlIHN%2FTnXCDXErumUlK5N9tAQrWguxEujB%2BZqSJGLEPuczuYvr218PuKtr2gVpwxyi6dSrVaOd4CZ6mOlfeoEz%2FeQldOY2MVRXITUD1wOD48613dcdX01PNSwQEPh2dMzagJ3UPmhJ%2BF8K%2B7BJ%2BC%2FsBwZM4ANM6SB1diOlOXV%2F1HFm1PduLirmgfBryIkOK56FNC587IQ5SjpirHzSHH7%2F--5TzlDMxlepiqxOpq--YYwg%2F1xkMZ%2FwTK1FzRB88Q%3D%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:00 GMT
content-type: application/font-woff2
content-length: 51896
server: nginx/1.21.4
last-modified: Tue, 22 Nov 2022 10:57:39 GMT
X-Firefox-Spdy: h2

telenor.checkout.sla-alacrity.com/assets/application-37f365cbecf1fa2810a8303f4b6571676fa1f9c56c248528bc14ddb857531b95.js

54.72.64.105

200 OK

133 B

URL HTTP/2
telenor.checkout.sla-alacrity.com/assets/application-37f365cbecf1fa2810a8303f4b6571676fa1f9c56c248528bc14ddb857531b95.js
IP
54.72.64.105:0
ASN
#16509 AMAZON-02

File type
Java source, ASCII text
Size
133 B (133 bytes)
Hash
c4a9268b0368b4ce02f757b73d288a50
916dbd2a596ebfff11f317c2e5ef0ba399dd3578
fff6df124e67b779fdea9075763d3639491669469c90d5c5ebdf54e435f06912

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

GET /assets/application-37f365cbecf1fa2810a8303f4b6571676fa1f9c56c248528bc14ddb857531b95.js HTTP/1.1
Host: telenor.checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telenor.checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http://prod.digitaltechnology.co/v1/redirect/no/telnor?transaction_id=e1k0j6uY7fCc
Connection: keep-alive
Cookie: _checkout_telenor_session=p4fCP7MaEGtVDnmFCXkZNnP3qt95whC6p61ODarhhtC5lH%2BqL%2F19rGlutNMo985FyJRCInbdU6tohzBeVGIBmMdlIHN%2FTnXCDXErumUlK5N9tAQrWguxEujB%2BZqSJGLEPuczuYvr218PuKtr2gVpwxyi6dSrVaOd4CZ6mOlfeoEz%2FeQldOY2MVRXITUD1wOD48613dcdX01PNSwQEPh2dMzagJ3UPmhJ%2BF8K%2B7BJ%2BC%2FsBwZM4ANM6SB1diOlOXV%2F1HFm1PduLirmgfBryIkOK56FNC587IQ5SjpirHzSHH7%2F--5TzlDMxlepiqxOpq--YYwg%2F1xkMZ%2FwTK1FzRB88Q%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:00 GMT
content-type: application/javascript
content-length: 133
server: nginx/1.21.4
last-modified: Tue, 22 Nov 2022 10:57:39 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

telenor.checkout.sla-alacrity.com/assets/stimulus.min-900648768bd96f3faeba359cf33c1bd01ca424ca4d2d05f36a5d8345112ae93c.js

54.72.64.105

200 OK

8.4 kB

URL HTTP/2
telenor.checkout.sla-alacrity.com/assets/stimulus.min-900648768bd96f3faeba359cf33c1bd01ca424ca4d2d05f36a5d8345112ae93c.js
IP
54.72.64.105:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (33070)
Size
8.4 kB (8385 bytes)
Hash
904d12fdfd3780aceb6e1d81bb6ecd9d
63de560bf831a4c9da5e1990cb47ab9b5aee779a
aab9267b75f462b2b5714cbc6097f9759acece340cc246cf512c13381809b20c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

GET /assets/stimulus.min-900648768bd96f3faeba359cf33c1bd01ca424ca4d2d05f36a5d8345112ae93c.js HTTP/1.1
Host: telenor.checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telenor.checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http://prod.digitaltechnology.co/v1/redirect/no/telnor?transaction_id=e1k0j6uY7fCc
Connection: keep-alive
Cookie: _checkout_telenor_session=p4fCP7MaEGtVDnmFCXkZNnP3qt95whC6p61ODarhhtC5lH%2BqL%2F19rGlutNMo985FyJRCInbdU6tohzBeVGIBmMdlIHN%2FTnXCDXErumUlK5N9tAQrWguxEujB%2BZqSJGLEPuczuYvr218PuKtr2gVpwxyi6dSrVaOd4CZ6mOlfeoEz%2FeQldOY2MVRXITUD1wOD48613dcdX01PNSwQEPh2dMzagJ3UPmhJ%2BF8K%2B7BJ%2BC%2FsBwZM4ANM6SB1diOlOXV%2F1HFm1PduLirmgfBryIkOK56FNC587IQ5SjpirHzSHH7%2F--5TzlDMxlepiqxOpq--YYwg%2F1xkMZ%2FwTK1FzRB88Q%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:00 GMT
content-type: application/javascript
content-length: 8385
server: nginx/1.21.4
last-modified: Tue, 22 Nov 2022 10:57:39 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

telenor.checkout.sla-alacrity.com/assets/turbo.min-e5023178542f05fc063cd1dc5865457259cc01f3fba76a28454060d33de6f429.js

54.72.64.105

200 OK

19 kB

URL HTTP/2
telenor.checkout.sla-alacrity.com/assets/turbo.min-e5023178542f05fc063cd1dc5865457259cc01f3fba76a28454060d33de6f429.js
IP
54.72.64.105:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (42217)
Size
19 kB (19356 bytes)
Hash
72d37262df99bd369d4120aeb944c766
e3f0c0426809a65bfa93a713498b289b81f8f244
9ce0dcf8ae798076d65aa4d1e084e9ef934a2cbe7a6c846c20714e5ce0200914

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

GET /assets/turbo.min-e5023178542f05fc063cd1dc5865457259cc01f3fba76a28454060d33de6f429.js HTTP/1.1
Host: telenor.checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telenor.checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http://prod.digitaltechnology.co/v1/redirect/no/telnor?transaction_id=e1k0j6uY7fCc
Connection: keep-alive
Cookie: _checkout_telenor_session=p4fCP7MaEGtVDnmFCXkZNnP3qt95whC6p61ODarhhtC5lH%2BqL%2F19rGlutNMo985FyJRCInbdU6tohzBeVGIBmMdlIHN%2FTnXCDXErumUlK5N9tAQrWguxEujB%2BZqSJGLEPuczuYvr218PuKtr2gVpwxyi6dSrVaOd4CZ6mOlfeoEz%2FeQldOY2MVRXITUD1wOD48613dcdX01PNSwQEPh2dMzagJ3UPmhJ%2BF8K%2B7BJ%2BC%2FsBwZM4ANM6SB1diOlOXV%2F1HFm1PduLirmgfBryIkOK56FNC587IQ5SjpirHzSHH7%2F--5TzlDMxlepiqxOpq--YYwg%2F1xkMZ%2FwTK1FzRB88Q%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:00 GMT
content-type: application/javascript
content-length: 19356
server: nginx/1.21.4
last-modified: Tue, 22 Nov 2022 10:57:39 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

telenor.checkout.sla-alacrity.com/assets/stimulus-loading-1fc59770fb1654500044afd3f5f6d7d00800e5be36746d55b94a2963a7a228aa.js

54.72.64.105

200 OK

1.0 kB

URL HTTP/2
telenor.checkout.sla-alacrity.com/assets/stimulus-loading-1fc59770fb1654500044afd3f5f6d7d00800e5be36746d55b94a2963a7a228aa.js
IP
54.72.64.105:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
1.0 kB (1011 bytes)
Hash
c9f11aa7251f0b44271cf8ed2deba1a9
84bd099b6f9c87c64cffb84a286c62812c9d2efa
f20bba5234871dfeada88408971fbe4c044ddb9ab78fa386dc974901bd32c355

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

GET /assets/stimulus-loading-1fc59770fb1654500044afd3f5f6d7d00800e5be36746d55b94a2963a7a228aa.js HTTP/1.1
Host: telenor.checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telenor.checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http://prod.digitaltechnology.co/v1/redirect/no/telnor?transaction_id=e1k0j6uY7fCc
Connection: keep-alive
Cookie: _checkout_telenor_session=p4fCP7MaEGtVDnmFCXkZNnP3qt95whC6p61ODarhhtC5lH%2BqL%2F19rGlutNMo985FyJRCInbdU6tohzBeVGIBmMdlIHN%2FTnXCDXErumUlK5N9tAQrWguxEujB%2BZqSJGLEPuczuYvr218PuKtr2gVpwxyi6dSrVaOd4CZ6mOlfeoEz%2FeQldOY2MVRXITUD1wOD48613dcdX01PNSwQEPh2dMzagJ3UPmhJ%2BF8K%2B7BJ%2BC%2FsBwZM4ANM6SB1diOlOXV%2F1HFm1PduLirmgfBryIkOK56FNC587IQ5SjpirHzSHH7%2F--5TzlDMxlepiqxOpq--YYwg%2F1xkMZ%2FwTK1FzRB88Q%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:00 GMT
content-type: application/javascript
content-length: 1011
server: nginx/1.21.4
last-modified: Tue, 22 Nov 2022 10:57:39 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

telenor.checkout.sla-alacrity.com/assets/controllers/index-2db729dddcc5b979110e98de4b6720f83f91a123172e87281d5a58410fc43806.js

54.72.64.105

200 OK

254 B

URL HTTP/2
telenor.checkout.sla-alacrity.com/assets/controllers/index-2db729dddcc5b979110e98de4b6720f83f91a123172e87281d5a58410fc43806.js
IP
54.72.64.105:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
254 B (254 bytes)
Hash
5601c6895557594c6abed971289c6000
35d0edc26c442fb04e797102c4f8d8a275fdedaa
eeca187559acb390809e997f40958bdc82a7758fc906ec4f21f868c92092c440

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

GET /assets/controllers/index-2db729dddcc5b979110e98de4b6720f83f91a123172e87281d5a58410fc43806.js HTTP/1.1
Host: telenor.checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telenor.checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http://prod.digitaltechnology.co/v1/redirect/no/telnor?transaction_id=e1k0j6uY7fCc
Connection: keep-alive
Cookie: _checkout_telenor_session=p4fCP7MaEGtVDnmFCXkZNnP3qt95whC6p61ODarhhtC5lH%2BqL%2F19rGlutNMo985FyJRCInbdU6tohzBeVGIBmMdlIHN%2FTnXCDXErumUlK5N9tAQrWguxEujB%2BZqSJGLEPuczuYvr218PuKtr2gVpwxyi6dSrVaOd4CZ6mOlfeoEz%2FeQldOY2MVRXITUD1wOD48613dcdX01PNSwQEPh2dMzagJ3UPmhJ%2BF8K%2B7BJ%2BC%2FsBwZM4ANM6SB1diOlOXV%2F1HFm1PduLirmgfBryIkOK56FNC587IQ5SjpirHzSHH7%2F--5TzlDMxlepiqxOpq--YYwg%2F1xkMZ%2FwTK1FzRB88Q%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:00 GMT
content-type: application/javascript
content-length: 254
server: nginx/1.21.4
last-modified: Tue, 22 Nov 2022 10:57:39 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

telenor.checkout.sla-alacrity.com/assets/controllers/application-368d98631bccbf2349e0d4f8269afb3fe9625118341966de054759d96ea86c7e.js

54.72.64.105

200 OK

159 B

URL HTTP/2
telenor.checkout.sla-alacrity.com/assets/controllers/application-368d98631bccbf2349e0d4f8269afb3fe9625118341966de054759d96ea86c7e.js
IP
54.72.64.105:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
159 B (159 bytes)
Hash
f55be6778815e69dcb1a136e124d5e1b
bb4b7e2cf3b9c5805653636f013f554c3c1030ac
e4d8c29a3bb8ba082793dd5b02b2c441799b0b85654a3d3104061ba47378b22d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

GET /assets/controllers/application-368d98631bccbf2349e0d4f8269afb3fe9625118341966de054759d96ea86c7e.js HTTP/1.1
Host: telenor.checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telenor.checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http://prod.digitaltechnology.co/v1/redirect/no/telnor?transaction_id=e1k0j6uY7fCc
Connection: keep-alive
Cookie: _checkout_telenor_session=p4fCP7MaEGtVDnmFCXkZNnP3qt95whC6p61ODarhhtC5lH%2BqL%2F19rGlutNMo985FyJRCInbdU6tohzBeVGIBmMdlIHN%2FTnXCDXErumUlK5N9tAQrWguxEujB%2BZqSJGLEPuczuYvr218PuKtr2gVpwxyi6dSrVaOd4CZ6mOlfeoEz%2FeQldOY2MVRXITUD1wOD48613dcdX01PNSwQEPh2dMzagJ3UPmhJ%2BF8K%2B7BJ%2BC%2FsBwZM4ANM6SB1diOlOXV%2F1HFm1PduLirmgfBryIkOK56FNC587IQ5SjpirHzSHH7%2F--5TzlDMxlepiqxOpq--YYwg%2F1xkMZ%2FwTK1FzRB88Q%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:00 GMT
content-type: application/javascript
content-length: 159
server: nginx/1.21.4
last-modified: Tue, 22 Nov 2022 10:57:39 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

telenor.checkout.sla-alacrity.com/favicon.ico

54.72.64.105

200 OK

0 B

URL HTTP/2
telenor.checkout.sla-alacrity.com/favicon.ico
IP
54.72.64.105:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: telenor.checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telenor.checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http://prod.digitaltechnology.co/v1/redirect/no/telnor?transaction_id=e1k0j6uY7fCc
Connection: keep-alive
Cookie: _checkout_telenor_session=p4fCP7MaEGtVDnmFCXkZNnP3qt95whC6p61ODarhhtC5lH%2BqL%2F19rGlutNMo985FyJRCInbdU6tohzBeVGIBmMdlIHN%2FTnXCDXErumUlK5N9tAQrWguxEujB%2BZqSJGLEPuczuYvr218PuKtr2gVpwxyi6dSrVaOd4CZ6mOlfeoEz%2FeQldOY2MVRXITUD1wOD48613dcdX01PNSwQEPh2dMzagJ3UPmhJ%2BF8K%2B7BJ%2BC%2FsBwZM4ANM6SB1diOlOXV%2F1HFm1PduLirmgfBryIkOK56FNC587IQ5SjpirHzSHH7%2F--5TzlDMxlepiqxOpq--YYwg%2F1xkMZ%2FwTK1FzRB88Q%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:00 GMT
content-type: image/vnd.microsoft.icon
content-length: 0
server: nginx/1.21.4
last-modified: Tue, 22 Nov 2022 10:56:51 GMT
X-Firefox-Spdy: h2

telenor.checkout.sla-alacrity.com/assets/controllers/purchase_controller-408936cd1bc6228f93e5d0bbb058a6f7e777a4303d6857c1c251797b3378ab02.js

54.72.64.105

200 OK

701 B

URL HTTP/2
telenor.checkout.sla-alacrity.com/assets/controllers/purchase_controller-408936cd1bc6228f93e5d0bbb058a6f7e777a4303d6857c1c251797b3378ab02.js
IP
54.72.64.105:0
ASN
#16509 AMAZON-02

File type
Java source, ASCII text
Size
701 B (701 bytes)
Hash
fd7154baae382391cd57e8c13f53ad23
73799cc12cec2b12926afcb40a0abd127503d044
f0906a38c720bec79078d96661c0dbf38a80b35ae33a1763353ecf486d8cd7a1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

GET /assets/controllers/purchase_controller-408936cd1bc6228f93e5d0bbb058a6f7e777a4303d6857c1c251797b3378ab02.js HTTP/1.1
Host: telenor.checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telenor.checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http://prod.digitaltechnology.co/v1/redirect/no/telnor?transaction_id=e1k0j6uY7fCc
Connection: keep-alive
Cookie: _checkout_telenor_session=p4fCP7MaEGtVDnmFCXkZNnP3qt95whC6p61ODarhhtC5lH%2BqL%2F19rGlutNMo985FyJRCInbdU6tohzBeVGIBmMdlIHN%2FTnXCDXErumUlK5N9tAQrWguxEujB%2BZqSJGLEPuczuYvr218PuKtr2gVpwxyi6dSrVaOd4CZ6mOlfeoEz%2FeQldOY2MVRXITUD1wOD48613dcdX01PNSwQEPh2dMzagJ3UPmhJ%2BF8K%2B7BJ%2BC%2FsBwZM4ANM6SB1diOlOXV%2F1HFm1PduLirmgfBryIkOK56FNC587IQ5SjpirHzSHH7%2F--5TzlDMxlepiqxOpq--YYwg%2F1xkMZ%2FwTK1FzRB88Q%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:00 GMT
content-type: application/javascript
content-length: 701
server: nginx/1.21.4
last-modified: Tue, 22 Nov 2022 10:57:39 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

fd.sla-alacrity.com/88y4xxf50hh8.js

52.18.91.147

200 OK

8.2 kB

URL HTTP/2
fd.sla-alacrity.com/88y4xxf50hh8.js
IP
52.18.91.147:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (8175), with no line terminators
Size
8.2 kB (8175 bytes)
Hash
5a7ad528eb707f924b6b54855a9de6cd
798703781bee62fc01627873314670494944fef8
54a53c0c7a7f27653bb962d0dfe61a0e46a0c3cdeaa764c4582ea08109cfbf46

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

GET /88y4xxf50hh8.js HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telenor.checkout.sla-alacrity.com/
Origin: https://telenor.checkout.sla-alacrity.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:01 GMT
content-type: application/javascript
content-length: 8175
server: nginx/1.21.4
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-expose-headers: 
access-control-max-age: 7200
last-modified: Tue, 22 Nov 2022 10:39:14 GMT
vary: Origin
X-Firefox-Spdy: h2

fd.sla-alacrity.com/token?partner=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&ref=

52.18.91.147

200 OK

30 kB

URL HTTP/2
fd.sla-alacrity.com/token?partner=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&ref=
IP
52.18.91.147:0
ASN
#16509 AMAZON-02

File type
data
Size
30 kB (30225 bytes)
Hash
74e927f6733ef7f7d9f8956b87a8b513
ad189bee11e198a4c7ac1f6a5003de2d3e791de8
8cf1e760a28d040a2700bcdf1610adada8fcaed95e53609709b52c7dba8c14d0

HTTP Headers

GET /token?partner=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&ref= HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telenor.checkout.sla-alacrity.com/
Origin: https://telenor.checkout.sla-alacrity.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:01 GMT
content-type: text/plain; charset=utf-8
server: nginx/1.21.4
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-expose-headers: 
access-control-max-age: 1728000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-allow-headers: Origin,Accept,Content-Type,X-Requested-With,X-CSRF-Token
vary: Accept, Origin
etag: W/"0c1923d00cbb328d7acae8125e6c0984"
cache-control: max-age=0, private, must-revalidate
x-request-id: c89d6ecb-cbf5-4f20-9bc6-eb4ca7361a00
x-runtime: 0.220513
content-encoding: gzip
X-Firefox-Spdy: h2

telenor.checkout.sla-alacrity.com/update/token

54.72.64.105

204 No Content

0 B

URL HTTP/2
telenor.checkout.sla-alacrity.com/update/token
IP
54.72.64.105:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

POST /update/token HTTP/1.1
Host: telenor.checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telenor.checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http://prod.digitaltechnology.co/v1/redirect/no/telnor?transaction_id=e1k0j6uY7fCc
Content-Type: application/json
Origin: https://telenor.checkout.sla-alacrity.com
Content-Length: 100
Connection: keep-alive
Cookie: _checkout_telenor_session=p4fCP7MaEGtVDnmFCXkZNnP3qt95whC6p61ODarhhtC5lH%2BqL%2F19rGlutNMo985FyJRCInbdU6tohzBeVGIBmMdlIHN%2FTnXCDXErumUlK5N9tAQrWguxEujB%2BZqSJGLEPuczuYvr218PuKtr2gVpwxyi6dSrVaOd4CZ6mOlfeoEz%2FeQldOY2MVRXITUD1wOD48613dcdX01PNSwQEPh2dMzagJ3UPmhJ%2BF8K%2B7BJ%2BC%2FsBwZM4ANM6SB1diOlOXV%2F1HFm1PduLirmgfBryIkOK56FNC587IQ5SjpirHzSHH7%2F--5TzlDMxlepiqxOpq--YYwg%2F1xkMZ%2FwTK1FzRB88Q%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
date: Mon, 05 Dec 2022 05:00:02 GMT
server: nginx/1.21.4
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 3f7a33f5-0e87-47c2-90b7-d335e58fd169
x-runtime: 0.062905
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
33fea367af658d67d6f00459d9486182
81b519129c00bbe424b3a95075dd92ca54d9ba73
b51f8f4742cda91a592c076f3d3ebf37035680ce878b0a3fa027523f533bc90b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=164244
Date: Mon, 05 Dec 2022 05:00:02 GMT
Etag: "638d5966-1d7"
Expires: Wed, 07 Dec 2022 02:37:26 GMT
Last-Modified: Mon, 05 Dec 2022 02:37:26 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jL63Op_je_2XC2-zlanvynY_c-GvXfWPbsvpcX1xmxvMSLcEfJjLwA==

dob.payment.io/v2/log

108.128.120.51

200 OK

0 B

URL HTTP/2
dob.payment.io/v2/log
IP
108.128.120.51:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

POST /v2/log HTTP/1.1
Host: dob.payment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dob.payment.io/v3/consent?token=e7f15fa3-43b2-41c9-8bc0-503164fa903c&errorUrl=https%3A%2F%2Ftelenor.checkout.sla-alacrity.com%2Fcallback%2Ferror%3Fid%3Dd6aa3c40f475198d8b3a64cd74f4d9c0
Content-Type: text/plain;charset=UTF-8
Origin: https://dob.payment.io
Content-Length: 197
Connection: keep-alive
Cookie: sessionId=7f366fc6f91141bd83f7c7496317cedb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:03 GMT
content-length: 0
set-cookie: sessionId=7f366fc6f91141bd83f7c7496317cedb;Version=1;Path=/;HttpOnly
vary: Accept-Encoding
X-Firefox-Spdy: h2

dob.payment.io/v2/log

108.128.120.51

200 OK

0 B

URL HTTP/2
dob.payment.io/v2/log
IP
108.128.120.51:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

POST /v2/log HTTP/1.1
Host: dob.payment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dob.payment.io/v3/consent?token=e7f15fa3-43b2-41c9-8bc0-503164fa903c&errorUrl=https%3A%2F%2Ftelenor.checkout.sla-alacrity.com%2Fcallback%2Ferror%3Fid%3Dd6aa3c40f475198d8b3a64cd74f4d9c0
Content-Type: text/plain;charset=UTF-8
Origin: https://dob.payment.io
Content-Length: 25
Connection: keep-alive
Cookie: sessionId=7f366fc6f91141bd83f7c7496317cedb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:03 GMT
content-length: 0
set-cookie: sessionId=7f366fc6f91141bd83f7c7496317cedb;Version=1;Path=/;HttpOnly
vary: Accept-Encoding
X-Firefox-Spdy: h2

dob.payment.io/v2/log

108.128.120.51

200 OK

0 B

URL HTTP/2
dob.payment.io/v2/log
IP
108.128.120.51:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

POST /v2/log HTTP/1.1
Host: dob.payment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dob.payment.io/v3/consent?token=e7f15fa3-43b2-41c9-8bc0-503164fa903c&errorUrl=https%3A%2F%2Ftelenor.checkout.sla-alacrity.com%2Fcallback%2Ferror%3Fid%3Dd6aa3c40f475198d8b3a64cd74f4d9c0
Content-Type: text/plain;charset=UTF-8
Origin: https://dob.payment.io
Content-Length: 19
Connection: keep-alive
Cookie: sessionId=7f366fc6f91141bd83f7c7496317cedb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:03 GMT
content-length: 0
set-cookie: sessionId=7f366fc6f91141bd83f7c7496317cedb;Version=1;Path=/;HttpOnly
vary: Accept-Encoding
X-Firefox-Spdy: h2

dob.payment.io/web-vitals

108.128.120.51

200 OK

0 B

URL HTTP/2
dob.payment.io/web-vitals
IP
108.128.120.51:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

POST /web-vitals HTTP/1.1
Host: dob.payment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 150
Origin: https://dob.payment.io
Connection: keep-alive
Referer: https://dob.payment.io/v3/consent?token=e7f15fa3-43b2-41c9-8bc0-503164fa903c&errorUrl=https%3A%2F%2Ftelenor.checkout.sla-alacrity.com%2Fcallback%2Ferror%3Fid%3Dd6aa3c40f475198d8b3a64cd74f4d9c0
Cookie: sessionId=7f366fc6f91141bd83f7c7496317cedb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:03 GMT
content-length: 0
set-cookie: sessionId=7f366fc6f91141bd83f7c7496317cedb;Version=1;Path=/;HttpOnly
vary: Accept-Encoding
X-Firefox-Spdy: h2

dob.payment.io/web-vitals

108.128.120.51

200 OK

0 B

URL HTTP/2
dob.payment.io/web-vitals
IP
108.128.120.51:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

POST /web-vitals HTTP/1.1
Host: dob.payment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 151
Origin: https://dob.payment.io
Connection: keep-alive
Referer: https://dob.payment.io/v3/consent?token=e7f15fa3-43b2-41c9-8bc0-503164fa903c&errorUrl=https%3A%2F%2Ftelenor.checkout.sla-alacrity.com%2Fcallback%2Ferror%3Fid%3Dd6aa3c40f475198d8b3a64cd74f4d9c0
Cookie: sessionId=7f366fc6f91141bd83f7c7496317cedb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:03 GMT
content-length: 0
set-cookie: sessionId=7f366fc6f91141bd83f7c7496317cedb;Version=1;Path=/;HttpOnly
vary: Accept-Encoding
X-Firefox-Spdy: h2

dob.payment.io/consent-vitals

108.128.120.51

200 OK

0 B

URL HTTP/2
dob.payment.io/consent-vitals
IP
108.128.120.51:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Telenor
urlquery	phishing	Phishing - Telenor

HTTP Headers

POST /consent-vitals HTTP/1.1
Host: dob.payment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 169
Origin: https://dob.payment.io
Connection: keep-alive
Referer: https://dob.payment.io/v3/consent?token=e7f15fa3-43b2-41c9-8bc0-503164fa903c&errorUrl=https%3A%2F%2Ftelenor.checkout.sla-alacrity.com%2Fcallback%2Ferror%3Fid%3Dd6aa3c40f475198d8b3a64cd74f4d9c0
Cookie: sessionId=7f366fc6f91141bd83f7c7496317cedb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:03 GMT
content-length: 0
set-cookie: sessionId=7f366fc6f91141bd83f7c7496317cedb;Version=1;Path=/;HttpOnly
vary: Accept-Encoding
X-Firefox-Spdy: h2

telenor.checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http://prod.digitaltechnology.co/v1/redirect/no/telnor?transaction_id=e1k0j6uY7fCc

54.72.64.105

200 OK

0 B

URL HTTP/2
telenor.checkout.sla-alacrity.com/purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http://prod.digitaltechnology.co/v1/redirect/no/telnor?transaction_id=e1k0j6uY7fCc
IP
54.72.64.105:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /purchase?correlator=e1k0j6uY7fCc&merchant=partner:a0dfd008377a0dc98ff2e28b18cf12fd8f912bc2&service=campaign:d078d24ebb8575b50f1090890b2c0c446bb36c30&redirect_url=http://prod.digitaltechnology.co/v1/redirect/no/telnor?transaction_id=e1k0j6uY7fCc HTTP/1.1
Host: telenor.checkout.sla-alacrity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:00 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.4
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
link: </assets/tailwind-f9b7d004f09d04874f4228e500e0a5ac1ec12899ff30c3c7d6a635b8a3011e67.css>; rel=preload; as=style; nopush,</assets/inter-font-8c3e82affb176f4bca9616b838d906343d1251adc8408efe02cf2b1e4fcf2bc4.css>; rel=preload; as=style; nopush,</assets/application-e659e1a0d2dcc91d56eddcca4f93f92fd0442b4faecd20fde43719c7bd4fc36b.css>; rel=preload; as=style; nopush,</assets/es-module-shims.min-00d63bab8ac9742a4abcbecf1d17a40754778ee14aa2bcde069754c5265053e9.js>; rel=preload; as=script; nopush
etag: W/"ad98fb2f36f054c34ec64e432cbf2ee0"
cache-control: max-age=0, private, must-revalidate
set-cookie: _checkout_telenor_session=p4fCP7MaEGtVDnmFCXkZNnP3qt95whC6p61ODarhhtC5lH%2BqL%2F19rGlutNMo985FyJRCInbdU6tohzBeVGIBmMdlIHN%2FTnXCDXErumUlK5N9tAQrWguxEujB%2BZqSJGLEPuczuYvr218PuKtr2gVpwxyi6dSrVaOd4CZ6mOlfeoEz%2FeQldOY2MVRXITUD1wOD48613dcdX01PNSwQEPh2dMzagJ3UPmhJ%2BF8K%2B7BJ%2BC%2FsBwZM4ANM6SB1diOlOXV%2F1HFm1PduLirmgfBryIkOK56FNC587IQ5SjpirHzSHH7%2F--5TzlDMxlepiqxOpq--YYwg%2F1xkMZ%2FwTK1FzRB88Q%3D%3D; path=/; HttpOnly; SameSite=Lax
x-request-id: 6a04451c-a6b5-4cac-96e9-adb835fe657f
x-runtime: 0.211117
content-encoding: gzip
X-Firefox-Spdy: h2

fd.sla-alacrity.com/token/fingerprint?token=81927157-ef42-455c-abe9-c7d2f88da450&fingerprint=9e4947f35751465411fd1a4f5c358c78

52.18.91.147

200 OK

0 B

URL HTTP/2
fd.sla-alacrity.com/token/fingerprint?token=81927157-ef42-455c-abe9-c7d2f88da450&fingerprint=9e4947f35751465411fd1a4f5c358c78
IP
52.18.91.147:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /token/fingerprint?token=81927157-ef42-455c-abe9-c7d2f88da450&fingerprint=9e4947f35751465411fd1a4f5c358c78 HTTP/1.1
Host: fd.sla-alacrity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telenor.checkout.sla-alacrity.com/
Origin: https://telenor.checkout.sla-alacrity.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:02 GMT
content-type: text/plain; charset=utf-8
server: nginx/1.21.4
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-expose-headers: 
access-control-max-age: 1728000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-allow-headers: Origin,Accept,Content-Type,X-Requested-With,X-CSRF-Token
vary: Accept, Origin
etag: W/"2689367b205c16ce32ed4200942b8b8b"
cache-control: max-age=0, private, must-revalidate
x-request-id: bef4dd41-9d02-48a8-99cd-19c4677ac6c2
x-runtime: 0.223888
content-encoding: gzip
X-Firefox-Spdy: h2

dob.payment.io/v3/consent?token=e7f15fa3-43b2-41c9-8bc0-503164fa903c&errorUrl=https%3A%2F%2Ftelenor.checkout.sla-alacrity.com%2Fcallback%2Ferror%3Fid%3Dd6aa3c40f475198d8b3a64cd74f4d9c0

108.128.120.51

200 OK

0 B

URL HTTP/2
dob.payment.io/v3/consent?token=e7f15fa3-43b2-41c9-8bc0-503164fa903c&errorUrl=https%3A%2F%2Ftelenor.checkout.sla-alacrity.com%2Fcallback%2Ferror%3Fid%3Dd6aa3c40f475198d8b3a64cd74f4d9c0
IP
108.128.120.51:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v3/consent?token=e7f15fa3-43b2-41c9-8bc0-503164fa903c&errorUrl=https%3A%2F%2Ftelenor.checkout.sla-alacrity.com%2Fcallback%2Ferror%3Fid%3Dd6aa3c40f475198d8b3a64cd74f4d9c0 HTTP/1.1
Host: dob.payment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://telenor.checkout.sla-alacrity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:00:03 GMT
content-type: text/html
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-security-policy: base-uri 'none'; object-src 'none'; script-src 'nonce-9c66df7552fb47f19c2902fa92058e68'; style-src 'nonce-9c66df7552fb47f19c2902fa92058e68'  https://fonts.googleapis.com 'nonce-9c66df7552fb47f19c2902fa92058e68'; font-src https://fonts.gstatic.com data:; default-src 'none'; img-src data:; connect-src 'self'; form-action 'none'; frame-ancestors 'none'; report-uri /csp-violation-report
set-cookie: sessionId=7f366fc6f91141bd83f7c7496317cedb;Version=1;Path=/;HttpOnly
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations