| r3.o.lencr.org/ |  23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash78f1f94544ef06b96bb43283f59d100f fa2f1a3730a98c6fa5ebf976143fb6093a7298be 889af22ee304adea2e23491acbc89ebdcaf322e8c45af2bebf7520e3e9b0a6a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "889AF22EE304ADEA2E23491ACBC89EBDCAF322E8C45AF2BEBF7520E3E9B0A6A9"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5607
Expires: Fri, 30 Dec 2022 08:16:38 GMT
Date: Fri, 30 Dec 2022 06:43:11 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashe717435470c9f4f06b174d7100c6a98f 292150251495b243c384e0c676a258597ba7f4d8 91ce8257662cb8cea9cc3c74cda1d95dba421daa466b0ac231fa433e0c58e6c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91CE8257662CB8CEA9CC3C74CDA1D95DBA421DAA466B0AC231FA433E0C58E6C6"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8590
Expires: Fri, 30 Dec 2022 09:06:21 GMT
Date: Fri, 30 Dec 2022 06:43:11 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ |  35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 30 Dec 2022 06:35:33 GMT
content-type: application/json
age: 458
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash428881081ad357fb55af33ebf9d12c16 29b7be72f76da07db4a03fb1bc57ffe16d520a22 9adff7f91b147b0d93166bc4ece0dd31fd19fd8b2c269a6a596a1e902f49a1fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9ADFF7F91B147B0D93166BC4ECE0DD31FD19FD8B2C269A6A596A1E902F49A1FE"
Last-Modified: Wed, 28 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9275
Expires: Fri, 30 Dec 2022 09:17:46 GMT
Date: Fri, 30 Dec 2022 06:43:11 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashb1fcd419a4245617397846e8d17233f6 2a037ce244587640b27ead9a0ec2af4f862d91b2 e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Ac6Vfy40hTzQU930xQai6ja3SKDbvosX6x6Im52lEoTk60joKACDCuHrreIiPDbByHZ2gE0z7oY=
x-amz-request-id: VET395EHRMXCSG6E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 30 Dec 2022 05:56:54 GMT
age: 2777
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc4e06757ec4a7fe330a71dcb57646d81 49edf09f88bba4809db40d3abc31824b44f411b9 26f5717a630b433ee19cf5f22a3b63ae5f0fec32447286caa33a1c3cd0ca7d89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26F5717A630B433EE19CF5F22A3B63AE5F0FEC32447286CAA33A1C3CD0CA7D89"
Last-Modified: Thu, 29 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21576
Expires: Fri, 30 Dec 2022 12:42:48 GMT
Date: Fri, 30 Dec 2022 06:43:12 GMT
Connection: keep-alive
|
|
| dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/index.php |  77.73.133.113 | 200 OK | 7.8 kB |
URL HTTP/1.1dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/index.php IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (936) Hashe0e701d71b9d7cda839fef2b4de6f6ec 2062ac14b8e597449c25bc20f65b68f1b0844f97 dfdc024f5109990134c1675a708678bcbf55b49f83ed67c3867ead11d71f2490
| Analyzer | Verdict | Alert |
|---|
| openphish | Raiffeisen Bank S.A. | | | fortinet | Phishing | | | quad9 | Sinkholed | |
GET /payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/index.php HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 30 Dec 2022 06:43:12 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/styles.css | 77.73.133.113 | 200 OK | 19 kB |
URL HTTP/1.1dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/styles.css IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
Hashbb7a6e375f2e2e45be49249ef9fa975b 1311a79d627fd0b2d28e09f018da71fc4fd699b5 01d3c6be2899c0355cabc17aca132e5c85be34e3681010a6f1241c8a0dde7cc5
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/styles.css HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:12 GMT
Content-Type: text/css
Last-Modified: Mon, 12 Sep 2022 00:01:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"631e76d6-24193"
Expires: Sat, 31 Dec 2022 06:43:12 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
|
|
| code.jquery.com/jquery-3.6.1.min.js | 69.16.175.10 | 200 OK | 31 kB |
URL HTTP/2code.jquery.com/jquery-3.6.1.min.js IP69.16.175.10:0
File typeASCII text, with very long lines (65447) Hash2c8fb5f779970f005faea6e0f60c7e85 c9b676abdb36ea6ccf133eb7641236a7f53dd815 d14d28eea362f345cb56e1ae1244737768d80bc60dea930f308bde89dfa0c0f1
GET /jquery-3.6.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dodopay.eu
Connection: keep-alive
Referer: https://dodopay.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 06:43:12 GMT
content-encoding: gzip
content-length: 30957
content-type: application/javascript; charset=utf-8
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
accept-ranges: bytes
server: nginx
etag: W/"63090485-15e40"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CJCtup0GEocBCiRjMDkxZTc4Zi1hZjg5LTRiZjEtYmM1Mi03NzI3NjE1MzAwMDMQ+OiCoKvU+wIaBgiAkbqdBiIMOTEuOTAuNDIuMTU0KIj3ATADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkZTk0M2I5ODEtZTczMy00MjQ4LWIxOTItMWE1MTIyNTNlMDYxGO3xASIYCAISFGNkczIwNi5zazEuaHdjZG4ubmV0.ZSkPkBBulelfDOY/RT3G/bKp58f2cKMC5R+JdBwg7i8=
x-hw: 1672382592.dop001.sk1.t,1672382592.cds247.sk1.hn,1672382592.cds206.sk1.c
X-Firefox-Spdy: h2
|
|
| dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/main.555ddd057de3e938.js | 77.73.133.113 | 404 Not Found | 244 B |
URL HTTP/1.1dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/main.555ddd057de3e938.js IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash241dd884351c22a2e62cc748c8751a63 eee950001a7a3fde69d4bd7d94a6bb069ef03f9c 6ad84dcafd0ec7619d823a90f4fda9899e0beddf01466da755cc8e1bbfb582a5
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
GET /payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/main.555ddd057de3e938.js HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:12 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
|
|
| dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/polyfills.e5a661f0eac88ecf.js | 77.73.133.113 | 404 Not Found | 246 B |
URL HTTP/1.1dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/polyfills.e5a661f0eac88ecf.js IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hashdf13d48991d7c06a1ea7ab768c801cf3 1e780d12bc8ab4bad638122f5b13594a55ceffd7 35eed0918f08b8783890280b6b7526688038d19b59e410311c0d67d1fccdd759
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
GET /payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/polyfills.e5a661f0eac88ecf.js HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:12 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
|
|
| ocsp.quovadisglobal.com/ | 152.195.132.213 | 200 OK | 1.5 kB |
IP152.195.132.213:0
Hash237aab046ab1bd5faeaa4b1ab5e2eda6 cc5fc41bd7e611af2406603ef2bdf6652c95063d 41228ae0d99899190d71ff2ee1d0b6969dd2e33b65304e78a9e2b14ed1ab9e47
POST / HTTP/1.1
Host: ocsp.quovadisglobal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=155519,public,no-transform,must-revalidate
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 06:43:12 GMT
Etag: "cc5fc41bd7e611af2406603ef2bdf6652c95063d"
Expires: Sun, 01 Jan 2023 06:43:11 GMT
Last-Modified: Fri, 30 Dec 2022 06:43:12 GMT
Server: Apache
Content-Length: 1502
|
|
| ocsp.quovadisglobal.com/ | 152.195.132.213 | 200 OK | 1.5 kB |
IP152.195.132.213:0
Hash237aab046ab1bd5faeaa4b1ab5e2eda6 cc5fc41bd7e611af2406603ef2bdf6652c95063d 41228ae0d99899190d71ff2ee1d0b6969dd2e33b65304e78a9e2b14ed1ab9e47
POST / HTTP/1.1
Host: ocsp.quovadisglobal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=155519,public,no-transform,must-revalidate
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 06:43:12 GMT
Etag: "cc5fc41bd7e611af2406603ef2bdf6652c95063d"
Expires: Sun, 01 Jan 2023 06:43:11 GMT
Last-Modified: Fri, 30 Dec 2022 06:43:12 GMT
Server: Apache
Content-Length: 1502
|
|
| ocsp.quovadisglobal.com/ | 152.195.132.213 | 200 OK | 1.5 kB |
IP152.195.132.213:0
Hash237aab046ab1bd5faeaa4b1ab5e2eda6 cc5fc41bd7e611af2406603ef2bdf6652c95063d 41228ae0d99899190d71ff2ee1d0b6969dd2e33b65304e78a9e2b14ed1ab9e47
POST / HTTP/1.1
Host: ocsp.quovadisglobal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=155519,public,no-transform,must-revalidate
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 06:43:12 GMT
Etag: "cc5fc41bd7e611af2406603ef2bdf6652c95063d"
Expires: Sun, 01 Jan 2023 06:43:11 GMT
Last-Modified: Fri, 30 Dec 2022 06:43:12 GMT
Server: Apache
Content-Length: 1502
|
|
| login.raiffeisen.ch/unsupported-browser/bootstrap-fallback.js |  91.206.104.105 | 200 OK | 743 B |
URL HTTP/1.1login.raiffeisen.ch/unsupported-browser/bootstrap-fallback.js IP91.206.104.105:0 ASN#15532 Raiffeisen Schweiz Genossenschaft
Hash83353f4af33ec965f4ef3fca7e153d87 fd4cba7eaf0c701395587aa9206520399d1c314b 3661e1769b284efa9ff8497a7ecbc82451ca0fae78f10efa038ce2c64f45bbb9
GET /unsupported-browser/bootstrap-fallback.js HTTP/1.1
Host: login.raiffeisen.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dodopay.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 06:43:13 GMT
Server: Apache
Permissions-Policy: interest-cohort=()
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Set-Cookie: dtCookie=$xc/g_5BSGevmf_hmF4QnzfPtaE22Ddut9g_Qc!2cLTPBmCCQIlbue9yD6OSHpO1Sjd2tXnFoFkbn2UkSBzRKwQblw_irtv4WshQqFKYb9L_gdpOFZgsls4gLbLIkv5UFSAFZU4auXgvOqabL26lj6xErQqhCCA=; Path=/; Secure; HttpOnly
Content-Length: 743
cache-control: public, max-age=1209600
last-modified: Fri, 11 Nov 2022 14:01:37 GMT
etag: "1048611-33069870-1668175297000"
server-timing: dtSInfo;desc="0", dtRpid;desc="545025757"
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Keep-Alive: timeout=10, max=500
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 30 Dec 2022 06:33:31 GMT
age: 581
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| login.raiffeisen.ch/dynatrace/ruxitagentjs_ICA2Vfgjqrux_10245220704125537.js | 91.206.104.105 | 200 OK | 247 kB |
URL HTTP/1.1login.raiffeisen.ch/dynatrace/ruxitagentjs_ICA2Vfgjqrux_10245220704125537.js IP91.206.104.105:0 ASN#15532 Raiffeisen Schweiz Genossenschaft
File typeASCII text, with very long lines (2058) Size247 kB (246555 bytes) Hash57303d9764fe4246291399504e56e12c 2412e747b8b7c06c56cc29d716e3d45af3d903f8 8624ae911898001dcb4783b02619a7adf0bc403859f15ec8416fb5beb5dd3439
GET /dynatrace/ruxitagentjs_ICA2Vfgjqrux_10245220704125537.js HTTP/1.1
Host: login.raiffeisen.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dodopay.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 06:43:13 GMT
Server: Apache
Permissions-Policy: interest-cohort=()
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 246555
cache-control: public, max-age=3600
expires: Fri, 30 Dec 2022 07:43:12 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Keep-Alive: timeout=10, max=500
Connection: Keep-Alive
Content-Type: text/javascript; charset=utf-8
|
|
| dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/logo.png | 77.73.133.113 | 200 OK | 7.6 kB |
URL HTTP/1.1dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/logo.png IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
File typePNG image data, 699 x 109, 8-bit/color RGBA, non-interlaced\012- data Hash621f309c2d15fbfb3b4d16f9a1c038df 0febd520006f0952cfc41ad2b82c0872c2560117 717259c20c878e957d95cc4828b31d18c4b242e40305f37b70146a0c5bc7a188
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/logo.png HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:12 GMT
Content-Type: image/png
Content-Length: 7568
Last-Modified: Sun, 11 Sep 2022 23:57:30 GMT
Connection: keep-alive
ETag: "631e75ea-1d90"
Expires: Sat, 31 Dec 2022 06:43:12 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash0a08dc71eb7ba3512abb4d29505eb034 e66404bda80b355bae30b0d4db3daa193a6e4276 357891f99263d30eaded85985217d9627cd60369ee8d01a7eacdb2d0f2d8b2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6583
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 06:43:12 GMT
Last-Modified: Fri, 30 Dec 2022 04:53:29 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
|
|
| dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/frutiger-next-regular.b3240874a45bcc46.woff2 | 77.73.133.113 | 404 Not Found | 311 B |
URL HTTP/1.1dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/frutiger-next-regular.b3240874a45bcc46.woff2 IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash2c488b1ac71e74a716c0cbf830e9e1a1 1e8b39e842e39ded4cf132c2577e512fd7e38e9c 179e6b7c6cd2ee8acef017ebf3c5c9f33175006973e90db224d893fa33e232fd
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
GET /payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/frutiger-next-regular.b3240874a45bcc46.woff2 HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/styles.css
Cookie: dtCookie=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C; rxVisitor=1672382586898TF93MPFIPEKRHE7975A5QR3Q33NL2O3G; dtPC=-2$182586892_864h1vNRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0e0; rxvt=1672384386905|1672382586900; dtLatC=254; dtSa=-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:12 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
|
|
| dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/frutiger-next-light.0aa002870d5c395d.woff2 | 77.73.133.113 | 404 Not Found | 309 B |
URL HTTP/1.1dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/frutiger-next-light.0aa002870d5c395d.woff2 IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash1d838dd099334c5e5dc269a4700e9265 72a8b2fb46bd01efdf646af808ce010bcefa28af a73e65b22c2976d6a459e964d2dc971a2101fc2194660e009299afb0605e62ec
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
GET /payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/frutiger-next-light.0aa002870d5c395d.woff2 HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/styles.css
Cookie: dtCookie=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C; rxVisitor=1672382586898TF93MPFIPEKRHE7975A5QR3Q33NL2O3G; dtPC=-2$182586892_864h1vNRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0e0; rxvt=1672384386905|1672382586900; dtLatC=254; dtSa=-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:12 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
|
|
| dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/frutiger-next-bold.19f512cdc8984c43.woff2 | 77.73.133.113 | 404 Not Found | 308 B |
URL HTTP/1.1dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/frutiger-next-bold.19f512cdc8984c43.woff2 IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hasha6e0d5fbc13488bbed479d2553cfadea 2dd661653788fe43cdebde51dd4a35eb7664a47f 12f420c3aff9b701d1157e2cd19c1cfb1976fb957b66aacd88e19d84b3570a42
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
GET /payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/frutiger-next-bold.19f512cdc8984c43.woff2 HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/styles.css
Cookie: dtCookie=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C; rxVisitor=1672382586898TF93MPFIPEKRHE7975A5QR3Q33NL2O3G; dtPC=-2$182586892_864h1vNRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0e0; rxvt=1672384386905|1672382586900; dtLatC=254; dtSa=-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:12 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
|
|
| dodopay.eu/rfdwdc/ch | 77.73.133.113 | 404 Not Found | 181 B |
IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash40851b142af8f01f529ace64f4db680e 9d1ee91cf3b498168a8e84b6efd28ac70d899ecf b2a36771f878db171cd63fbfe212599fd819ec80c665325afcaf7712901c3ad0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
POST /rfdwdc/ch HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/index.php
Content-Type: text/plain;charset=UTF-8
Origin: https://dodopay.eu
Content-Length: 128
Connection: keep-alive
Cookie: dtCookie=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C; rxVisitor=1672382586898TF93MPFIPEKRHE7975A5QR3Q33NL2O3G; dtPC=-2$182586892_864h1vNRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0e0; rxvt=1672384386905|1672382586900; dtLatC=254; dtSa=-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:12 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
|
|
| login.raiffeisen.ch/unsupported-browser/bootstrap-fallback.js | 91.206.104.105 | 200 OK | 743 B |
URL HTTP/1.1login.raiffeisen.ch/unsupported-browser/bootstrap-fallback.js IP91.206.104.105:0 ASN#15532 Raiffeisen Schweiz Genossenschaft
Hash83353f4af33ec965f4ef3fca7e153d87 fd4cba7eaf0c701395587aa9206520399d1c314b 3661e1769b284efa9ff8497a7ecbc82451ca0fae78f10efa038ce2c64f45bbb9
GET /unsupported-browser/bootstrap-fallback.js HTTP/1.1
Host: login.raiffeisen.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dodopay.eu/
Content-Type: text/plain;charset=UTF-8
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 06:43:14 GMT
Server: Apache
Permissions-Policy: interest-cohort=()
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Set-Cookie: dtCookie=$xc/ow1ThFb44KlUz!fkfU1RiGCCKZ0aTCD_L3JGR5MXx7Bn3hO7iIZ6klrzHCYCtaXg9CnfUEO1lYsGkFYnNHI6!NEKoVvAl7xkCRsaTYTcbNzzyOpFY3LQter9XCw4XH_9TdZxRoad4q1bLew1hho39EZ!Hio=; Path=/; Secure; HttpOnly
Content-Length: 743
cache-control: public, max-age=1209600
last-modified: Fri, 11 Nov 2022 14:01:37 GMT
etag: "1048633-222337090-1668175297000"
server-timing: dtSInfo;desc="0", dtRpid;desc="-751610805"
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Keep-Alive: timeout=10, max=500
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| dodopay.eu/rfdwdc/c | 77.73.133.113 | 404 Not Found | 181 B |
IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash260edcf8683b0e2f9da0164d7e9eb281 b77b2186d2ccdff338ddcd71b3c7550cc7b083ee 48fae155f0feae55b84c9b6cc403dabdc96f29ec351be928795a3a87ccc3f14a
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
POST /rfdwdc/c HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/index.php
Content-Type: text/plain;charset=UTF-8
Origin: https://dodopay.eu
Content-Length: 1984
Connection: keep-alive
Cookie: dtCookie=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C; rxVisitor=1672382586898TF93MPFIPEKRHE7975A5QR3Q33NL2O3G; dtPC=-2$182586892_864h1vNRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0e0; rxvt=1672384386905|1672382586900; dtLatC=254; dtSa=-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:13 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
|
|
| dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/polyfills.e5a661f0eac88ecf.js | 77.73.133.113 | 404 Not Found | 246 B |
URL HTTP/1.1dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/polyfills.e5a661f0eac88ecf.js IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hashdf13d48991d7c06a1ea7ab768c801cf3 1e780d12bc8ab4bad638122f5b13594a55ceffd7 35eed0918f08b8783890280b6b7526688038d19b59e410311c0d67d1fccdd759
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
GET /payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/polyfills.e5a661f0eac88ecf.js HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/index.php
Content-Type: text/plain;charset=UTF-8
Connection: keep-alive
Cookie: dtCookie=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C; rxVisitor=1672382586898TF93MPFIPEKRHE7975A5QR3Q33NL2O3G; dtPC=-2$182586892_864h1vNRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0e0; rxvt=1672384386905|1672382586900; dtLatC=254; dtSa=-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:13 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
|
|
| push.services.mozilla.com/ | 54.186.209.73 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.186.209.73:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cl0uO4GQ3fjFJ7/OIogaCw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IkEg5Lmcd8iOhqZd8dNOHpnWexk=
|
|
| dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/frutiger-next-light.b8df483613e9b715.woff | 77.73.133.113 | 404 Not Found | 308 B |
URL HTTP/1.1dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/frutiger-next-light.b8df483613e9b715.woff IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hashed8d3e9b4c5433b914f0a20522e90bce 8ea7112628a7351c07d061fb189bd894ef90ed56 dcf28044452a8bc92b149ccd5aecae9fd470afaaad1ece0dbd867a1dd24c968e
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
GET /payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/frutiger-next-light.b8df483613e9b715.woff HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/styles.css
Cookie: dtCookie=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C; rxVisitor=1672382586898TF93MPFIPEKRHE7975A5QR3Q33NL2O3G; dtPC=-2$182586892_864h1vNRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0e0; rxvt=1672384386905|1672382586900; dtLatC=254; dtSa=-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:13 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
|
|
| dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/frutiger-next-regular.9d4d48b5388fd4cd.woff | 77.73.133.113 | 404 Not Found | 310 B |
URL HTTP/1.1dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/frutiger-next-regular.9d4d48b5388fd4cd.woff IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash9b72cdac2fd945b6c776dbffe43530cb be95e35f51b712c571aca072bf782dbf8af13ca7 6dddd99fca9449f85f037cffd0d312523921344aaddb8f1c11d8a65e4c0a1301
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
GET /payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/frutiger-next-regular.9d4d48b5388fd4cd.woff HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/styles.css
Cookie: dtCookie=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C; rxVisitor=1672382586898TF93MPFIPEKRHE7975A5QR3Q33NL2O3G; dtPC=-2$182586892_864h1vNRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0e0; rxvt=1672384386905|1672382586900; dtLatC=254; dtSa=-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:13 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
|
|
| dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/frutiger-next-bold.1e51a0883cb9c392.woff | 77.73.133.113 | 404 Not Found | 307 B |
URL HTTP/1.1dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/frutiger-next-bold.1e51a0883cb9c392.woff IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash4a1eaa5beb066fc7ed091dcd2f3868bc ab085758382aef9ccd11297c7604d70ea7001333 bdc62d332a65b0b099a157152bde46cebc815450e5a5f69ce9cceeb12187670f
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
GET /payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/frutiger-next-bold.1e51a0883cb9c392.woff HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/styles.css
Cookie: dtCookie=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C; rxVisitor=1672382586898TF93MPFIPEKRHE7975A5QR3Q33NL2O3G; dtPC=-2$182586892_864h1vNRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0e0; rxvt=1672384386905|1672382586900; dtLatC=254; dtSa=-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:13 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
|
|
| dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/favicon.ico | 77.73.133.113 | 404 Not Found | 231 B |
URL HTTP/1.1dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/favicon.ico IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hashe8429ee6290d58566bb430e997a1c1f8 17ef4e47e778a0b525d96670f1c2db8b5d69747c f981976da41d9548f494c803aff22bd276286c2bc283478848e43e04b2e6591a
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/favicon.ico HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/index.php
Cookie: dtCookie=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C; rxVisitor=1672382586898TF93MPFIPEKRHE7975A5QR3Q33NL2O3G; dtPC=-2$182586892_864h1vNRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0e0; rxvt=1672384386905|1672382586900; dtLatC=254; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:13 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
|
|
| dodopay.eu/rfdwdc/c/i?c=U2FsdGVkX19XF1XB3J11C6Cj2VoLJsOH%2BSups%2FyCddYhPyPD2Usrdcw0CDnt3MvC%2FqLUFDZy2LkVnp8%2BRdC8NqykdLcCkerlkIEq0ynE%2Fin4QTW282ckLNPAi7Fsig2nNJATnDH11HbLX1OewuUqCDqWdA39bRB7zMERP5sHZ4VSkYXIrVToymX%2FGteKOD7nCtyPT%2FP5Hr2T5oLVNJZfDlwV1Zsjv8snCuzGWomqBGrXDoYjRSYCJBXooZmXBL1lPpEqDW3scg3hprPlgwzwLRe13wKj%2FPoetZdpDYL9r0bNbSA8xOzAPypOan35w6eZy7J4m4DxLyUO7VlCGrDch3DaSKwvu%2BG9jv0d%2BfQMvdrX%2BOWghPi8Z5BTBIA3xBRKWjLiSspqDExypMajOXLiZt00%2F8n3%2F0c3xliKG8siVaRlwbTsMNIKczlJFvS3qTMEvKyZt44CG7TCVvGOcxhB%2Bl9vgbMZc8Om5fHiBYjY6ZZlPwIaksU%2BFigoQORDLA5hKbAHUBSml7SPIo%2BnorraJd%2B4hkEzIlWid0jawTcsY93mhmOOUW3TC%2Fc7mdRT0kjmEuhQdrSb6UOq6eR0SINqzlg7R0V83crkdvIVSOT3OWXBYuEd3KYbuUR1xrhs7pLH%2FGfptwQLEMviQq5QYvKvHXfCfDSGpfBXzX6bUqmU%2FC9%2FqrJ%2BSYEg8exmI%2Fe%2Ffe%2BruPT79Agu5XlGzC5gJxTDSPCsF2qpLUgzOja72SsdkKkifAvak9ji7QLoTPLnJ1CqFNCLX9ZPGFfRZpiqDhc6Uk%2F1xG1OOmLS7WqEuzOen9KPwZcypLgsQYLiToAXPwrJWVP6%2FF8OQ7KNf2nM37PQgRA%2FNumz%2FStBiVBf622KELG%2FhImOVu4btbh2PhZ2zvlKDFgUn28NVIZbIIiceQpoLwM%2FEOagIT3xuvV%2FwY8l3ljMBECHhnA6E5UZ7ViAYSJjx27SiU1N1iUmYqoPUBAQPIW0V7t5QpseCLDTjJhN2BDWkWGHJEtU2kFxEuIuXDHlLlhhIJTatdBqW6IzxQgjPdE0by115SLOI3iErpzNnzZ8dMhMpV1wtafc%2B90B%2FY5zYrW%2FKde674n%2B9pHRIyD2fUVWWk4exRCDPZdGvMEwoKkNv2oI5BSIyfiwciB6%2Bi6f96QKNzbwNW2jWTu6k%2F1lTg%3D%3D | 77.73.133.113 | 404 Not Found | 182 B |
URL HTTP/1.1dodopay.eu/rfdwdc/c/i?c=U2FsdGVkX19XF1XB3J11C6Cj2VoLJsOH%2BSups%2FyCddYhPyPD2Usrdcw0CDnt3MvC%2FqLUFDZy2LkVnp8%2BRdC8NqykdLcCkerlkIEq0ynE%2Fin4QTW282ckLNPAi7Fsig2nNJATnDH11HbLX1OewuUqCDqWdA39bRB7zMERP5sHZ4VSkYXIrVToymX%2FGteKOD7nCtyPT%2FP5Hr2T5oLVNJZfDlwV1Zsjv8snCuzGWomqBGrXDoYjRSYCJBXooZmXBL1lPpEqDW3scg3hprPlgwzwLRe13wKj%2FPoetZdpDYL9r0bNbSA8xOzAPypOan35w6eZy7J4m4DxLyUO7VlCGrDch3DaSKwvu%2BG9jv0d%2BfQMvdrX%2BOWghPi8Z5BTBIA3xBRKWjLiSspqDExypMajOXLiZt00%2F8n3%2F0c3xliKG8siVaRlwbTsMNIKczlJFvS3qTMEvKyZt44CG7TCVvGOcxhB%2Bl9vgbMZc8Om5fHiBYjY6ZZlPwIaksU%2BFigoQORDLA5hKbAHUBSml7SPIo%2BnorraJd%2B4hkEzIlWid0jawTcsY93mhmOOUW3TC%2Fc7mdRT0kjmEuhQdrSb6UOq6eR0SINqzlg7R0V83crkdvIVSOT3OWXBYuEd3KYbuUR1xrhs7pLH%2FGfptwQLEMviQq5QYvKvHXfCfDSGpfBXzX6bUqmU%2FC9%2FqrJ%2BSYEg8exmI%2Fe%2Ffe%2BruPT79Agu5XlGzC5gJxTDSPCsF2qpLUgzOja72SsdkKkifAvak9ji7QLoTPLnJ1CqFNCLX9ZPGFfRZpiqDhc6Uk%2F1xG1OOmLS7WqEuzOen9KPwZcypLgsQYLiToAXPwrJWVP6%2FF8OQ7KNf2nM37PQgRA%2FNumz%2FStBiVBf622KELG%2FhImOVu4btbh2PhZ2zvlKDFgUn28NVIZbIIiceQpoLwM%2FEOagIT3xuvV%2FwY8l3ljMBECHhnA6E5UZ7ViAYSJjx27SiU1N1iUmYqoPUBAQPIW0V7t5QpseCLDTjJhN2BDWkWGHJEtU2kFxEuIuXDHlLlhhIJTatdBqW6IzxQgjPdE0by115SLOI3iErpzNnzZ8dMhMpV1wtafc%2B90B%2FY5zYrW%2FKde674n%2B9pHRIyD2fUVWWk4exRCDPZdGvMEwoKkNv2oI5BSIyfiwciB6%2Bi6f96QKNzbwNW2jWTu6k%2F1lTg%3D%3D IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash2cf3f64bd46cb3202366ef08c27353e6 dd1ee3d40c42917364be746e4dda11e0bb586f7c 2a2082d444d1768450822cf348bf99d391e8c68efb782b4aca6492cfd5927c82
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
GET /rfdwdc/c/i?c=U2FsdGVkX19XF1XB3J11C6Cj2VoLJsOH%2BSups%2FyCddYhPyPD2Usrdcw0CDnt3MvC%2FqLUFDZy2LkVnp8%2BRdC8NqykdLcCkerlkIEq0ynE%2Fin4QTW282ckLNPAi7Fsig2nNJATnDH11HbLX1OewuUqCDqWdA39bRB7zMERP5sHZ4VSkYXIrVToymX%2FGteKOD7nCtyPT%2FP5Hr2T5oLVNJZfDlwV1Zsjv8snCuzGWomqBGrXDoYjRSYCJBXooZmXBL1lPpEqDW3scg3hprPlgwzwLRe13wKj%2FPoetZdpDYL9r0bNbSA8xOzAPypOan35w6eZy7J4m4DxLyUO7VlCGrDch3DaSKwvu%2BG9jv0d%2BfQMvdrX%2BOWghPi8Z5BTBIA3xBRKWjLiSspqDExypMajOXLiZt00%2F8n3%2F0c3xliKG8siVaRlwbTsMNIKczlJFvS3qTMEvKyZt44CG7TCVvGOcxhB%2Bl9vgbMZc8Om5fHiBYjY6ZZlPwIaksU%2BFigoQORDLA5hKbAHUBSml7SPIo%2BnorraJd%2B4hkEzIlWid0jawTcsY93mhmOOUW3TC%2Fc7mdRT0kjmEuhQdrSb6UOq6eR0SINqzlg7R0V83crkdvIVSOT3OWXBYuEd3KYbuUR1xrhs7pLH%2FGfptwQLEMviQq5QYvKvHXfCfDSGpfBXzX6bUqmU%2FC9%2FqrJ%2BSYEg8exmI%2Fe%2Ffe%2BruPT79Agu5XlGzC5gJxTDSPCsF2qpLUgzOja72SsdkKkifAvak9ji7QLoTPLnJ1CqFNCLX9ZPGFfRZpiqDhc6Uk%2F1xG1OOmLS7WqEuzOen9KPwZcypLgsQYLiToAXPwrJWVP6%2FF8OQ7KNf2nM37PQgRA%2FNumz%2FStBiVBf622KELG%2FhImOVu4btbh2PhZ2zvlKDFgUn28NVIZbIIiceQpoLwM%2FEOagIT3xuvV%2FwY8l3ljMBECHhnA6E5UZ7ViAYSJjx27SiU1N1iUmYqoPUBAQPIW0V7t5QpseCLDTjJhN2BDWkWGHJEtU2kFxEuIuXDHlLlhhIJTatdBqW6IzxQgjPdE0by115SLOI3iErpzNnzZ8dMhMpV1wtafc%2B90B%2FY5zYrW%2FKde674n%2B9pHRIyD2fUVWWk4exRCDPZdGvMEwoKkNv2oI5BSIyfiwciB6%2Bi6f96QKNzbwNW2jWTu6k%2F1lTg%3D%3D HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/index.php
Cookie: dtCookie=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C; rxVisitor=1672382586898TF93MPFIPEKRHE7975A5QR3Q33NL2O3G; dtPC=-2$182586892_864h2vNRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0e0; rxvt=1672384387309|1672382586900; dtLatC=254; dtSa=-; rfdHNEX=U2FsdGVkX18viuRc5GOdkvSooAlR0xS41NLgSSQv9EiMssshNEtRibu/nh6zwEaSi4vsUbmha0WvR4/GXsCrpg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:13 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
|
|
| dodopay.eu/rfdwdc/c | 77.73.133.113 | 404 Not Found | 181 B |
IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash260edcf8683b0e2f9da0164d7e9eb281 b77b2186d2ccdff338ddcd71b3c7550cc7b083ee 48fae155f0feae55b84c9b6cc403dabdc96f29ec351be928795a3a87ccc3f14a
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
POST /rfdwdc/c HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/index.php
Content-Type: text/plain;charset=UTF-8
Origin: https://dodopay.eu
Content-Length: 1984
Connection: keep-alive
Cookie: dtCookie=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C; rxVisitor=1672382586898TF93MPFIPEKRHE7975A5QR3Q33NL2O3G; dtPC=-2$182586892_864h2vNRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0e0; rxvt=1672384387309|1672382586900; dtLatC=254; dtSa=-; rfdHNEX=U2FsdGVkX18viuRc5GOdkvSooAlR0xS41NLgSSQv9EiMssshNEtRibu/nh6zwEaSi4vsUbmha0WvR4/GXsCrpg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:13 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
|
|
| dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/main.555ddd057de3e938.js | 77.73.133.113 | 404 Not Found | 244 B |
URL HTTP/1.1dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/main.555ddd057de3e938.js IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash241dd884351c22a2e62cc748c8751a63 eee950001a7a3fde69d4bd7d94a6bb069ef03f9c 6ad84dcafd0ec7619d823a90f4fda9899e0beddf01466da755cc8e1bbfb582a5
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
GET /payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/main.555ddd057de3e938.js HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/index.php
Content-Type: text/plain;charset=UTF-8
Connection: keep-alive
Cookie: dtCookie=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C; rxVisitor=1672382586898TF93MPFIPEKRHE7975A5QR3Q33NL2O3G; dtPC=-2$182586892_864h1vNRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0e0; rxvt=1672384387309|1672382586900; dtLatC=254; dtSa=-; rfdHNEX=U2FsdGVkX18viuRc5GOdkvSooAlR0xS41NLgSSQv9EiMssshNEtRibu/nh6zwEaSi4vsUbmha0WvR4/GXsCrpg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:13 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
|
|
| dodopay.eu/rfdwdc/c/i?c=U2FsdGVkX19XF1XB3J11C6Cj2VoLJsOH%2BSups%2FyCddYhPyPD2Usrdcw0CDnt3MvC%2FqLUFDZy2LkVnp8%2BRdC8NqykdLcCkerlkIEq0ynE%2Fin4QTW282ckLNPAi7Fsig2nNJATnDH11HbLX1OewuUqCDqWdA39bRB7zMERP5sHZ4VSkYXIrVToymX%2FGteKOD7nCtyPT%2FP5Hr2T5oLVNJZfDlwV1Zsjv8snCuzGWomqBGrXDoYjRSYCJBXooZmXBL1lPpEqDW3scg3hprPlgwzwLRe13wKj%2FPoetZdpDYL9r0bNbSA8xOzAPypOan35w6eZy7J4m4DxLyUO7VlCGrDch3DaSKwvu%2BG9jv0d%2BfQMvdrX%2BOWghPi8Z5BTBIA3xBRKWjLiSspqDExypMajOXLiZt00%2F8n3%2F0c3xliKG8siVaRlwbTsMNIKczlJFvS3qTMEvKyZt44CG7TCVvGOcxhB%2Bl9vgbMZc8Om5fHiBYjY6ZZlPwIaksU%2BFigoQORDLA5hKbAHUBSml7SPIo%2BnorraJd%2B4hkEzIlWid0jawTcsY93mhmOOUW3TC%2Fc7mdRT0kjmEuhQdrSb6UOq6eR0SINqzlg7R0V83crkdvIVSOT3OWXBYuEd3KYbuUR1xrhs7pLH%2FGfptwQLEMviQq5QYvKvHXfCfDSGpfBXzX6bUqmU%2FC9%2FqrJ%2BSYEg8exmI%2Fe%2Ffe%2BruPT79Agu5XlGzC5gJxTDSPCsF2qpLUgzOja72SsdkKkifAvak9ji7QLoTPLnJ1CqFNCLX9ZPGFfRZpiqDhc6Uk%2F1xG1OOmLS7WqEuzOen9KPwZcypLgsQYLiToAXPwrJWVP6%2FF8OQ7KNf2nM37PQgRA%2FNumz%2FStBiVBf622KELG%2FhImOVu4btbh2PhZ2zvlKDFgUn28NVIZbIIiceQpoLwM%2FEOagIT3xuvV%2FwY8l3ljMBECHhnA6E5UZ7ViAYSJjx27SiU1N1iUmYqoPUBAQPIW0V7t5QpseCLDTjJhN2BDWkWGHJEtU2kFxEuIuXDHlLlhhIJTatdBqW6IzxQgjPdE0by115SLOI3iErpzNnzZ8dMhMpV1wtafc%2B90B%2FY5zYrW%2FKde674n%2B9pHRIyD2fUVWWk4exRCDPZdGvMEwoKkNv2oI5BSIyfiwciB6%2Bi6f96QKNzbwNW2jWTu6k%2F1lTg%3D%3D | 77.73.133.113 | 404 Not Found | 182 B |
URL HTTP/1.1dodopay.eu/rfdwdc/c/i?c=U2FsdGVkX19XF1XB3J11C6Cj2VoLJsOH%2BSups%2FyCddYhPyPD2Usrdcw0CDnt3MvC%2FqLUFDZy2LkVnp8%2BRdC8NqykdLcCkerlkIEq0ynE%2Fin4QTW282ckLNPAi7Fsig2nNJATnDH11HbLX1OewuUqCDqWdA39bRB7zMERP5sHZ4VSkYXIrVToymX%2FGteKOD7nCtyPT%2FP5Hr2T5oLVNJZfDlwV1Zsjv8snCuzGWomqBGrXDoYjRSYCJBXooZmXBL1lPpEqDW3scg3hprPlgwzwLRe13wKj%2FPoetZdpDYL9r0bNbSA8xOzAPypOan35w6eZy7J4m4DxLyUO7VlCGrDch3DaSKwvu%2BG9jv0d%2BfQMvdrX%2BOWghPi8Z5BTBIA3xBRKWjLiSspqDExypMajOXLiZt00%2F8n3%2F0c3xliKG8siVaRlwbTsMNIKczlJFvS3qTMEvKyZt44CG7TCVvGOcxhB%2Bl9vgbMZc8Om5fHiBYjY6ZZlPwIaksU%2BFigoQORDLA5hKbAHUBSml7SPIo%2BnorraJd%2B4hkEzIlWid0jawTcsY93mhmOOUW3TC%2Fc7mdRT0kjmEuhQdrSb6UOq6eR0SINqzlg7R0V83crkdvIVSOT3OWXBYuEd3KYbuUR1xrhs7pLH%2FGfptwQLEMviQq5QYvKvHXfCfDSGpfBXzX6bUqmU%2FC9%2FqrJ%2BSYEg8exmI%2Fe%2Ffe%2BruPT79Agu5XlGzC5gJxTDSPCsF2qpLUgzOja72SsdkKkifAvak9ji7QLoTPLnJ1CqFNCLX9ZPGFfRZpiqDhc6Uk%2F1xG1OOmLS7WqEuzOen9KPwZcypLgsQYLiToAXPwrJWVP6%2FF8OQ7KNf2nM37PQgRA%2FNumz%2FStBiVBf622KELG%2FhImOVu4btbh2PhZ2zvlKDFgUn28NVIZbIIiceQpoLwM%2FEOagIT3xuvV%2FwY8l3ljMBECHhnA6E5UZ7ViAYSJjx27SiU1N1iUmYqoPUBAQPIW0V7t5QpseCLDTjJhN2BDWkWGHJEtU2kFxEuIuXDHlLlhhIJTatdBqW6IzxQgjPdE0by115SLOI3iErpzNnzZ8dMhMpV1wtafc%2B90B%2FY5zYrW%2FKde674n%2B9pHRIyD2fUVWWk4exRCDPZdGvMEwoKkNv2oI5BSIyfiwciB6%2Bi6f96QKNzbwNW2jWTu6k%2F1lTg%3D%3D IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash2cf3f64bd46cb3202366ef08c27353e6 dd1ee3d40c42917364be746e4dda11e0bb586f7c 2a2082d444d1768450822cf348bf99d391e8c68efb782b4aca6492cfd5927c82
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
GET /rfdwdc/c/i?c=U2FsdGVkX19XF1XB3J11C6Cj2VoLJsOH%2BSups%2FyCddYhPyPD2Usrdcw0CDnt3MvC%2FqLUFDZy2LkVnp8%2BRdC8NqykdLcCkerlkIEq0ynE%2Fin4QTW282ckLNPAi7Fsig2nNJATnDH11HbLX1OewuUqCDqWdA39bRB7zMERP5sHZ4VSkYXIrVToymX%2FGteKOD7nCtyPT%2FP5Hr2T5oLVNJZfDlwV1Zsjv8snCuzGWomqBGrXDoYjRSYCJBXooZmXBL1lPpEqDW3scg3hprPlgwzwLRe13wKj%2FPoetZdpDYL9r0bNbSA8xOzAPypOan35w6eZy7J4m4DxLyUO7VlCGrDch3DaSKwvu%2BG9jv0d%2BfQMvdrX%2BOWghPi8Z5BTBIA3xBRKWjLiSspqDExypMajOXLiZt00%2F8n3%2F0c3xliKG8siVaRlwbTsMNIKczlJFvS3qTMEvKyZt44CG7TCVvGOcxhB%2Bl9vgbMZc8Om5fHiBYjY6ZZlPwIaksU%2BFigoQORDLA5hKbAHUBSml7SPIo%2BnorraJd%2B4hkEzIlWid0jawTcsY93mhmOOUW3TC%2Fc7mdRT0kjmEuhQdrSb6UOq6eR0SINqzlg7R0V83crkdvIVSOT3OWXBYuEd3KYbuUR1xrhs7pLH%2FGfptwQLEMviQq5QYvKvHXfCfDSGpfBXzX6bUqmU%2FC9%2FqrJ%2BSYEg8exmI%2Fe%2Ffe%2BruPT79Agu5XlGzC5gJxTDSPCsF2qpLUgzOja72SsdkKkifAvak9ji7QLoTPLnJ1CqFNCLX9ZPGFfRZpiqDhc6Uk%2F1xG1OOmLS7WqEuzOen9KPwZcypLgsQYLiToAXPwrJWVP6%2FF8OQ7KNf2nM37PQgRA%2FNumz%2FStBiVBf622KELG%2FhImOVu4btbh2PhZ2zvlKDFgUn28NVIZbIIiceQpoLwM%2FEOagIT3xuvV%2FwY8l3ljMBECHhnA6E5UZ7ViAYSJjx27SiU1N1iUmYqoPUBAQPIW0V7t5QpseCLDTjJhN2BDWkWGHJEtU2kFxEuIuXDHlLlhhIJTatdBqW6IzxQgjPdE0by115SLOI3iErpzNnzZ8dMhMpV1wtafc%2B90B%2FY5zYrW%2FKde674n%2B9pHRIyD2fUVWWk4exRCDPZdGvMEwoKkNv2oI5BSIyfiwciB6%2Bi6f96QKNzbwNW2jWTu6k%2F1lTg%3D%3D HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/index.php
Cookie: dtCookie=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C; rxVisitor=1672382586898TF93MPFIPEKRHE7975A5QR3Q33NL2O3G; dtPC=-2$182586892_864h-vNRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0e0; rxvt=1672384387309|1672382586900; dtLatC=254; dtSa=-; rfdHNEX=U2FsdGVkX18viuRc5GOdkvSooAlR0xS41NLgSSQv9EiMssshNEtRibu/nh6zwEaSi4vsUbmha0WvR4/GXsCrpg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:13 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
|
|
| ocsp.quovadisglobal.com/ | 152.195.132.213 | 200 OK | 1.5 kB |
IP152.195.132.213:0
Hashad233dfd82b0c4ae3ba82e75876d7c51 58fa125115481a09dff46e97ab494bcaf668ddc4 8a3f050701781edf691d5c8386b9a9c2158a62713794c13cfd3fcacb24ddee9a
POST / HTTP/1.1
Host: ocsp.quovadisglobal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=155519,public,no-transform,must-revalidate
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 06:43:13 GMT
Etag: "58fa125115481a09dff46e97ab494bcaf668ddc4"
Expires: Sun, 01 Jan 2023 06:43:12 GMT
Last-Modified: Fri, 30 Dec 2022 06:43:13 GMT
Server: Apache
Content-Length: 1502
|
|
| ocsp.quovadisglobal.com/ | 152.195.132.213 | 200 OK | 1.5 kB |
IP152.195.132.213:0
Hashad233dfd82b0c4ae3ba82e75876d7c51 58fa125115481a09dff46e97ab494bcaf668ddc4 8a3f050701781edf691d5c8386b9a9c2158a62713794c13cfd3fcacb24ddee9a
POST / HTTP/1.1
Host: ocsp.quovadisglobal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=155519,public,no-transform,must-revalidate
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 06:43:13 GMT
Etag: "58fa125115481a09dff46e97ab494bcaf668ddc4"
Expires: Sun, 01 Jan 2023 06:43:12 GMT
Last-Modified: Fri, 30 Dec 2022 06:43:13 GMT
Server: Apache
Content-Length: 1502
|
|
| analytics.raiffeisen.ch/rfdwdc/c | 91.206.104.6 | 200 OK | 0 B |
URL HTTP/2analytics.raiffeisen.ch/rfdwdc/c IP91.206.104.6:0 ASN#15532 Raiffeisen Schweiz Genossenschaft
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /rfdwdc/c HTTP/1.1
Host: analytics.raiffeisen.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dodopay.eu/
Content-Type: text/plain;charset=UTF-8
Origin: https://dodopay.eu
Content-Length: 1984
Connection: keep-alive
Cookie: rfdUEPTCE=56d410bf-e18c-4f40-a7b0-c29914b6ddc3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Fri, 30 Dec 2022 06:43:13 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
server: Apache
X-Firefox-Spdy: h2
|
|
| analytics.raiffeisen.ch/rfdwdc/c/i?c=U2FsdGVkX19XF1XB3J11C6Cj2VoLJsOH%2BSups%2FyCddYhPyPD2Usrdcw0CDnt3MvC%2FqLUFDZy2LkVnp8%2BRdC8NqykdLcCkerlkIEq0ynE%2Fin4QTW282ckLNPAi7Fsig2nNJATnDH11HbLX1OewuUqCDqWdA39bRB7zMERP5sHZ4VSkYXIrVToymX%2FGteKOD7nCtyPT%2FP5Hr2T5oLVNJZfDlwV1Zsjv8snCuzGWomqBGrXDoYjRSYCJBXooZmXBL1lPpEqDW3scg3hprPlgwzwLRe13wKj%2FPoetZdpDYL9r0bNbSA8xOzAPypOan35w6eZy7J4m4DxLyUO7VlCGrDch3DaSKwvu%2BG9jv0d%2BfQMvdrX%2BOWghPi8Z5BTBIA3xBRKWjLiSspqDExypMajOXLiZt00%2F8n3%2F0c3xliKG8siVaRlwbTsMNIKczlJFvS3qTMEvKyZt44CG7TCVvGOcxhB%2Bl9vgbMZc8Om5fHiBYjY6ZZlPwIaksU%2BFigoQORDLA5hKbAHUBSml7SPIo%2BnorraJd%2B4hkEzIlWid0jawTcsY93mhmOOUW3TC%2Fc7mdRT0kjmEuhQdrSb6UOq6eR0SINqzlg7R0V83crkdvIVSOT3OWXBYuEd3KYbuUR1xrhs7pLH%2FGfptwQLEMviQq5QYvKvHXfCfDSGpfBXzX6bUqmU%2FC9%2FqrJ%2BSYEg8exmI%2Fe%2Ffe%2BruPT79Agu5XlGzC5gJxTDSPCsF2qpLUgzOja72SsdkKkifAvak9ji7QLoTPLnJ1CqFNCLX9ZPGFfRZpiqDhc6Uk%2F1xG1OOmLS7WqEuzOen9KPwZcypLgsQYLiToAXPwrJWVP6%2FF8OQ7KNf2nM37PQgRA%2FNumz%2FStBiVBf622KELG%2FhImOVu4btbh2PhZ2zvlKDFgUn28NVIZbIIiceQpoLwM%2FEOagIT3xuvV%2FwY8l3ljMBECHhnA6E5UZ7ViAYSJjx27SiU1N1iUmYqoPUBAQPIW0V7t5QpseCLDTjJhN2BDWkWGHJEtU2kFxEuIuXDHlLlhhIJTatdBqW6IzxQgjPdE0by115SLOI3iErpzNnzZ8dMhMpV1wtafc%2B90B%2FY5zYrW%2FKde674n%2B9pHRIyD2fUVWWk4exRCDPZdGvMEwoKkNv2oI5BSIyfiwciB6%2Bi6f96QKNzbwNW2jWTu6k%2F1lTg%3D%3D | 91.206.104.6 | 200 OK | 35 B |
URL HTTP/2analytics.raiffeisen.ch/rfdwdc/c/i?c=U2FsdGVkX19XF1XB3J11C6Cj2VoLJsOH%2BSups%2FyCddYhPyPD2Usrdcw0CDnt3MvC%2FqLUFDZy2LkVnp8%2BRdC8NqykdLcCkerlkIEq0ynE%2Fin4QTW282ckLNPAi7Fsig2nNJATnDH11HbLX1OewuUqCDqWdA39bRB7zMERP5sHZ4VSkYXIrVToymX%2FGteKOD7nCtyPT%2FP5Hr2T5oLVNJZfDlwV1Zsjv8snCuzGWomqBGrXDoYjRSYCJBXooZmXBL1lPpEqDW3scg3hprPlgwzwLRe13wKj%2FPoetZdpDYL9r0bNbSA8xOzAPypOan35w6eZy7J4m4DxLyUO7VlCGrDch3DaSKwvu%2BG9jv0d%2BfQMvdrX%2BOWghPi8Z5BTBIA3xBRKWjLiSspqDExypMajOXLiZt00%2F8n3%2F0c3xliKG8siVaRlwbTsMNIKczlJFvS3qTMEvKyZt44CG7TCVvGOcxhB%2Bl9vgbMZc8Om5fHiBYjY6ZZlPwIaksU%2BFigoQORDLA5hKbAHUBSml7SPIo%2BnorraJd%2B4hkEzIlWid0jawTcsY93mhmOOUW3TC%2Fc7mdRT0kjmEuhQdrSb6UOq6eR0SINqzlg7R0V83crkdvIVSOT3OWXBYuEd3KYbuUR1xrhs7pLH%2FGfptwQLEMviQq5QYvKvHXfCfDSGpfBXzX6bUqmU%2FC9%2FqrJ%2BSYEg8exmI%2Fe%2Ffe%2BruPT79Agu5XlGzC5gJxTDSPCsF2qpLUgzOja72SsdkKkifAvak9ji7QLoTPLnJ1CqFNCLX9ZPGFfRZpiqDhc6Uk%2F1xG1OOmLS7WqEuzOen9KPwZcypLgsQYLiToAXPwrJWVP6%2FF8OQ7KNf2nM37PQgRA%2FNumz%2FStBiVBf622KELG%2FhImOVu4btbh2PhZ2zvlKDFgUn28NVIZbIIiceQpoLwM%2FEOagIT3xuvV%2FwY8l3ljMBECHhnA6E5UZ7ViAYSJjx27SiU1N1iUmYqoPUBAQPIW0V7t5QpseCLDTjJhN2BDWkWGHJEtU2kFxEuIuXDHlLlhhIJTatdBqW6IzxQgjPdE0by115SLOI3iErpzNnzZ8dMhMpV1wtafc%2B90B%2FY5zYrW%2FKde674n%2B9pHRIyD2fUVWWk4exRCDPZdGvMEwoKkNv2oI5BSIyfiwciB6%2Bi6f96QKNzbwNW2jWTu6k%2F1lTg%3D%3D IP91.206.104.6:0 ASN#15532 Raiffeisen Schweiz Genossenschaft
File typeGIF image data, version 89a, 1 x 1\012- data Hash28d6814f309ea289f847c69cf91194c6 0f4e929dd5bb2564f7ab9c76338e04e292a42ace 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /rfdwdc/c/i?c=U2FsdGVkX19XF1XB3J11C6Cj2VoLJsOH%2BSups%2FyCddYhPyPD2Usrdcw0CDnt3MvC%2FqLUFDZy2LkVnp8%2BRdC8NqykdLcCkerlkIEq0ynE%2Fin4QTW282ckLNPAi7Fsig2nNJATnDH11HbLX1OewuUqCDqWdA39bRB7zMERP5sHZ4VSkYXIrVToymX%2FGteKOD7nCtyPT%2FP5Hr2T5oLVNJZfDlwV1Zsjv8snCuzGWomqBGrXDoYjRSYCJBXooZmXBL1lPpEqDW3scg3hprPlgwzwLRe13wKj%2FPoetZdpDYL9r0bNbSA8xOzAPypOan35w6eZy7J4m4DxLyUO7VlCGrDch3DaSKwvu%2BG9jv0d%2BfQMvdrX%2BOWghPi8Z5BTBIA3xBRKWjLiSspqDExypMajOXLiZt00%2F8n3%2F0c3xliKG8siVaRlwbTsMNIKczlJFvS3qTMEvKyZt44CG7TCVvGOcxhB%2Bl9vgbMZc8Om5fHiBYjY6ZZlPwIaksU%2BFigoQORDLA5hKbAHUBSml7SPIo%2BnorraJd%2B4hkEzIlWid0jawTcsY93mhmOOUW3TC%2Fc7mdRT0kjmEuhQdrSb6UOq6eR0SINqzlg7R0V83crkdvIVSOT3OWXBYuEd3KYbuUR1xrhs7pLH%2FGfptwQLEMviQq5QYvKvHXfCfDSGpfBXzX6bUqmU%2FC9%2FqrJ%2BSYEg8exmI%2Fe%2Ffe%2BruPT79Agu5XlGzC5gJxTDSPCsF2qpLUgzOja72SsdkKkifAvak9ji7QLoTPLnJ1CqFNCLX9ZPGFfRZpiqDhc6Uk%2F1xG1OOmLS7WqEuzOen9KPwZcypLgsQYLiToAXPwrJWVP6%2FF8OQ7KNf2nM37PQgRA%2FNumz%2FStBiVBf622KELG%2FhImOVu4btbh2PhZ2zvlKDFgUn28NVIZbIIiceQpoLwM%2FEOagIT3xuvV%2FwY8l3ljMBECHhnA6E5UZ7ViAYSJjx27SiU1N1iUmYqoPUBAQPIW0V7t5QpseCLDTjJhN2BDWkWGHJEtU2kFxEuIuXDHlLlhhIJTatdBqW6IzxQgjPdE0by115SLOI3iErpzNnzZ8dMhMpV1wtafc%2B90B%2FY5zYrW%2FKde674n%2B9pHRIyD2fUVWWk4exRCDPZdGvMEwoKkNv2oI5BSIyfiwciB6%2Bi6f96QKNzbwNW2jWTu6k%2F1lTg%3D%3D HTTP/1.1
Host: analytics.raiffeisen.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dodopay.eu/
Cookie: rfdUEPTCE=56d410bf-e18c-4f40-a7b0-c29914b6ddc3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 35
date: Fri, 30 Dec 2022 06:43:13 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-type: image/gif
server: Apache
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash1877d34a2e2b8f8f9a1cde74085dea0c f79b60993cb5f4f3e0b045fa396fdcc72d0b80d5 22f15e48669ad433b42f2e9edf613ce2363a424714514921fe64f2d2e6ceccad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=161279
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 06:43:13 GMT
Etag: "63ae5b80-117"
Expires: Sun, 01 Jan 2023 03:31:12 GMT
Last-Modified: Fri, 30 Dec 2022 03:31:12 GMT
Server: nginx
Content-Length: 279
|
|
| analytics.rmarkt.ch/rfdwdc/c |  188.114.97.1 | 200 OK | 0 B |
URL HTTP/2analytics.rmarkt.ch/rfdwdc/c IP188.114.97.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /rfdwdc/c HTTP/1.1
Host: analytics.rmarkt.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dodopay.eu/
Content-Type: text/plain;charset=UTF-8
Origin: https://dodopay.eu
Content-Length: 1984
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Dec 2022 06:43:14 GMT
content-length: 0
cf-ray: 7818cccbdba11c12-OSL
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iprNAoQ2G6uKimsZr27ibQj21ycodAqVXykoREEWdt1xPpRReAzxfhjMFN8Onhph5mGd0JkKAMOQbTMu9D0W5hTqRIbbNlOc5EBuR4ezNe9Lo%2BpLpHjmQVDOSmvEzN%2B6OlpJOeOR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash1877d34a2e2b8f8f9a1cde74085dea0c f79b60993cb5f4f3e0b045fa396fdcc72d0b80d5 22f15e48669ad433b42f2e9edf613ce2363a424714514921fe64f2d2e6ceccad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=161279
Content-Type: application/ocsp-response
Date: Fri, 30 Dec 2022 06:43:14 GMT
Etag: "63ae5b80-117"
Expires: Sun, 01 Jan 2023 03:31:13 GMT
Last-Modified: Fri, 30 Dec 2022 03:31:12 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash2783127a63c78cb5ac02e1a31631bfca a26af5a37bbb43d4258282640749ced026ba9560 cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10003
Expires: Fri, 30 Dec 2022 09:29:57 GMT
Date: Fri, 30 Dec 2022 06:43:14 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash2783127a63c78cb5ac02e1a31631bfca a26af5a37bbb43d4258282640749ced026ba9560 cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10003
Expires: Fri, 30 Dec 2022 09:29:57 GMT
Date: Fri, 30 Dec 2022 06:43:14 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash2783127a63c78cb5ac02e1a31631bfca a26af5a37bbb43d4258282640749ced026ba9560 cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10003
Expires: Fri, 30 Dec 2022 09:29:57 GMT
Date: Fri, 30 Dec 2022 06:43:14 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash2783127a63c78cb5ac02e1a31631bfca a26af5a37bbb43d4258282640749ced026ba9560 cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10003
Expires: Fri, 30 Dec 2022 09:29:57 GMT
Date: Fri, 30 Dec 2022 06:43:14 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9607c6-9a7f-483e-afc4-9004ad7691ab.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9607c6-9a7f-483e-afc4-9004ad7691ab.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6e270e4d21abb133d068a56a552b1708 2d5c698f982dcdb9a86de4e45e30d7caf9b42336 723573f9908c5a2aa1d3dfe1146a764d7052c866ff2076a9096daccf5697328b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9607c6-9a7f-483e-afc4-9004ad7691ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11775
x-amzn-requestid: 5a37b577-ac86-4cab-a580-865059074844
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7aqKGzTIAMFmIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae0b0d-7de39bba5583d757794dbd9e;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:47:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4OqJ-KiLeDe3iVqhLUhzcqiWrDHc3sZa808qTuPMDLdhP6FOFdGhkg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:10:15 GMT
etag: "2d5c698f982dcdb9a86de4e45e30d7caf9b42336"
content-type: image/jpeg
age: 30779
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdace6689-97a8-4bcf-90a0-c223ba35cd6d.jpeg | 34.120.237.76 | 200 OK | 8.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdace6689-97a8-4bcf-90a0-c223ba35cd6d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2c0d5fb3791917c41549447f9de79803 1b2c18e9474133539ec54b2e77112256aefadda8 f81084ebe03cff7659902d1afdd44c0f95ecffa96b880550b6a0b51191348222
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdace6689-97a8-4bcf-90a0-c223ba35cd6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8071
x-amzn-requestid: 0085b429-3682-43ad-a47b-be03cbe32c53
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7Zx1FOfoAMF-DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae09a5-450206562924e25e363b1ccc;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:41:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: S_FfIgQU5dbZ4B8xhnYGgKIWaZ03PUrzbD5qdV7ASZegKf6TWwpAgw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:29:29 GMT
age: 29625
etag: "1b2c18e9474133539ec54b2e77112256aefadda8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3928383c-cf5a-464c-89b1-7e655cdac6a9.jpeg | 34.120.237.76 | 200 OK | 7.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3928383c-cf5a-464c-89b1-7e655cdac6a9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf0bcde39691c9f7ffe3c4a31d919394a 9ab1417dd6266da8da799ebc8bdd3dc869b85ef9 557ab2dd06a693547e7b41cdc2463b304692d41bf3ea3ede1dbe11e9652bd0a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3928383c-cf5a-464c-89b1-7e655cdac6a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7521
x-amzn-requestid: ac46341b-883e-496b-9dee-32638a723504
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhc9IHKGIAMFwfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a3a853-146ab5f27dc7057876d81fa5;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 00:44:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eNtsYJJnnbwsmZXBKCcQEhsASAmPIkv6dhr2mbd-0jkH9POg5bHsCw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 03:53:21 GMT
age: 10193
etag: "9ab1417dd6266da8da799ebc8bdd3dc869b85ef9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab5cb9e-53fc-4a70-831a-6d6bd503103e.jpeg | 34.120.237.76 | 200 OK | 4.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab5cb9e-53fc-4a70-831a-6d6bd503103e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha9d1857128ab6a237e6854c7a3532b51 702ab1eb38be637f012e1454201b9a7561c29081 48fbf5b5aa1cf66fcdaafe68c72ac073d2ba9b6dedf76ebfaafdc88836fa0fde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab5cb9e-53fc-4a70-831a-6d6bd503103e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4833
x-amzn-requestid: 46ef49d7-dadb-4665-84bf-1c331ed8fce6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7ZU2E3IIAMFxAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae08eb-28af0ab9094d7c21560a60db;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YyIKd_GHAixWYqzjn0XD2Jwal3Jt62L90StfgPkCkJWU3RQml-u6oA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:01:39 GMT
age: 31295
etag: "702ab1eb38be637f012e1454201b9a7561c29081"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F675919e8-14a8-48aa-a05a-9dd0b0a0b234.jpeg | 34.120.237.76 | 200 OK | 7.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F675919e8-14a8-48aa-a05a-9dd0b0a0b234.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha00190e22caf7214d56f09533650f5f6 81b1177fc642481e409fc787b3648d12cb1fa818 e0a27c6e2ab37cb1aef93995fcca46c89297a583aa8ae2a2a188e8cf68eca8de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F675919e8-14a8-48aa-a05a-9dd0b0a0b234.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: 8d2cabeb-8028-4118-9af0-f5352cede4fa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7ZVAEWpoAMF-Ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae08ec-12919937466c03ae70647336;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:38:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kznJQQ_Pa-n_vwRxo2bascL8ueRE1i2iyEVm_pHP1BwTq4jKnCkwvw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:13:22 GMT
age: 30592
etag: "81b1177fc642481e409fc787b3648d12cb1fa818"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5684f9da-4da1-47fc-a5ba-8f30a894d588.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5684f9da-4da1-47fc-a5ba-8f30a894d588.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9ebe131c7787411178a93d045ba57b5a 40b601b6ad3a3d7738b5b55777981598f4dc0519 68ea133b346bd1f76cd7b4dcf5023d8f987935dff380bacec73dec957effb97e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5684f9da-4da1-47fc-a5ba-8f30a894d588.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11516
x-amzn-requestid: e4e9ceeb-b2e5-454f-9550-d412fc0be82a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7aRLGuqoAMF3JA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae0a6d-6ed43b46144121dc2dd7db2f;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:45:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k0PrvFSOqoZYQXx_0QjokoJbSVcXMpPcLFw2qrfQvyvegLMw4rghTA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 22:16:26 GMT
age: 30408
etag: "40b601b6ad3a3d7738b5b55777981598f4dc0519"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| dodopay.eu/dynatrace/rb_b5aaae40-417f-4393-9a89-2efba03aba2b?type=js3&sn=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C&svrid=-2&flavor=post&vi=NRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0&modifiedSince=1662935740887&rf=https%3A%2F%2Fdodopay.eu%2Fpayment%2Fbank%2F%2Fcountries%2Fswitz%2Fbanks%2FRaiffeisen%2520Schweiz%2520Genossenschaft%2Findex.php&bp=3&app=4c56d2bbeff7b9b1&crc=2977293677&en=efriixkb&end=1 | 77.73.133.113 | 404 Not Found | 217 B |
URL HTTP/1.1dodopay.eu/dynatrace/rb_b5aaae40-417f-4393-9a89-2efba03aba2b?type=js3&sn=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C&svrid=-2&flavor=post&vi=NRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0&modifiedSince=1662935740887&rf=https%3A%2F%2Fdodopay.eu%2Fpayment%2Fbank%2F%2Fcountries%2Fswitz%2Fbanks%2FRaiffeisen%2520Schweiz%2520Genossenschaft%2Findex.php&bp=3&app=4c56d2bbeff7b9b1&crc=2977293677&en=efriixkb&end=1 IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash3252d775b8ebc872a9e1685c93eb7a36 f7dae342769fd13c5c5f9dcfbfcd853a1ffc1fa8 e862b2365ffe7018aff37940c69ec0ab6797bab1775bf0786c6445c7e45a24c4
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
POST /dynatrace/rb_b5aaae40-417f-4393-9a89-2efba03aba2b?type=js3&sn=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C&svrid=-2&flavor=post&vi=NRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0&modifiedSince=1662935740887&rf=https%3A%2F%2Fdodopay.eu%2Fpayment%2Fbank%2F%2Fcountries%2Fswitz%2Fbanks%2FRaiffeisen%2520Schweiz%2520Genossenschaft%2Findex.php&bp=3&app=4c56d2bbeff7b9b1&crc=2977293677&en=efriixkb&end=1 HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1365
Origin: https://dodopay.eu
Connection: keep-alive
Referer: https://dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/index.php
Cookie: dtCookie=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C; rxVisitor=1672382586898TF93MPFIPEKRHE7975A5QR3Q33NL2O3G; dtPC=-2$182586892_864h-vNRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0e0; rxvt=1672384387309|1672382586900; dtLatC=254; dtSa=-; rfdHNEX=U2FsdGVkX18viuRc5GOdkvSooAlR0xS41NLgSSQv9EiMssshNEtRibu/nh6zwEaSi4vsUbmha0WvR4/GXsCrpg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:14 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
|
|
| dodopay.eu/rfdwdc/c/s | 77.73.133.113 | 404 Not Found | 182 B |
IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hashf2062a446c9e23004294f3eccaba8227 61e82ea1eec171c555e665ad3a5a227a82a32506 8ce6e123033d9015c3ce2910caf8df45ced4d4241c1556fabdd70628551f8952
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
POST /rfdwdc/c/s HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/index.php
Content-Type: text/plain;charset=UTF-8
Origin: https://dodopay.eu
Content-Length: 236
Connection: keep-alive
Cookie: dtCookie=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C; rxVisitor=1672382586898TF93MPFIPEKRHE7975A5QR3Q33NL2O3G; dtPC=-2$182586892_864h-vNRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0e0; rxvt=1672384387309|1672382586900; dtLatC=254; dtSa=-; rfdHNEX=U2FsdGVkX18viuRc5GOdkvSooAlR0xS41NLgSSQv9EiMssshNEtRibu/nh6zwEaSi4vsUbmha0WvR4/GXsCrpg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:14 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
|
|
| dodopay.eu/dynatrace/rb_b5aaae40-417f-4393-9a89-2efba03aba2b?type=js3&sn=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C&svrid=-2&flavor=post&vi=NRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0&modifiedSince=1662935740887&rf=https%3A%2F%2Fdodopay.eu%2Fpayment%2Fbank%2F%2Fcountries%2Fswitz%2Fbanks%2FRaiffeisen%2520Schweiz%2520Genossenschaft%2Findex.php&bp=3&app=4c56d2bbeff7b9b1&crc=3710557893&en=efriixkb&end=1 | 77.73.133.113 | 404 Not Found | 217 B |
URL HTTP/1.1dodopay.eu/dynatrace/rb_b5aaae40-417f-4393-9a89-2efba03aba2b?type=js3&sn=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C&svrid=-2&flavor=post&vi=NRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0&modifiedSince=1662935740887&rf=https%3A%2F%2Fdodopay.eu%2Fpayment%2Fbank%2F%2Fcountries%2Fswitz%2Fbanks%2FRaiffeisen%2520Schweiz%2520Genossenschaft%2Findex.php&bp=3&app=4c56d2bbeff7b9b1&crc=3710557893&en=efriixkb&end=1 IP77.73.133.113:0 ASN#204197 Duomenu apdorojimo centras LTD
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash3252d775b8ebc872a9e1685c93eb7a36 f7dae342769fd13c5c5f9dcfbfcd853a1ffc1fa8 e862b2365ffe7018aff37940c69ec0ab6797bab1775bf0786c6445c7e45a24c4
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
POST /dynatrace/rb_b5aaae40-417f-4393-9a89-2efba03aba2b?type=js3&sn=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C&svrid=-2&flavor=post&vi=NRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0&modifiedSince=1662935740887&rf=https%3A%2F%2Fdodopay.eu%2Fpayment%2Fbank%2F%2Fcountries%2Fswitz%2Fbanks%2FRaiffeisen%2520Schweiz%2520Genossenschaft%2Findex.php&bp=3&app=4c56d2bbeff7b9b1&crc=3710557893&en=efriixkb&end=1 HTTP/1.1
Host: dodopay.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 4178
Origin: https://dodopay.eu
Connection: keep-alive
Referer: https://dodopay.eu/payment/bank//countries/switz/banks/Raiffeisen%20Schweiz%20Genossenschaft/index.php
Cookie: dtCookie=v_4_srv_-2D2_sn_0NVL7UUAR6EP161GFI271IH8O7DMMM0C; rxVisitor=1672382586898TF93MPFIPEKRHE7975A5QR3Q33NL2O3G; dtPC=-2$182586892_864h-vNRKDFAFRPUVGNULCLDGNHMNRLMPFLBAJ-0e0; rxvt=1672384387309|1672382586900; dtLatC=254; dtSa=-; rfdHNEX=U2FsdGVkX18viuRc5GOdkvSooAlR0xS41NLgSSQv9EiMssshNEtRibu/nh6zwEaSi4vsUbmha0WvR4/GXsCrpg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Fri, 30 Dec 2022 06:43:16 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
|
|
| login.raiffeisen.ch/rfdwdc/static/modernizr.js | 91.206.104.105 | 200 OK | 0 B |
URL HTTP/1.1login.raiffeisen.ch/rfdwdc/static/modernizr.js IP91.206.104.105:0 ASN#15532 Raiffeisen Schweiz Genossenschaft
GET /rfdwdc/static/modernizr.js HTTP/1.1
Host: login.raiffeisen.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dodopay.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 30 Dec 2022 06:43:13 GMT
Server: Apache
Permissions-Policy: interest-cohort=()
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Set-Cookie: rfdUEPTCE=56d410bf-e18c-4f40-a7b0-c29914b6ddc3; Path=/; Domain=.raiffeisen.ch; Expires=Thu, 25 Dec 2042 06:43:12 GMT; Max-Age=630720000; Secure; SameSite=None
Content-Length: 325842
etag: W/"2BABAC169F78D36770A20641BE61F8F3"
cache-control: no-cache
vary: accept-encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Keep-Alive: timeout=10, max=500
Connection: Keep-Alive
Content-Type: application/javascript;charset=UTF-8
|
|