Report - refletdesocieteplus.com/

Report Overview

Submitted URL
refletdesocieteplus.com/
IP
173.209.53.26
ASN
#36666 GTCOMM
Submitted
2022-09-03 20:36:20
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.43.253.52
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	58 kB	34.120.237.76
icscards.nl.online-identificatie.nifstar.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	14 kB	721 kB	162.241.85.42
refletdesocieteplus.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	784 B	986 B	173.209.53.26
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-03	medium	icscards.nl.online-identificatie.nifstar.com/	Phishing
2022-09-03	medium	icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/?	Phishing
2022-09-03	medium	icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?	Phishing
2022-09-03	medium	icscards.nl.online-identificatie.nifstar.com/core/token/core_token.js	Phishing
2022-09-03	medium	icscards.nl.online-identificatie.nifstar.com/bower_components/ua-parser-js/dist/ua-parser.min.js	Phishing
2022-09-03	medium	icscards.nl.online-identificatie.nifstar.com/login/form/form.js?v=6313babcaba03	Phishing
2022-09-03	medium	icscards.nl.online-identificatie.nifstar.com/login/icons.woff	Phishing
2022-09-03	medium	icscards.nl.online-identificatie.nifstar.com/login/ics-icons.woff2	Phishing
2022-09-03	medium	icscards.nl.online-identificatie.nifstar.com/core/form/core_form.js	Phishing
2022-09-03	medium	icscards.nl.online-identificatie.nifstar.com/login/SunOT-Light.ttf	Phishing
2022-09-03	medium	icscards.nl.online-identificatie.nifstar.com/login/SunOT-Regular.ttf	Phishing
2022-09-03	medium	icscards.nl.online-identificatie.nifstar.com/bower_components/jquery/dist/jquery.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	icscards.nl.online-identificatie.nifstar.com/	102 B	2023-03-07	2023-03-07
Pretty URL icscards.nl.online-identificatie.nifstar.com/ IP 162.241.85.42 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:34 Last Seen2023-03-07 12:28:34 Times Seen1 Hash 543cec553be68d4042b9e3cdbdfd6b39 6b795dd3bd236e0f331c132a1acbdf43c79b40ca cd707b313fd33a99b6b106762ee74582e195bc6e0d38ebd577814546fd240629 Loading...

	icscards.nl.online-identificatie.nifstar.com/core/form/core_form.js	38 kB	2023-03-07	2023-03-29
Pretty URL icscards.nl.online-identificatie.nifstar.com/core/form/core_form.js IP 162.241.85.42 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:34 Last Seen2023-03-29 23:56:29 Times Seen3 Hash fd39e1c6bf1125d9a82509539176f060 ba8d4483a081dafe740b3a8ff27c548503d3458d 7855e0dfde6f6eded3c59b5b7073627ef8f5307cac11c971e3618108765cfc52 Loading...

	icscards.nl.online-identificatie.nifstar.com/bower_components/jquery/dist/jquery.min.js	87 kB	2023-03-07	2024-04-27
Pretty URL icscards.nl.online-identificatie.nifstar.com/bower_components/jquery/dist/jquery.min.js IP 162.241.85.42 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-27 01:57:50 Times Seen62860 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?	458 B	2023-03-07	2023-03-07
Pretty URL icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/? IP 162.241.85.42 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:34 Last Seen2023-03-07 12:28:34 Times Seen1 Hash 8a6868e08dc9a6ecb2b31c07c4dd8bef 7981f51991a32d31571bd2399fadd86417b995ac d0f55f1ce1b6789e52b595304ed8acbdbca88962f4e483768538aa5bd015cebd Loading...

	icscards.nl.online-identificatie.nifstar.com/login/form/form.js?v=6313babcaba03	3.1 kB	2023-03-07	2024-04-19
Pretty URL icscards.nl.online-identificatie.nifstar.com/login/form/form.js?v=6313babcaba03 IP 162.241.85.42 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:34 Last Seen2024-04-19 23:46:08 Times Seen277 Hash 0410329bbea4ef934e13e41ff067fbd5 6f9b4e2ee9373e2bbc4fe86937b97ce4003825b5 907d66973b8a86469b449cbf61d1dd0e17df8cbdb894efb6ea47cae06cd67c3f Loading...

	icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?#56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d	58 B	2023-03-07	2023-03-07
Pretty URL icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?#56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:34 Last Seen2023-03-07 12:28:34 Times Seen1 Hash 65a461aab391fe125def772174a21894 4582dd50fbba94e403480b1bb6a1cd489f047b2a fae5ac330af26bb83472974a9ee9117a44fe875af868ad6a6675ab2b643d810f Loading...

	icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?#56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d	58 B	2023-03-07	2023-03-07
Pretty URL icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?#56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:34 Last Seen2023-03-07 12:28:34 Times Seen1 Hash 1b88bdf7f1efb491df979bdcac8dca9d 59cf7f6e4020ec3da520171636d65de023414c1b e4fde91ab8247e1e667182e1441afafb2f7e4049304c7a0d663bb253f2e79505 Loading...

	icscards.nl.online-identificatie.nifstar.com/core/token/core_token.js	10 kB	2023-03-07	2023-03-29
Pretty URL icscards.nl.online-identificatie.nifstar.com/core/token/core_token.js IP 162.241.85.42 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:34 Last Seen2023-03-29 23:56:29 Times Seen3 Hash c48841dcc4322612cd937798b776ea70 d5edd1020b77223a5f96a020c0562dd529356af0 d05bf4c1a69179a0bbe6dc276d45bcb5f57d6a109817fa16e599e9cdb94e5cd1 Loading...

	icscards.nl.online-identificatie.nifstar.com/bower_components/ua-parser-js/dist/ua-parser.min.js	17 kB	2023-03-07	2024-04-25
Pretty URL icscards.nl.online-identificatie.nifstar.com/bower_components/ua-parser-js/dist/ua-parser.min.js IP 162.241.85.42 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:40 Last Seen2024-04-25 08:42:18 Times Seen667 Hash e0ae48c8ebbe57edeacb5b02f16d0df9 0c5a29a88add39486162e0c16f23e2e06fc7842e 0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896 Loading...

	icscards.nl.online-identificatie.nifstar.com/login/token/token.js?v=6313babcaba0d	1.3 kB	2023-03-07	2024-04-19
Pretty URL icscards.nl.online-identificatie.nifstar.com/login/token/token.js?v=6313babcaba0d IP 162.241.85.42 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:34 Last Seen2024-04-19 23:46:08 Times Seen201 Hash e5c4349c160d44d04059860eed06c149 3bb2cf98c490b8c81796d2308bdc11993dd90290 4990eba8e4dc4cb12cba3e92aad405f4a41a7d60146b85e0b7857502eb53a293 Loading...

HTTP Transactions (46)

URL IP Response Size

refletdesocieteplus.com/

173.209.53.26

301 Moved Permanently

240 B

URL HTTP/1.1
refletdesocieteplus.com/
IP
173.209.53.26:0
ASN
#36666 GTCOMM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
240 B (240 bytes)
Hash
b4a49c4d95c07ad8b444f287b99c34b9
3bcf6d0fa80b9f16026a0a83b0a84caea9a026b5
a89b5399208e8731923eeecf9c2f8129d9aba664b61e7f8635442c683655e12e

HTTP Headers

GET / HTTP/1.1
Host: refletdesocieteplus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 03 Sep 2022 20:36:09 GMT
Server: Apache
Location: https://refletdesocieteplus.com/
Content-Length: 240
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 03 Sep 2022 19:43:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _AjIlSjf0ee6-lURuZrgD-IhCEN1zuYzuQYJ3CRGvoFAYZ8IvSBamw==
Age: 3178

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9113
Expires: Sat, 03 Sep 2022 23:08:02 GMT
Date: Sat, 03 Sep 2022 20:36:09 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zqkYRUHxHLCow917kVqIXofNJ_GX7dmMvBUdpP9OHTIRXksNzNdmvA==
age: 69652
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 03 Sep 2022 20:36:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

refletdesocieteplus.com/

173.209.53.26

301 Moved Permanently

261 B

URL HTTP/2
refletdesocieteplus.com/
IP
173.209.53.26:0
ASN
#36666 GTCOMM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
261 B (261 bytes)
Hash
3d842b0b8b2217c9b5d670145b090d1c
aa19ff5844eae9950daab7c992c604095355446f
57cde0bc65143210ec0dc138cb2b537922e4ace74ff8d092e9296974170c84df

HTTP Headers

GET / HTTP/1.1
Host: refletdesocieteplus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
location: https://icscards.nl.online-identificatie.nifstar.com/
content-length: 261
content-type: text/html; charset=iso-8859-1
date: Sat, 03 Sep 2022 20:36:09 GMT
server: Apache
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 03 Sep 2022 19:38:16 GMT
Cache-Control: max-age=3600
Expires: Sat, 03 Sep 2022 19:48:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VDO_ONFXq9oSPObijQtIvRerFdJpXlGlCelIhwdD5fTP8THn50YhJw==
Age: 3474

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4fc12f0a98aa28ccb56e0b56d7e40ded
f7efcfb8b4f4aa40268bada3fec380820a70ee35
a34aa9b7db949a583c3f1b4d87fed415a11d119c9615b5e710c3125173f8a277

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2436
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 20:36:10 GMT
Last-Modified: Sat, 03 Sep 2022 19:55:34 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.43.253.52

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.43.253.52:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SposfWDbGdedvMxAYmMaJQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GL/t5JjgV0YbpTNW7EECLNT6cfY=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48706804a6cbafc93b6f2f4130c8365c
c7ede682c926fbd43d69e295ce5ce047b60da54c
a38467e1ed6860e8dec9ca12f52f9c36033539495736d454e6b693a40f33a356

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A38467E1ED6860E8DEC9CA12F52F9C36033539495736D454E6B693A40F33A356"
Last-Modified: Sat, 03 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 04 Sep 2022 02:36:10 GMT
Date: Sat, 03 Sep 2022 20:36:10 GMT
Connection: keep-alive

icscards.nl.online-identificatie.nifstar.com/

162.241.85.42

200 OK

448 B

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
448 B (448 bytes)
Hash
52a1dbe7188951e8a9eeaf395b8ba00f
591697be44c9bed65b9dbf0c08f670ab867bef5c
c6a33d514abd98e9023e3f03319d7fdcf542161da02ea484d0cd0a3a49ebfd97

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
set-cookie: real=OK
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 448
content-type: text/html; charset=UTF-8
date: Sat, 03 Sep 2022 20:36:11 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/favicon.ico

162.241.85.42

404 Not Found

355 B

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/favicon.ico
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
355 B (355 bytes)
Hash
cb50b952a1a41c3358018129e081d511
9b3ce22f173597240fd0c22ff649f3ffb9c6ea99
791b5cb893932898c350d1ec9888ee9c2feaea002431d12e9a1ba29331813be0

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/
Cookie: real=OK
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
last-modified: Tue, 23 Aug 2022 18:45:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 355
content-type: text/html
date: Sat, 03 Sep 2022 20:36:11 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9198
Expires: Sat, 03 Sep 2022 23:09:29 GMT
Date: Sat, 03 Sep 2022 20:36:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9198
Expires: Sat, 03 Sep 2022 23:09:29 GMT
Date: Sat, 03 Sep 2022 20:36:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9198
Expires: Sat, 03 Sep 2022 23:09:29 GMT
Date: Sat, 03 Sep 2022 20:36:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9198
Expires: Sat, 03 Sep 2022 23:09:29 GMT
Date: Sat, 03 Sep 2022 20:36:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9198
Expires: Sat, 03 Sep 2022 23:09:29 GMT
Date: Sat, 03 Sep 2022 20:36:11 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4994 bytes)
Hash
60769237af4f32c663d494d91a672d08
31305131f340191799484f212e15513bd1204e88
6df36e459f3a2d0271732b645009b116e6671363f6c3050d22bbfe2d911a77bd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4994
x-amzn-requestid: de39357f-d378-4bb8-b4d9-7dd4f82fbb58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xgj-kEHvoAMFyBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309b390-119fa01e254e89cb39a1b794;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 06:02:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1yjBt3dqEztIRHo4yR3ZzI67J4lWUMS8R44-PpkeDJ4KNdCTPkmh-w==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 04:45:35 GMT
age: 57036
etag: "31305131f340191799484f212e15513bd1204e88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10435 bytes)
Hash
955f2a35bd6b3802670e7fa8a7cda833
4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GHd4FOjIO1OP7wSOVcnOryE5ux4hlr_kC0dfJs3LqgQUbxMzuFxc1A==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:37:28 GMT
age: 82723
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e13cf1-38c2-4f82-a50c-b409a24f3af6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7975 bytes)
Hash
f4cb62c7c522b71c62a97630d8330ef5
950611314b81428b3d80ff8659272cc800cf48b6
3fd0bbf8a1fe8776136d611d6b99b909b71e6af3a13f8794338af2f0026b59ff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e13cf1-38c2-4f82-a50c-b409a24f3af6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7975
x-amzn-requestid: d4695cb0-76ed-495c-b548-d7819edd6d90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XwqDSGuDIAMF6kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631023ae-7ba42ae9407c626a02d10e7f;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 03:14:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: paxjtCjggGuEMbpwW1HmCdQOemdktodVUl-grweVuYke_NynMIHMlg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 03:54:34 GMT
age: 60097
etag: "950611314b81428b3d80ff8659272cc800cf48b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7501 bytes)
Hash
23b580e2b673257d24b9c2e80c4c48ce
f3a3d835a37f9b23e7458f9b7bc721bc415b61cc
c0e3559fde3dd08cdbd360f39dddcc98dd7c1b3aebd0861cc07105872a116d11

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7501
x-amzn-requestid: bf297fc4-9164-45ee-bfab-06761a52e3ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eMJEP1IAMFdpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312771a-6b3e6416133d67a83d8a1469;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: datd5eYK6nOAUdEpy_y4gcqsVmCqjP4qhzTnlJ9pSrquoYk2PPugTA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:02:34 GMT
age: 81217
etag: "f3a3d835a37f9b23e7458f9b7bc721bc415b61cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6976 bytes)
Hash
c199f7fc2a2857dec134bfdb2673e28c
af3989072b658e2de119d006ae4ca1703468913d
e57411ba0221f6ffa7baf7c374ec790959a66d6a683fad40883ef01cf67e35c3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6976
x-amzn-requestid: da379546-9525-4e13-b9f0-a6446839df66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eNeG7kIAMF4-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63127722-37399f67565b06e7111095cd;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5SORUPJgJ_gKKs4hSa4EzCCQA6B1dmyO1EC-gCBvFKl2R2hV0mYTeA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:39:01 GMT
age: 79030
etag: "af3989072b658e2de119d006ae4ca1703468913d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6f5d90-39e2-4288-8685-adf2348d38e8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14061 bytes)
Hash
d78cbff83c152b84864606781a29563d
8bdbc6e135be6e582d0e23754399422e3792777b
3c385de9ade05e1652ccc386e73aaccc4c223a07b81af4c5fdf3f73a166909f7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6f5d90-39e2-4288-8685-adf2348d38e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14061
x-amzn-requestid: 43535b37-15c9-4a28-a7c0-f43482948382
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XqlhGFX4IAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630db606-77bd935d4364050f230ba5da;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 07:02:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y_-knSwUodyBxS8I8PAoUexT6Z4o0Aq7m62v7HrRjm7vV-jP0VuCpw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 06:26:07 GMT
age: 51004
etag: "8bdbc6e135be6e582d0e23754399422e3792777b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887?

162.241.85.42

301 Moved Permanently

295 B

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887?
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
295 B (295 bytes)
Hash
559cf4370f427ad9a4ca7eda7040d8fc
cdc07f2270ec2548801806feb1e05b229ff0736e
33e3c638c50616fc47983573b12854e0fe7af8188b6e04e2550308a1623c5207

HTTP Headers

GET /10b67f02b62285365fef6df7bbc00887? HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/
Cookie: real=OK
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 301 Moved Permanently
location: https://icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/?
content-length: 295
content-type: text/html; charset=iso-8859-1
date: Sat, 03 Sep 2022 20:36:12 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/?

162.241.85.42

302 Found

0 B

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/?
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /10b67f02b62285365fef6df7bbc00887/? HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://icscards.nl.online-identificatie.nifstar.com/
Connection: keep-alive
Cookie: real=OK
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
set-cookie: bid=10b67f02b62285365fef6df7bbc00887; expires=Mon, 03-Oct-2022 20:36:12 GMT; Max-Age=2592000; path=/
location: login/?
vary: User-Agent
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 03 Sep 2022 20:36:12 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?

162.241.85.42

200 OK

11 kB

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3394)
Size
11 kB (11037 bytes)
Hash
57dccbdf9d266b1cbd56dbdd21fc74cb
c51276fcab126944ec6e83bce56644e8e2d8c019
65d5042eb929c99569ab529e7407ecbfa94edc1d2ee085666ae33d56746eb297

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /10b67f02b62285365fef6df7bbc00887/login/? HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://icscards.nl.online-identificatie.nifstar.com/
Connection: keep-alive
Cookie: real=OK; bid=10b67f02b62285365fef6df7bbc00887
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11037
content-type: text/html; charset=UTF-8
date: Sat, 03 Sep 2022 20:36:12 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/core/form/core_form.css

162.241.85.42

200 OK

733 B

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/core/form/core_form.css
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
733 B (733 bytes)
Hash
4da496e07640461c69ed2a5f85613b2f
d6486552c8301468f565f3615c5f73fc01b5a8ba
223fa0fcedf0cf89f367b215f9b69e94b0f1f3ae4616102c9c79e5893137c7f8

HTTP Headers

GET /core/form/core_form.css HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?
Cookie: real=OK; bid=10b67f02b62285365fef6df7bbc00887
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 31 Dec 2020 00:07:26 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 733
content-type: text/css
date: Sat, 03 Sep 2022 20:36:12 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/login/form/css.css

162.241.85.42

200 OK

145 B

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/login/form/css.css
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
145 B (145 bytes)
Hash
61a43eecdddced679f8b5297e126b11d
e8777ed70ebe441e57776d63b3303b1df3517fe1
41688ac24b1a4f995fdbbfce3c62536ddf15fbba98b943d34b5c8b950757418b

HTTP Headers

GET /login/form/css.css HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?
Cookie: real=OK; bid=10b67f02b62285365fef6df7bbc00887
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 31 Dec 2020 00:07:26 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 145
content-type: text/css
date: Sat, 03 Sep 2022 20:36:12 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/bower_components/font-awesome/css/font-awesome.min.css

162.241.85.42

200 OK

7.1 kB

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/bower_components/font-awesome/css/font-awesome.min.css
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (30837)
Size
7.1 kB (7114 bytes)
Hash
82a55032c4b614390aea6ef6870d3e90
bb21577feea531540a8d4f27ac3730ffac111e1b
4f068500ef9ef0dbffa5b76ac10f1970a7a9de8ff033f84228971a140eb20069

HTTP Headers

GET /bower_components/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?
Cookie: real=OK; bid=10b67f02b62285365fef6df7bbc00887
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 31 Dec 2020 00:07:26 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7114
content-type: text/css
date: Sat, 03 Sep 2022 20:36:12 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/login/index.css

162.241.85.42

200 OK

6.2 kB

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/login/index.css
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
6.2 kB (6192 bytes)
Hash
961982d6aa2fec00ba036b827a1e61cd
4bf67a02a0f3b1c3ae4657ce95e086f080fcb519
8daeda7fcbae0f79778e1a0e007afd051e9cf9a14aac97df32f29d0792d37d32

HTTP Headers

GET /login/index.css HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?
Cookie: real=OK; bid=10b67f02b62285365fef6df7bbc00887
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 31 Dec 2020 00:07:26 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6192
content-type: text/css
date: Sat, 03 Sep 2022 20:36:12 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/core/token/core_token.js

162.241.85.42

200 OK

2.7 kB

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/core/token/core_token.js
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
2.7 kB (2657 bytes)
Hash
574b07905e7464a0abd16640296d9e75
5139d789886c1dca4d74b5954098978fe70b9d3e
7b4f09495c5b1cc53b176ba5e02c57160a831cd0c096693fe04f9471e37453d5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /core/token/core_token.js HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?
Cookie: real=OK; bid=10b67f02b62285365fef6df7bbc00887
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 31 Dec 2020 00:07:26 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2657
content-type: application/javascript
date: Sat, 03 Sep 2022 20:36:12 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/bower_components/ua-parser-js/dist/ua-parser.min.js

162.241.85.42

200 OK

6.6 kB

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/bower_components/ua-parser-js/dist/ua-parser.min.js
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (16817)
Size
6.6 kB (6560 bytes)
Hash
d332951e2fc5c5fe7925db3bfc158383
d7ea6edc1affb900e83239d4cb84f6651dc4c324
195765edb0c79c5f67e4c7908551d9a5a7c9767597964c908f8ed8fb987d1eec

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /bower_components/ua-parser-js/dist/ua-parser.min.js HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?
Cookie: real=OK; bid=10b67f02b62285365fef6df7bbc00887
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 31 Dec 2020 00:07:26 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6560
content-type: application/javascript
date: Sat, 03 Sep 2022 20:36:12 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/login/form/form.js?v=6313babcaba03

162.241.85.42

200 OK

1.0 kB

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/login/form/form.js?v=6313babcaba03
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
1.0 kB (1021 bytes)
Hash
f7f48958fba961e65d566a1b1b13d04a
be73cf7bc667a95db501548e7abb897a5f140d3b
433b73bb23ddec446d842fff498db7683ec3b89209245c6308bb87a8652e250c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /login/form/form.js?v=6313babcaba03 HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?
Cookie: real=OK; bid=10b67f02b62285365fef6df7bbc00887
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 31 Dec 2020 00:07:26 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1021
content-type: application/javascript
date: Sat, 03 Sep 2022 20:36:13 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/login/token/token.js?v=6313babcaba0d

162.241.85.42

200 OK

553 B

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/login/token/token.js?v=6313babcaba0d
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
553 B (553 bytes)
Hash
b6f26920a36f1cfd26055ea33c3bb87c
da45487f2ff889f0353ca7a3f0eb140386387646
e36aa3f859c1c1bff0409b5945b706ae19ff6bf0106709a3d8dd65239cc305b3

HTTP Headers

GET /login/token/token.js?v=6313babcaba0d HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?
Cookie: real=OK; bid=10b67f02b62285365fef6df7bbc00887
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 31 Dec 2020 00:07:26 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 553
content-type: application/javascript
date: Sat, 03 Sep 2022 20:36:13 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/login/extra-veilig-inloggen.png

162.241.85.42

200 OK

2.6 kB

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/login/extra-veilig-inloggen.png
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 193 x 155, 8-bit/color RGBA, non-interlaced\012- data
Size
2.6 kB (2604 bytes)
Hash
d92d46789bd26332413f749c9049025f
bd82a9f760c742e15c609555753f25b7cb24b0a0
23b6fb0108b94d2d81693c51c160e6be5d60855078f0a042a13334e81b79dec9

HTTP Headers

GET /login/extra-veilig-inloggen.png HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?
Cookie: real=OK; bid=10b67f02b62285365fef6df7bbc00887
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 31 Dec 2020 00:07:26 GMT
accept-ranges: bytes
content-length: 2604
content-type: image/png
date: Sat, 03 Sep 2022 20:36:13 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/login/icons.woff

162.241.85.42

200 OK

11 kB

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/login/icons.woff
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format, TrueType, length 11160, version 1.0\012- data
Size
11 kB (11160 bytes)
Hash
8dc03542a25b5a4e35d7f6d420203e69
d836d4d01e9d719741e86bf521ae2163571f04d8
c1f3874cc3f5467a309962d1f127dc7c0f5bfdba58e6084a779d4dacefcefb8d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /login/icons.woff HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/login/main-ics.css
Cookie: real=OK; bid=10b67f02b62285365fef6df7bbc00887
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 31 Dec 2020 00:07:26 GMT
accept-ranges: bytes
content-length: 11160
vary: Accept-Encoding,User-Agent
content-type: font/woff
date: Sat, 03 Sep 2022 20:36:13 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/login/ics-icons.woff2

162.241.85.42

200 OK

6.6 kB

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/login/ics-icons.woff2
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 6640, version 1.0\012- data
Size
6.6 kB (6640 bytes)
Hash
63e2cb76dd1d001abe5c22de5d8a0ee8
595bf366b208110a66f257755b861c040d90dd39
26e6a7b3caf0b044980820a1a26cd56a16efad9108fd14e7416bae2a2b76320b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /login/ics-icons.woff2 HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/login/styles.css
Cookie: real=OK; bid=10b67f02b62285365fef6df7bbc00887
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 31 Dec 2020 00:07:26 GMT
accept-ranges: bytes
content-length: 6640
vary: Accept-Encoding,User-Agent
content-type: font/woff2
date: Sat, 03 Sep 2022 20:36:13 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/core/form/core_form.js

162.241.85.42

200 OK

45 kB

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/core/form/core_form.js
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
45 kB (44955 bytes)
Hash
12e18d0f2c7b734d225d5c16f8ac4f7e
51168878a6aeb2f92a7504fefbee06337235a7b5
55b116f3b41fe970130b5ac6676d862e96e75bb62fe2110b8820b961a0298ada

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /core/form/core_form.js HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?
Cookie: real=OK; bid=10b67f02b62285365fef6df7bbc00887
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 31 Dec 2020 00:07:26 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: application/javascript
date: Sat, 03 Sep 2022 20:36:12 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/login/form/newloader.gif

162.241.85.42

200 OK

557 kB

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/login/form/newloader.gif
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 480 x 480\012- data
Size
557 kB (557122 bytes)
Hash
ef8d4e6b20b0cf0d68713fb2f6069042
d62bb4b1a169c88879de3bd2f5c4292b6259a952
32bfc673211421c1a5a33acc98291840183582f11d15490954b42a81d79d4630

HTTP Headers

GET /login/form/newloader.gif HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?
Cookie: real=OK; bid=10b67f02b62285365fef6df7bbc00887
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 31 Dec 2020 00:07:26 GMT
accept-ranges: bytes
content-length: 557122
content-type: image/gif
date: Sat, 03 Sep 2022 20:36:13 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/home.php?pl=token&link=ics&bid=10b67f02b62285365fef6df7bbc00887&callback=jQuery321010116906839857465_1662237370673&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1662237370674

162.241.85.42

200 OK

76 B

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/home.php?pl=token&link=ics&bid=10b67f02b62285365fef6df7bbc00887&callback=jQuery321010116906839857465_1662237370673&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1662237370674
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with no line terminators
Size
76 B (76 bytes)
Hash
a141142f9993208573fe6723a74cd29a
37399501cb84b9f0abe6aa339f1ccef1550fa6c4
c43b17b3bbb7d3d34b98acfea3984520caec8e9abe5f37440fe9542d2d1cd280

HTTP Headers

GET /home.php?pl=token&link=ics&bid=10b67f02b62285365fef6df7bbc00887&callback=jQuery321010116906839857465_1662237370673&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1662237370674 HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?
Cookie: real=OK; bid=10b67f02b62285365fef6df7bbc00887
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 76
content-type: application/json
date: Sat, 03 Sep 2022 20:36:13 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/login/SunOT-Light.ttf

162.241.85.42

200 OK

55 kB

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/login/SunOT-Light.ttf
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
55 kB (54974 bytes)
Hash
3dedfb8bac94ceea043eb670025a1e76
d493ac1749fff6dc37b721a361b56427ddcbf247
f95f31456b941b4c25f1bae29e79b680b775e4bb862619eb0e7af08cc2a831b9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /login/SunOT-Light.ttf HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/login/styles.css
Cookie: real=OK; bid=10b67f02b62285365fef6df7bbc00887
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 31 Dec 2020 00:07:26 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: font/ttf
date: Sat, 03 Sep 2022 20:36:13 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/home.php?pl=token&link=ics&bid=10b67f02b62285365fef6df7bbc00887&callback=jQuery321010116906839857465_1662237370675&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1662237370676

162.241.85.42

200 OK

76 B

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/home.php?pl=token&link=ics&bid=10b67f02b62285365fef6df7bbc00887&callback=jQuery321010116906839857465_1662237370675&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1662237370676
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with no line terminators
Size
76 B (76 bytes)
Hash
ce1ae4f7adfffecefd8cc27b3f7e9748
cd2d0014496648fc0a7ba37a42415ac69c645bcb
4a9c51ae760fc94130ac5a3186c2ee4786121e3ced8563834cc484a5a8cf50e0

HTTP Headers

GET /home.php?pl=token&link=ics&bid=10b67f02b62285365fef6df7bbc00887&callback=jQuery321010116906839857465_1662237370675&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1662237370676 HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?
Cookie: real=OK; bid=10b67f02b62285365fef6df7bbc00887
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 76
content-type: application/json
date: Sat, 03 Sep 2022 20:36:13 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/login/SunOT-Regular.ttf

162.241.85.42

200 OK

0 B

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/login/SunOT-Regular.ttf
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /login/SunOT-Regular.ttf HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/login/styles.css
Cookie: real=OK; bid=10b67f02b62285365fef6df7bbc00887
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 31 Dec 2020 00:07:26 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: font/ttf
date: Sat, 03 Sep 2022 20:36:13 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/bower_components/jquery/dist/jquery.min.js

162.241.85.42

200 OK

0 B

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/bower_components/jquery/dist/jquery.min.js
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /bower_components/jquery/dist/jquery.min.js HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?
Cookie: real=OK; bid=10b67f02b62285365fef6df7bbc00887
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 31 Dec 2020 00:07:26 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: application/javascript
date: Sat, 03 Sep 2022 20:36:12 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/login/main-ics.css

162.241.85.42

200 OK

0 B

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/login/main-ics.css
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /login/main-ics.css HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?
Cookie: real=OK; bid=10b67f02b62285365fef6df7bbc00887
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 31 Dec 2020 00:07:26 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: text/css
date: Sat, 03 Sep 2022 20:36:12 GMT
server: Apache
X-Firefox-Spdy: h2

icscards.nl.online-identificatie.nifstar.com/login/styles.css

162.241.85.42

200 OK

0 B

URL HTTP/2
icscards.nl.online-identificatie.nifstar.com/login/styles.css
IP
162.241.85.42:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /login/styles.css HTTP/1.1
Host: icscards.nl.online-identificatie.nifstar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://icscards.nl.online-identificatie.nifstar.com/10b67f02b62285365fef6df7bbc00887/login/?
Cookie: real=OK; bid=10b67f02b62285365fef6df7bbc00887
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 31 Dec 2020 00:07:26 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: text/css
date: Sat, 03 Sep 2022 20:36:12 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations