| b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/accept.html | 45.55.112.74 | 200 OK | 8.5 kB |
URL User Request GET HTTP/1.1b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/accept.html IP45.55.112.74:80 ASN#14061 DIGITALOCEAN-ASN
File typePHP script, ASCII text, with very long lines (12392), with CRLF line terminators Hash9cd10a008333af505ddb92c9ae8ebdc5 d3eb6ff771f1aabe0ce30644043224ab374efdf4 75e0432c9e18f162325427722e77798b9a5e14e333bc84d12b758df77fc92c60
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - BankID | OpenPhish | phishing | BankID |
GET /wp-admin/-/Navbankingfiles/accept.html HTTP/1.1
Host: b-nav2services4norw1y-a3134377073530.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 17 Apr 2024 14:56:19 GMT
Content-Type: text/html
Content-Length: 8485
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 14:58:22 GMT
ETag: "588b-61637f829309f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
|
|
| b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/src/common_auth.css | 45.55.112.74 | 200 OK | 2.2 kB |
URL GET HTTP/1.1b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/src/common_auth.css IP45.55.112.74:80 ASN#14061 DIGITALOCEAN-ASN
Requested byhttp://b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/accept.html
File typeASCII text, with CRLF line terminators Hashbe2e3c9d73e798faded38476b41d882a a2fef2b649b6b6f417f7303b7376941e1d78ac18 5d4ff4117e8f7f9da541cba635327a05770499b79e51e32e679c2923a4bc27b2
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - BankID |
GET /wp-admin/-/Navbankingfiles/src/common_auth.css HTTP/1.1
Host: b-nav2services4norw1y-a3134377073530.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/accept.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 17 Apr 2024 14:56:19 GMT
Content-Type: text/css
Content-Length: 2186
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 14:58:22 GMT
ETag: "22d0-61637f829fbbf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
|
|
| b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/src/3625.css | 45.55.112.74 | 200 OK | 882 B |
URL GET HTTP/1.1b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/src/3625.css IP45.55.112.74:80 ASN#14061 DIGITALOCEAN-ASN
Requested byhttp://b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/accept.html
File typeASCII text, with CRLF line terminators Hashb642d2446a71071d5b575e139439ecd1 7af3425088bb4c9da806ae535736a87c979f809d 304c378b4700d25f783a2a7d6142c0b4d9dd9df890722064788eee96a12999d8
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - BankID |
GET /wp-admin/-/Navbankingfiles/src/3625.css HTTP/1.1
Host: b-nav2services4norw1y-a3134377073530.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/accept.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 17 Apr 2024 14:56:20 GMT
Content-Type: text/css
Content-Length: 882
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 14:58:22 GMT
ETag: "f64-61637f829f3ef-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
|
|
| b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/src/bidm.css | 45.55.112.74 | 200 OK | 4.4 kB |
URL GET HTTP/1.1b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/src/bidm.css IP45.55.112.74:80 ASN#14061 DIGITALOCEAN-ASN
Requested byhttp://b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/accept.html
File typeASCII text, with very long lines (1222), with CRLF line terminators Hash15ad390e981075722abd9aed7225e85f 1a6eae25e0a2d52cb6b8bf7fa97367bd985a58f7 31412635ed02fd2c9a9ac4c4d9093c0601a687cfe305aba0dea75c1943d7dd72
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - BankID |
GET /wp-admin/-/Navbankingfiles/src/bidm.css HTTP/1.1
Host: b-nav2services4norw1y-a3134377073530.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/accept.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 17 Apr 2024 14:56:20 GMT
Content-Type: text/css
Content-Length: 4392
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 14:58:22 GMT
ETag: "a782-61637f829f7d7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
|
|
| b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/src/vbm_blu01r.png | 45.55.112.74 | 200 OK | 6.8 kB |
URL GET HTTP/1.1b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/src/vbm_blu01r.png IP45.55.112.74:80 ASN#14061 DIGITALOCEAN-ASN
Requested byhttp://b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/accept.html
File typePNG image data, 80 x 26, 8-bit/color RGBA, non-interlaced Hashad031f47efae809034406b98c42ce72b 77fbc3a4dcd3461274a84965aa46744cfd784a07 6d1a13547d41b9e611e6ca654d8f475b821050539e2bb0714973ac35d67db02f
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - BankID |
GET /wp-admin/-/Navbankingfiles/src/vbm_blu01r.png HTTP/1.1
Host: b-nav2services4norw1y-a3134377073530.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/accept.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 17 Apr 2024 14:56:20 GMT
Content-Type: image/png
Content-Length: 6770
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 14:58:22 GMT
ETag: "1a72-61637f82a0b5f"
Accept-Ranges: bytes
|
|
| b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/src/3625_banklogo.jpeg | 45.55.112.74 | 200 OK | 12 kB |
URL GET HTTP/1.1b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/src/3625_banklogo.jpeg IP45.55.112.74:80 ASN#14061 DIGITALOCEAN-ASN
Requested byhttp://b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/accept.html
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=48, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=200], progressive, precision 8, 200x48, components 3 Hash692578ef076f7eedf9bc9c8ee4f6186d c79aabe12ab710af4612dbee79f7e8e990c82d61 7e0590d63a4ca29f0d4e3e33f38ec65230e70b8b57915d4e6533f8b5e8948fd3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - BankID |
GET /wp-admin/-/Navbankingfiles/src/3625_banklogo.jpeg HTTP/1.1
Host: b-nav2services4norw1y-a3134377073530.codeanyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/accept.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 17 Apr 2024 14:56:20 GMT
Content-Type: image/jpeg
Content-Length: 11797
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 14:58:22 GMT
ETag: "2e15-61637f829f3ef"
Accept-Ranges: bytes
|
|
| secure.edb.com/static/secure3d/images/common/favicons/3625.ico?v=2021071402 | 139.112.170.16 | 200 OK | 1.2 kB |
URL GET HTTP/1.1secure.edb.com/static/secure3d/images/common/favicons/3625.ico?v=2021071402 IP139.112.170.16:443 ASN#5619 Tietoevry Norway As
Requested byhttp://b-nav2services4norw1y-a3134377073530.codeanyapp.com/wp-admin/-/Navbankingfiles/accept.html CertificateIssuerBuypass AS-983163327 Subjectsecure.edb.com FingerprintD4:B9:A9:61:B3:73:A9:EE:CD:C4:E1:94:A8:BA:16:72:4C:05:26:57 ValidityThu, 21 Mar 2024 17:41:01 GMT - Sun, 06 Apr 2025 21:59:00 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hashf40cd77c0809181bc137396a900414d9 9a70d4e563e52688bddda5d0fe628c705d610ea2 7dc366a210daa822bf1d57acad65c792f1687e8f71318770b1a7c2843e9088a7
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - BankID |
GET /static/secure3d/images/common/favicons/3625.ico?v=2021071402 HTTP/1.1
Host: secure.edb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://b-nav2services4norw1y-a3134377073530.codeanyapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 15:39:22 GMT
Last-Modified: Thu, 17 Oct 2019 08:44:27 GMT
Accept-Ranges: bytes
Content-Length: 1150
Keep-Alive: timeout=15, max=800
Connection: Keep-Alive
Content-Type: image/x-icon
Set-Cookie: BIGipServerpool_evry_Secure3D_11080=!WeLAW1mLfZn5R1Ng6XJE1MSQvYDqggzXWbXxGmv4bbKxCJCo8+qWSttkEpYUTLRnr7oSFFT8xxMt3w==; path=/; Httponly; Secure
Strict-Transport-Security: max-age=2592000
|
|