info.dan.ske.dokument.34-237-124-147.cprapid.com/id/finlogin.php
200 OK 8.6 kB URL HTTP/1.1 info.dan.ske.dokument.34-237-124-147.cprapid.com/id/finlogin.php
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (369)
Hash 6b3317d3833f299a098c2a402ddd388f
53d1dd50db844e2424d62da4d6403c8ac6d4a02b
43c8735c6f8de8d8f53bec49686c65cb814e718c142a490028af8888f6fd3a70
Analyzer Verdict Alert quad9 Sinkholed
GET /id/finlogin.php HTTP/1.1
Host: info.dan.ske.dokument.34-237-124-147.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 09:35:09 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2187
Expires: Tue, 07 Feb 2023 10:11:37 GMT
Date: Tue, 07 Feb 2023 09:35:10 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13326
Expires: Tue, 07 Feb 2023 13:17:16 GMT
Date: Tue, 07 Feb 2023 09:35:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 09:34:08 GMT
content-type: application/json
age: 62
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9875
Expires: Tue, 07 Feb 2023 12:19:45 GMT
Date: Tue, 07 Feb 2023 09:35:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +7HMYsv/eumb7GcbEhSPGsubVdJ3A/qTWRX/ck1JVKzD9gq2YBfSDnOSUSqQhFlW/GepIqW5anM=
x-amz-request-id: CJ3K8JPWFD37BKEV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 08:45:30 GMT
age: 2980
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 09:35:10 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
info.dan.ske.dokument.34-237-124-147.cprapid.com/id/all/styles.css
200 OK 49 kB URL HTTP/1.1 info.dan.ske.dokument.34-237-124-147.cprapid.com/id/all/styles.css
IP
File type assembler source, ASCII text, with CRLF line terminators
Hash b9ab7abda3db8f2401bc732f29b78460
1c256bdf0a2c5ed807765d851f08ee99d8f0a0ac
02cd70fbf63e9c61e1abc49a269c5dc62c829e69ac39b33552b6fc118995234b
Analyzer Verdict Alert urlquery phishing Phishing - Nordea
quad9 Sinkholed
GET /id/all/styles.css HTTP/1.1
Host: info.dan.ske.dokument.34-237-124-147.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://info.dan.ske.dokument.34-237-124-147.cprapid.com/id/finlogin.php
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 09:35:10 GMT
Server: Apache
Last-Modified: Mon, 12 Dec 2022 07:06:32 GMT
Accept-Ranges: bytes
Content-Length: 49064
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 09:07:20 GMT
age: 1670
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
info.dan.ske.dokument.34-237-124-147.cprapid.com/id/partials/js/jquery.js
200 OK 272 kB URL HTTP/1.1 info.dan.ske.dokument.34-237-124-147.cprapid.com/id/partials/js/jquery.js
IP
File type ASCII text, with CRLF line terminators
Size 272 kB (272155 bytes)
Hash 3f24e8505d471bd934a5a68b86971580
876bd436d3b3c1436a8ac17a654e38d062acf45e
4ef5f864f89db7feaaaa5332c0a99d76076af49fef488806541ca2561e4cb379
Analyzer Verdict Alert urlquery phishing Phishing - Nordea
quad9 Sinkholed
GET /id/partials/js/jquery.js HTTP/1.1
Host: info.dan.ske.dokument.34-237-124-147.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://info.dan.ske.dokument.34-237-124-147.cprapid.com/id/finlogin.php
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 09:35:10 GMT
Server: Apache
Last-Modified: Fri, 05 Feb 2021 08:11:28 GMT
Accept-Ranges: bytes
Content-Length: 272155
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
info.dan.ske.dokument.34-237-124-147.cprapid.com/id/all/codes_app-a89defc476c5ea3f806b6f5360157e81.svg
200 OK 1.4 kB URL HTTP/1.1 info.dan.ske.dokument.34-237-124-147.cprapid.com/id/all/codes_app-a89defc476c5ea3f806b6f5360157e81.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1442), with no line terminators
Hash a89defc476c5ea3f806b6f5360157e81
640dcac46dbc76ee388429336d7c1b5212300c50
b88b6130e6d786e3793f9811c6ad215e23237c3875b1bd85330505dc8ff350f9
Analyzer Verdict Alert urlquery phishing Phishing - Nordea
quad9 Sinkholed
GET /id/all/codes_app-a89defc476c5ea3f806b6f5360157e81.svg HTTP/1.1
Host: info.dan.ske.dokument.34-237-124-147.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://info.dan.ske.dokument.34-237-124-147.cprapid.com/id/finlogin.php
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 09:35:10 GMT
Server: Apache
Last-Modified: Fri, 04 Nov 2022 10:41:59 GMT
Accept-Ranges: bytes
Content-Length: 1442
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12338
Expires: Tue, 07 Feb 2023 13:00:48 GMT
Date: Tue, 07 Feb 2023 09:35:10 GMT
Connection: keep-alive
info.dan.ske.dokument.34-237-124-147.cprapid.com/assets/3defb92f3d1f7309bb86-28abb007069a4e48b1a0830fb5d4a822.svg
404 Not Found 10 kB URL HTTP/1.1 info.dan.ske.dokument.34-237-124-147.cprapid.com/assets/3defb92f3d1f7309bb86-28abb007069a4e48b1a0830fb5d4a822.svg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash c44edc8135dc1647169cc89e9390ca4d
98696260c6d77f3bd09df1758bed521820967f23
258f8fa9c8cf7dcebe36615b870f60ab4068a08670f7694da64aa19ac1bad559
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/3defb92f3d1f7309bb86-28abb007069a4e48b1a0830fb5d4a822.svg HTTP/1.1
Host: info.dan.ske.dokument.34-237-124-147.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://info.dan.ske.dokument.34-237-124-147.cprapid.com/id/all/styles.css
HTTP/1.1 404 Not Found
Date: Tue, 07 Feb 2023 09:35:10 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
info.dan.ske.dokument.34-237-124-147.cprapid.com/id/all/aa1ee103968475b48934-3a4d9a8b6adf39716f28af71fc9b030a.woff
200 OK 31 kB URL HTTP/1.1 info.dan.ske.dokument.34-237-124-147.cprapid.com/id/all/aa1ee103968475b48934-3a4d9a8b6adf39716f28af71fc9b030a.woff
IP
File type Web Open Font Format, TrueType, length 31152, version 0.0\012- data
Hash 3a4d9a8b6adf39716f28af71fc9b030a
5d9acfd762ccd9a4a519951ad008f119741c513b
21a2a17b532837aeafeb95de9f252bfec714028517f79fb4143845ca4d23353c
Analyzer Verdict Alert urlquery phishing Phishing - Nordea
quad9 Sinkholed
GET /id/all/aa1ee103968475b48934-3a4d9a8b6adf39716f28af71fc9b030a.woff HTTP/1.1
Host: info.dan.ske.dokument.34-237-124-147.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://info.dan.ske.dokument.34-237-124-147.cprapid.com/id/all/styles.css
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 09:35:10 GMT
Server: Apache
Last-Modified: Mon, 12 Dec 2022 06:59:54 GMT
Accept-Ranges: bytes
Content-Length: 31152
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff
info.dan.ske.dokument.34-237-124-147.cprapid.com/id/all/837ba80d0ba906e8c20d-4fa38d775a1f6b9179bc7c425ecaf7f4.woff
200 OK 3.0 kB URL HTTP/1.1 info.dan.ske.dokument.34-237-124-147.cprapid.com/id/all/837ba80d0ba906e8c20d-4fa38d775a1f6b9179bc7c425ecaf7f4.woff
IP
File type Web Open Font Format, TrueType, length 2988, version 1.0\012- data
Hash 4fa38d775a1f6b9179bc7c425ecaf7f4
999363e7db078097dd06c303a4fd09839da7cc6e
6252319c96777a4ce3952f63ec70735230c1c5c9392e81a9b3f9a8b2bc06c164
Analyzer Verdict Alert urlquery phishing Phishing - Nordea
quad9 Sinkholed
GET /id/all/837ba80d0ba906e8c20d-4fa38d775a1f6b9179bc7c425ecaf7f4.woff HTTP/1.1
Host: info.dan.ske.dokument.34-237-124-147.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://info.dan.ske.dokument.34-237-124-147.cprapid.com/id/all/styles.css
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 09:35:10 GMT
Server: Apache
Last-Modified: Mon, 12 Dec 2022 06:59:56 GMT
Accept-Ranges: bytes
Content-Length: 2988
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: font/woff
info.dan.ske.dokument.34-237-124-147.cprapid.com/id/all/5e73b3c67b0510c4c5cf-6629cb5350d6f3276b2dccc43bd3f397.png
200 OK 40 kB URL HTTP/1.1 info.dan.ske.dokument.34-237-124-147.cprapid.com/id/all/5e73b3c67b0510c4c5cf-6629cb5350d6f3276b2dccc43bd3f397.png
IP
File type PNG image data, 828 x 300, 4-bit colormap, non-interlaced\012- data
Hash 6629cb5350d6f3276b2dccc43bd3f397
63d964e5caaa541475a4c2da976871a9f9986067
9fc5b5c44107cfc6701be07fa5d5a4d7ab066607dd7ab6e9f396ac709e28424f
Analyzer Verdict Alert urlquery phishing Phishing - Nordea
quad9 Sinkholed
GET /id/all/5e73b3c67b0510c4c5cf-6629cb5350d6f3276b2dccc43bd3f397.png HTTP/1.1
Host: info.dan.ske.dokument.34-237-124-147.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://info.dan.ske.dokument.34-237-124-147.cprapid.com/id/all/styles.css
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 09:35:10 GMT
Server: Apache
Last-Modified: Mon, 07 Nov 2022 21:40:36 GMT
Accept-Ranges: bytes
Content-Length: 40339
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
info.dan.ske.dokument.34-237-124-147.cprapid.com/assets/aa78d594083d0ccfefcf-d2c5355e1fcc507cd7b7389e87e6c9de.svg
404 Not Found 10 kB URL HTTP/1.1 info.dan.ske.dokument.34-237-124-147.cprapid.com/assets/aa78d594083d0ccfefcf-d2c5355e1fcc507cd7b7389e87e6c9de.svg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash d2b14f4f85cd4db9f74d3ba4ae733c27
a65f8723001fe3c917b554f4384a0fdfa2535376
bc0f8d7671a91cde9e19dc2def0eee0712e255f9c8dd161034fed8de572471be
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/aa78d594083d0ccfefcf-d2c5355e1fcc507cd7b7389e87e6c9de.svg HTTP/1.1
Host: info.dan.ske.dokument.34-237-124-147.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://info.dan.ske.dokument.34-237-124-147.cprapid.com/id/all/styles.css
HTTP/1.1 404 Not Found
Date: Tue, 07 Feb 2023 09:35:11 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
info.dan.ske.dokument.34-237-124-147.cprapid.com/id/all/b90f1e1b93f3b23dd79e-11eca7aa5a85ec0c6cc3deba794b264e.woff
200 OK 32 kB URL HTTP/1.1 info.dan.ske.dokument.34-237-124-147.cprapid.com/id/all/b90f1e1b93f3b23dd79e-11eca7aa5a85ec0c6cc3deba794b264e.woff
IP
File type Web Open Font Format, TrueType, length 31772, version 0.0\012- data
Hash 11eca7aa5a85ec0c6cc3deba794b264e
9bd19e1a9d5859833cbd50f501444c8c2afec2e1
ff28a732b1fc6a547797b7a9a7c29025ae41b74cc5e208232418d9c41fb43c44
Analyzer Verdict Alert urlquery phishing Phishing - Nordea
quad9 Sinkholed
GET /id/all/b90f1e1b93f3b23dd79e-11eca7aa5a85ec0c6cc3deba794b264e.woff HTTP/1.1
Host: info.dan.ske.dokument.34-237-124-147.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://info.dan.ske.dokument.34-237-124-147.cprapid.com/id/all/styles.css
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 09:35:10 GMT
Server: Apache
Last-Modified: Mon, 12 Dec 2022 06:59:53 GMT
Accept-Ranges: bytes
Content-Length: 31772
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: font/woff
ocsp.sectigo.com/
200 OK 472 B IP
Hash 73904ce8b9f54f1a139d128f80e73cc2
51bdabba475b242d329a2526f7cde71a33b27ae2
e97a9086bd4690d8bae30211edd3bb4784fc570be218287cd1172fb2468fc79c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 09:35:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 05:29:14 GMT
Expires: Sat, 11 Feb 2023 05:29:13 GMT
Etag: "51bdabba475b242d329a2526f7cde71a33b27ae2"
Cache-Control: max-age=330241,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795b224edcc2b515-OSL
info.dan.ske.dokument.34-237-124-147.cprapid.com/favicon.ico
404 Not Found 10 kB URL HTTP/1.1 info.dan.ske.dokument.34-237-124-147.cprapid.com/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 2650545005856436ff5ed3583f855357
76d25243d87a50799b284b5eff783b67905075c6
8eb77e2a665d509f58d4e70f83c667f74bad420263392b1b4f23df3fbb2f40d2
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: info.dan.ske.dokument.34-237-124-147.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://info.dan.ske.dokument.34-237-124-147.cprapid.com/id/finlogin.php
HTTP/1.1 404 Not Found
Date: Tue, 07 Feb 2023 09:35:11 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eAsAvR7fJ3H3ETUBU9SltQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qqPca2WfqyLae1VOnubU5N4Fil8=
ocsp.pki.goog/s/gts1p5/97q-VzuQ-Mw
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/97q-VzuQ-Mw
IP
Hash 9f4475ac00312ee8e482de66f484aac6
b9b7f62c08297813dd02919ada2838f71ccf94d4
40adf12f8febb3a59b3f46a68c8dbbbd41648b879fd5988d178480b3c0237077
POST /s/gts1p5/97q-VzuQ-Mw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 09:35:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
whos.amung.us/pingjs/?k=holland001&t=Nordea%20-%20Tunnistautuminen&c=s&x=http%3A%2F%2Finfo.dan.ske.dokument.34-237-124-147.cprapid.com%2Fid%2Ffinlogin.php&y=&a=0&d=1.176&v=27&r=2217
200 OK 49 B URL HTTP/1.1 whos.amung.us/pingjs/?k=holland001&t=Nordea%20-%20Tunnistautuminen&c=s&x=http%3A%2F%2Finfo.dan.ske.dokument.34-237-124-147.cprapid.com%2Fid%2Ffinlogin.php&y=&a=0&d=1.176&v=27&r=2217
IP
File type ASCII text, with no line terminators
Hash 40a3289f4b3cad102f89cfadd4e80dc5
ab0bc81899b7ec614af880126f6f453b162a4caf
9e767374b69fb120467917054f8229e4328b29c0e37be5782e23943f2423fcc8
GET /pingjs/?k=holland001&t=Nordea%20-%20Tunnistautuminen&c=s&x=http%3A%2F%2Finfo.dan.ske.dokument.34-237-124-147.cprapid.com%2Fid%2Ffinlogin.php&y=&a=0&d=1.176&v=27&r=2217 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://info.dan.ske.dokument.34-237-124-147.cprapid.com/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 09:35:11 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795b22504b6c09ac-ARN
ocsp.sectigo.com/
200 OK 471 B IP
Hash 31a51dfff45e63ba8909bda3a3f2ca53
429a7ea67f57ea2c49699e650a09e09c1f983950
dc62d165a95afb87c345affd01d2e6a18d9f85647892b90d94500cb333f76a1c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 09:35:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 11:33:42 GMT
Expires: Sun, 12 Feb 2023 11:33:41 GMT
Etag: "429a7ea67f57ea2c49699e650a09e09c1f983950"
Cache-Control: max-age=438509,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795b225178c6b515-OSL
widgets.amung.us/small.js
200 OK 11 kB URL HTTP/2 widgets.amung.us/small.js
IP
Hash f721c4cef2a5f721f77a8216b8027707
c2c63eb006e14111568cd69761b033ae51673fcc
45875303ac00b6f453010d22ca0bfa18b536bbc1fe686c698607229a281a61d4
GET /small.js HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://info.dan.ske.dokument.34-237-124-147.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 09:35:11 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 17:19:40 GMT
etag: W/"63c0412c-2170"
expires: Wed, 08 Feb 2023 08:53:08 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 2523
vary: Accept-Encoding
server: cloudflare
cf-ray: 795b224f488995de-ARN
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!holland001&lm=0&ts=1675762560714&dn=TC&iso=0&pu=http%3A%2F%2Finfo.dan.ske.dokument.34-237-124-147.cprapid.com%2Fid%2Ffinlogin.php&t=Nordea%20-%20Tunnistautuminen
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!holland001&lm=0&ts=1675762560714&dn=TC&iso=0&pu=http%3A%2F%2Finfo.dan.ske.dokument.34-237-124-147.cprapid.com%2Fid%2Ffinlogin.php&t=Nordea%20-%20Tunnistautuminen
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!holland001&lm=0&ts=1675762560714&dn=TC&iso=0&pu=http%3A%2F%2Finfo.dan.ske.dokument.34-237-124-147.cprapid.com%2Fid%2Ffinlogin.php&t=Nordea%20-%20Tunnistautuminen HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://info.dan.ske.dokument.34-237-124-147.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 07 Feb 2023 09:35:12 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!holland001&dn=TC&cc=1&r=&pu=http%3A%2F%2Finfo.dan.ske.dokument.34-237-124-147.cprapid.com%2Fid%2Ffinlogin.php
200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!holland001&dn=TC&cc=1&r=&pu=http%3A%2F%2Finfo.dan.ske.dokument.34-237-124-147.cprapid.com%2Fid%2Ffinlogin.php
IP
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!holland001&dn=TC&cc=1&r=&pu=http%3A%2F%2Finfo.dan.ske.dokument.34-237-124-147.cprapid.com%2Fid%2Ffinlogin.php HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://info.dan.ske.dokument.34-237-124-147.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
expires: Wed, 08 Feb 2023 09:35:12 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Tue, 07 Feb 2023 09:35:11 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!holland001&lm=0&ts=1675762560714&dn=TC&iso=0&pu=http%3A%2F%2Finfo.dan.ske.dokument.34-237-124-147.cprapid.com%2Fid%2Ffinlogin.php
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!holland001&lm=0&ts=1675762560714&dn=TC&iso=0&pu=http%3A%2F%2Finfo.dan.ske.dokument.34-237-124-147.cprapid.com%2Fid%2Ffinlogin.php
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!holland001&lm=0&ts=1675762560714&dn=TC&iso=0&pu=http%3A%2F%2Finfo.dan.ske.dokument.34-237-124-147.cprapid.com%2Fid%2Ffinlogin.php HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://info.dan.ske.dokument.34-237-124-147.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 07 Feb 2023 09:35:12 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4133
Expires: Tue, 07 Feb 2023 10:44:05 GMT
Date: Tue, 07 Feb 2023 09:35:12 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4133
Expires: Tue, 07 Feb 2023 10:44:05 GMT
Date: Tue, 07 Feb 2023 09:35:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 81DTnHIh40lNEi6l5hC87Vo9R8k4w79Fr71zibyvGP0iJm4kmhWITA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:45:27 GMT
age: 6585
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!holland001&lm=0&ts=1675762560714&dn=TC&iso=0&pu=http%3A%2F%2Finfo.dan.ske.dokument.34-237-124-147.cprapid.com%2Fid%2Ffinlogin.php
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!holland001&lm=0&ts=1675762560714&dn=TC&iso=0&pu=http%3A%2F%2Finfo.dan.ske.dokument.34-237-124-147.cprapid.com%2Fid%2Ffinlogin.php
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!holland001&lm=0&ts=1675762560714&dn=TC&iso=0&pu=http%3A%2F%2Finfo.dan.ske.dokument.34-237-124-147.cprapid.com%2Fid%2Ffinlogin.php HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://info.dan.ske.dokument.34-237-124-147.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 07 Feb 2023 09:35:12 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90168201-5a9a-4b46-93be-3475cfc8d425.jpeg
200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90168201-5a9a-4b46-93be-3475cfc8d425.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ce14d8444f612655b3a1bfe39524fa4
975a6a73a44f6c148b78971c644cfe74a02089bb
4bb09993f3b4a0fbb2680e2eeb200a2733be367c8746bc22d0f926d8b3ff7164
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90168201-5a9a-4b46-93be-3475cfc8d425.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3633
x-amzn-requestid: 3d3ca1a8-338e-4930-ae3a-71d6486c4f19
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpdtCHe1oAMFQIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da0fec-549b40a006425da83f4f1610;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 07:08:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k71tctyakUu3zKXPqtRWuFl-HkLdHw360_Q_3nNihSIw79QGGNYG2A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 15:44:16 GMT
age: 64256
etag: "975a6a73a44f6c148b78971c644cfe74a02089bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eedb4de12585c70ddb5b8f94fe6a59e2
83c9437e71a0a03b3e8ff652155a85eafa76cdda
d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4227
x-amzn-requestid: b45f2ab7-0102-4542-9514-54fb93a0e27f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77sTH4jIAMFnsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1731b-4a24bcb1102e58543cd81343;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ovhdLaEGaDSC8X0F9VamLw0KyBPWkxfYg5pssOT8NOZP4IBtNk6Gfw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:19 GMT
etag: "83c9437e71a0a03b3e8ff652155a85eafa76cdda"
content-type: image/jpeg
age: 41993
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3cd20c6639e2b0d996fbbd7df2d4f47
2e54c22fb83981e2690161cd521e4fc3998e9c16
9b2b1f3e062fca74341d09540e44d2a02ec451b8349440ed5917073e8fab988d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6316
x-amzn-requestid: 879578cc-a58a-4516-a7cd-68850553762b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpc79ECLIAMFclw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da0eb2-57141dcf1c5595110f5f572e;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 07:03:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ARr-i9j3ruIxZ123Ae2bEk_c2s_5Zs7fhrn4UXphw_jOYrtvq9OMVg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 16:55:00 GMT
age: 60012
etag: "2e54c22fb83981e2690161cd521e4fc3998e9c16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4c26323-ca84-49c2-9f28-1ea4944d5cd9.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4c26323-ca84-49c2-9f28-1ea4944d5cd9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 929818fabd5a6ee5200499ca445d121e
3951cfa614e0a8674b730c4850f6483e35f73f6a
9f56ead2f8c136f6d6906fbb8a0ee5e0fd879e8ed104512ed4edf3ba3ece6917
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4c26323-ca84-49c2-9f28-1ea4944d5cd9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8481
x-amzn-requestid: 77c27205-9d32-42d4-b2c4-e5c3941bbe72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pcuG8VoAMFTaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e022b7-76fae5a943c7a1d242f7a758;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:42:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Et74Co732_uh0XdLXtBoER9YtKrPXnac-OGNxyuLmjIHsvgi1XwtYA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 22:13:12 GMT
age: 40920
etag: "3951cfa614e0a8674b730c4850f6483e35f73f6a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8ec9ce3-b686-41f5-8011-400eea8266d1.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8ec9ce3-b686-41f5-8011-400eea8266d1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bea82060b0cd156bf25493942ab62317
4182ba66cceb85c1e873ed5c72a86d53ab851b94
b77aaa7620aa77c7b73be04ad7c91af04f5e91393b3847928668bed644d68709
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8ec9ce3-b686-41f5-8011-400eea8266d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10297
x-amzn-requestid: e1dcfab3-4321-4c83-8ad2-5b6a1b948178
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77J0G-voAMFrfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1723e-33c2bc5c1f200cca7d7aa961;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:33:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6X7tm-1VoSJ0mm0sAsGfD4R-lnaCIUmy91BFZo72Idl1di8SabpEWw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:29 GMT
age: 41983
etag: "4182ba66cceb85c1e873ed5c72a86d53ab851b94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!holland001&lm=0&ts=1675762560714&dn=TC&iso=0&pu=http%3A%2F%2Finfo.dan.ske.dokument.34-237-124-147.cprapid.com%2Fid%2Ffinlogin.php
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!holland001&lm=0&ts=1675762560714&dn=TC&iso=0&pu=http%3A%2F%2Finfo.dan.ske.dokument.34-237-124-147.cprapid.com%2Fid%2Ffinlogin.php
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!holland001&lm=0&ts=1675762560714&dn=TC&iso=0&pu=http%3A%2F%2Finfo.dan.ske.dokument.34-237-124-147.cprapid.com%2Fid%2Ffinlogin.php HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://info.dan.ske.dokument.34-237-124-147.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 07 Feb 2023 09:35:12 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
info.dan.ske.dokument.34-237-124-147.cprapid.com/id/partials/status.php
500 Internal Server Error 0 B URL HTTP/1.1 info.dan.ske.dokument.34-237-124-147.cprapid.com/id/partials/status.php
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Nordea
quad9 Sinkholed
GET /id/partials/status.php HTTP/1.1
Host: info.dan.ske.dokument.34-237-124-147.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://info.dan.ske.dokument.34-237-124-147.cprapid.com/id/finlogin.php
HTTP/1.1 500 Internal Server Error
Date: Tue, 07 Feb 2023 09:35:13 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=b22cad2037aa1cfd1cca7f4f2055679a; path=/
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
info.dan.ske.dokument.34-237-124-147.cprapid.com/id/partials/status.php
500 Internal Server Error 0 B URL HTTP/1.1 info.dan.ske.dokument.34-237-124-147.cprapid.com/id/partials/status.php
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Nordea
quad9 Sinkholed
GET /id/partials/status.php HTTP/1.1
Host: info.dan.ske.dokument.34-237-124-147.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://info.dan.ske.dokument.34-237-124-147.cprapid.com/id/finlogin.php
Cookie: PHPSESSID=b22cad2037aa1cfd1cca7f4f2055679a
HTTP/1.1 500 Internal Server Error
Date: Tue, 07 Feb 2023 09:35:17 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
t.dtscout.com/pv/?_a=v&_h=info.dan.ske.dokument.34-237-124-147.cprapid.com&_ss=3lpnnboqqf&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=1909&_cb=_dtspv.c
200 OK 0 B URL HTTP/2 t.dtscout.com/pv/?_a=v&_h=info.dan.ske.dokument.34-237-124-147.cprapid.com&_ss=3lpnnboqqf&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=1909&_cb=_dtspv.c
IP
GET /pv/?_a=v&_h=info.dan.ske.dokument.34-237-124-147.cprapid.com&_ss=3lpnnboqqf&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=1909&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://info.dan.ske.dokument.34-237-124-147.cprapid.com/
Cookie: m=1; oa=1; df=1675762511
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 09:35:11 GMT
content-type: application/javascript
x-t: 0.127
x-c: 0
expires: Tue, 07 Feb 2023 09:35:10 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WQ0Fbs2GvXkKxexdGcjwzJLMjwfhBREOhBGPWI%2F6ApGzKQN6u0HpUsi%2FnsNRY4vX0mRnn8PRYfY3o1WkgEHDRSn3DnmbEYOaN7tOswWeWgo%2Fmq8nJetWN7FQZOroVc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795b22516cac993c-ARN
content-encoding: br
X-Firefox-Spdy: h2
34.237.124.147
141.101.120.11
23.33.119.27