| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/MitIDeee_files/site.css |  141.193.213.11 | 404 Not Found | 548 B |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/MitIDeee_files/site.css IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeHTML document, ASCII text, with very long lines (574), with no line terminators Hash5b3bd9705af8e4446f589e073b64d64c e25d724de194a431213080e10392963efc18ad75 ad8ec7fd0face5bd866b2a915cd34853cf60f18229acc156dfa99f5dd5d3c775
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/MitIDeee_files/site.css HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 14 Mar 2025 00:17:12 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 16
server: cloudflare
cf-ray: 91ff9636fd5f829d-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/js/main.js | 141.193.213.11 | 200 OK | 19 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/js/main.js IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeJavaScript source, ASCII text, with very long lines (448), with CRLF line terminators Hash3812bc15449fbaa041dcbe7407d7b3b5 b71fb048f8c43b746b281db5c54aaa6055ace179 cccdd1c417e2fef1489bcba786e4ab788d62419a923bbf659d112539b2c91931
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/js/main.js HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:17:12 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: W/"6480b906-4a96"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 91ff9636fd71829d-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| use.typekit.net/af/802da8/0000000000000000000124f9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D |  23.33.119.67 | 404 Not Found | 9 B |
URL GET use.typekit.net/af/802da8/0000000000000000000124f9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D IP23.33.119.67:443 ASN#20940 Akamai International B.V.
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html CertificateIssuerDigiCert Inc Subjectuse.typekit.net FingerprintF3:36:2A:08:11:E8:8C:54:E5:3C:6A:03:53:BF:AA:D7:7A:84:8B:89 ValidityTue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
File typeASCII text, with no line terminators Hashd8f4a1993546cc4b850cde3599e27aec 094b763b4cfcc0b05e5d040581cd513c3ca08067 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /af/802da8/0000000000000000000124f9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fkjhdsfgkjfssf.wpenginepowered.com
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
content-type: text/plain;charset=utf-8
content-length: 9
x-cascade: pass
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: no-cache
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Fri, 14 Mar 2025 00:17:01 GMT
akamai-grn: 0.0f772117.1741911421.eb7bdc5
X-Firefox-Spdy: h2
|
|
| use.typekit.net/af/802da8/0000000000000000000124f9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D | 23.33.119.67 | 404 Not Found | 9 B |
URL GET use.typekit.net/af/802da8/0000000000000000000124f9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D IP23.33.119.67:443 ASN#20940 Akamai International B.V.
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html CertificateIssuerDigiCert Inc Subjectuse.typekit.net FingerprintF3:36:2A:08:11:E8:8C:54:E5:3C:6A:03:53:BF:AA:D7:7A:84:8B:89 ValidityTue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
File typeASCII text, with no line terminators Hashd8f4a1993546cc4b850cde3599e27aec 094b763b4cfcc0b05e5d040581cd513c3ca08067 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /af/802da8/0000000000000000000124f9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fkjhdsfgkjfssf.wpenginepowered.com
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
content-type: text/plain;charset=utf-8
content-length: 9
x-cascade: pass
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: no-cache
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Fri, 14 Mar 2025 00:17:02 GMT
akamai-grn: 0.0f772117.1741911421.eb7c0b9
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html | 141.193.213.11 | 200 OK | 41 kB |
URL User Request GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/wai2.html HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:16:59 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 6
x-cache-group: normal
x-orig-cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91ff95e3efc7829d-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| use.typekit.net/af/7505b0/0000000000000000000124fa/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D | 23.33.119.67 | 404 Not Found | 9 B |
URL GET use.typekit.net/af/7505b0/0000000000000000000124fa/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D IP23.33.119.67:443 ASN#20940 Akamai International B.V.
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html CertificateIssuerDigiCert Inc Subjectuse.typekit.net FingerprintF3:36:2A:08:11:E8:8C:54:E5:3C:6A:03:53:BF:AA:D7:7A:84:8B:89 ValidityTue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
File typeASCII text, with no line terminators Hashd8f4a1993546cc4b850cde3599e27aec 094b763b4cfcc0b05e5d040581cd513c3ca08067 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /af/7505b0/0000000000000000000124fa/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fkjhdsfgkjfssf.wpenginepowered.com
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
content-type: text/plain;charset=utf-8
content-length: 9
x-cascade: pass
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: no-cache
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Fri, 14 Mar 2025 00:17:01 GMT
akamai-grn: 0.0f772117.1741911421.eb7bf24
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/MitIDeee_files/bootstrapper.26b008a325cc6885436a.js.t%C3%A9l%C3%A9chargement/ | 141.193.213.11 | 200 OK | 24 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/MitIDeee_files/bootstrapper.26b008a325cc6885436a.js.t%C3%A9l%C3%A9chargement/ IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeHTML document, ASCII text, with very long lines (8856) Hash3f175a2bc302b93ec44bbb477989aa48 749bc4f832fe2220a6e1d19e32de6c069ccaae29 56731e377a75d27fe16645c38acd7a0219a554ba69c134a478858a2c59e0d215
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/MitIDeee_files/bootstrapper.26b008a325cc6885436a.js.t%C3%A9l%C3%A9chargement/ HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:17:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-powered-by: WP Engine
link: <https://fkjhdsfgkjfssf.wpenginepowered.com/index.php?rest_route=/>; rel="https://api.w.org/"
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91ff9638be6f829d-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/Seleccione%20medio%20de%20pago_files/ScriptResource.axd | 141.193.213.11 | 200 OK | 358 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/Seleccione%20medio%20de%20pago_files/ScriptResource.axd IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeJavaScript source, ASCII text, with very long lines (658), with CRLF line terminators Size358 kB (357825 bytes) Hash470ffde37f8c0c1f8811dd3cf6ae1807 e80962d6dc313b50d0e2b22930946c946bbbb5cb 0cfc4a70c37cecef342f0e14a9204008485665202a40ae48a2af09d381554435
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/Seleccione%20medio%20de%20pago_files/ScriptResource.axd HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:17:00 GMT
content-type: application/octet-stream
content-length: 357825
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: "6480b906-575c1"
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 9
x-cache-group: normal
x-orig-cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91ff95e6899e829d-ARN
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/MitIDeee_files/bootstrap.min.css | 141.193.213.11 | 404 Not Found | 548 B |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/MitIDeee_files/bootstrap.min.css IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeHTML document, ASCII text, with very long lines (574), with no line terminators Hash5b3bd9705af8e4446f589e073b64d64c e25d724de194a431213080e10392963efc18ad75 ad8ec7fd0face5bd866b2a915cd34853cf60f18229acc156dfa99f5dd5d3c775
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/MitIDeee_files/bootstrap.min.css HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 14 Mar 2025 00:17:12 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 16
server: cloudflare
cf-ray: 91ff9636ed5b829d-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/MitIDeee_files/bootstrapper.26b008a325cc6885436a.js.t%C3%A9l%C3%A9chargement | 141.193.213.11 | 301 Moved Permanently | 24 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/MitIDeee_files/bootstrapper.26b008a325cc6885436a.js.t%C3%A9l%C3%A9chargement IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/MitIDeee_files/bootstrapper.26b008a325cc6885436a.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 14 Mar 2025 00:17:12 GMT
content-type: text/html; charset=UTF-8
location: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/MitIDeee_files/bootstrapper.26b008a325cc6885436a.js.t%C3%A9l%C3%A9chargement/
x-powered-by: WP Engine
x-redirect-by: WordPress
x-cacheable: non200
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91ff9636fd60829d-ARN
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/Seleccione%20medio%20de%20pago_files/jquery-1.7.1.js.download | 141.193.213.11 | 200 OK | 248 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/Seleccione%20medio%20de%20pago_files/jquery-1.7.1.js.download IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeJavaScript source, ASCII text Size248 kB (248235 bytes) Hash273e017fd0bef143258516bdee173a1e b47730ffaec4272a8a01756af2ef13ecea1c4e92 9fcc241093405946885039df428cfa7f0051a1f2bdbcc5a313a177a9e35f8806
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/Seleccione%20medio%20de%20pago_files/jquery-1.7.1.js.download HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:17:00 GMT
content-type: application/octet-stream
content-length: 248235
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: "6480b906-3c9ab"
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 9
x-cache-group: normal
x-orig-cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91ff95e68998829d-ARN
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/Seleccione%20medio%20de%20pago_files/jquery-1.7.1.min.js.download | 141.193.213.11 | 200 OK | 94 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/Seleccione%20medio%20de%20pago_files/jquery-1.7.1.min.js.download IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeJavaScript source, ISO-8859 text, with very long lines (32769) Hash7f88006f7f3015cda4771c59c331045d 8b16adb7a833858fd585c5b752d19af446608567 50e56da1d578290bb0ea70122bed96c6c9b62fd6b0648b27038c552a791cfee7
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/Seleccione%20medio%20de%20pago_files/jquery-1.7.1.min.js.download HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:17:00 GMT
content-type: application/octet-stream
content-length: 93868
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: "6480b906-16eac"
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 9
x-cache-group: normal
x-orig-cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91ff95e6899a829d-ARN
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/Seleccione%20medio%20de%20pago_files/jquery-ui-1.8.17.custom.min.js.download | 141.193.213.11 | 200 OK | 211 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/Seleccione%20medio%20de%20pago_files/jquery-ui-1.8.17.custom.min.js.download IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeJavaScript source, ASCII text, with very long lines (18557) Size211 kB (210902 bytes) Hash0cd3f4fce2e0fe4a3826df5e2b5cc9bf a4a80afd87d6d3a986defb2741d5b76d18a96125 794bf1ff4b8bbc981cb280b4efeb6e5b040afb34b85f6e3cd2546ace15910301
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/Seleccione%20medio%20de%20pago_files/jquery-ui-1.8.17.custom.min.js.download HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:17:00 GMT
content-type: application/octet-stream
content-length: 210902
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: "6480b906-337d6"
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 9
x-cache-group: normal
x-orig-cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91ff95e6899b829d-ARN
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/index_fichiers/logo1.png | 141.193.213.11 | 200 OK | 6.2 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/index_fichiers/logo1.png IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeRIFF (little-endian) data, Web/P image Hash4ddc08dc4c1b8ffe9678ff61b9ca4a3e 800e45ce0663094f71eca95a464724deac2ebaff ccffb14d5cdafc55443b9e8e7ca4c27b587fc7bf98eee16c2ab442d4d3727bf0
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/index_fichiers/logo1.png HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:17:12 GMT
content-type: image/webp
content-length: 6210
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=11908
content-disposition: inline; filename="logo1.webp"
etag: "6480b906-2e84"
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
vary: Accept
cf-cache-status: HIT
age: 16
accept-ranges: bytes
server: cloudflare
cf-ray: 91ff9636fd6b829d-ARN
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/MitIDeee_files/coreclient.38aa143e5793d1fc8eac.js.t%C3%A9l%C3%A9chargement/ | 141.193.213.11 | 200 OK | 24 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/MitIDeee_files/coreclient.38aa143e5793d1fc8eac.js.t%C3%A9l%C3%A9chargement/ IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeHTML document, ASCII text, with very long lines (8856) Hash3f175a2bc302b93ec44bbb477989aa48 749bc4f832fe2220a6e1d19e32de6c069ccaae29 56731e377a75d27fe16645c38acd7a0219a554ba69c134a478858a2c59e0d215
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/MitIDeee_files/coreclient.38aa143e5793d1fc8eac.js.t%C3%A9l%C3%A9chargement/ HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:17:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-powered-by: WP Engine
link: <https://fkjhdsfgkjfssf.wpenginepowered.com/index.php?rest_route=/>; rel="https://api.w.org/"
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91ff9638be70829d-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/Seleccione%20medio%20de%20pago_files/typeKit.js.download | 141.193.213.11 | 200 OK | 18 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/Seleccione%20medio%20de%20pago_files/typeKit.js.download IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeJavaScript source, ISO-8859 text, with very long lines (2107), with CRLF line terminators Hashd284850f9f95337348447a6918814f0f b4847fcc2f7b6f18c05c4576411a1111e6c72b2b 6d7e5592901e4818e076e23ec87698f3f45a76117eee613f2cd555f04979bedc
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/Seleccione%20medio%20de%20pago_files/typeKit.js.download HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:17:00 GMT
content-type: application/octet-stream
content-length: 17944
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: "6480b906-4618"
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 9
x-cache-group: normal
x-orig-cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91ff95e67995829d-ARN
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/Seleccione%20medio%20de%20pago_files/main.css | 141.193.213.11 | 200 OK | 22 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/Seleccione%20medio%20de%20pago_files/main.css IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/Seleccione%20medio%20de%20pago_files/main.css HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:16:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: W/"6480b906-5781"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31
server: cloudflare
cf-ray: 91ff95e68997829d-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| use.typekit.net/af/7505b0/0000000000000000000124fa/27/a?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D | 23.33.119.67 | 404 Not Found | 9 B |
URL GET use.typekit.net/af/7505b0/0000000000000000000124fa/27/a?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D IP23.33.119.67:443 ASN#20940 Akamai International B.V.
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html CertificateIssuerDigiCert Inc Subjectuse.typekit.net FingerprintF3:36:2A:08:11:E8:8C:54:E5:3C:6A:03:53:BF:AA:D7:7A:84:8B:89 ValidityTue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
File typeASCII text, with no line terminators Hashd8f4a1993546cc4b850cde3599e27aec 094b763b4cfcc0b05e5d040581cd513c3ca08067 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /af/7505b0/0000000000000000000124fa/27/a?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fkjhdsfgkjfssf.wpenginepowered.com
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
content-type: text/plain;charset=utf-8
content-length: 9
x-cascade: pass
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: no-cache
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Fri, 14 Mar 2025 00:17:01 GMT
akamai-grn: 0.0f772117.1741911421.eb7bfe1
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/index_fichiers/bidm.css | 141.193.213.11 | 200 OK | 43 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/index_fichiers/bidm.css IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeASCII text, with very long lines (1222), with CRLF line terminators Hash15ad390e981075722abd9aed7225e85f 1a6eae25e0a2d52cb6b8bf7fa97367bd985a58f7 31412635ed02fd2c9a9ac4c4d9093c0601a687cfe305aba0dea75c1943d7dd72
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/index_fichiers/bidm.css HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:17:12 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: W/"6480b906-a782"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 16
server: cloudflare
cf-ray: 91ff9636fd66829d-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/js/validate.js | 141.193.213.11 | 200 OK | 4.7 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/js/validate.js IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeASCII text, with very long lines (5166), with no line terminators Hash9fd49477c0c10197bceee35d88df3fb1 3e704058932937f383b52c893723110b99e45d96 b570ba6adec7dc3f26ff0e08be6471eb398a6d545f2f1e597f2e4142193280fe
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/js/validate.js HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:17:12 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: W/"6480b906-125b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 16
server: cloudflare
cf-ray: 91ff96370d7d829d-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.mitid.dk/resources/favicon.ico |  95.101.133.130 | 404 Not Found | 0 B |
URL GET www.mitid.dk/resources/favicon.ico IP95.101.133.130:443 ASN#1299 Arelion Sweden AB
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html CertificateIssuerLet's Encrypt Subjectwww.mitid.dk Fingerprint87:25:71:46:6A:46:EF:FF:8F:A4:DB:06:2D:E4:F9:25:78:34:BE:85 ValidityWed, 05 Feb 2025 23:17:42 GMT - Tue, 06 May 2025 23:17:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /resources/favicon.ico HTTP/1.1
Host: www.mitid.dk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Content-Type: text/html
Content-Length: 70009
X-Correlation-ID: ac7c2ab7-0caf-4ace-aadd-ac5d7cc6a74d
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Pragma:
X-Frame-Options: DENY
Accept-Ranges: bytes
Cache-Control: max-age=120, s-maxage=120
Date: Fri, 14 Mar 2025 00:17:13 GMT
Connection: keep-alive
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/Seleccione%20medio%20de%20pago_files/ScriptResource(1).axd | 141.193.213.11 | 200 OK | 96 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/Seleccione%20medio%20de%20pago_files/ScriptResource(1).axd IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash38ef80ec911e31ff9e76d9ddf4a6f94d f261c638f3a2f88b0f2b3ec709fdd73243d34aab 06831185e31b1a87a5b40a61252ab31da46e5517f7899a1697a7ec8674adf5ab
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/Seleccione%20medio%20de%20pago_files/ScriptResource(1).axd HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:17:00 GMT
content-type: application/octet-stream
content-length: 95640
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: "6480b906-17598"
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 9
x-cache-group: normal
x-orig-cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91ff95e689a0829d-ARN
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/logo2.svg | 141.193.213.11 | 200 OK | 2.0 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/logo2.svg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeSVG Scalable Vector Graphics image Hashba545aa856a3b25e02d8d43adf58f93e 9aaf5f6690fc0eb966f976b869bd1b2a52d29b74 73d0449291840c0e4f6c44a2a1a6f5bcf373db1be85b192febf2242ca2ce5e23
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/logo2.svg HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:16:59 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: W/"6480b906-7b6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 24952
server: cloudflare
cf-ray: 91ff95e689a3829d-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/favicon.ico | 141.193.213.11 | 200 OK | 0 B |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/favicon.ico IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /favicon.ico HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:17:01 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 11 Mar 2025 18:44:40 GMT
etag: "67d08498-0"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 32
accept-ranges: bytes
server: cloudflare
cf-ray: 91ff95ee1e94829d-ARN
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| use.typekit.net/af/802da8/0000000000000000000124f9/27/a?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D | 23.33.119.67 | 404 Not Found | 9 B |
URL GET use.typekit.net/af/802da8/0000000000000000000124f9/27/a?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D IP23.33.119.67:443 ASN#20940 Akamai International B.V.
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html CertificateIssuerDigiCert Inc Subjectuse.typekit.net FingerprintF3:36:2A:08:11:E8:8C:54:E5:3C:6A:03:53:BF:AA:D7:7A:84:8B:89 ValidityTue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
File typeASCII text, with no line terminators Hashd8f4a1993546cc4b850cde3599e27aec 094b763b4cfcc0b05e5d040581cd513c3ca08067 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /af/802da8/0000000000000000000124f9/27/a?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fkjhdsfgkjfssf.wpenginepowered.com
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
content-type: text/plain;charset=utf-8
content-length: 9
x-cascade: pass
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: no-cache
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Fri, 14 Mar 2025 00:17:02 GMT
akamai-grn: 0.0f772117.1741911422.eb7c2a8
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html | 141.193.213.11 | 200 OK | 92 kB |
URL User Request GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID | | OpenPhish | phishing | BankID |
GET /on/vipps/kor.html HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:17:12 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 9
x-cache-group: normal
x-orig-cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91ff96355c67829d-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/gif/2.gif | 141.193.213.11 | 200 OK | 481 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/gif/2.gif IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeGIF image data, version 89a, 800 x 800 Size481 kB (481252 bytes) Hash6f5d089b8e05a186c00950193140806c dc98cea5e9bfe4a1c7e77d5472ce73660192e5c4 9c1f99c1610c93f3a934c6e6665a546d33d3fd4bdb1f0bf2b5b727d92fa9c158
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/gif/2.gif HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:17:00 GMT
content-type: image/webp
content-length: 481252
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=1217112
content-disposition: inline; filename="2.webp"
etag: "6480b906-129258"
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
vary: Accept
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 91ff95e6e9de829d-ARN
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| use.typekit.net/af/7505b0/0000000000000000000124fa/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D | 23.33.119.67 | 404 Not Found | 9 B |
URL GET use.typekit.net/af/7505b0/0000000000000000000124fa/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D IP23.33.119.67:443 ASN#20940 Akamai International B.V.
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html CertificateIssuerDigiCert Inc Subjectuse.typekit.net FingerprintF3:36:2A:08:11:E8:8C:54:E5:3C:6A:03:53:BF:AA:D7:7A:84:8B:89 ValidityTue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
File typeASCII text, with no line terminators Hashd8f4a1993546cc4b850cde3599e27aec 094b763b4cfcc0b05e5d040581cd513c3ca08067 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /af/7505b0/0000000000000000000124fa/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fkjhdsfgkjfssf.wpenginepowered.com
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
content-type: text/plain;charset=utf-8
content-length: 9
x-cascade: pass
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: no-cache
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Fri, 14 Mar 2025 00:17:01 GMT
akamai-grn: 0.0f772117.1741911421.eb7bdc4
X-Firefox-Spdy: h2
|
|
| use.typekit.net/af/802da8/0000000000000000000124f9/27/a?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D | 23.33.119.67 | 404 Not Found | 9 B |
URL GET use.typekit.net/af/802da8/0000000000000000000124f9/27/a?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D IP23.33.119.67:443 ASN#20940 Akamai International B.V.
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html CertificateIssuerDigiCert Inc Subjectuse.typekit.net FingerprintF3:36:2A:08:11:E8:8C:54:E5:3C:6A:03:53:BF:AA:D7:7A:84:8B:89 ValidityTue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
File typeASCII text, with no line terminators Hashd8f4a1993546cc4b850cde3599e27aec 094b763b4cfcc0b05e5d040581cd513c3ca08067 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /af/802da8/0000000000000000000124f9/27/a?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fkjhdsfgkjfssf.wpenginepowered.com
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
content-type: text/plain;charset=utf-8
content-length: 9
x-cascade: pass
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: no-cache
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Fri, 14 Mar 2025 00:17:01 GMT
akamai-grn: 0.0f772117.1741911421.eb7bfeb
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/index_fichiers/logo2.svg | 141.193.213.11 | 200 OK | 2.0 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/index_fichiers/logo2.svg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeSVG Scalable Vector Graphics image Hashba545aa856a3b25e02d8d43adf58f93e 9aaf5f6690fc0eb966f976b869bd1b2a52d29b74 73d0449291840c0e4f6c44a2a1a6f5bcf373db1be85b192febf2242ca2ce5e23
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/index_fichiers/logo2.svg HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:17:13 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: W/"6480b906-7b6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 24966
server: cloudflare
cf-ray: 91ff963a0f54829d-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/Seleccione%20medio%20de%20pago_files/bootstrap.css | 141.193.213.11 | 200 OK | 153 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/Seleccione%20medio%20de%20pago_files/bootstrap.css IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
Size153 kB (152770 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/Seleccione%20medio%20de%20pago_files/bootstrap.css HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:16:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: W/"6480b906-254c2"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 31
server: cloudflare
cf-ray: 91ff95e67996829d-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/MitIDeee_files/coreclient.38aa143e5793d1fc8eac.js.t%C3%A9l%C3%A9chargement | 141.193.213.11 | 301 Moved Permanently | 24 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/MitIDeee_files/coreclient.38aa143e5793d1fc8eac.js.t%C3%A9l%C3%A9chargement IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/MitIDeee_files/coreclient.38aa143e5793d1fc8eac.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 14 Mar 2025 00:17:12 GMT
content-type: text/html; charset=UTF-8
location: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/MitIDeee_files/coreclient.38aa143e5793d1fc8eac.js.t%C3%A9l%C3%A9chargement/
x-powered-by: WP Engine
x-redirect-by: WordPress
x-cacheable: non200
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91ff9636fd61829d-ARN
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/index_fichiers/common_auth.css | 141.193.213.11 | 200 OK | 8.9 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/index_fichiers/common_auth.css IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeASCII text, with very long lines (9825), with no line terminators Hash95d0b3be971d3df480e949a9d022296d 246262ea57cc8302f2653dd5ef2901d7706e02d6 a62565a3ada3de21876ec42e8f4c348e33625340158a5aadf759309b44dd4edd
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/index_fichiers/common_auth.css HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:17:12 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: W/"6480b906-22d0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 24965
server: cloudflare
cf-ray: 91ff9636fd65829d-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| use.typekit.net/af/802da8/0000000000000000000124f9/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D | 23.33.119.67 | 404 Not Found | 9 B |
URL GET use.typekit.net/af/802da8/0000000000000000000124f9/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D IP23.33.119.67:443 ASN#20940 Akamai International B.V.
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html CertificateIssuerDigiCert Inc Subjectuse.typekit.net FingerprintF3:36:2A:08:11:E8:8C:54:E5:3C:6A:03:53:BF:AA:D7:7A:84:8B:89 ValidityTue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
File typeASCII text, with no line terminators Hashd8f4a1993546cc4b850cde3599e27aec 094b763b4cfcc0b05e5d040581cd513c3ca08067 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /af/802da8/0000000000000000000124f9/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fkjhdsfgkjfssf.wpenginepowered.com
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
content-type: text/plain;charset=utf-8
content-length: 9
x-cascade: pass
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: no-cache
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Fri, 14 Mar 2025 00:17:02 GMT
akamai-grn: 0.0f772117.1741911422.eb7c1cd
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/index_fichiers/3625.css | 141.193.213.11 | 200 OK | 3.9 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/index_fichiers/3625.css IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeASCII text, with very long lines (4169), with no line terminators Hash06ad0e0892b887104c917b42e4d452a4 39397783c3659aacf0fca7684b87f15e6859b74c 63cbd11b153b23dba6b861a500cbf8c58d8cbb249fe56a2c77a0f1bcd3cd6059
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/index_fichiers/3625.css HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:17:12 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: W/"6480b906-f64"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 24965
server: cloudflare
cf-ray: 91ff9636fd67829d-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/logo2.svg | 141.193.213.11 | 200 OK | 2.0 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/logo2.svg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeSVG Scalable Vector Graphics image Hashba545aa856a3b25e02d8d43adf58f93e 9aaf5f6690fc0eb966f976b869bd1b2a52d29b74 73d0449291840c0e4f6c44a2a1a6f5bcf373db1be85b192febf2242ca2ce5e23
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/logo2.svg HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/kor.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:17:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: W/"6480b906-7b6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 24965
server: cloudflare
cf-ray: 91ff96375da5829d-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/Seleccione%20medio%20de%20pago_files/WebResource.axd | 141.193.213.11 | 200 OK | 22 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/Seleccione%20medio%20de%20pago_files/WebResource.axd IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hashafe7f8e8ae8f0c4bd8e041b82d8c263a d05df57ce20a98a3bd9b235c3feaa90c44eef1f3 1d1532c6ed3f42083f24c27b1971aa59ef6bfe07b4126d4666f319e43d011054
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/Seleccione%20medio%20de%20pago_files/WebResource.axd HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:17:00 GMT
content-type: application/octet-stream
content-length: 22346
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: "6480b906-574a"
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 9
x-cache-group: normal
x-orig-cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91ff95e6899c829d-ARN
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| use.typekit.net/af/802da8/0000000000000000000124f9/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D | 23.33.119.67 | 404 Not Found | 9 B |
URL GET use.typekit.net/af/802da8/0000000000000000000124f9/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D IP23.33.119.67:443 ASN#20940 Akamai International B.V.
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/wai2.html CertificateIssuerDigiCert Inc Subjectuse.typekit.net FingerprintF3:36:2A:08:11:E8:8C:54:E5:3C:6A:03:53:BF:AA:D7:7A:84:8B:89 ValidityTue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
File typeASCII text, with no line terminators Hashd8f4a1993546cc4b850cde3599e27aec 094b763b4cfcc0b05e5d040581cd513c3ca08067 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /af/802da8/0000000000000000000124f9/27/d?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&token=yjzt92fIDu%2Bi2yE%2FC%2FROvpoHRueJpI3lKQz6Qi7aWTw%3D HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fkjhdsfgkjfssf.wpenginepowered.com
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
content-type: text/plain;charset=utf-8
content-length: 9
x-cascade: pass
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: no-cache
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Fri, 14 Mar 2025 00:17:01 GMT
akamai-grn: 0.0f772117.1741911421.eb7bf26
X-Firefox-Spdy: h2
|
|