Report - cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php

Report Overview

Submitted URL
cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
IP
40.67.201.30
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2023-03-24 12:36:19
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
64

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
cdn.tynt.com	7260	2012-05-21T18:51:48Z	2023-03-29T12:31:48Z	386 B	7.3 kB	172.64.151.83
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	44 kB	34.120.237.76
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
www.mitid.dk	unknown	2017-04-03T14:46:36Z	2023-03-29T15:25:14Z	4.2 kB	4.1 kB	95.100.107.92
whos.amung.us	12687	2014-04-02T16:27:13Z	2023-03-29T12:52:10Z	464 B	295 B	172.67.8.141
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	52.40.49.56
ic.tynt.com	4300	2013-08-06T03:33:59Z	2023-03-29T12:59:06Z	2.8 kB	1.5 kB	67.202.105.34
cert.login.dokument.info.40-67-201-30.cprapid.com	unknown	2023-03-14T10:36:58Z	2023-03-24T13:36:08Z	14 kB	720 kB	40.67.201.30
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	2.4 kB	6.2 kB	95.101.11.115
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
t.dtscout.com	11951	2017-01-30T05:52:42Z	2023-03-29T12:31:47Z	1.0 kB	1.6 kB	141.101.120.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-03-14	medium	cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php	Nordea Bank

PhishTank

Scan Date	Severity	Indicator	Alert
2023-03-15	medium	cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php	Other

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-24	medium	cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed
2023-03-24	medium	cprapid.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php	352 B	2023-03-08	2023-04-20
Pretty URL cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php IP 40.67.201.30 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:38:06 Last Seen2023-04-20 20:37:41 Times Seen87 Hash 20fb3c0190a762beaea9dc55bb233440 19334f820374a9f1486604884906293932b47971 a826917389ce9f2378f0efcda62a5e800ff9d9e6b49835c427732eecbb24440b Loading...

	cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php	463 B	2023-03-08	2023-08-19
Pretty URL cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php IP 40.67.201.30 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:23:38 Last Seen2023-08-19 13:27:55 Times Seen62 Hash 12ce6263ec9a8b39052bb88a4d32f022 079864bd3f57d5abaf5dbedd1d1230af550d200e 69c811cc0046ee6925b3f2c92f3a227b2b96746d5ea3b50d61051659f27e0f25 Loading...

	cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php	865 B	2023-03-14	2023-04-20
Pretty URL cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php IP 40.67.201.30 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 10:44:09 Last Seen2023-04-20 20:37:41 Times Seen55 Hash 43d760a33f39f20362e2714a89b518e9 df962a799adbbebfb940b17d60c95490d218c3d7 be151e29b3346f2e8d1d219828fcabd8673d9b3f2a06df2c82f7f43f81e0b53d Loading...

	cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php	7.4 kB	2023-03-14	2023-04-06
Pretty URL cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php IP 40.67.201.30 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 10:44:09 Last Seen2023-04-06 08:36:23 Times Seen48 Hash fe63cfe27d06be2d4a1a05f3c6890f2b 814b81e1954b80444cc4763aee6713cbb1b0b1bc 62347c38e10bb2388e18068575cc397edbbbb40802914cea17ed25b94ba12e59 Loading...

	widgets.amung.us/small.js	8.6 kB	2023-03-08	2024-04-27
Pretty URL widgets.amung.us/small.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:44 Last Seen2024-04-27 00:54:41 Times Seen2487 Hash a41caf5294227669425cd5135a26b2a0 a26a13f88c51c37b58fbd8a6b444e9b9150fae16 2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1 Loading...

	cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php	30 B	2023-03-13	2023-04-11
Pretty URL cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php IP 40.67.201.30 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:05:50 Last Seen2023-04-11 19:10:00 Times Seen49 Hash 4affbb1bcd478fcb687610382841ab13 76a99c4aa3b9dd38c7f7391b924b35103cb33e76 f915c2252d54209d99117a7cc549fe9bd7df7555b212541294f3453115e8fd79 Loading...

	cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php	236 B	2023-03-26	2023-04-20
Pretty URL cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php IP 40.67.201.30 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:22:38 Last Seen2023-04-20 20:37:41 Times Seen63 Hash c9c77ee4f3365bf985af71cfbe56d7d9 1b2cc393ee8e5fd170537a0142338099ee8c55b3 423de8f33e546a89bbaffc472957251586477bdec637afc366496796e6a1e487 Loading...

	t.dtscout.com/i/?l=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php&j=	2.1 kB	2023-03-07	2024-04-27
Pretty URL t.dtscout.com/i/?l=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php&j= IP 141.101.120.10 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-27 01:54:11 Times Seen4422 Hash 51bd741af3fcc4984d1a753eebfa1141 534664acf69cbbb5c9b97c96b63dd37bdc580da2 3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c Loading...

	whos.amung.us/pingjs/?k=nordi001&t=Nordea%20-%20identifikation&c=s&x=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php&y=&a=0&d=0.867&v=27&r=4482	26 B	2023-03-26	2023-04-20
Pretty URL whos.amung.us/pingjs/?k=nordi001&t=Nordea%20-%20identifikation&c=s&x=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php&y=&a=0&d=0.867&v=27&r=4482 IP 172.67.8.141 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 12:34:08 Last Seen2023-04-20 11:37:03 Times Seen14 Hash f8c52a338e559cb427ce5b916f83a3ce 8dd97236b182eeb0446fcc0683bac214a7620bca 49bfe8214997fab436f7c3405c8ace4b334022b61852e781afb4b28d6d68ca44 Loading...

	cdn.tynt.com/tc.js	18 kB	2023-03-26	2023-06-01
Pretty URL cdn.tynt.com/tc.js IP 172.64.151.83 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 06:14:32 Last Seen2023-06-01 00:32:07 Times Seen1872 Hash 569be2758b9d2b1b2b12b32cb4e77722 c899cb2adea760c6cdb2d471a7408ddbc811e363 b1804777ba20dafab3f354093af8b20442bec0eb61b2d34ea8a735a3bfefa278 Loading...

	cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php	296 B	2023-03-13	2023-04-11
Pretty URL cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php IP 40.67.201.30 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:40:45 Last Seen2023-04-11 19:10:00 Times Seen50 Hash c0cc0ba63ea76098dbef673319501ca9 2c8af94b1eab461e36fd0f62b11730852cad6fdc 43f4cb716a59b28050fe499c7f64551df523ded2030b8ba9f2fc67c23a636741 Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 02:48:32 Times Seen37109344 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	t.dtscout.com/pv/?_a=v&_h=cert.login.dokument.info.40-67-201-30.cprapid.com&_ss=k1buo7f99g&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=2sn3&_cb=_dtspv.c	52 B	2023-03-29	2023-03-29
Pretty URL t.dtscout.com/pv/?_a=v&_h=cert.login.dokument.info.40-67-201-30.cprapid.com&_ss=k1buo7f99g&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=2sn3&_cb=_dtspv.c IP 141.101.120.10 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:32:44 Last Seen2023-03-29 21:32:44 Times Seen1 Hash 4082c4cec3dd95ac4e3008e23d664a93 b3eb7715db7c89a1f44460cb364b83bb37c08cb3 3bcc4a6e2f622b639162773626f49cdbc2d100cfd36f998e2122e79d3b81eea0 Loading...

	de.tynt.com/deb/v2?id=w!nordi001&dn=TC&cc=1&r=&pu=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php	4 B	2023-03-07	2024-04-24
Pretty URL de.tynt.com/deb/v2?id=w!nordi001&dn=TC&cc=1&r=&pu=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-24 03:12:14 Times Seen3075 Hash 350fd6ef6446635f7a8f608434a405ec a4b6c275ac2c80ec925b5c0c5c6abb79ba897356 d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9c6f8328cad252c79720cdebcb48012b	226 B	2023-03-07	2023-05-06
Pretty Observations First Seen2023-03-07 01:03:01 Last Seen2023-05-06 00:45:04 Times Seen958 Hash 9c6f8328cad252c79720cdebcb48012b b853e7b92b0b23aa07f59b4816740de095331d47 bb037a2c6d9cf7fa65d8570beb76b1a31c360826ed6edb8612a584aa1918d62d Loading...

	#2 Eval - b2c2041f8d99c45e0f21474fe4f8b7bc	17 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-26 01:51:27 Times Seen7451 Hash b2c2041f8d99c45e0f21474fe4f8b7bc 0b876666393469c726a2e3edbb29544c03a92154 17f5bfdbae6b35ae8bc3b27c069526d694021fe1e37a8027678e770fbb05e061 Loading...

HTTP Transactions (64)

URL IP Response Size

cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php

40.67.201.30

200 OK

96 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (43921)
Size
96 kB (95577 bytes)
Hash
949b5e7f0fbccd072d1d72a0fa0ef935
18c478ad6727c7001385ae01363263e13a4a5ed8
907414afa18c4fa035ca4254a231d33a05480fc11a0cda63c29d24b84a8348c5

Detections

Analyzer	Verdict	Alert
openphish	Nordea Bank
phishtank	Other
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /id/dklogin.php HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 12:36:08 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=e98ec499a070b971151f25d962275863; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13611
Expires: Fri, 24 Mar 2023 16:22:59 GMT
Date: Fri, 24 Mar 2023 12:36:08 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15405
Expires: Fri, 24 Mar 2023 16:52:53 GMT
Date: Fri, 24 Mar 2023 12:36:08 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 24 Mar 2023 12:27:37 GMT
content-type: application/json
age: 511
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dc2752d83fbed82852248898a132467a
b27a6b4af2e07663a58cafb641513f7224c7a7c3
ea7838393d83805a7b8a2b01bd09e4423617c4da285b983a11e9ba36266810d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA7838393D83805A7B8A2B01BD09E4423617C4DA285B983A11E9BA36266810D5"
Last-Modified: Wed, 22 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9777
Expires: Fri, 24 Mar 2023 15:19:05 GMT
Date: Fri, 24 Mar 2023 12:36:08 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: I3ZOOuvUGstEAiEpQvXbdF0qDskyUwwO7CtOU/HCQg51pZhiWJN7KUEmDJEVP1vNLet8eW4qdMODHhVOkCEAQg==
x-amz-request-id: 7PPFKMS4SD31FYDN
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 24 Mar 2023 11:54:28 GMT
age: 2500
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

cert.login.dokument.info.40-67-201-30.cprapid.com/id/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css

40.67.201.30

200 OK

46 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/id/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
assembler source, ASCII text
Size
46 kB (46240 bytes)
Hash
b4e3dd72fa889925a82bcf7bbf0efb38
f073ffd6720b2a76790083c6fc434c3560a6cc39
2bbe5dc049d7c24d18fa1623f48772832cbfa6f3281df6b41723b9bd7f3be7f9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /id/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 12:36:08 GMT
Server: Apache
Last-Modified: Mon, 12 Dec 2022 07:05:57 GMT
Accept-Ranges: bytes
Content-Length: 46240
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 12:36:08 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/qrcode-0ee52d9cc6e123879ec6846246f9eff0.js

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/qrcode-0ee52d9cc6e123879ec6846246f9eff0.js
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10258 bytes)
Hash
ff71f7e7d0b0d75efc6287f586ac5929
e66989b8e3658d6b8159ecd096668664bb5a0f0a
86d5aa4aa99b6e2d2437d8ec18eecbf02d5bae557c0c04daae03e2952afde695

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/qrcode-0ee52d9cc6e123879ec6846246f9eff0.js HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:08 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/scripts-5abe3803d3e5a9e3f93b7ca687779a67.js

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/scripts-5abe3803d3e5a9e3f93b7ca687779a67.js
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10260 bytes)
Hash
d557ae6af0d2995e95a28326887d13ef
bfa3ef744da06710fb96ea672c015f722aa81f59
2e84ed3645c110c8070b0620eedd0e7c20046ca69051375cf6a5236354f277c8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/scripts-5abe3803d3e5a9e3f93b7ca687779a67.js HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:08 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/qr_code-c086a1064a1535f8761f7ebef31e5fc5.svg

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/qr_code-c086a1064a1535f8761f7ebef31e5fc5.svg
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10276 bytes)
Hash
b927a279b8140f8b73d05358fa8af767
b619bbfb25ca06554c3be591d37574de79896884
6dc6f235c96dacbcccb1b1f6fc995637bd73e1f34176c93144521953d91efa61

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/qr_code-c086a1064a1535f8761f7ebef31e5fc5.svg HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:08 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/mitid-4aead61655620afca545eded5d36aa1e.svg

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/mitid-4aead61655620afca545eded5d36aa1e.svg
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10272 bytes)
Hash
01417b24e040b271f1adccf43acb3235
ae77c9d41708223a9dcbd667e3366548fea7481e
59f26bcb72d037e1f02aa75e0a70ff8a02ac886e23cafe49e8fbda4dd5092740

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/mitid-4aead61655620afca545eded5d36aa1e.svg HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:08 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/codes_app-a89defc476c5ea3f806b6f5360157e81.svg

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/codes_app-a89defc476c5ea3f806b6f5360157e81.svg
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10280 bytes)
Hash
5ba9a48dcbc847bcfe2e87e3d3258883
04242221ff93b80ae5a5f6dae1f4a4720d6570e5
a3dfb676a68a2da95add0919df6362530fe412b147586f6806b5c98525383dac

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/codes_app-a89defc476c5ea3f806b6f5360157e81.svg HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:08 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/qrt-78c4b15d93ca856686f6b6f3fa0ce872.svg

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/qrt-78c4b15d93ca856686f6b6f3fa0ce872.svg
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10268 bytes)
Hash
0c442fe2f430be97bb013cbda333876b
56c96bd03828ce635708c066859714bc7b286f55
8a607326d9d359736365e57107fcacf6a4f8ed7a6981c5ea6cc8bad660f86ed1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/qrt-78c4b15d93ca856686f6b6f3fa0ce872.svg HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:08 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/key-ca4ef88caabfc9bc5dc60a9d9fe78fa3.svg

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/key-ca4ef88caabfc9bc5dc60a9d9fe78fa3.svg
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10268 bytes)
Hash
4a7fd32cb7cf557322d815489dff479d
1deae4bc1cb354431452e13fd93b4c344252918e
3fe8dbb20c52000acc12e8dee001effbf2aef0b8b50a1b9164c22475f09154aa

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/key-ca4ef88caabfc9bc5dc60a9d9fe78fa3.svg HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:08 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/technical-error-91ca9eec9eed6ed945355d650bb10d41.svg

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/technical-error-91ca9eec9eed6ed945355d650bb10d41.svg
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10292 bytes)
Hash
96b32b7c446084cec620e4233f9fe771
0d1b4737364522d1d920970a5d92a28ebbfc16df
2163cd443dcf6184e2147b5723ef4a737ef6a395734277533c260fecac064714

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/technical-error-91ca9eec9eed6ed945355d650bb10d41.svg HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:08 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10302 bytes)
Hash
2d356fe6f04aa373aecb6a3c9ccfd42b
4c1dcc2c92ebf864a5b23060133bca9f13b8ff75
5ba89edd971424299c243c23e024556336cfa4e1e7ba6ac99f12af555760b95a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:08 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10274 bytes)
Hash
284746d482fa6553ec8c1489f4773d85
742a6c9979d9bcb539440abb80540e1be780648a
b526f0040c0ca05d1b41a819f331d77ba0b1e5db96a7474bd9c649e2644d1c9f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:08 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/no-connection-83f79e2367a313b468986e12a237c346.svg

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/no-connection-83f79e2367a313b468986e12a237c346.svg
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10288 bytes)
Hash
d77468c6de3cff5d3676351fed90a5a3
a75d8b63ff057c57647113fa557b616cb6f4a1ba
81bc305357d8d2b619c49b2b14d6f31b625ee18b128445d56a1ae30455280afe

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/no-connection-83f79e2367a313b468986e12a237c346.svg HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:08 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/empty-3857ebe69f653487f8c9d99adde4657f.svg

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/empty-3857ebe69f653487f8c9d99adde4657f.svg
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10272 bytes)
Hash
bd0587f0affa8b60de1ddaa63062a86d
3c966bcdc1cb4a8c163a3a1daf218228b6920dd8
c851259078fff5ec03577009ea0fae52da11c2808f38e782bf578bed24868a0d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/empty-3857ebe69f653487f8c9d99adde4657f.svg HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:08 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10288 bytes)
Hash
84f0c7cc8b0df6e89d7393e612121ec0
55d6937c9b21d60a446eda3eb8991ae02f7244f7
6b8e901af313f0b28a7812b7bd0868648e80b8756a7478fcbc89f851ee5b5341

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:08 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cert.login.dokument.info.40-67-201-30.cprapid.com/id/all/5e73b3c67b0510c4c5cf-6629cb5350d6f3276b2dccc43bd3f397.png

40.67.201.30

200 OK

40 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/id/all/5e73b3c67b0510c4c5cf-6629cb5350d6f3276b2dccc43bd3f397.png
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 828 x 300, 4-bit colormap, non-interlaced\012- data
Size
40 kB (40339 bytes)
Hash
6629cb5350d6f3276b2dccc43bd3f397
63d964e5caaa541475a4c2da976871a9f9986067
9fc5b5c44107cfc6701be07fa5d5a4d7ab066607dd7ab6e9f396ac709e28424f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /id/all/5e73b3c67b0510c4c5cf-6629cb5350d6f3276b2dccc43bd3f397.png HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 12:36:08 GMT
Server: Apache
Last-Modified: Mon, 07 Nov 2022 21:40:36 GMT
Accept-Ranges: bytes
Content-Length: 40339
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

cert.login.dokument.info.40-67-201-30.cprapid.com/id/partials/js/jquery.js

40.67.201.30

200 OK

272 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/id/partials/js/jquery.js
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with CRLF line terminators
Size
272 kB (272155 bytes)
Hash
3f24e8505d471bd934a5a68b86971580
876bd436d3b3c1436a8ac17a654e38d062acf45e
4ef5f864f89db7feaaaa5332c0a99d76076af49fef488806541ca2561e4cb379

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /id/partials/js/jquery.js HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 12:36:08 GMT
Server: Apache
Last-Modified: Fri, 05 Feb 2021 08:11:28 GMT
Accept-Ranges: bytes
Content-Length: 272155
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

cert.login.dokument.info.40-67-201-30.cprapid.com/id/all/aa1ee103968475b48934-3a4d9a8b6adf39716f28af71fc9b030a.woff

40.67.201.30

200 OK

31 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/id/all/aa1ee103968475b48934-3a4d9a8b6adf39716f28af71fc9b030a.woff
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Web Open Font Format, TrueType, length 31152, version 0.0\012- data
Size
31 kB (31152 bytes)
Hash
3a4d9a8b6adf39716f28af71fc9b030a
5d9acfd762ccd9a4a519951ad008f119741c513b
21a2a17b532837aeafeb95de9f252bfec714028517f79fb4143845ca4d23353c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /id/all/aa1ee103968475b48934-3a4d9a8b6adf39716f28af71fc9b030a.woff HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 12:36:08 GMT
Server: Apache
Last-Modified: Mon, 12 Dec 2022 06:59:54 GMT
Accept-Ranges: bytes
Content-Length: 31152
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff

www.mitid.dk/mitid-core-client-backend/v1/coreclient.e998ecf45cf7712a1b62.js

95.100.107.92

404 Not Found

209 B

URL HTTP/1.1
www.mitid.dk/mitid-core-client-backend/v1/coreclient.e998ecf45cf7712a1b62.js
IP
95.100.107.92:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
209 B (209 bytes)
Hash
501615c0ba6fd9e7b57008a25bbaea1a
cfa2ed23bf0cabf99542f8329736012201395b3e
999c645a49fb43d2e41154d5db404294654ee218d18c1a8785d8477a972cd6aa

HTTP Headers

GET /mitid-core-client-backend/v1/coreclient.e998ecf45cf7712a1b62.js HTTP/1.1
Host: www.mitid.dk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cert.login.dokument.info.40-67-201-30.cprapid.com
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Server: nginx
Content-Type: application/json
X-Correlation-ID: b6152880-66f3-43d2-9b1c-1e87f6c63cc8
Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
Content-Disposition: inline;filename=f.txt
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 209
Expires: Fri, 24 Mar 2023 12:36:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 24 Mar 2023 12:36:09 GMT
Connection: keep-alive

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10302 bytes)
Hash
c328ada10d15437b2c543bbbe1c673d1
0becc786f4b5bc307c009ec186cb051c13e3d9ba
25c83c76fd5db01d36cc3f02204554ade6040ee5ea286b7568669377d2705b01

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:09 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10274 bytes)
Hash
4b40c5893d9972025905a563f5de9d37
b34ccaf74dec300df3e12867aeaee2739ef0f4ae
576089a27ca2cb8e6233cd376088761b4b72f27d99923dc9f2280a265417ca46

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:09 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/no-connection-83f79e2367a313b468986e12a237c346.svg

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/no-connection-83f79e2367a313b468986e12a237c346.svg
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10288 bytes)
Hash
78569771d03be2fd89b5d49ef32508d2
c118273020e1257104cead3d863cbf56c29ea310
a1db572076f87d404d9c702aa07836fd736a151d5e769dd1400bc705d426aa68

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/no-connection-83f79e2367a313b468986e12a237c346.svg HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:09 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/empty-3857ebe69f653487f8c9d99adde4657f.svg

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/empty-3857ebe69f653487f8c9d99adde4657f.svg
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10272 bytes)
Hash
265169bf3b639559f8d9c4b57eb7ec1e
5ab134eebe3dd7bab59a296500a865bfbd41c29d
9928cf067f5ed3e3d477037419f0b1ad4bf3e47ccaaf35b61fd06ba133e5d259

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/empty-3857ebe69f653487f8c9d99adde4657f.svg HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:09 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/technical-error-91ca9eec9eed6ed945355d650bb10d41.svg

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/technical-error-91ca9eec9eed6ed945355d650bb10d41.svg
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10292 bytes)
Hash
8721a4c422aee8579a19004399c4bd05
cefda7e67bc276b3fd0fe91159e0d94f21d66cf0
30b700747f614ad0afe84a9d6dde8587a59c2a1bcda95fecb79e1a2154c3584c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/technical-error-91ca9eec9eed6ed945355d650bb10d41.svg HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:09 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10288 bytes)
Hash
1038068d70a193cc034f48f1a6c833c7
c0f6de4faa60069923f604be6395c6eae9102922
4e950dc9d4abfa6127b3ec33452a5e6991c79bb6dfb8bf2c099ccfe8a50b2861

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:09 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/qrcode-0ee52d9cc6e123879ec6846246f9eff0.js

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/qrcode-0ee52d9cc6e123879ec6846246f9eff0.js
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10258 bytes)
Hash
9eab0b4b3ddd5bf6bc8f8532209b7512
692d246e31d895f96120bda5ba457054aee1c400
084666df11744452788be2c1ce21ff16f4c8aac669ff7237690211cd86e0e1cc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/qrcode-0ee52d9cc6e123879ec6846246f9eff0.js HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:09 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

www.mitid.dk/mitid-core-client-backend/v1/bootstrapper.a29ccd9579584e71dfba.js

95.100.107.92

404 Not Found

211 B

URL HTTP/1.1
www.mitid.dk/mitid-core-client-backend/v1/bootstrapper.a29ccd9579584e71dfba.js
IP
95.100.107.92:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
211 B (211 bytes)
Hash
813b7f05a48165ed21ee8aa88c41fe81
6d02272b4d8549f2165395c287b4e80fa6f7c405
ce42d9938bd0297c8c337a5abb8ffd5ca054487703cdca3d38d5a02803912b3d

HTTP Headers

GET /mitid-core-client-backend/v1/bootstrapper.a29ccd9579584e71dfba.js HTTP/1.1
Host: www.mitid.dk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cert.login.dokument.info.40-67-201-30.cprapid.com
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Server: nginx
Content-Type: application/json
X-Correlation-ID: c8c4c48d-8331-4ac9-abe2-3d29889d6563
Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
Content-Disposition: inline;filename=f.txt
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 211
Expires: Fri, 24 Mar 2023 12:36:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 24 Mar 2023 12:36:09 GMT
Connection: keep-alive

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/scripts-5abe3803d3e5a9e3f93b7ca687779a67.js

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/scripts-5abe3803d3e5a9e3f93b7ca687779a67.js
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10260 bytes)
Hash
533dd38ee427598ace3f6c4c2392f599
20ea0c91699489b1d588e3bf082746088b9a8aaa
ac3f7f2edd78e5cb1b3f924b6fb75375234ee7014c2bed306bd00d65225422e7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/scripts-5abe3803d3e5a9e3f93b7ca687779a67.js HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:09 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/favicon-9a39921b4a8d93d5528b4ccdc5d76e91.ico

40.67.201.30

404 Not Found

10 kB

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/assets/images/favicon-9a39921b4a8d93d5528b4ccdc5d76e91.ico
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10276 bytes)
Hash
f3c8e645d0ee7cc31f85d851660e9fa2
09a0d2cc22bbf31388bcf4d92e02fb27e8e3cd85
5da30aa6be97b14e3ffc80d1cea5197c10f087cee226213246f7577b48c4b407

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/favicon-9a39921b4a8d93d5528b4ccdc5d76e91.ico HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 404 Not Found
Date: Fri, 24 Mar 2023 12:36:09 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 24 Mar 2023 12:17:23 GMT
age: 1126
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

whos.amung.us/pingjs/?k=nordi001&t=Nordea%20-%20identifikation&c=s&x=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php&y=&a=0&d=0.867&v=27&r=4482

172.67.8.141

200 OK

44 B

URL HTTP/1.1
whos.amung.us/pingjs/?k=nordi001&t=Nordea%20-%20identifikation&c=s&x=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php&y=&a=0&d=0.867&v=27&r=4482
IP
172.67.8.141:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
44 B (44 bytes)
Hash
145fdeda61ea81d44e439d4ba562b19e
e824bf174317308874d80326e18f4d08890a4a17
a99a8547e75200ff7e97a656d5f2323e35e59f3e809ada48fa140ac8c3138912

HTTP Headers

GET /pingjs/?k=nordi001&t=Nordea%20-%20identifikation&c=s&x=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php&y=&a=0&d=0.867&v=27&r=4482 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/

HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 12:36:09 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7acef54788a9069b-OSL

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
050ca4dc2182e0a27573b0d9f32b7834
bec14dc5af0d0b32210470673511acd8db404308
b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13666
Expires: Fri, 24 Mar 2023 16:23:55 GMT
Date: Fri, 24 Mar 2023 12:36:09 GMT
Connection: keep-alive

push.services.mozilla.com/

52.40.49.56

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.40.49.56:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YWxHs9eBL0aIjnuDfMrItg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 11JEM6Z4hg3JXytZjebyG2zLuxo=

ic.tynt.com/b/p?id=w!nordi001&lm=0&ts=1679661380294&dn=TC&iso=0&pu=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php&t=Nordea%20-%20identifikation

67.202.105.34

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!nordi001&lm=0&ts=1679661380294&dn=TC&iso=0&pu=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php&t=Nordea%20-%20identifikation
IP
67.202.105.34:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!nordi001&lm=0&ts=1679661380294&dn=TC&iso=0&pu=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php&t=Nordea%20-%20identifikation HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 24 Mar 2023 12:36:10 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

ic.tynt.com/b/p?id=w!nordi001&lm=0&ts=1679661380294&dn=TC&iso=0&pu=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php&t=Nordea%20-%20identifikation

67.202.105.34

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!nordi001&lm=0&ts=1679661380294&dn=TC&iso=0&pu=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php&t=Nordea%20-%20identifikation
IP
67.202.105.34:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!nordi001&lm=0&ts=1679661380294&dn=TC&iso=0&pu=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php&t=Nordea%20-%20identifikation HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 24 Mar 2023 12:36:10 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

ic.tynt.com/b/p?id=w!nordi001&lm=0&ts=1679661380294&dn=TC&iso=0&pu=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php

67.202.105.34

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!nordi001&lm=0&ts=1679661380294&dn=TC&iso=0&pu=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php
IP
67.202.105.34:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!nordi001&lm=0&ts=1679661380294&dn=TC&iso=0&pu=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 24 Mar 2023 12:36:10 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

ic.tynt.com/b/p?id=w!nordi001&lm=0&ts=1679661380294&dn=TC&iso=0&pu=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php

67.202.105.34

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!nordi001&lm=0&ts=1679661380294&dn=TC&iso=0&pu=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php
IP
67.202.105.34:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!nordi001&lm=0&ts=1679661380294&dn=TC&iso=0&pu=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 24 Mar 2023 12:36:10 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

ic.tynt.com/b/p?id=w!nordi001&lm=0&ts=1679661380294&dn=TC&iso=0&pu=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php

67.202.105.34

204 No Content

0 B

URL HTTP/2
ic.tynt.com/b/p?id=w!nordi001&lm=0&ts=1679661380294&dn=TC&iso=0&pu=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php
IP
67.202.105.34:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b/p?id=w!nordi001&lm=0&ts=1679661380294&dn=TC&iso=0&pu=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 24 Mar 2023 12:36:10 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2

cdn.tynt.com/tc.js

172.64.151.83

200 OK

6.9 kB

URL HTTP/2
cdn.tynt.com/tc.js
IP
172.64.151.83:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
6.9 kB (6873 bytes)
Hash
1c50eec89feef906e034652e3641696d
f9ae14050a650b82b3eb96edc80ccd5044c95e85
6a88e155ecd60e7dda759732de83df2509563498cf647e4b40e5acce4d44ddf3

HTTP Headers

GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 24 Mar 2023 12:36:09 GMT
content-type: application/javascript
last-modified: Tue, 14 Mar 2023 15:48:17 GMT
vary: Accept-Encoding
etag: W/"64109741-4750"
content-encoding: gzip
cf-cache-status: HIT
age: 74849
expires: Mon, 27 Mar 2023 12:36:09 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 7acef5490c041c02-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15950
Expires: Fri, 24 Mar 2023 17:02:01 GMT
Date: Fri, 24 Mar 2023 12:36:11 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15950
Expires: Fri, 24 Mar 2023 17:02:01 GMT
Date: Fri, 24 Mar 2023 12:36:11 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15950
Expires: Fri, 24 Mar 2023 17:02:01 GMT
Date: Fri, 24 Mar 2023 12:36:11 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (4000 bytes)
Hash
85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: vOBDFA2LzOIp_0dMXApotrithfiToWtpM2xMRyx1pWAE86olKT6EpQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 02:36:43 GMT
age: 35968
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11f3110-26b3-4e61-a4be-71f97e3d6614.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7482 bytes)
Hash
04db6085e8ec938c1385fb33b32ae036
0f173b8971723ec380a9610b3dda8f64890f6f37
873d5942c34057339f7a9c53a9d4cdc3a0b82f01223f851898da0ebbe0a628bc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11f3110-26b3-4e61-a4be-71f97e3d6614.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7482
x-amzn-requestid: 843e4bba-1550-44c4-be10-dd333148f83d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPHxFuuIAMFvmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc564-03f5d2675850409e70748490;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:32:20 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: i3f56KYdhzWqiBtE9-vSMBC17mWa0qZfxQb3AmHcNvApYKse8O3DdQ==
via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 21:56:06 GMT
age: 52805
etag: "0f173b8971723ec380a9610b3dda8f64890f6f37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff06722a0-5f82-452b-ac9a-80d0ca71d101.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7600 bytes)
Hash
c37bd8ec8ce9f45025fa76a31f60c68e
61ebc4cf54dd3ea145304f75ff199c4e0252906e
2c15447add79e494ffa5002cd0037ad8ffb154074fced77f2169a44c0340c75f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff06722a0-5f82-452b-ac9a-80d0ca71d101.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7600
x-amzn-requestid: ed7adb8b-5aa9-45b8-bc46-bdb716b95c4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQP4OHu8IAMFY6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc69a-46199f6b296939d662f19933;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:37:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: LP06Tcwj6aCuEqQXcE7oWBFpo88Ewh3PPSnFfwjecq7ejw9Mtfij8w==
via: 1.1 0a166b53605851fe961f5a2952e5a748.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 21:46:58 GMT
etag: "61ebc4cf54dd3ea145304f75ff199c4e0252906e"
content-type: image/jpeg
age: 53353
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48579581-7121-436c-a612-bb4c179f2542.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4438 bytes)
Hash
f46d765cbcbbcd9707a21eec12d80002
d9bab36f53de76263a67bc34364e33bed28d35cd
772e85ac55db0fc3ca75329e0197c7caeff466e90b5cf85df7ccb44a85a253f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48579581-7121-436c-a612-bb4c179f2542.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4438
x-amzn-requestid: ce3cbb97-2a19-4499-8ab7-18cf5f99b5ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CK85SG3_oAMFQcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641aa83b-2750db5d028ac4ac54a865f8;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 07:03:23 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: s3be2clZAQ4R0f442UhQKzqwRKV4cO9mRaWArwIGHl42yU7N2JG36Q==
via: 1.1 53ee82a7eb57de316cba44c26680b4a6.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 13:45:06 GMT
age: 82265
etag: "d9bab36f53de76263a67bc34364e33bed28d35cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7405 bytes)
Hash
9bb55b1044454d0db2324a4af956cd51
5aa34545aa2274453b301c74a083034273177cbd
fb7fa8b91ff7374ac6be2df05e1e98194f2adf3ce728b02a66323993145975ef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7405
x-amzn-requestid: 9865b715-ff9b-498d-95b3-c728fd3430be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPt7E46oAMF1Fg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc658-78b66faf317a7aaf689de782;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:36:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: EI1picNm6z4XmZxnCmqbdZv4ok9AqXNvYGy8CtENrRkWLuuLUuETlg==
via: 1.1 e39f48cc8f516dc1072afdb086c71f32.cloudfront.net (CloudFront), 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 21:43:19 GMT
etag: "5aa34545aa2274453b301c74a083034273177cbd"
content-type: image/jpeg
age: 53572
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6bf7d96-8563-4612-89c2-6d00db18f9f6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6721 bytes)
Hash
d733019c5326d4617096c74ae22fdffd
72bc0b2a19ca257ac974460f81af47fcfa2fee24
6746fcedbf4aad5c94582162e343d160fdc7d127bae807d1a97a9d7a231c9a70

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6bf7d96-8563-4612-89c2-6d00db18f9f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6721
x-amzn-requestid: bf32e1c8-cac1-4f04-abe6-fba2e9e824f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CK89vHbyoAMFc7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641aa857-5d84ed861375c4ba04a2ae30;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 07:03:51 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 60VbucTVJnuo0rLzrTvbdbQOIMQmhDMQT8st-Y49_plnM_akqw_V4w==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 04:01:18 GMT
age: 30893
etag: "72bc0b2a19ca257ac974460f81af47fcfa2fee24"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cert.login.dokument.info.40-67-201-30.cprapid.com/id/partials/status.php

40.67.201.30

500 Internal Server Error

0 B

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/id/partials/status.php
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /id/partials/status.php HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 500 Internal Server Error
Date: Fri, 24 Mar 2023 12:36:12 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

cert.login.dokument.info.40-67-201-30.cprapid.com/id/partials/status.php

40.67.201.30

500 Internal Server Error

0 B

URL HTTP/1.1
cert.login.dokument.info.40-67-201-30.cprapid.com/id/partials/status.php
IP
40.67.201.30:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /id/partials/status.php HTTP/1.1
Host: cert.login.dokument.info.40-67-201-30.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/id/dklogin.php
Cookie: PHPSESSID=e98ec499a070b971151f25d962275863

HTTP/1.1 500 Internal Server Error
Date: Fri, 24 Mar 2023 12:36:15 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.mitid.dk/assets/fonts/IBMPlexSans-SemiBold.woff2

95.100.107.92

200 OK

0 B

URL HTTP/1.1
www.mitid.dk/assets/fonts/IBMPlexSans-SemiBold.woff2
IP
95.100.107.92:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/fonts/IBMPlexSans-SemiBold.woff2 HTTP/1.1
Host: www.mitid.dk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cert.login.dokument.info.40-67-201-30.cprapid.com
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff2
Content-Length: 59692
Last-Modified: Tue, 21 Feb 2023 13:35:51 GMT
ETag: "e92c-5f535dbaa5bc0"
Accept-Ranges: bytes
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Origin
Cache-Control: public, max-age=14363
Date: Fri, 24 Mar 2023 12:36:09 GMT
Connection: keep-alive

www.mitid.dk/assets/fonts/IBMPlexSans.woff

95.100.107.92

200 OK

0 B

URL HTTP/1.1
www.mitid.dk/assets/fonts/IBMPlexSans.woff
IP
95.100.107.92:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/fonts/IBMPlexSans.woff HTTP/1.1
Host: www.mitid.dk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cert.login.dokument.info.40-67-201-30.cprapid.com
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff
Content-Length: 77532
Last-Modified: Tue, 21 Feb 2023 13:35:51 GMT
ETag: "12edc-5f535dbaa5bc0"
Accept-Ranges: bytes
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Origin
Cache-Control: public, max-age=14357
Date: Fri, 24 Mar 2023 12:36:09 GMT
Connection: keep-alive

t.dtscout.com/i/?l=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php&j=

141.101.120.10

200 OK

0 B

URL HTTP/2
t.dtscout.com/i/?l=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php&j=
IP
141.101.120.10:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /i/?l=http%3A%2F%2Fcert.login.dokument.info.40-67-201-30.cprapid.com%2Fid%2Fdklogin.php&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 24 Mar 2023 12:36:09 GMT
content-type: application/javascript
x-s: ger1
set-cookie: m=1; Domain=dtscout.com; Expires=Fri, 24-Mar-2023 13:59:29 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Fri, 24-Mar-2023 16:36:09 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1679661369; Domain=dtscout.com; Expires=Sun, 02-Jul-2023 12:36:09 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.53
expires: Fri, 24 Mar 2023 12:36:08 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBR6xunkq0uOdV3VOlTLGXisZeMQmrsAuGGg7z7l1XDwE3tY9mkat5QcBEOtF38GLKWINcq63mLGcdQBXFaWgGLUyTNuBqS30kpaEGyyUA3DrGRQOTNFHgrWuzv2Rw4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7acef54748e21665-ARN
content-encoding: br
X-Firefox-Spdy: h2

www.mitid.dk/assets/fonts/IBMPlexSans-Bold.woff2

95.100.107.92

200 OK

0 B

URL HTTP/1.1
www.mitid.dk/assets/fonts/IBMPlexSans-Bold.woff2
IP
95.100.107.92:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/fonts/IBMPlexSans-Bold.woff2 HTTP/1.1
Host: www.mitid.dk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cert.login.dokument.info.40-67-201-30.cprapid.com
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff2
Content-Length: 55824
Last-Modified: Tue, 21 Feb 2023 13:35:51 GMT
ETag: "da10-5f535dbaa5bc0"
Accept-Ranges: bytes
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Origin
Cache-Control: public, max-age=14400
Date: Fri, 24 Mar 2023 12:36:09 GMT
Connection: keep-alive

www.mitid.dk/assets/fonts/IBMPlexSans.woff2

95.100.107.92

200 OK

0 B

URL HTTP/1.1
www.mitid.dk/assets/fonts/IBMPlexSans.woff2
IP
95.100.107.92:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/fonts/IBMPlexSans.woff2 HTTP/1.1
Host: www.mitid.dk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cert.login.dokument.info.40-67-201-30.cprapid.com
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff2
Content-Length: 55936
Last-Modified: Tue, 21 Feb 2023 13:35:51 GMT
ETag: "da80-5f535dbaa5bc0"
Accept-Ranges: bytes
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Origin
Cache-Control: public, max-age=14371
Date: Fri, 24 Mar 2023 12:36:09 GMT
Connection: keep-alive

www.mitid.dk/assets/fonts/IBMPlexSans-Medium.woff2

95.100.107.92

200 OK

0 B

URL HTTP/1.1
www.mitid.dk/assets/fonts/IBMPlexSans-Medium.woff2
IP
95.100.107.92:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/fonts/IBMPlexSans-Medium.woff2 HTTP/1.1
Host: www.mitid.dk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cert.login.dokument.info.40-67-201-30.cprapid.com
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff2
Content-Length: 59228
Last-Modified: Tue, 21 Feb 2023 13:35:51 GMT
ETag: "e75c-5f535dbaa5bc0"
Accept-Ranges: bytes
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Origin
Cache-Control: public, max-age=14398
Date: Fri, 24 Mar 2023 12:36:09 GMT
Connection: keep-alive

www.mitid.dk/assets/fonts/IBMPlexSans-Medium.woff

95.100.107.92

200 OK

0 B

URL HTTP/1.1
www.mitid.dk/assets/fonts/IBMPlexSans-Medium.woff
IP
95.100.107.92:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/fonts/IBMPlexSans-Medium.woff HTTP/1.1
Host: www.mitid.dk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cert.login.dokument.info.40-67-201-30.cprapid.com
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff
Content-Length: 81900
Last-Modified: Tue, 21 Feb 2023 13:35:51 GMT
ETag: "13fec-5f535dbaa5bc0"
Accept-Ranges: bytes
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Origin
Cache-Control: public, max-age=14398
Date: Fri, 24 Mar 2023 12:36:09 GMT
Connection: keep-alive

t.dtscout.com/pv/?_a=v&_h=cert.login.dokument.info.40-67-201-30.cprapid.com&_ss=k1buo7f99g&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=2sn3&_cb=_dtspv.c

141.101.120.10

200 OK

0 B

URL HTTP/2
t.dtscout.com/pv/?_a=v&_h=cert.login.dokument.info.40-67-201-30.cprapid.com&_ss=k1buo7f99g&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=2sn3&_cb=_dtspv.c
IP
141.101.120.10:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pv/?_a=v&_h=cert.login.dokument.info.40-67-201-30.cprapid.com&_ss=k1buo7f99g&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=2sn3&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cert.login.dokument.info.40-67-201-30.cprapid.com/
Cookie: m=1; oa=1; df=1679661369
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 24 Mar 2023 12:36:09 GMT
content-type: application/javascript
x-t: 0.152
x-c: 0
expires: Fri, 24 Mar 2023 12:36:08 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLSlSFEyURtICTQxJtpRnmxrGfCkTVmHfZWgmJXLoIBSK5ckPhm%2FeWKfHR5iIXOfWL%2B2dcChnG8ubf0RIxMfK5W7eB9gLX509pWQ4x%2B3nfJKljGrtbs8LQwPT9RgXOo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7acef54819ed1665-ARN
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML