| www.banenor.no/elkraft/candrop/install.zip | 172.64.155.179 | 200 OK | 27 MB |
URL User Request GET HTTP/2www.banenor.no/elkraft/candrop/install.zip IP172.64.155.179:443
CertificateIssuerBuypass AS-983163327 Subjectbanenor.no FingerprintAD:78:D2:F1:32:8F:C6:A9:E1:1E:80:4D:23:EE:F6:7C:68:97:0A:BE ValidityWed, 06 Mar 2024 08:49:05 GMT - Mon, 31 Mar 2025 21:59:00 GMT
File typeZip archive data, at least v2.0 to extract, compression method=deflate Size27 MB (26803898 bytes) Hash56c54cc92e7cd787b4fe96256a30d904 d89ecd1aa3dd0e6e2ae31cad8d1d6dc4880773ec ecaccdd69e8529cde70bd882856ee020bb7cf77c6b43c83e0ed8cb061469a048
Analyzer | Verdict | Alert | VirusTotal | suspicious | |
GET /elkraft/candrop/install.zip HTTP/1.1
Host: www.banenor.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 13:15:10 GMT
content-type: application/x-zip-compressed
content-length: 26803898
cache-control: public, max-age=14400
strict-transport-security: max-age=63072000; includeSubDomains; preload
request-context: appId=cid-v1:461e3dac-4db9-481e-ab3f-545376bd3069
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-security-policy: default-src 'self' ; connect-src 'self' https://dc.services.visualstudio.com/v2/track https://pui.episerver.net/api/telemetryconfig https://maps.googleapis.com https://www.google-analytics.com https://region1.google-analytics.com/g/collect https://esp-eu.aptrinsic.com/ https://*.cookieinformation.com/ https://stats.g.doubleclick.net/j https://pagecorrect.monsido.com/ https://tr-shadow.snapchat.com/ https://tr.snapchat.com/ https://stats.g.doubleclick.net/ https://cdn.linkedin.oribi.io/partner/1648329/ https://vc.hotjar.io/sessions/3312419 https://*.hotjar.com https://*.jotform.com wss://eu-sockets.jotform.io https://oc-cdn-public-eur.azureedge.net/livechatwidget/configs/ ws://localhost:* wss://*.hotjar.com/api/v2/client/ws https://content.hotjar.io/ https://csp.withgoogle.com/csp/ https://surveystats.hotjar.io/ https://ask.hotjar.io/ https://heatmaps.monsido.com https://consentcdn.cookiebot.com/ https://consent.cookiebot.com/ https://api.gobistories.com/api/v5/ https://res.cloudinary.com/gobi-technologies-as/; font-src 'self' https://fonts.gstatic.com/ https://*.cloudfront.net/ https://*.typekit.net/ https://script.hotjar.com; frame-src 'self' https://policy.app.cookieinformation.com/ https://www.youtube-nocookie.com/ https://togkart.banenor.no/ https://oc-cdn-public-eur.azureedge.net/ https://tr-shadow.snapchat.com/ https://tr.snapchat.com/ https://*.jotform.com https://*.jotfor.ms https://*.jotform.io https://9742880.fls.doubleclick.net/ https://cse.google.com/ https://banenor.maps.arcgis.com/ https://td.doubleclick.net/ https://consentcdn.cookiebot.com/ https://rtd.banenor.no/; img-src 'self' https://s3-eu-west-1.amazonaws.com/hj-insights/surveys/ https://script.hotjar.com https://maps.gstatic.com https://maps.googleapis.com https://tracking.monsido.com/ https://ib.adnxs.com/ https://px.ads.linkedin.com/ https://www.linkedin.com/px/ https://www.facebook.com/tr/ https://no-gmtdmp.mookie1.com/ https://*.gstatic.com/ https://*.jotfor.ms/ https://*.jotform.com/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://cse.google.com/ https://www.google.com/ https://clients1.google.com https://www.googleapis.com https://ad.doubleclick.net/ https://tr.snapchat.com/ https://imgsct.cookiebot.com/ https://www.banenor.no https://www.banenoreiendom.no https://www.godslokka.no https://www.nyeoslos.no https://www.skistasjonsby.no https://www.trondheimsentralstasjon.no https://www.sundlandverk.no https://oppslagsverk.banenor.no data: https://banenor.papirfly.no/ https://res.cloudinary.com/gobi-technologies-as/; script-src 'self' https://static.hotjar.com https://js.monitor.azure.com https://maps.googleapis.com https://cdn.jsdelivr.net/ https://cdnjs.cloudflare.com/ https://maxcdn.bootstrapcdn.com/ https://code.jquery.com https://web-sdk-eu.aptrinsic.com/api/aptrinsic.js https://oc-cdn-public-eur.azureedge.net/livechatwidget/ https://www.google-analytics.com/ https://www.googletagmanager.com https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js https://policy.app.cookieinformation.com/ https://policy.app.cookieinformation.com/uc.js https://pagecorrect.monsido.com/ https://tracking.monsido.com/ https://app-script.monsido.com https://static.hotjar.com/c/hotjar-3312419.js https://script.hotjar.com/ https://acdn.adnxs.com/dmp/up/pixie.js https://cdn.mookie1.com/containr.js https://connect.facebook.net/en_US/fbevents.js https://snap.licdn.com/li.lms-analytics/insight.min.js https://sc-static.net/scevent.min.js https://stats.g.doubleclick.net/ https://tr-shadow.snapchat.com/ https://connect.facebook.net/ https://tr.snapchat.com/ https://*.jotformeu.com/ https://*.jotform.com https://*.jotfor.ms https://*.google.com/ https://heatmaps.monsido.com/v1/heatmaps.js https://snap.licdn.com/ https://consentcdn.cookiebot.com/ https://consent.cookiebot.com/ 'unsafe-inline' 'unsafe-eval' https://widget.gobistories.com/gwi/6; style-src 'self' https://js.monitor.azure.com https://maxcdn.bootstrapcdn.com/ https://cdn.jsdelivr.net/ https://web-sdk-eu.aptrinsic.com/style.css https://oc-cdn-public-eur.azureedge.net/livechatwidget/ https://fonts.googleapis.com/ https://*.typekit.net/ https://www.googletagmanager.com/ https://*.jotfor.ms https://www.google.com/cse/ 'unsafe-inline'; media-src 'self' https://banenor.papirfly.no/ https://res.cloudinary.com/gobi-technologies-as/ data: blob: *;
last-modified: Mon, 06 May 2024 12:19:48 GMT
cf-cache-status: EXPIRED
expires: Tue, 07 May 2024 17:15:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 88017a2a9d4056cc-OSL
X-Firefox-Spdy: h2
|