r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4409
Expires: Thu, 08 Dec 2022 14:05:25 GMT
Date: Thu, 08 Dec 2022 12:51:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6233
Expires: Thu, 08 Dec 2022 14:35:49 GMT
Date: Thu, 08 Dec 2022 12:51:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 12:08:12 GMT
content-type: application/json
age: 2624
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10244
Expires: Thu, 08 Dec 2022 15:42:40 GMT
Date: Thu, 08 Dec 2022 12:51:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: oz905nfsTpGrZ2UEQb6oasausYqZDKWdFeqzyKNrdaqT1Hf1g9bU43+pw2FHVIN8jttyZ9YdM7w=
x-amz-request-id: G47BVB24JHE1PRGQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 12:49:47 GMT
age: 129
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 12:51:56 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage
122.201.127.227302 Found 245 B URL HTTP/1.1 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 78b373b0c0e43fb08827e2fcd5540384
b035b1ba91756e59d0cfa32a3c33aebb0a927755
65776d1e1603d76ba372f4a6b8246d2c985f24b9e237d01dfd49e2b51b394ca6
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 08 Dec 2022 12:51:56 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 245
Location: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 12:07:55 GMT
age: 2641
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2368
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 12:51:56 GMT
Last-Modified: Thu, 08 Dec 2022 12:12:28 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 733f916b61c9a2e1b0f796a0edc54db1
ab5290a084051a002f58d28fec552e174ff76c57
62a0c6b180ef0db23c89125838efd8b7b81412bbef631d2483e0fdf3af5ac43a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 12:51:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 18:19:37 GMT
Expires: Tue, 13 Dec 2022 18:19:36 GMT
Etag: "ab5290a084051a002f58d28fec552e174ff76c57"
Cache-Control: max-age=451059,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7765a2a8ca8db512-OSL
push.services.mozilla.com/
34.214.236.46101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.236.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: F34hz+Ov/+uG/K8lhOyBaw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vr4tN+rD2Qwt/GIVb+RNw7nRgzU=
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage
122.201.127.227301 Moved Permanently 269 B URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1fe5c23cf53838235cd97af5d8f40e00
ce0beb2e9df786dcdfcb1e556f997a7fa6c41dea
3a7999547e5420fcfe00ce2d8c5d24c60d16876e66736ac1f74c4997256abb66
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 08 Dec 2022 12:51:57 GMT
content-type: text/html; charset=iso-8859-1
content-length: 269
location: http://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
122.201.127.227302 Found 246 B URL HTTP/1.1 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 673248fc530ce027d4741195550f38e7
dad94ca1708309f4a73984bac24284fb6db8772f
1c2c04622cc2742a726764ac854f093ccc66ab789780fba824b7252848acab60
Analyzer Verdict Alert openphish Generic/Spear Phishing
fortinet Phishing
GET /skatteetaten/skatteetaten/manage/ HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 08 Dec 2022 12:51:57 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 246
Location: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4650
Expires: Thu, 08 Dec 2022 14:09:28 GMT
Date: Thu, 08 Dec 2022 12:51:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4650
Expires: Thu, 08 Dec 2022 14:09:28 GMT
Date: Thu, 08 Dec 2022 12:51:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4650
Expires: Thu, 08 Dec 2022 14:09:28 GMT
Date: Thu, 08 Dec 2022 12:51:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4650
Expires: Thu, 08 Dec 2022 14:09:28 GMT
Date: Thu, 08 Dec 2022 12:51:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4650
Expires: Thu, 08 Dec 2022 14:09:28 GMT
Date: Thu, 08 Dec 2022 12:51:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:35:32 GMT
age: 47786
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d89b69ba37bf23c5d576aff4063caf
3d46a21b4da571d7e4962e335c18a28ca5f81ecf
09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wFqXeAYHSBcj85PiuqhV790clAMWg_NHMCO5Q5WARXDaohFWZdeCig==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:19:17 GMT
age: 48761
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57be99ac898a37d73f2ba4a24f56248f
04e32eb45581201a6a1863200e4d139df48285e6
a20081b64fc019372843360b15aa3461ec9dd3deb50ab398bca0a5e74d5468c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12534
x-amzn-requestid: 2a01f2ba-cf3a-4f59-8339-214c66bcc0d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czDbyGTcoAMF_TQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911918-5d3eba8d01e4175a71acc6cd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:52:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NoZlZ8WFfOuIbkWaC2pJPJQrWtjzz2gCHJWr-u-nMNYmu8MkTf6_PA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:03:58 GMT
age: 49680
etag: "04e32eb45581201a6a1863200e4d139df48285e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc231183-b100-4921-9a48-0bac91da0d2b.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc231183-b100-4921-9a48-0bac91da0d2b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 280c788841ca669f2c8556f03ee85b68
c15a4519a69eb6b5cc624344a7c3d99335a095d9
451a816aa2129c3a7712a01b96daee492ae2ab25c4940405063098f3b7ad10ae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc231183-b100-4921-9a48-0bac91da0d2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6032
x-amzn-requestid: 22b80af7-87cf-4719-8bc8-927077cc3aa1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4hoFraoAMFpVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639107a3-42927c064ee65d3b23121b36;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -6j01fDKCX0VuXQjVKCm1nPOqSRuh9_Pd-3cgxbEKWhLzlL27hs0fA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:07:32 GMT
age: 53066
etag: "c15a4519a69eb6b5cc624344a7c3d99335a095d9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 535710165275856757bd7d1689f79de3
d51162b7fcba50022482b7130a556f3a7dfe822f
c93e2df13b78cd4b718eb4fe3fe70a9d6d12fd0a0d7f505219ec0d5e6a70653c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6186
x-amzn-requestid: 53d1d373-ff6c-4c59-bdeb-fff592bca586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUsyGOEIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e67eb-0156077b52dc07fb124c087b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:51:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4ORpzqbzQyJz_i3wpxf_07mXK3ovj1JT8kn-M9fdrGRgDVig7hhN5w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 11:01:03 GMT
age: 6655
etag: "d51162b7fcba50022482b7130a556f3a7dfe822f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c408efaa98ac2ce63bb1618368d10c15
a51bbb49ebd862d04eaee465d0a35b22dcd21391
077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcHU93cetsY4-vWHpT2xXozH1T7J3_1X8n6Yjd6lOuF8HbkpTQDerg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
content-type: image/jpeg
age: 52714
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 79c8ff0fda2dd5c920c9dc9695979b30
1a09be25311b51cb6b5f16af30805a364d3e9519
fa9f97a6abd59dd928b34ddd5a9be5e32fc05e7410fbacc092ddd05cc19b8711
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=113966
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 12:51:58 GMT
Etag: "6390f81c-118"
Expires: Fri, 09 Dec 2022 20:31:24 GMT
Last-Modified: Wed, 07 Dec 2022 20:31:24 GMT
Server: nginx
Content-Length: 280
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
122.201.127.227200 OK 66 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
Hash 74ff1a8c0ec59bed7a62134b2fb09657
38cb54e920ec06d2e11073529d1e6b6f90f1b56e
ca1db9de0bd5a9d4eb5151793f570280cc0285367577cfc05f179f02837a31d5
Analyzer Verdict Alert openphish Generic/Spear Phishing
fortinet Phishing
GET /skatteetaten/skatteetaten/manage/ HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 12:51:57 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 79c8ff0fda2dd5c920c9dc9695979b30
1a09be25311b51cb6b5f16af30805a364d3e9519
fa9f97a6abd59dd928b34ddd5a9be5e32fc05e7410fbacc092ddd05cc19b8711
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=113966
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 12:51:58 GMT
Etag: "6390f81c-118"
Expires: Fri, 09 Dec 2022 20:31:24 GMT
Last-Modified: Wed, 07 Dec 2022 20:31:24 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/posten.css
122.201.127.227200 OK 29 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/posten.css
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
Hash b177198a238ae06d75d694a976a566f3
64cb98933300eb67ee0ce0fc8df47be51d11a993
e8a3402316b0b8ab1c49c5ca4944fac1aa8b830fca836d5689d1ef31a4885852
GET /skatteetaten/skatteetaten/manage/Postenid_files/posten.css HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 12:51:58 GMT
content-type: text/css
last-modified: Sun, 07 Nov 2021 12:46:32 GMT
vary: Accept-Encoding
etag: W/"6187caa8-349ec"
expires: Sat, 07 Jan 2023 12:51:58 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts.css
122.201.127.227200 OK 732 B URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts.css
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
Hash 116dd284e9861b239adc24b79ab294e0
3b015702b978b21d6545ac7c431b2b1c5d1edc6c
743aa6002138107ca0b03c3acaeb39268f4e4fc05fa349ebd11dc6a434c6065f
GET /skatteetaten/skatteetaten/manage/Postenid_files/fonts.css HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 12:51:58 GMT
content-type: text/css
last-modified: Wed, 18 Aug 2021 23:35:58 GMT
vary: Accept-Encoding
etag: W/"611d995e-855"
expires: Sat, 07 Jan 2023 12:51:58 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts/PostenSans-Bold.woff2
122.201.127.227503 Service Unavailable 190 B URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts/PostenSans-Bold.woff2
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage/Postenid_files/fonts/PostenSans-Bold.woff2 HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 503 Service Unavailable
server: nginx
date: Thu, 08 Dec 2022 12:51:58 GMT
content-type: text/html
content-length: 190
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts/PostenSans-Bold.woff
122.201.127.227503 Service Unavailable 190 B URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts/PostenSans-Bold.woff
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage/Postenid_files/fonts/PostenSans-Bold.woff HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 503 Service Unavailable
server: nginx
date: Thu, 08 Dec 2022 12:51:59 GMT
content-type: text/html
content-length: 190
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/linkid.js.t%C3%A9l%C3%A9chargement
122.201.127.227404 Not Found 12 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/linkid.js.t%C3%A9l%C3%A9chargement
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17727)
Hash 210fe8766e2debeac782e1dbdf6e4a77
fe99504a14c7024cbc239dcdc8d83426948e3161
a3e65d95fae2b3ec18ad43f78700ee2ae67208402d0f7ea00f4f60ef2c6a3c8a
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage/Postenid_files/linkid.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Dec 2022 12:51:59 GMT
content-type: text/html; charset=UTF-8
content-length: 11622
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e8xds1kk.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/siteanalyze_6015663.js.t%C3%A9l%C3%A9chargement
122.201.127.227404 Not Found 12 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/siteanalyze_6015663.js.t%C3%A9l%C3%A9chargement
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17727)
Hash 210fe8766e2debeac782e1dbdf6e4a77
fe99504a14c7024cbc239dcdc8d83426948e3161
a3e65d95fae2b3ec18ad43f78700ee2ae67208402d0f7ea00f4f60ef2c6a3c8a
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage/Postenid_files/siteanalyze_6015663.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Dec 2022 12:51:59 GMT
content-type: text/html; charset=UTF-8
content-length: 11622
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e8xds1kk.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/analytics.js.t%C3%A9l%C3%A9chargement
122.201.127.227404 Not Found 12 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/analytics.js.t%C3%A9l%C3%A9chargement
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17727)
Hash 210fe8766e2debeac782e1dbdf6e4a77
fe99504a14c7024cbc239dcdc8d83426948e3161
a3e65d95fae2b3ec18ad43f78700ee2ae67208402d0f7ea00f4f60ef2c6a3c8a
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage/Postenid_files/analytics.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Dec 2022 12:51:59 GMT
content-type: text/html; charset=UTF-8
content-length: 11622
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e8xds1kk.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/main.46ce0189.chunk.js.t%C3%A9l%C3%A9chargement
122.201.127.227404 Not Found 12 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/main.46ce0189.chunk.js.t%C3%A9l%C3%A9chargement
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17727)
Hash 210fe8766e2debeac782e1dbdf6e4a77
fe99504a14c7024cbc239dcdc8d83426948e3161
a3e65d95fae2b3ec18ad43f78700ee2ae67208402d0f7ea00f4f60ef2c6a3c8a
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage/Postenid_files/main.46ce0189.chunk.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Dec 2022 12:51:59 GMT
content-type: text/html; charset=UTF-8
content-length: 11622
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e8xds1kk.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/main.ab622f28.chunk.css
122.201.127.227404 Not Found 12 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/main.ab622f28.chunk.css
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17727)
Hash 210fe8766e2debeac782e1dbdf6e4a77
fe99504a14c7024cbc239dcdc8d83426948e3161
a3e65d95fae2b3ec18ad43f78700ee2ae67208402d0f7ea00f4f60ef2c6a3c8a
GET /skatteetaten/skatteetaten/manage/Postenid_files/main.ab622f28.chunk.css HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Dec 2022 12:51:59 GMT
content-type: text/html; charset=UTF-8
content-length: 11622
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e8xds1kk.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/gtm.js.t%C3%A9l%C3%A9chargement
122.201.127.227404 Not Found 12 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/gtm.js.t%C3%A9l%C3%A9chargement
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17727)
Hash 210fe8766e2debeac782e1dbdf6e4a77
fe99504a14c7024cbc239dcdc8d83426948e3161
a3e65d95fae2b3ec18ad43f78700ee2ae67208402d0f7ea00f4f60ef2c6a3c8a
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage/Postenid_files/gtm.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Dec 2022 12:51:59 GMT
content-type: text/html; charset=UTF-8
content-length: 11622
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e8xds1kk.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/runtime-main.4ac6edaa.js.t%C3%A9l%C3%A9chargement
122.201.127.227404 Not Found 12 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/runtime-main.4ac6edaa.js.t%C3%A9l%C3%A9chargement
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17727)
Hash 210fe8766e2debeac782e1dbdf6e4a77
fe99504a14c7024cbc239dcdc8d83426948e3161
a3e65d95fae2b3ec18ad43f78700ee2ae67208402d0f7ea00f4f60ef2c6a3c8a
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage/Postenid_files/runtime-main.4ac6edaa.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Dec 2022 12:51:59 GMT
content-type: text/html; charset=UTF-8
content-length: 11622
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e8xds1kk.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/2.59df707e.chunk.js.t%C3%A9l%C3%A9chargement
122.201.127.227404 Not Found 12 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/2.59df707e.chunk.js.t%C3%A9l%C3%A9chargement
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17727)
Hash 210fe8766e2debeac782e1dbdf6e4a77
fe99504a14c7024cbc239dcdc8d83426948e3161
a3e65d95fae2b3ec18ad43f78700ee2ae67208402d0f7ea00f4f60ef2c6a3c8a
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage/Postenid_files/2.59df707e.chunk.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Dec 2022 12:51:59 GMT
content-type: text/html; charset=UTF-8
content-length: 11622
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e8xds1kk.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/bundle.js.t%C3%A9l%C3%A9chargement
122.201.127.227404 Not Found 12 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/bundle.js.t%C3%A9l%C3%A9chargement
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17727)
Hash 210fe8766e2debeac782e1dbdf6e4a77
fe99504a14c7024cbc239dcdc8d83426948e3161
a3e65d95fae2b3ec18ad43f78700ee2ae67208402d0f7ea00f4f60ef2c6a3c8a
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage/Postenid_files/bundle.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Dec 2022 12:52:00 GMT
content-type: text/html; charset=UTF-8
content-length: 11622
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e8xds1kk.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/main.js.t%C3%A9l%C3%A9chargement
122.201.127.227404 Not Found 12 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/main.js.t%C3%A9l%C3%A9chargement
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17727)
Hash 210fe8766e2debeac782e1dbdf6e4a77
fe99504a14c7024cbc239dcdc8d83426948e3161
a3e65d95fae2b3ec18ad43f78700ee2ae67208402d0f7ea00f4f60ef2c6a3c8a
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage/Postenid_files/main.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Dec 2022 12:52:00 GMT
content-type: text/html; charset=UTF-8
content-length: 11622
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e8xds1kk.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/icons.min.js.t%C3%A9l%C3%A9chargement
122.201.127.227404 Not Found 12 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/icons.min.js.t%C3%A9l%C3%A9chargement
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17727)
Hash 210fe8766e2debeac782e1dbdf6e4a77
fe99504a14c7024cbc239dcdc8d83426948e3161
a3e65d95fae2b3ec18ad43f78700ee2ae67208402d0f7ea00f4f60ef2c6a3c8a
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage/Postenid_files/icons.min.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Dec 2022 12:52:00 GMT
content-type: text/html; charset=UTF-8
content-length: 11622
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e8xds1kk.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts/PostenSans-Bold.ttf
122.201.127.227404 Not Found 12 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts/PostenSans-Bold.ttf
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17727)
Hash 210fe8766e2debeac782e1dbdf6e4a77
fe99504a14c7024cbc239dcdc8d83426948e3161
a3e65d95fae2b3ec18ad43f78700ee2ae67208402d0f7ea00f4f60ef2c6a3c8a
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage/Postenid_files/fonts/PostenSans-Bold.ttf HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Dec 2022 12:52:00 GMT
content-type: text/html; charset=UTF-8
content-length: 11622
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e8xds1kk.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/runtime-main.4ac6edaa.js.t%C3%A9l%C3%A9chargement
122.201.127.227404 Not Found 12 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/runtime-main.4ac6edaa.js.t%C3%A9l%C3%A9chargement
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17727)
Hash 210fe8766e2debeac782e1dbdf6e4a77
fe99504a14c7024cbc239dcdc8d83426948e3161
a3e65d95fae2b3ec18ad43f78700ee2ae67208402d0f7ea00f4f60ef2c6a3c8a
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage/Postenid_files/runtime-main.4ac6edaa.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Dec 2022 12:52:01 GMT
content-type: text/html; charset=UTF-8
content-length: 11622
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e8xds1kk.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts/PostenSans-Medium.woff
122.201.127.227404 Not Found 47 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts/PostenSans-Medium.woff
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
Hash 103898291ecf7d470a3ed301ad0b19b1
69b907f67192c6be36ce65158b6d1a680a56bf2f
5d0cbf0e5e5d320d0913fedeb3ccd46415c19dc633fa4de76848bde7119bf951
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage/Postenid_files/fonts/PostenSans-Medium.woff HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Dec 2022 12:52:00 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e8xds1kk.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding, Accept-Encoding
X-Firefox-Spdy: h2
siteimproveanalytics.com/js/siteanalyze_6015663.js
172.64.172.12200 OK 13 kB URL HTTP/2 siteimproveanalytics.com/js/siteanalyze_6015663.js
IP 172.64.172.12:0
File type Unicode text, UTF-8 text, with very long lines (46126), with no line terminators
Hash 8d34b09483a348aee12efa3ac53237d1
7da6ecc2b915b04cffaa8cce4729f045b14928fa
3eaff7010e8f409a2c3eb1bb86608c66191110f22d6d9ae427fbae37c028db07
GET /js/siteanalyze_6015663.js HTTP/1.1
Host: siteimproveanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 12:52:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 13074
x-amz-id-2: iUhaRYdYIiUDVuFclvHEtUBlH1EGODRPiGfkbUQXo8uCTfPOx7HAVz6/NNKmPlxsQ+BBhuLno54=
x-amz-request-id: NM0H7KN263C8VJEC
cache-control: max-age=86400, no-transform
content-encoding: gzip
last-modified: Fri, 11 Nov 2022 10:21:56 GMT
etag: "8d34b09483a348aee12efa3ac53237d1"
cf-cache-status: HIT
age: 5211
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6tAxqbAqN1UmPmdXvOsrtcuI%2FUum22PKhP65SjpdhRFJuPbycIIBEEz7nJDf5De6xwQXBZmPc%2F%2BuhkQO4FTCcX7zHpNMP9ZtZrd14%2FxaWR5Nq9Q5nqGuEzuaiXJBF8ZI%2FWDKpPlcQpHZko%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7765a2c469b67566-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 2bdce0ebae06314ccde958379ef9eb63
53705df0f35709871be609a110307b5cfc7c3ee7
d99cdd7689b58b710c19e1f14646fab55baced6ff5e12cf4376509480f428486
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5444
Cache-Control: max-age=137380
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 12:52:01 GMT
Etag: "63913e51-116"
Expires: Sat, 10 Dec 2022 03:01:41 GMT
Last-Modified: Thu, 08 Dec 2022 01:30:57 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/main.ab622f28.chunk.css
122.201.127.227404 Not Found 12 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/main.ab622f28.chunk.css
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17727)
Hash 210fe8766e2debeac782e1dbdf6e4a77
fe99504a14c7024cbc239dcdc8d83426948e3161
a3e65d95fae2b3ec18ad43f78700ee2ae67208402d0f7ea00f4f60ef2c6a3c8a
GET /skatteetaten/skatteetaten/manage/Postenid_files/main.ab622f28.chunk.css HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Dec 2022 12:52:01 GMT
content-type: text/html; charset=UTF-8
content-length: 11622
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e8xds1kk.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts/PostenSans-Regular.ttf
122.201.127.227404 Not Found 12 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts/PostenSans-Regular.ttf
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17727)
Hash 210fe8766e2debeac782e1dbdf6e4a77
fe99504a14c7024cbc239dcdc8d83426948e3161
a3e65d95fae2b3ec18ad43f78700ee2ae67208402d0f7ea00f4f60ef2c6a3c8a
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage/Postenid_files/fonts/PostenSans-Regular.ttf HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Dec 2022 12:52:01 GMT
content-type: text/html; charset=UTF-8
content-length: 11622
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e8xds1kk.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts/PostenSans-Medium.ttf
122.201.127.227404 Not Found 12 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts/PostenSans-Medium.ttf
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17727)
Hash 210fe8766e2debeac782e1dbdf6e4a77
fe99504a14c7024cbc239dcdc8d83426948e3161
a3e65d95fae2b3ec18ad43f78700ee2ae67208402d0f7ea00f4f60ef2c6a3c8a
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage/Postenid_files/fonts/PostenSans-Medium.ttf HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Dec 2022 12:52:01 GMT
content-type: text/html; charset=UTF-8
content-length: 11622
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e8xds1kk.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/icons.min.js.t%C3%A9l%C3%A9chargement
122.201.127.227404 Not Found 12 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/icons.min.js.t%C3%A9l%C3%A9chargement
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17727)
Hash 210fe8766e2debeac782e1dbdf6e4a77
fe99504a14c7024cbc239dcdc8d83426948e3161
a3e65d95fae2b3ec18ad43f78700ee2ae67208402d0f7ea00f4f60ef2c6a3c8a
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage/Postenid_files/icons.min.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Dec 2022 12:52:01 GMT
content-type: text/html; charset=UTF-8
content-length: 11622
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e8xds1kk.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 12:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-T89LQD
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-T89LQD
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (3520)
Hash 4d8f12745cae8263f77b5267045963f8
89b2cdac526ca4aea3745aff932da01de1612077
a4aa12afc55ccceb422bbaaeff4babc828e3cf702c277a75c1f61d25ba6e0923
GET /gtm.js?id=GTM-T89LQD HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Dec 2022 12:52:01 GMT
expires: Thu, 08 Dec 2022 12:52:01 GMT
cache-control: private, max-age=900
last-modified: Thu, 08 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44084
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 12:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash ec11877317da7e1a13c8d5ce44a0bc3c
c1024c5f89e971d277105240820e55cb9c11d822
570d7a75186728cdc400c75c75f4a1e28aafe01c8223c161d0192b0dacb379f3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=127594
Date: Thu, 08 Dec 2022 12:52:02 GMT
Etag: "6391183b-1d7"
Expires: Sat, 10 Dec 2022 00:18:36 GMT
Last-Modified: Wed, 07 Dec 2022 22:48:27 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fbmU7PWt8CtkOWUB35nEf7WPf451GFQsA_iKRRa9lOFUG8b2QEoflQ==
Age: 5409
6015663.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fe8xds1kk.dreamwp.com%2Fskatteetaten%2Fskatteetaten%2Fmanage%2F&title=Skatteetaten&res=1280x1024&accountid=6015663&rt=6087&prev=75c3454c-1a7e-0ed0-0997-5a92308bedc7&luid=78d31b8e-c258-9592-8e82-75587b2c5edd&rnd=99558
18.185.197.230200 OK 34 B URL HTTP/2 6015663.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fe8xds1kk.dreamwp.com%2Fskatteetaten%2Fskatteetaten%2Fmanage%2F&title=Skatteetaten&res=1280x1024&accountid=6015663&rt=6087&prev=75c3454c-1a7e-0ed0-0997-5a92308bedc7&luid=78d31b8e-c258-9592-8e82-75587b2c5edd&rnd=99558
IP 18.185.197.230:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash a82ba3a9d42148e9cf209df13d8c3f3d
dba80835d31175bdcf0bcad1abafefb06d86e304
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
GET /image.aspx?url=https%3A%2F%2Fe8xds1kk.dreamwp.com%2Fskatteetaten%2Fskatteetaten%2Fmanage%2F&title=Skatteetaten&res=1280x1024&accountid=6015663&rt=6087&prev=75c3454c-1a7e-0ed0-0997-5a92308bedc7&luid=78d31b8e-c258-9592-8e82-75587b2c5edd&rnd=99558 HTTP/1.1
Host: 6015663.global.siteimproveanalytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 12:52:02 GMT
content-type: image/gif
content-length: 34
set-cookie: AWSALB=wp7dDD1Y6PTVszidDqcsDi0DmZY8Yonj6XnPJUJGLTl+z1cdgsv9MQ1bl9A0ljNcP+LOGBHnoIjn/gRwxp1L/qGP4EbbhKF9pkzTjwDxWJGp/tom5jQKWjdM0rgK; Expires=Thu, 15 Dec 2022 12:52:02 GMT; Path=/
AWSALBCORS=wp7dDD1Y6PTVszidDqcsDi0DmZY8Yonj6XnPJUJGLTl+z1cdgsv9MQ1bl9A0ljNcP+LOGBHnoIjn/gRwxp1L/qGP4EbbhKF9pkzTjwDxWJGp/tom5jQKWjdM0rgK; Expires=Thu, 15 Dec 2022 12:52:02 GMT; Path=/; SameSite=None; Secure
cache-control: max-age=0
expires: Thu, 08 Dec 2022 12:52:02 UTC
X-Firefox-Spdy: h2
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/main.js.t%C3%A9l%C3%A9chargement
122.201.127.227404 Not Found 12 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/main.js.t%C3%A9l%C3%A9chargement
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17727)
Hash 210fe8766e2debeac782e1dbdf6e4a77
fe99504a14c7024cbc239dcdc8d83426948e3161
a3e65d95fae2b3ec18ad43f78700ee2ae67208402d0f7ea00f4f60ef2c6a3c8a
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage/Postenid_files/main.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Dec 2022 12:52:01 GMT
content-type: text/html; charset=UTF-8
content-length: 11622
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e8xds1kk.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash da956e057260390fdb0f031611642013
9a6e98aab555fffbb13725ed243d0710de42946f
bde9720713f98ab261e1c89c5981a26ae8120ba67a48d7e0c7214ebeca9529c8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5966
Cache-Control: max-age=137209
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 12:52:02 GMT
Etag: "63913b9d-1d7"
Expires: Sat, 10 Dec 2022 02:58:51 GMT
Last-Modified: Thu, 08 Dec 2022 01:19:25 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 27f791c2e9920e11ec6f6b6ad8ed07c2
88ede5f180782bde1276527fd401e0a22de6ecef
6009ea0b46b4bab72971149ac0cefba786489c922bc6d581fed4d2aa850191ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6521
Cache-Control: max-age=119738
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 12:52:02 GMT
Etag: "6390f533-1d7"
Expires: Fri, 09 Dec 2022 22:07:40 GMT
Last-Modified: Wed, 07 Dec 2022 20:18:59 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/bundle.js.t%C3%A9l%C3%A9chargement
122.201.127.227404 Not Found 12 kB URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/bundle.js.t%C3%A9l%C3%A9chargement
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17727)
Hash 210fe8766e2debeac782e1dbdf6e4a77
fe99504a14c7024cbc239dcdc8d83426948e3161
a3e65d95fae2b3ec18ad43f78700ee2ae67208402d0f7ea00f4f60ef2c6a3c8a
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage/Postenid_files/bundle.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Dec 2022 12:52:02 GMT
content-type: text/html; charset=UTF-8
content-length: 11622
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e8xds1kk.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.skatteetaten.no//static/img/skatteetatenlogo/fav-icon/64x64/png/favicon64x64.png
104.17.160.47200 OK 794 B URL HTTP/2 www.skatteetaten.no//static/img/skatteetatenlogo/fav-icon/64x64/png/favicon64x64.png
IP 104.17.160.47:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash e77d9fc51cd999c6c5f07395756eda52
77ba499cee9218119a1d64372b0548fb47ebf657
5acf8bcb2536e60fa196f41dcf292964d142898ecc33e231317d04668458075c
GET //static/img/skatteetatenlogo/fav-icon/64x64/png/favicon64x64.png HTTP/1.1
Host: www.skatteetaten.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 12:52:02 GMT
content-type: image/png
content-length: 794
access-control-allow-origin: https://skatteetaten.psplugin.com
access-control-expose-headers: Request-Context
cache-control: public,max-age=2592000
etag: "0c1f6d6a0afd31:0"
last-modified: Tue, 27 Feb 2018 07:59:06 GMT
strict-transport-security: max-age=31536000; preload
request-context: appId=cid-v1:a5c522df-3967-46be-a865-b6ba3972561f
x-robots-tag: all
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ *.hereapi.com *.api.here.com *.adobe.com *.boost.ai *.episerver.net *.sits.no https://*.vergic.com https://*.psplugin.com blob: https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://region1.google-analytics.com https://ajax.cloudflare.com https://chat.puzzel.com https://siteimproveanalytics.com 'unsafe-inline' 'unsafe-eval'; media-src https://chat.puzzel.com 'self'; style-src 'self' *.api.here.com https://tagmanager.google.com https://dl.episerver.net https://chat.puzzel.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.vergic.com https://*.psplugin.com 'unsafe-inline'; connect-src 'self' blob: *.hereapi.com *.api.here.com *.skatteetaten.no *.sits.no https://*.boost.ai https://chat.puzzel.com https://www.google-analytics.com https://region1.google-analytics.com https://*.psplugin.com https://*.vergic.com wss://*.psplugin.com wss://*.vergic.com wss:;form-action 'self';font-src https://*.psplugin.com *.api.here.com https://fonts.googleapis.com https://fonts.gstatic.com https://chat.puzzel.com 'self'; img-src 'self' blob: data: www.google-analytics.com *.adobe.com *.api.here.com *.gstatic.com https://www.googletagmanager.com https://mts.googleapis.com https://dl.episerver.net *.global.siteimproveanalytics.io *.sits.no https://*.psplugin.com https://*.vergic.com data:; object-src 'self'; frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https: kompensasjonsordning.no *.kompensasjonsordning.no
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7765a2ca5974b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash da956e057260390fdb0f031611642013
9a6e98aab555fffbb13725ed243d0710de42946f
bde9720713f98ab261e1c89c5981a26ae8120ba67a48d7e0c7214ebeca9529c8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5966
Cache-Control: max-age=137209
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 12:52:02 GMT
Etag: "63913b9d-1d7"
Expires: Sat, 10 Dec 2022 02:58:51 GMT
Last-Modified: Thu, 08 Dec 2022 01:19:25 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 27f791c2e9920e11ec6f6b6ad8ed07c2
88ede5f180782bde1276527fd401e0a22de6ecef
6009ea0b46b4bab72971149ac0cefba786489c922bc6d581fed4d2aa850191ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6521
Cache-Control: max-age=119738
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 12:52:02 GMT
Etag: "6390f533-1d7"
Expires: Fri, 09 Dec 2022 22:07:40 GMT
Last-Modified: Wed, 07 Dec 2022 20:18:59 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts/PostenSans-Regular.woff
122.201.127.227404 Not Found 0 B URL HTTP/2 e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts/PostenSans-Regular.woff
IP 122.201.127.227:0
ASN #38719 Dreamscape Networks Limited
Analyzer Verdict Alert fortinet Phishing
GET /skatteetaten/skatteetaten/manage/Postenid_files/fonts/PostenSans-Regular.woff HTTP/1.1
Host: e8xds1kk.dreamwp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://e8xds1kk.dreamwp.com/skatteetaten/skatteetaten/manage/Postenid_files/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Dec 2022 12:52:00 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://e8xds1kk.dreamwp.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding, Accept-Encoding
X-Firefox-Spdy: h2