| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/src/bidm.css |  141.193.213.11 | 200 OK | 43 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/src/bidm.css IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/personal.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeASCII text, with very long lines (1222), with CRLF line terminators Hash15ad390e981075722abd9aed7225e85f 1a6eae25e0a2d52cb6b8bf7fa97367bd985a58f7 31412635ed02fd2c9a9ac4c4d9093c0601a687cfe305aba0dea75c1943d7dd72
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/src/bidm.css HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:16:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: W/"6480b906-a782"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 32
server: cloudflare
cf-ray: 91ff95b16bc2ebde-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/src/3625.css | 141.193.213.11 | 200 OK | 3.9 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/src/3625.css IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/personal.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeASCII text, with very long lines (4169), with no line terminators Hash06ad0e0892b887104c917b42e4d452a4 39397783c3659aacf0fca7684b87f15e6859b74c 63cbd11b153b23dba6b861a500cbf8c58d8cbb249fe56a2c77a0f1bcd3cd6059
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/src/3625.css HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:16:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: W/"6480b906-f64"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 32
server: cloudflare
cf-ray: 91ff95b16bc4ebde-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/logo2.svg | 141.193.213.11 | 200 OK | 2.0 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/logo2.svg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/personal.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeSVG Scalable Vector Graphics image Hashba545aa856a3b25e02d8d43adf58f93e 9aaf5f6690fc0eb966f976b869bd1b2a52d29b74 73d0449291840c0e4f6c44a2a1a6f5bcf373db1be85b192febf2242ca2ce5e23
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/logo2.svg HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:16:51 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: W/"6480b906-7b6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 24944
server: cloudflare
cf-ray: 91ff95b17bd3ebde-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/logo1.png | 141.193.213.11 | 200 OK | 6.2 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/logo1.png IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/personal.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeRIFF (little-endian) data, Web/P image Hash4ddc08dc4c1b8ffe9678ff61b9ca4a3e 800e45ce0663094f71eca95a464724deac2ebaff ccffb14d5cdafc55443b9e8e7ca4c27b587fc7bf98eee16c2ab442d4d3727bf0
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/logo1.png HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:16:51 GMT
content-type: image/webp
content-length: 6210
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=11908
content-disposition: inline; filename="logo1.webp"
etag: "6480b906-2e84"
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
vary: Accept
cf-cache-status: HIT
age: 32
accept-ranges: bytes
server: cloudflare
cf-ray: 91ff95b17bd5ebde-ARN
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/logo2.svg | 141.193.213.11 | 200 OK | 2.0 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/logo2.svg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/personal.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeSVG Scalable Vector Graphics image Hashba545aa856a3b25e02d8d43adf58f93e 9aaf5f6690fc0eb966f976b869bd1b2a52d29b74 73d0449291840c0e4f6c44a2a1a6f5bcf373db1be85b192febf2242ca2ce5e23
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/logo2.svg HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:16:51 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: W/"6480b906-7b6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 24944
server: cloudflare
cf-ray: 91ff95b20cddebde-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/personal.html | 141.193.213.11 | 200 OK | 22 kB |
URL User Request GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/personal.html IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typePHP script, ASCII text, with very long lines (12394), with CRLF line terminators Hashed27906904f26138e786a9286c8f5af5 df97146f7ddf3a46b85de679782df194490572cc 8cc4d0a726244f610f630f04130c7a2bc1678421e3e250a5339755d0f6f300f5
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID | | OpenPhish | phishing | BankID |
GET /on/vipps/personal.html HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:16:51 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 4
x-cache-group: normal
x-orig-cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91ff95ad1c2eebde-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/src/common_auth.css | 141.193.213.11 | 200 OK | 8.9 kB |
URL GET fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/src/common_auth.css IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/personal.html CertificateIssuerLet's Encrypt Subjectwpenginepowered.com Fingerprint49:E1:15:80:DC:C5:37:63:13:3F:4C:0F:7B:1A:1E:D5:92:31:D2:F3 ValidityTue, 14 Jan 2025 12:49:31 GMT - Mon, 14 Apr 2025 12:49:30 GMT
File typeASCII text, with very long lines (9825), with no line terminators Hash95d0b3be971d3df480e949a9d022296d 246262ea57cc8302f2653dd5ef2901d7706e02d6 a62565a3ada3de21876ec42e8f4c348e33625340158a5aadf759309b44dd4edd
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - BankID |
GET /on/vipps/src/common_auth.css HTTP/1.1
Host: fkjhdsfgkjfssf.wpenginepowered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fkjhdsfgkjfssf.wpenginepowered.com/on/vipps/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Mar 2025 00:16:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 07 Jun 2023 17:06:14 GMT
etag: W/"6480b906-22d0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 32
server: cloudflare
cf-ray: 91ff95b16bbfebde-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|