104-237-146-236.cprapid.com Open in urlscan Pro
104.237.146.236 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://coverdesigns.nl/noba.html?2468
Effective URL:
https://104-237-146-236.cprapid.com/norvegian/
Submission: On June 17 via manual (June 17th 2023, 9:51:30 pm UTC) from NO — Scanned from NL

Summary HTTP 25 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 25 HTTP transactions. The main IP is 104.237.146.236, located in Cedar Knolls, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is 104-237-146-236.cprapid.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on June 16th 2023. Valid for: 3 months.

This is the only time 104-237-146-236.cprapid.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

	IP Address	AS Autonomous System
1	185.104.29.58 185.104.29.58	206281 (AS-ZXCS) (AS-ZXCS)
13	104.237.146.236 104.237.146.236	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2	2606:4700:10:... 2606:4700:10::6816:4bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:21:... 2606:4700:21::8d65:780a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.151.83 172.64.151.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
1	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
25	8

1 185.104.29.58 (Netherlands)

ASN206281 (AS-ZXCS, NL)
PTR: web0106.zxcs.nl

coverdesigns.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.237.146.236 (Cedar Knolls, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 104-237-146-236.ip.linodeusercontent.com

104-237-146-236.cprapid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.83 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 67.202.105.31 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.34 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	cprapid.com 104-237-146-236.cprapid.com	165 KB
7	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 14429 ic.tynt.com — Cisco Umbrella Rank: 8732 de.tynt.com — Cisco Umbrella Rank: 1841	8 KB
2	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 13998	2 KB
2	amung.us widgets.amung.us — Cisco Umbrella Rank: 20985 whos.amung.us — Cisco Umbrella Rank: 13356	4 KB
1	coverdesigns.nl coverdesigns.nl	361 B
25	5

	Domain	Requested by
13	104-237-146-236.cprapid.com	coverdesigns.nl 104-237-146-236.cprapid.com
5	ic.tynt.com	104-237-146-236.cprapid.com
2	t.dtscout.com	widgets.amung.us t.dtscout.com
1	de.tynt.com	cdn.tynt.com
1	cdn.tynt.com	widgets.amung.us
1	whos.amung.us	widgets.amung.us
1	widgets.amung.us	104-237-146-236.cprapid.com
1	coverdesigns.nl
25	8

This site contains links to these domains. Also see Links.

Domain
www.banknorwegian.no
play.google.com
itunes.apple.com
identity.banknorwegian.no

Subject Issuer	Validity	Valid
coverdesigns.nl R3	`2023-05-06` - `2023-08-04`	3 months	crt.sh
104-237-146-236.cprapid.com ZeroSSL RSA Domain Secure Site CA	`2023-06-16` - `2023-09-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-11` - `2024-06-09`	a year	crt.sh
dtscout.com GTS CA 1P5	`2023-05-27` - `2023-08-25`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://104-237-146-236.cprapid.com/norvegian/
Frame ID: E3A237751D539C386BA884E851988B29
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BankNorvegian

Page URL History Show full URLs

https://coverdesigns.nl/noba.html?2468 Page URL
https://104-237-146-236.cprapid.com/norvegian/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

29 %
IPv6

5
Domains

8
Subdomains

8
IPs

2
Countries

179 kB
Transfer

191 kB
Size

4
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.banknorwegian.no/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.banknorwegian

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/no/app/bank-norwegian/id1194438643?mt=8

Search URL Search Domain Scan URL

URL: https://identity.banknorwegian.no/MyPage/BankID?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dmypageno%26redirect_uri%3Dhttps%253A%252F%252Fwww.banknorwegian.no%252Fsignin-oidc-no%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520offline_access%2520bn_token%26state%3DOpenIdConnect.AuthenticationProperties%253DgDAsXXVYDltmkCmfQG4MYeflV8oTH4H57n4jPGgRwloMh-MlBvMG39Tg5e0PUxDgZoNilhd6C3R8jpXkV8MYAtATjrBHYtM6pXVcTTFfhCGp46UUqPBfR6AyNIV1v-4UOhtWGBvlXOO4y7iFIwIdHBtuMgLOGDop3GUKvQpRjjDRQp30msJ8bGmTuC_Pnzc2aEQi-w%26response_mode%3Dform_post%26nonce%3D638211521729557385.ZTUyMTg4ZWYtNzEyMy00YzZhLWE3ZDQtNTNjOGJkOGFhYmZmNDE2YTQ3NzItMjI0NC00NmZhLTk5MTktNzk5MDM5YmY4MTNk%26acr_values%3Didp%253Abn%26dm%3D0%26sid%3D4fc61acd-523d-4da1-99be-2c70a131a6d8%26region%3Dnb-NO
Title: BankID

Search URL Search Domain Scan URL

URL: https://identity.banknorwegian.no/MyPage/BankIDMobil?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dmypageno%26redirect_uri%3Dhttps%253A%252F%252Fwww.banknorwegian.no%252Fsignin-oidc-no%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520offline_access%2520bn_token%26state%3DOpenIdConnect.AuthenticationProperties%253DgDAsXXVYDltmkCmfQG4MYeflV8oTH4H57n4jPGgRwloMh-MlBvMG39Tg5e0PUxDgZoNilhd6C3R8jpXkV8MYAtATjrBHYtM6pXVcTTFfhCGp46UUqPBfR6AyNIV1v-4UOhtWGBvlXOO4y7iFIwIdHBtuMgLOGDop3GUKvQpRjjDRQp30msJ8bGmTuC_Pnzc2aEQi-w%26response_mode%3Dform_post%26nonce%3D638211521729557385.ZTUyMTg4ZWYtNzEyMy00YzZhLWE3ZDQtNTNjOGJkOGFhYmZmNDE2YTQ3NzItMjI0NC00NmZhLTk5MTktNzk5MDM5YmY4MTNk%26acr_values%3Didp%253Abn%26dm%3D0%26sid%3D4fc61acd-523d-4da1-99be-2c70a131a6d8%26region%3Dnb-NO
Title: BankID på mobil

Search URL Search Domain Scan URL

URL: https://identity.banknorwegian.no/MyPage/SMS?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dmypageno%26redirect_uri%3Dhttps%253A%252F%252Fwww.banknorwegian.no%252Fsignin-oidc-no%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520offline_access%2520bn_token%26state%3DOpenIdConnect.AuthenticationProperties%253DgDAsXXVYDltmkCmfQG4MYeflV8oTH4H57n4jPGgRwloMh-MlBvMG39Tg5e0PUxDgZoNilhd6C3R8jpXkV8MYAtATjrBHYtM6pXVcTTFfhCGp46UUqPBfR6AyNIV1v-4UOhtWGBvlXOO4y7iFIwIdHBtuMgLOGDop3GUKvQpRjjDRQp30msJ8bGmTuC_Pnzc2aEQi-w%26response_mode%3Dform_post%26nonce%3D638211521729557385.ZTUyMTg4ZWYtNzEyMy00YzZhLWE3ZDQtNTNjOGJkOGFhYmZmNDE2YTQ3NzItMjI0NC00NmZhLTk5MTktNzk5MDM5YmY4MTNk%26acr_values%3Didp%253Abn%26dm%3D0%26sid%3D4fc61acd-523d-4da1-99be-2c70a131a6d8%26region%3Dnb-NO
Title: SMS

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://coverdesigns.nl/noba.html?2468 Page URL
https://104-237-146-236.cprapid.com/norvegian/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	noba.html coverdesigns.nl/	210 B 361 B	437ms 30ms	Document text/html	185.104.29.58 AS-ZXCS
General Check archive.org Show headers Download Go to Full URL https://coverdesigns.nl/noba.html?2468 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.104.29.58 , Netherlands, ASN206281 (AS-ZXCS, NL), Reverse DNS web0106.zxcs.nl Software Apache/2 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 187 content-type text/html date Sat, 17 Jun 2023 21:51:24 GMT etag "d2-5fe58618c5f39-gzip" last-modified Sat, 17 Jun 2023 19:33:50 GMT server Apache/2 vary Accept-Encoding,User-Agent
GET H/1.1	200 OK	Primary Request / Show response 104-237-146-236.cprapid.com/norvegian/	22 KB 22 KB	666ms 143ms	Document text/html	104.237.146.236 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://104-237-146-236.cprapid.com/norvegian/ Requested by Host: coverdesigns.nl URL: https://coverdesigns.nl/noba.html?2468 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.237.146.236 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 104-237-146-236.ip.linodeusercontent.com Software Apache / Resource Hash `3daee467cde72131e93820b6bad1f44ac52924b5cf8dea17e7bd7a242d7bcab9` Request headers Referer https://coverdesigns.nl/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Sat, 17 Jun 2023 21:51:25 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache Transfer-Encoding chunked
GET H/1.1	200 OK	reboot-idsvr.min.css 104-237-146-236.cprapid.com/norvegian/all/	36 KB 36 KB	181ms 92ms	Stylesheet text/css	104.237.146.236 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://104-237-146-236.cprapid.com/norvegian/all/reboot-idsvr.min.css Requested by Host: 104-237-146-236.cprapid.com URL: https://104-237-146-236.cprapid.com/norvegian/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.237.146.236 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 104-237-146-236.ip.linodeusercontent.com Software Apache / Resource Hash `086c29fe7599556d5c1c8fbbfc84e82bccb5e040f4b56a1c7eab45fa61831e4e` Request headers accept-language nl-NL,nl;q=0.9 Referer https://104-237-146-236.cprapid.com/norvegian/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 17 Jun 2023 21:51:25 GMT Last-Modified Wed, 31 May 2023 17:49:55 GMT Server Apache Content-Type text/css Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 36861 Expires 0
GET H/1.1	200 OK	style.css 104-237-146-236.cprapid.com/norvegian/all/	971 B 1 KB	280ms 91ms	Stylesheet text/css	104.237.146.236 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://104-237-146-236.cprapid.com/norvegian/all/style.css Requested by Host: 104-237-146-236.cprapid.com URL: https://104-237-146-236.cprapid.com/norvegian/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.237.146.236 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 104-237-146-236.ip.linodeusercontent.com Software Apache / Resource Hash `f51e2e21c5abccbf5ae5f8087e67ba2b396bfb32902394ca8b25ff6627ecb4fd` Request headers accept-language nl-NL,nl;q=0.9 Referer https://104-237-146-236.cprapid.com/norvegian/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 17 Jun 2023 21:51:25 GMT Last-Modified Wed, 31 May 2023 17:49:55 GMT Server Apache Content-Type text/css Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 971 Expires 0
GET H/1.1	200 OK	playstore.svg 104-237-146-236.cprapid.com/norvegian/all/	6 KB 6 KB	282ms 92ms	Image image/svg+xml	104.237.146.236 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://104-237-146-236.cprapid.com/norvegian/all/playstore.svg Requested by Host: 104-237-146-236.cprapid.com URL: https://104-237-146-236.cprapid.com/norvegian/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.237.146.236 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 104-237-146-236.ip.linodeusercontent.com Software Apache / Resource Hash `c49bfc81d4c498d74f701117b3a9d14047d3f6a78d48ca8b8106f033806fada0` Request headers accept-language nl-NL,nl;q=0.9 Referer https://104-237-146-236.cprapid.com/norvegian/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 17 Jun 2023 21:51:25 GMT Last-Modified Wed, 31 May 2023 17:49:55 GMT Server Apache Content-Type image/svg+xml Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 5960 Expires 0
GET H/1.1	200 OK	appstore.svg 104-237-146-236.cprapid.com/norvegian/all/	9 KB 9 KB	280ms 89ms	Image image/svg+xml	104.237.146.236 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://104-237-146-236.cprapid.com/norvegian/all/appstore.svg Requested by Host: 104-237-146-236.cprapid.com URL: https://104-237-146-236.cprapid.com/norvegian/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.237.146.236 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 104-237-146-236.ip.linodeusercontent.com Software Apache / Resource Hash `8da6e4fe47faa771c77f2f91582f5dbdf8fb41c320c3ad55263d1aaf40b28363` Request headers accept-language nl-NL,nl;q=0.9 Referer https://104-237-146-236.cprapid.com/norvegian/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 17 Jun 2023 21:51:25 GMT Last-Modified Wed, 31 May 2023 17:49:55 GMT Server Apache Content-Type image/svg+xml Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 8938 Expires 0
GET H/1.1	200 OK	jquery-3.1.1.min.js Show response 104-237-146-236.cprapid.com/norvegian/all/	85 KB 85 KB	197ms 93ms	Script application/javascript	104.237.146.236 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://104-237-146-236.cprapid.com/norvegian/all/jquery-3.1.1.min.js Requested by Host: 104-237-146-236.cprapid.com URL: https://104-237-146-236.cprapid.com/norvegian/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.237.146.236 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 104-237-146-236.ip.linodeusercontent.com Software Apache / Resource Hash `1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e` Request headers accept-language nl-NL,nl;q=0.9 Referer https://104-237-146-236.cprapid.com/norvegian/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 17 Jun 2023 21:51:25 GMT Last-Modified Wed, 31 May 2023 17:49:55 GMT Server Apache Content-Type application/javascript Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 86713 Expires 0
GET H/1.1	200 OK	jquery.maskedinput.min.js Show response 104-237-146-236.cprapid.com/norvegian/all/	4 KB 5 KB	272ms 89ms	Script application/javascript	104.237.146.236 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://104-237-146-236.cprapid.com/norvegian/all/jquery.maskedinput.min.js Requested by Host: 104-237-146-236.cprapid.com URL: https://104-237-146-236.cprapid.com/norvegian/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.237.146.236 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 104-237-146-236.ip.linodeusercontent.com Software Apache / Resource Hash `38e57bc218943a28b970f668d472554ea2ce99e05379ec7676519808d3b57e4d` Request headers accept-language nl-NL,nl;q=0.9 Referer https://104-237-146-236.cprapid.com/norvegian/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 17 Jun 2023 21:51:25 GMT Last-Modified Wed, 31 May 2023 17:49:55 GMT Server Apache Content-Type application/javascript Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 4332 Expires 0
GET H/1.1	404 Not Found	apercu_bold_pro-web.woff 104-237-146-236.cprapid.com/content/fonts/	0 0	93ms 93ms	Font text/html	104.237.146.236 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://104-237-146-236.cprapid.com/content/fonts/apercu_bold_pro-web.woff Requested by Host: 104-237-146-236.cprapid.com URL: https://104-237-146-236.cprapid.com/norvegian/all/reboot-idsvr.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.237.146.236 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 104-237-146-236.ip.linodeusercontent.com Software Apache / Resource Hash Request headers Referer https://104-237-146-236.cprapid.com/norvegian/all/reboot-idsvr.min.css Origin https://104-237-146-236.cprapid.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sat, 17 Jun 2023 21:51:25 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	apercu_regular_pro-web.woff 104-237-146-236.cprapid.com/content/fonts/	0 0	168ms 89ms	Font text/html	104.237.146.236 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://104-237-146-236.cprapid.com/content/fonts/apercu_regular_pro-web.woff Requested by Host: 104-237-146-236.cprapid.com URL: https://104-237-146-236.cprapid.com/norvegian/all/reboot-idsvr.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.237.146.236 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 104-237-146-236.ip.linodeusercontent.com Software Apache / Resource Hash Request headers Referer https://104-237-146-236.cprapid.com/norvegian/all/reboot-idsvr.min.css Origin https://104-237-146-236.cprapid.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sat, 17 Jun 2023 21:51:25 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=97 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	TiemposTextWeb-Regular.woff 104-237-146-236.cprapid.com/content/fonts/	0 0	176ms 89ms	Font text/html	104.237.146.236 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://104-237-146-236.cprapid.com/content/fonts/TiemposTextWeb-Regular.woff Requested by Host: 104-237-146-236.cprapid.com URL: https://104-237-146-236.cprapid.com/norvegian/all/reboot-idsvr.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.237.146.236 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 104-237-146-236.ip.linodeusercontent.com Software Apache / Resource Hash Request headers Referer https://104-237-146-236.cprapid.com/norvegian/all/reboot-idsvr.min.css Origin https://104-237-146-236.cprapid.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sat, 17 Jun 2023 21:51:25 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	apercu_bold_pro-web.woff2 104-237-146-236.cprapid.com/content/fonts/	0 0	93ms 93ms	Font text/html	104.237.146.236 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://104-237-146-236.cprapid.com/content/fonts/apercu_bold_pro-web.woff2 Requested by Host: 104-237-146-236.cprapid.com URL: https://104-237-146-236.cprapid.com/norvegian/all/reboot-idsvr.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.237.146.236 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 104-237-146-236.ip.linodeusercontent.com Software Apache / Resource Hash Request headers Referer https://104-237-146-236.cprapid.com/norvegian/all/reboot-idsvr.min.css Origin https://104-237-146-236.cprapid.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sat, 17 Jun 2023 21:51:25 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	apercu_regular_pro-web.woff2 104-237-146-236.cprapid.com/content/fonts/	0 0	89ms 89ms	Font text/html	104.237.146.236 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://104-237-146-236.cprapid.com/content/fonts/apercu_regular_pro-web.woff2 Requested by Host: 104-237-146-236.cprapid.com URL: https://104-237-146-236.cprapid.com/norvegian/all/reboot-idsvr.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.237.146.236 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 104-237-146-236.ip.linodeusercontent.com Software Apache / Resource Hash Request headers Referer https://104-237-146-236.cprapid.com/norvegian/all/reboot-idsvr.min.css Origin https://104-237-146-236.cprapid.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sat, 17 Jun 2023 21:51:25 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=96 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	TiemposTextWeb-Regular.woff2 104-237-146-236.cprapid.com/content/fonts/	0 0	89ms 89ms	Font text/html	104.237.146.236 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://104-237-146-236.cprapid.com/content/fonts/TiemposTextWeb-Regular.woff2 Requested by Host: 104-237-146-236.cprapid.com URL: https://104-237-146-236.cprapid.com/norvegian/all/reboot-idsvr.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.237.146.236 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 104-237-146-236.ip.linodeusercontent.com Software Apache / Resource Hash Request headers Referer https://104-237-146-236.cprapid.com/norvegian/all/reboot-idsvr.min.css Origin https://104-237-146-236.cprapid.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sat, 17 Jun 2023 21:51:25 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=97 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H2	200	small.js Show response widgets.amung.us/	8 KB 4 KB	89ms 27ms	Script application/x-javascript	2606:4700:10::6816:4bab CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://widgets.amung.us/small.js Requested by Host: 104-237-146-236.cprapid.com URL: https://104-237-146-236.cprapid.com/norvegian/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1` Request headers accept-language nl-NL,nl;q=0.9 Referer https://104-237-146-236.cprapid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 21:51:25 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 12 Jan 2023 17:19:30 GMT server cloudflare age 3306 etag W/"63c04122-2170" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control max-age=86400 cf-ray 7d8e838a1cdd9231-FRA expires Sun, 18 Jun 2023 20:56:19 GMT
GET H2	200	/ Show response t.dtscout.com/i/	2 KB 2 KB	255ms 196ms	Script application/javascript	2606:4700:21::8d65:780a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/i/?l=https%3A%2F%2F104-237-146-236.cprapid.com%2Fnorvegian%2F&j=https%3A%2F%2Fcoverdesigns.nl%2F Requested by Host: widgets.amung.us URL: https://widgets.amung.us/small.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9285a80d8ab5865b3c84926cf203f1b3d15667d275a88f64dcfeb83d9ed2d316` Request headers accept-language nl-NL,nl;q=0.9 Referer https://104-237-146-236.cprapid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 21:51:26 GMT x-t 0.238 content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSom0sFmGCIBdlBVGcLADt7InNOYfgH6b0C8f6bm1Ex2l%2FYjwlZuLNDztvDxKxcu6tgtUemb3Gfarwa48TFKBtPgUXQjAmRSxRKh5YBW50dnC7uDZceZsTVveIHluA99K%2B2Mw6WLzkEoMss%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control no-cache x-s mtl3 cf-ray 7d8e838ab8d40bae-AMS expires Sat, 17 Jun 2023 21:51:25 GMT
GET H2	200	/ Show response whos.amung.us/pingjs/	27 B 128 B	148ms 140ms	Script text/javascript	2606:4700:10::6816:4bab CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://whos.amung.us/pingjs/?k=norvegian&t=BankNorvegian&c=s&x=https%3A%2F%2F104-237-146-236.cprapid.com%2Fnorvegian%2F&y=https%3A%2F%2Fcoverdesigns.nl%2F&a=0&d=1.152&v=27&r=6189 Requested by Host: widgets.amung.us URL: https://widgets.amung.us/small.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0f9f734864f15a769277815bb96d6b27f81d60db02e29faa9dc281e76ffc3881` Request headers accept-language nl-NL,nl;q=0.9 Referer https://104-237-146-236.cprapid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 21:51:25 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare cf-ray 7d8e838a6d159231-FRA content-type text/javascript;charset=UTF-8
GET H2	200	tc.js Show response cdn.tynt.com/	18 KB 7 KB	102ms 38ms	Script application/javascript	172.64.151.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.tynt.com/tc.js Requested by Host: widgets.amung.us URL: https://widgets.amung.us/small.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.151.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b1804777ba20dafab3f354093af8b20442bec0eb61b2d34ea8a735a3bfefa278` Request headers accept-language nl-NL,nl;q=0.9 Referer https://104-237-146-236.cprapid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 21:51:26 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 14 Mar 2023 15:48:17 GMT server cloudflare age 194543 etag W/"64109741-4750" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 7d8e838bbab618fb-FRA expires Tue, 20 Jun 2023 21:51:26 GMT
GET DATA	200 OK	truncated /	439 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	/ Show response t.dtscout.com/pv/	51 B 344 B	205ms 204ms	Script application/javascript	2606:4700:21::8d65:780a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/pv/?_a=v&_h=104-237-146-236.cprapid.com&_ss=61jliiakpf&_pv=1&_ls=0&_u1=1&_u3=1&_cc=nl&_pl=d&_cbid=71qd&_cb=_dtspv.c Requested by Host: t.dtscout.com URL: https://t.dtscout.com/i/?l=https%3A%2F%2F104-237-146-236.cprapid.com%2Fnorvegian%2F&j=https%3A%2F%2Fcoverdesigns.nl%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `de046e4de886815f029b43308851075466b0c2895335925dead88f826aafd767` Request headers accept-language nl-NL,nl;q=0.9 Referer https://104-237-146-236.cprapid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 21:51:26 GMT x-t 0.138 content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2B4c7H4woBy9pZCZoT5XTTmOdSgMVnJGFhJP1osbbFclp%2F8smZ%2BmUSxyj%2FoWfodYWE8aaxvLJVtsFDDG1jSBohLnrHHAy3MDW1l35ZiNFbulVWb3fOqtwyjbFXyVSveH4stNO%2FwsZB7Chrk%3D"}],"group":"cf-nel","max_age":604800} x-c 0 content-type application/javascript cache-control no-cache cf-ray 7d8e838bfa740bae-AMS expires Sat, 17 Jun 2023 21:51:25 GMT
GET H2	204	p ic.tynt.com/b/	0 228 B	471ms 106ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!norvegian&lm=0&ts=1687038686113&dn=TC&iso=0&pu=https%3A%2F%2F104-237-146-236.cprapid.com%2Fnorvegian%2F&r=https%3A%2F%2Fcoverdesigns.nl%2F&t=BankNorvegian&chmob=0 Requested by Host: 104-237-146-236.cprapid.com URL: https://104-237-146-236.cprapid.com/norvegian/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language nl-NL,nl;q=0.9 Referer https://104-237-146-236.cprapid.com/norvegian/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers expires "Sat, 26 Jul 1997 05:00:00 GMT" date Sat, 17 Jun 2023 21:51:26 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	200	v2 Show response de.tynt.com/deb/	4 B 327 B	331ms 104ms	Script application/javascript	67.202.105.34 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://de.tynt.com/deb/v2?id=w!norvegian&dn=TC&cc=1&chmob=0&r=https%3A%2F%2Fcoverdesigns.nl%2F&pu=https%3A%2F%2F104-237-146-236.cprapid.com%2Fnorvegian%2F Requested by Host: cdn.tynt.com URL: https://cdn.tynt.com/tc.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US), Reverse DNS ip34.67-202-105.static.steadfastdns.net Software / Resource Hash `d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179` Request headers accept-language nl-NL,nl;q=0.9 Referer https://104-237-146-236.cprapid.com/norvegian/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" date Sat, 17 Jun 2023 21:51:25 GMT cache-control max-age=86400 content-type application/javascript accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile content-length 4 expires Sun, 18 Jun 2023 21:51:26 GMT
GET H2	204	p ic.tynt.com/b/	0 227 B	104ms 104ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!norvegian&lm=0&ts=1687038686113&dn=TC&iso=0&pu=https%3A%2F%2F104-237-146-236.cprapid.com%2Fnorvegian%2F&r=https%3A%2F%2Fcoverdesigns.nl%2F&t=BankNorvegian Requested by Host: 104-237-146-236.cprapid.com URL: https://104-237-146-236.cprapid.com/norvegian/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language nl-NL,nl;q=0.9 Referer https://104-237-146-236.cprapid.com/norvegian/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers expires "Sat, 26 Jul 1997 05:00:00 GMT" date Sat, 17 Jun 2023 21:51:26 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	109ms 109ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!norvegian&lm=0&ts=1687038686113&dn=TC&iso=0&pu=https%3A%2F%2F104-237-146-236.cprapid.com%2Fnorvegian%2F&r=https%3A%2F%2Fcoverdesigns.nl%2F Requested by Host: 104-237-146-236.cprapid.com URL: https://104-237-146-236.cprapid.com/norvegian/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language nl-NL,nl;q=0.9 Referer https://104-237-146-236.cprapid.com/norvegian/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers expires "Sat, 26 Jul 1997 05:00:00 GMT" date Sat, 17 Jun 2023 21:51:26 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	109ms 109ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!norvegian&lm=0&ts=1687038686113&dn=TC&iso=0&pu=https%3A%2F%2F104-237-146-236.cprapid.com%2Fnorvegian%2F Requested by Host: 104-237-146-236.cprapid.com URL: https://104-237-146-236.cprapid.com/norvegian/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language nl-NL,nl;q=0.9 Referer https://104-237-146-236.cprapid.com/norvegian/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers expires "Sat, 26 Jul 1997 05:00:00 GMT" date Sat, 17 Jun 2023 21:51:26 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	108ms 108ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!norvegian&lm=0&ts=1687038686113&dn=TC&iso=0&pu=https%3A%2F%2F104-237-146-236.cprapid.com%2Fnorvegian%2F Requested by Host: 104-237-146-236.cprapid.com URL: https://104-237-146-236.cprapid.com/norvegian/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language nl-NL,nl;q=0.9 Referer https://104-237-146-236.cprapid.com/norvegian/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers expires "Sat, 26 Jul 1997 05:00:00 GMT" date Sat, 17 Jun 2023 21:51:26 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Verdicts & Comments Add Verdict or Comment

Malicious page.url
Submitted on June 17th 2023, 9:53:50 pm UTC — From Norway

Threats: Phishing
Brands: Bank Norwegian NO
Comment: Phishing scam distributed through SMS: "4205 Norvegian https://coverdesigns.nl/noba.html?2468"

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
104-237-146-236.cprapid.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9d69a3a2a3234194b71e777c7dda97a3
.dtscout.com/	1970-01-20 12:37:23	Name: m Value: 1
.dtscout.com/	1970-01-20 12:37:33	Name: oa Value: 1
.dtscout.com/	1970-01-20 15:01:18	Name: df Value: 1687038686

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://104-237-146-236.cprapid.com/content/fonts/apercu_bold_pro-web.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://104-237-146-236.cprapid.com/content/fonts/apercu_regular_pro-web.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://104-237-146-236.cprapid.com/content/fonts/TiemposTextWeb-Regular.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://104-237-146-236.cprapid.com/content/fonts/apercu_bold_pro-web.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://104-237-146-236.cprapid.com/content/fonts/apercu_regular_pro-web.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://104-237-146-236.cprapid.com/content/fonts/TiemposTextWeb-Regular.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

104-237-146-236.cprapid.com
cdn.tynt.com
coverdesigns.nl
de.tynt.com
ic.tynt.com
t.dtscout.com
whos.amung.us
widgets.amung.us
104.237.146.236
172.64.151.83
185.104.29.58
2606:4700:10::6816:4bab
2606:4700:21::8d65:780a
67.202.105.31
67.202.105.34
086c29fe7599556d5c1c8fbbfc84e82bccb5e040f4b56a1c7eab45fa61831e4e
0f9f734864f15a769277815bb96d6b27f81d60db02e29faa9dc281e76ffc3881
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
38e57bc218943a28b970f668d472554ea2ce99e05379ec7676519808d3b57e4d
3daee467cde72131e93820b6bad1f44ac52924b5cf8dea17e7bd7a242d7bcab9
8da6e4fe47faa771c77f2f91582f5dbdf8fb41c320c3ad55263d1aaf40b28363
9285a80d8ab5865b3c84926cf203f1b3d15667d275a88f64dcfeb83d9ed2d316
b1804777ba20dafab3f354093af8b20442bec0eb61b2d34ea8a735a3bfefa278
c49bfc81d4c498d74f701117b3a9d14047d3f6a78d48ca8b8106f033806fada0
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
de046e4de886815f029b43308851075466b0c2895335925dead88f826aafd767
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f51e2e21c5abccbf5ae5f8087e67ba2b396bfb32902394ca8b25ff6627ecb4fd
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

104-237-146-236.cprapid.com Open in urlscan Pro 104.237.146.236 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

29 %IPv6

5 Domains

8 Subdomains

8 IPs

2 Countries

179 kBTransfer

191 kBSize

4 Cookies

6 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Malicious page.url Submitted on June 17th 2023, 9:53:50 pm UTC — From Norway

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

25 JavaScript Global Variables

104-237-146-236.cprapid.com Open in urlscan Pro
104.237.146.236 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

29 %
IPv6

5
Domains

8
Subdomains

8
IPs

2
Countries

179 kB
Transfer

191 kB
Size

4
Cookies

25 HTTP transactions
1 data transactions

Malicious page.url
Submitted on June 17th 2023, 9:53:50 pm UTC — From Norway

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!