removepaym-attempt.com Open in urlscan Pro
34.159.64.91 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://removepaym-attempt.com/
Submission: On January 21 via api (January 21st 2022, 12:06:17 pm UTC) from JP — Scanned from JP

Summary HTTP 63 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 63 HTTP transactions. The main IP is 34.159.64.91, located in Frankfurt am Main, Germany and belongs to GOOGLE-PRIVATE-CLOUD, US. The main domain is removepaym-attempt.com.

This is the only time removepaym-attempt.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DNB (Banking)

Domain & IP information

	IP Address	AS Autonomous System
36	34.159.64.91 34.159.64.91	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
5	2600:140b:2:9... 2600:140b:2:980::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.194.29.226 54.194.29.226	16509 (AMAZON-02) (AMAZON-02)
17	104.71.152.141 104.71.152.141	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
63	5

36 34.159.64.91 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 91.64.159.34.bc.googleusercontent.com

removepaym-attempt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:140b:2:980::1e80 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.29.226 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-29-226.eu-west-1.compute.amazonaws.com

dnb.celebrus.tech-03.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.71.152.141 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-71-152-141.deploy.static.akamaitechnologies.com

www.dnb.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	removepaym-attempt.com removepaym-attempt.com	2 MB
17	dnb.no www.dnb.no — Cisco Umbrella Rank: 560052	90 KB
5	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 497	100 KB
1	tech-03.net dnb.celebrus.tech-03.net — Cisco Umbrella Rank: 748641	35 KB
63	4

	Domain	Requested by
36	removepaym-attempt.com	removepaym-attempt.com
17	www.dnb.no	removepaym-attempt.com
5	assets.adobedtm.com	removepaym-attempt.com assets.adobedtm.com
1	dnb.celebrus.tech-03.net	removepaym-attempt.com
63	4

This site contains links to these domains. Also see Links.

Domain
www.dnb.no
www.dnb.se

Subject Issuer	Validity	Valid
dnb.celebrus.tech-03.net Amazon	`2021-09-23` - `2022-10-21`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
www.dnb.no DigiCert SHA2 Extended Validation Server CA	`2020-03-22` - `2022-03-30`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://removepaym-attempt.com/
Frame ID: 411BF9252339B0D466E6C1887C6B6518
Requests: 63 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Large Corporate and Institutions | Banking - DNB

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

35 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

2278 kB
Transfer

2560 kB
Size

2
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dnb.no/segm/appo/bov/open
Title: Equity rates

Search URL Search Domain Scan URL

URL: https://www.dnb.no/?la=EN&site=DNB_NO
Title: English

Search URL Search Domain Scan URL

URL: https://www.dnb.no/?la=DA&site=DNB_DK
Title: Dansk

Search URL Search Domain Scan URL

URL: https://www.dnb.se/?la=SV&site=DNB_SE
Title: Svenska

Search URL Search Domain Scan URL

URL: https://www.dnb.no/?la=NO&site=DNB_LU
Title: Norsk

Search URL Search Domain Scan URL

URL: https://www.dnb.no/?la=EN&site=DNB_LU
Title: English

Search URL Search Domain Scan URL

URL: https://www.dnb.no/?la=DE&site=DNB_LU
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://www.dnb.se/se/sv/markets.html?la=SV&site=DNB_SE
Title: se_sv

Search URL Search Domain Scan URL

URL: https://www.dnb.no/en/business/markets/markets.html?la=EN&site=DNB_NO
Title: no_en

Search URL Search Domain Scan URL

URL: https://www.dnb.no/en/corporate-and-institutions/green-loans.html

Search URL Search Domain Scan URL

URL: https://www.dnb.no/en/corporate-and-institutions/corporate-banking/creditmanager.html
Title: » Find out more about Credit Manager here

Search URL Search Domain Scan URL

URL: https://www.dnb.no/en/about-us?WT.ac=Frontpage-ci_about-us-v1&WT.svl=Linklist
Title: About us

Search URL Search Domain Scan URL

URL: https://www.dnb.no/en/about-us/careers.html?WT.ac=Frontpage-ci_work-at-dnb-v1&WT.svl=Linklist
Title: Work at DNB

Search URL Search Domain Scan URL

URL: https://www.dnb.no/en/about-us/about-the-group.html?WT.ac=Frontpage-ci_about-the-group-v1&WT.svl=Linklist
Title: Link

Search URL Search Domain Scan URL

URL: https://www.dnb.no/en/about-us/corporate-social-responsibility.html?WT.ac=Frontpage-ci_corporate-social-responsibility-v1&WT.svl=Linklist
Title: Link

Search URL Search Domain Scan URL

URL: https://www.dnb.no/en/investor-relations?WT.ac=Frontpage-ci_ir-v1&WT.svl=Linklist
Title: Investor relations

Search URL Search Domain Scan URL

URL: https://www.dnb.no/en/about-us/Press.html?WT.ac=Frontpage-ci_press-v1&WT.svl=Linklist
Title: Press

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
removepaym-attempt.com/ 85 KB
86 KB 1215ms
234ms Document
text/html 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 9d41f3249ac82328b747943368c2d42da383c71d80c1b2ac446d69e42cdb444f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9

Response headers

Date: Fri, 21 Jan 2022 12:06:09 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cssLibrary_2016q1.min.css
removepaym-attempt.com/files/ 282 KB
282 KB 232ms
232ms Stylesheet
text/css 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://removepaym-attempt.com/files/cssLibrary_2016q1.min.css
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d1f832b962cda0ff643dc6cbaed554f7eb70bb116e9919239d756f39124b84b1

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:09 GMT
Last-Modified: Wed, 11 Aug 2021 14:50:17 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 288659

GET
H/1.1 200
OK style_carousel.css
removepaym-attempt.com/files/ 24 KB
25 KB 462ms
234ms Stylesheet
text/css 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://removepaym-attempt.com/files/style_carousel.css
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a690c816e27b45afe1332b4f10857f0a16e7254070e45648b2e9de9ae1893f75

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:09 GMT
Last-Modified: Wed, 11 Aug 2021 14:13:49 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 25037

GET
H/1.1 200
OK style_searchmenu.css
removepaym-attempt.com/files/ 13 KB
14 KB 462ms
234ms Stylesheet
text/css 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://removepaym-attempt.com/files/style_searchmenu.css
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 650afb64e4c4b7f856e7ec3b467b59e17599cb51c8718d39f6d9aff805ea5612

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:09 GMT
Last-Modified: Wed, 11 Aug 2021 14:14:05 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 13761

GET
H/1.1 200
OK style_webforms.css
removepaym-attempt.com/files/ 41 KB
41 KB 463ms
234ms Stylesheet
text/css 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://removepaym-attempt.com/files/style_webforms.css
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 12e0ebd15c45f8b8bdb3a63e981a800250498a77dde7cfb18fcb6a0dad60e434

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:09 GMT
Last-Modified: Wed, 11 Aug 2021 14:14:25 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 42054

GET
H/1.1 200
OK style_dynamic_02.css
removepaym-attempt.com/files/ 11 KB
11 KB 471ms
239ms Stylesheet
text/css 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://removepaym-attempt.com/files/style_dynamic_02.css
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: fbd1d7b048e6b475c1d72fa4874677aaac594b6f0c8637fb591c5c9bee7d16a1

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:09 GMT
Last-Modified: Wed, 11 Aug 2021 14:14:56 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 11282

GET
H/1.1 200
OK style_menu_english.css
removepaym-attempt.com/files/ 4 KB
4 KB 702ms
231ms Stylesheet
text/css 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://removepaym-attempt.com/files/style_menu_english.css
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: b504b55f62b6fa0df81f0b4367825f50b6ba8ae71f1c55da4db80c190b2c83bc

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:09 GMT
Last-Modified: Wed, 11 Aug 2021 14:15:06 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4169

GET
H/1.1 200
OK jsLibrary.min.js Show response
removepaym-attempt.com/files/ 439 KB
440 KB 915ms
226ms Script
application/javascript 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://removepaym-attempt.com/files/jsLibrary.min.js
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: ee833be386a879b4f7050e785c46a224a0698872ea7ec80573a2c6d38be7cf36

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:10 GMT
Last-Modified: Wed, 11 Aug 2021 14:27:48 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 449960

GET
H/1.1 200
OK launch-ENabbbd2c3cb0e4f5f8591b5bbac1280ff.min.js Show response
assets.adobedtm.com/ 333 KB
97 KB 834ms
831ms Script
application/x-javascript 2600:140b:2:980::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://assets.adobedtm.com/launch-ENabbbd2c3cb0e4f5f8591b5bbac1280ff.min.js
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 2600:140b:2:980::1e80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 28bd90fc26e3a271649730e9491933872f62444fc443f910c2c070f327c99a1f

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Jan 2022 12:00:52 GMT
Server: AkamaiNetStorage
ETag: "2b439e449eb7a1585bdf922cd3a924df:1642680052.342038"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: http://removepaym-attempt.com
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 21 Jan 2022 13:06:11 GMT

GET
H/1.1 200
OK jquery.ui.datepicker-en-GB.js Show response
removepaym-attempt.com/files/ 952 B
1 KB 915ms
226ms Script
application/javascript 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://removepaym-attempt.com/files/jquery.ui.datepicker-en-GB.js
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 0e677374769b1cc17bc36049a6dbb0a3e4b89c9a4adc741d8c6002611db4e717

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:10 GMT
Last-Modified: Wed, 11 Aug 2021 14:28:16 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 952

GET
H/1.1 200
OK dojo-all.js Show response
removepaym-attempt.com/files/ 273 KB
273 KB 933ms
231ms Script
application/javascript 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://removepaym-attempt.com/files/dojo-all.js
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: b4749566fd2d0bccc3302d617a2266dbada007e373cb2a4e922fd90726d2ed60

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:10 GMT
Last-Modified: Wed, 11 Aug 2021 14:29:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 279626

GET
H/1.1 200
OK css.js Show response
removepaym-attempt.com/files/ 4 KB
4 KB 1115ms
226ms Script
application/javascript 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://removepaym-attempt.com/files/css.js
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 6f348ace79904223e1633b01f630bcfa9ba42159f4a3e6b1526dfd35b7bcca6d

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:10 GMT
Last-Modified: Wed, 11 Aug 2021 14:30:31 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4011

GET
H/1.1 200
OK carousel.js Show response
removepaym-attempt.com/files/ 831 B
1 KB 1143ms
226ms Script
application/javascript 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://removepaym-attempt.com/files/carousel.js
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 6b9f06b31ae5150a8d87e8ba0e4245e94c58e715c54ebb1c14232be0cf0ea63d

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:10 GMT
Last-Modified: Wed, 11 Aug 2021 14:30:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 831

GET
H/1.1 200
OK jquery.flexslider.2.2.2.min.js Show response
removepaym-attempt.com/files/ 21 KB
21 KB 1149ms
229ms Script
application/javascript 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://removepaym-attempt.com/files/jquery.flexslider.2.2.2.min.js
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a8045d0bdf69aabb0bcf96ef23324af6e4f016ac629163aac1032885446863ea

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:10 GMT
Last-Modified: Wed, 11 Aug 2021 14:31:49 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 21601

GET
H/1.1 200
OK dojo.js Show response
removepaym-attempt.com/files/ 25 KB
25 KB 1343ms
226ms Script
application/javascript 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://removepaym-attempt.com/files/dojo.js
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 0aa3be1af2df87858bcff3b7a752697e9d851225102b602d31f460c4f18c8ba7

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:10 GMT
Last-Modified: Wed, 11 Aug 2021 14:32:22 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 25224

GET
H/1.1 200
OK main.js Show response
removepaym-attempt.com/files/ 1 KB
1 KB 1369ms
226ms Script
application/javascript 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://removepaym-attempt.com/files/main.js
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 8d21416f88cb2867017c10cbed999f328822fae1cc9163f39fc2178676438ebe

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:10 GMT
Last-Modified: Wed, 11 Aug 2021 14:34:21 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1161

GET
H2 200 JavascriptInsert.js Show response
dnb.celebrus.tech-03.net/ 97 KB
35 KB 1005ms
477ms Script
application/x-javascript 54.194.29.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dnb.celebrus.tech-03.net/JavascriptInsert.js

Requested by

Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.29.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-29-226.eu-west-1.compute.amazonaws.com

Software

Resource Hash

604f9c1387935cf1cc5d40a115920d2bf160bbc734f98a0762016b8eb8dbfbc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 12:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 Feb 2020 14:47:27 GMT
etag: 71a309d21c2b647195904c23c204c6f7
content-type: application/x-javascript
cache-control: max-age=900, s-maxage=900
content-length: 35562

GET
H2 200 RCc781c6ee625c484caeb2188404f38b07-source.min.js Show response
assets.adobedtm.com/372a0e79ce5a/08ae0ce880bf/eafb321f7e23/ 953 B
805 B 13ms
5ms Script
application/x-javascript 2600:140b:2:980::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/372a0e79ce5a/08ae0ce880bf/eafb321f7e23/RCc781c6ee625c484caeb2188404f38b07-source.min.js
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:2:980::1e80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7cc1c0617caf427414c0f3ec68b60f0d6e8c7ca311f05b958ed95a5d6098cef9

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 12:06:10 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 11:14:41 GMT
server: AkamaiNetStorage
etag: "3da37233696f7f3f9826d864bf74ecf5:1615461281.845105"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://removepaym-attempt.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 535
expires: Fri, 21 Jan 2022 13:06:10 GMT

GET
H2 200 RCdc883f24210a449b8bf439ed10be077c-source.min.js Show response
assets.adobedtm.com/372a0e79ce5a/08ae0ce880bf/eafb321f7e23/ 627 B
629 B 18ms
10ms Script
application/x-javascript 2600:140b:2:980::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/372a0e79ce5a/08ae0ce880bf/eafb321f7e23/RCdc883f24210a449b8bf439ed10be077c-source.min.js
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:2:980::1e80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8cb30741d27113d839b7f963e1db710efceadc685a11600650a928449b8b9517

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 12:06:11 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 11:14:41 GMT
server: AkamaiNetStorage
etag: "3da37233696f7f3f9826d864bf74ecf5:1615461281.845105"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://removepaym-attempt.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 359
expires: Fri, 21 Jan 2022 13:06:11 GMT

GET
H/1.1 200
OK carousel.css
removepaym-attempt.com/files/ 17 KB
18 KB 888ms
226ms Stylesheet
text/css 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://removepaym-attempt.com/files/carousel.css
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 531f780b6c63077b7e68470756e816f9b40cd8923d996ea69ccd89f5f32e3b64

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:10 GMT
Last-Modified: Wed, 11 Aug 2021 14:45:24 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 17795

GET
H/1.1 200
OK jquery.js Show response
removepaym-attempt.com/js/ 87 KB
88 KB 1378ms
229ms Script
application/javascript 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://removepaym-attempt.com/js/jquery.js
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:10 GMT
Last-Modified: Fri, 13 Aug 2021 15:01:47 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 89501

GET
H/1.1 200
OK style_print.css
removepaym-attempt.com/files/ 6 KB
6 KB 231ms
231ms Stylesheet
text/css 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://removepaym-attempt.com/files/style_print.css
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: bd1a344ddb0761cde00039eb4dd5a03236d3630fe7a99a326aa3a25992350683

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Last-Modified: Wed, 11 Aug 2021 14:14:41 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 6080

GET
H/1.1 200
OK logo.png
removepaym-attempt.com/files/ 2 KB
2 KB 229ms
228ms Image
image/png 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://removepaym-attempt.com/files/logo.png
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: ea2d8e11d564e03b3e1d0d115e16a261659e9813f00a6c64dbd3fb7826c1f451

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Last-Modified: Wed, 11 Aug 2021 14:15:49 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1755

GET
H/1.1 200
OK logon-open.js Show response
removepaym-attempt.com/files/ 2 KB
2 KB 229ms
229ms Script
application/javascript 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://removepaym-attempt.com/files/logon-open.js
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 27b87e8cfaa9af708f418c88682c4d36699d07bd66d749b015d5b8a3e29bc152

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Last-Modified: Wed, 11 Aug 2021 14:43:10 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1791

GET
H/1.1 200
OK DNB_Finsight_1440x750.jpeg
removepaym-attempt.com/files/ 181 KB
181 KB 229ms
228ms Image
image/jpeg 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://removepaym-attempt.com/files/DNB_Finsight_1440x750.jpeg
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 1d6f5800b610575066f6225b189b92ad956110f8edbce5537838aa5540616397

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Last-Modified: Wed, 11 Aug 2021 14:23:32 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 185232

GET
H/1.1 200
OK international_lci_1440_750.jpeg
removepaym-attempt.com/files/ 260 KB
260 KB 228ms
226ms Image
image/jpeg 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://removepaym-attempt.com/files/international_lci_1440_750.jpeg
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 4de0733aaf35c2ce107a0df7fcfb1107d8162036374460a12734f53f7301e9cf

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Last-Modified: Wed, 11 Aug 2021 14:23:50 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 266437

GET
H/1.1 200
OK advisor.png
removepaym-attempt.com/files/ 4 KB
4 KB 232ms
231ms Image
image/png 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://removepaym-attempt.com/files/advisor.png
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: b84225025a69138fa9460496c0b71fdfe91a179f6a27c96a9543d89a40da1507

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Last-Modified: Wed, 11 Aug 2021 14:24:17 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3980

GET
H/1.1 200
OK markeder.png
removepaym-attempt.com/files/ 11 KB
11 KB 450ms
229ms Image
image/png 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://removepaym-attempt.com/files/markeder.png
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: dd6223a582ba920f1b9d29dae68a94acfaae105d59b7272d79c7513dc69ff5dd

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Last-Modified: Wed, 11 Aug 2021 14:24:31 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 10915

GET
H/1.1 200
OK digital_lci.png
removepaym-attempt.com/files/ 2 KB
2 KB 254ms
231ms Image
image/png 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://removepaym-attempt.com/files/digital_lci.png
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 37435b23119687c4009e8b95e6510205ab2e70fda0fa06f0fbbe2c6ca5656ea8

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Last-Modified: Wed, 11 Aug 2021 14:24:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1831

GET
H/1.1 200
OK bransjer.png
removepaym-attempt.com/files/ 10 KB
11 KB 248ms
226ms Image
image/png 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://removepaym-attempt.com/files/bransjer.png
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: b8e60155fe883cbf294bf05679e044ab144afa2769fe03ed7a6536577ca20c93

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Last-Modified: Wed, 11 Aug 2021 14:25:10 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 10560

GET
H/1.1 200
OK green_920_200.jpeg
removepaym-attempt.com/files/ 49 KB
49 KB 468ms
231ms Image
image/jpeg 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://removepaym-attempt.com/files/green_920_200.jpeg
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 153843d4ad96081f965229de8273f83671ac8c73cf1768c0eee828762812aa7f

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Last-Modified: Wed, 11 Aug 2021 14:25:29 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 50023

GET
H/1.1 200
OK credit-manager-920x200.png
removepaym-attempt.com/files/ 148 KB
148 KB 233ms
231ms Image
image/png 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://removepaym-attempt.com/files/credit-manager-920x200.png
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: facd3129418d2658b40b586eb0a163201488e5be88900842ed61f896bffb3238

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Last-Modified: Wed, 11 Aug 2021 14:25:49 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 151097

GET
H/1.1 200
OK logoSmall.png
removepaym-attempt.com/files/ 931 B
1 KB 231ms
231ms Image
image/png 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://removepaym-attempt.com/files/logoSmall.png
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 3af1f4f32b6d55e78e5ad67782a40d345fa02719181e2ab67d58fcf35832840c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Last-Modified: Wed, 11 Aug 2021 14:19:13 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 931

GET
H/1.1 200
OK CelebrusInsert.js Show response
removepaym-attempt.com/files/ 38 KB
38 KB 231ms
231ms Script
application/javascript 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://removepaym-attempt.com/files/CelebrusInsert.js
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e98290eed858d1f7d602674964dad409343a76a3c1f9fea7265c6bfc2e8e1aaf

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Last-Modified: Wed, 11 Aug 2021 14:43:34 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 38892

GET
H/1.1 200
OK xxl.gif
removepaym-attempt.com/files/ 43 B
283 B 229ms
229ms Image
image/gif 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://removepaym-attempt.com/files/xxl.gif
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Last-Modified: Wed, 11 Aug 2021 14:26:36 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 43

GET
H/1.1 200
OK htmlBackgroundDnB_2011.png
www.dnb.no/portalfront/dnb/images/gfx/ 297 B
833 B 374ms
13ms Image
image/png 104.71.152.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnb.no/portalfront/dnb/images/gfx/htmlBackgroundDnB_2011.png

Requested by

Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/files/carousel.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.71.152.141 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-152-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

39135552ef1d9a77c9ec2e5e1c9cea8798a1ed623199d1a4b38adfc1ee5f386d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
x-content-type-options: nosniff
Last-Modified: Tue, 18 Oct 2011 11:48:29 GMT
x-frame-options: SAMEORIGIN
ETag: "129-4af914d4f3d40"
Strict-Transport-Security: max-age=31536000
p3p: CP="NON CUR OTPi OUR NOR UNI"
Cache-Control: max-age=1868
Feature-Policy: geolocation 'self'; camera 'none'; microphone 'none'
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 297
x-xss-protection: 1; mode=block
Expires: Fri, 21 Jan 2022 12:37:19 GMT

GET
H/1.1 200
OK topHeaderBg.png
www.dnb.no/portalfront/dnb/images/gfx/ 366 B
902 B 432ms
68ms Image
image/png 104.71.152.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnb.no/portalfront/dnb/images/gfx/topHeaderBg.png

Requested by

Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/files/cssLibrary_2016q1.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.71.152.141 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-152-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

98bcd7624d31f453bb4567c6b70087a22ec069a7152066e0185caf861cc77003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
x-content-type-options: nosniff
Last-Modified: Thu, 13 Mar 2014 07:47:04 GMT
x-frame-options: SAMEORIGIN
ETag: "16e-4f47828c38e00"
Strict-Transport-Security: max-age=31536000
p3p: CP="NON CUR OTPi OUR NOR UNI"
Cache-Control: max-age=1480
Feature-Policy: geolocation 'self'; camera 'none'; microphone 'none'
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 366
x-xss-protection: 1; mode=block
Expires: Fri, 21 Jan 2022 12:30:51 GMT

GET
H/1.1 200
OK tabLeftMainMenu.png
www.dnb.no/portalfront/dnb/images/gfx/menu/ 801 B
1 KB 383ms
18ms Image
image/png 104.71.152.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnb.no/portalfront/dnb/images/gfx/menu/tabLeftMainMenu.png

Requested by

Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/files/cssLibrary_2016q1.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.71.152.141 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-152-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

917ae2f34852dfb44057572cf32cf18941846a45d335fc58f570031b51b076ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Last-Modified: Thu, 10 Apr 2014 20:16:29 GMT
x-frame-options: SAMEORIGIN
ETag: "321-4f6b5e4718140"
Strict-Transport-Security: max-age=31536000
p3p: CP="NON CUR OTPi OUR NOR UNI"
Cache-Control: max-age=1753
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 801
x-xss-protection: 1; mode=block
Expires: Fri, 21 Jan 2022 12:35:24 GMT

GET
H/1.1 200
OK arrow-right_linkBlue.gif
www.dnb.no/portalfront/dnb/images/gfx/ 76 B
539 B 74ms
74ms Image
image/gif 104.71.152.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnb.no/portalfront/dnb/images/gfx/arrow-right_linkBlue.gif

Requested by

Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/files/cssLibrary_2016q1.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.71.152.141 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-152-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

b91d8efa2119becb6c7c8d0b15ae098b2d48cf298d6c7410978990cb8c852616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
x-content-type-options: nosniff
Last-Modified: Tue, 18 Oct 2011 11:48:06 GMT
x-frame-options: SAMEORIGIN
ETag: "4c-4af914bf04980"
Strict-Transport-Security: max-age=31536000
p3p: CP="NON CUR OTPi OUR NOR UNI"
Cache-Control: max-age=957
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 76
x-xss-protection: 1; mode=block
Expires: Fri, 21 Jan 2022 12:22:08 GMT

GET
H/1.1 200
OK arrow-up_linkOrange.png
www.dnb.no/portalfront/dnb/images/gfx/ 415 B
880 B 359ms
145ms Image
image/png 104.71.152.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnb.no/portalfront/dnb/images/gfx/arrow-up_linkOrange.png

Requested by

Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/files/cssLibrary_2016q1.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.71.152.141 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-152-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

41062aa48694305095d40ab97cf943d7007ebb59bfb070c5fbc3a34cc784cf83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
x-content-type-options: nosniff
Last-Modified: Fri, 30 May 2014 10:23:19 GMT
x-frame-options: SAMEORIGIN
ETag: "19f-4fa9b6f2df3c0"
Strict-Transport-Security: max-age=31536000
p3p: CP="NON CUR OTPi OUR NOR UNI"
Cache-Control: max-age=577
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 415
x-xss-protection: 1; mode=block
Expires: Fri, 21 Jan 2022 12:15:48 GMT

GET
H/1.1 200
OK blank_2x2_image.png
www.dnb.no/portalfront/dnb/images/gfx/ 189 B
723 B 329ms
115ms Image
image/png 104.71.152.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnb.no/portalfront/dnb/images/gfx/blank_2x2_image.png

Requested by

Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/files/cssLibrary_2016q1.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.71.152.141 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-152-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

ad79d91cd54b9c8035e946c2299293488740594edb050fe05d5823c195cd4eed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
x-content-type-options: nosniff
Last-Modified: Tue, 18 Oct 2011 11:48:14 GMT
x-frame-options: SAMEORIGIN
ETag: "bd-4af914c6a5b80"
Strict-Transport-Security: max-age=31536000
p3p: CP="NON CUR OTPi OUR NOR UNI"
Cache-Control: max-age=751
Feature-Policy: geolocation 'self'; camera 'none'; microphone 'none'
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 189
x-xss-protection: 1; mode=block
Expires: Fri, 21 Jan 2022 12:18:42 GMT

GET
H/1.1 200
OK contactIcon.png
www.dnb.no/portalfront/dnb/images/gfx/ 889 B
1 KB 340ms
126ms Image
image/png 104.71.152.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnb.no/portalfront/dnb/images/gfx/contactIcon.png

Requested by

Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/files/cssLibrary_2016q1.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.71.152.141 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-152-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

facd785a8ec74e7f08323ad375877d814663bce19d2e340a90387f6e9741e006

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
x-content-type-options: nosniff
Last-Modified: Wed, 11 Jun 2014 07:36:12 GMT
x-frame-options: SAMEORIGIN
ETag: "379-4fb8a7f9e9300"
Strict-Transport-Security: max-age=31536000
p3p: CP="NON CUR OTPi OUR NOR UNI"
Cache-Control: max-age=3162
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 889
x-xss-protection: 1; mode=block
Expires: Fri, 21 Jan 2022 12:58:53 GMT

GET
H/1.1 200
OK chatAinoStd.png
removepaym-attempt.com/files/ 927 B
1 KB 407ms
229ms Image
image/png 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://removepaym-attempt.com/files/chatAinoStd.png
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 25b32fe3a107598daa62ba7e8b4817420e93c82e4b84af80415dfe6e960f6fb3

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Last-Modified: Wed, 11 Aug 2021 14:44:26 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 927

GET
H/1.1 200
OK contactButtons.png
www.dnb.no/portalfront/dnb/images/gfx/ 22 KB
22 KB 328ms
114ms Image
image/png 104.71.152.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnb.no/portalfront/dnb/images/gfx/contactButtons.png

Requested by

Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/files/cssLibrary_2016q1.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.71.152.141 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-152-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

df95a03ea597fca7cb16e905d00a7499214a24f8fe3d7bf930e32126ba840e98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Last-Modified: Thu, 18 Feb 2016 13:54:08 GMT
ETag: "5808-52c0bb34d4000"
Strict-Transport-Security: max-age=31536000
p3p: CP="NON CUR OTPi OUR NOR UNI"
Cache-Control: max-age=309
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 22536
Expires: Fri, 21 Jan 2022 12:11:20 GMT

GET
H/1.1 200
OK chooseLanguageBg.png
www.dnb.no/portalfront/dnb/images/gfx/select/ 1 KB
2 KB 330ms
117ms Image
image/png 104.71.152.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnb.no/portalfront/dnb/images/gfx/select/chooseLanguageBg.png

Requested by

Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/files/cssLibrary_2016q1.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.71.152.141 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-152-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

6ae2c6ce464e04ce63d659bd4b1bcaf2fb8776cf3302dc082c6c4e4dbd7a94bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Last-Modified: Mon, 31 Mar 2014 12:20:08 GMT
x-frame-options: SAMEORIGIN
ETag: "456-4f5e612784e00"
Strict-Transport-Security: max-age=31536000
p3p: CP="NON CUR OTPi OUR NOR UNI"
Cache-Control: max-age=563
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1110
x-xss-protection: 1; mode=block
Expires: Fri, 21 Jan 2022 12:15:34 GMT

GET
H/1.1 200
OK flagg.png
www.dnb.no/portalfront/dnb/images/icons/ 50 KB
51 KB 340ms
10ms Image
image/png 104.71.152.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnb.no/portalfront/dnb/images/icons/flagg.png

Requested by

Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/files/cssLibrary_2016q1.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.71.152.141 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-152-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

0195e043913fe41a704dbd61544cc12b56185e2c445b0990a77729eddf32a2c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
x-content-type-options: nosniff
Last-Modified: Tue, 18 Oct 2011 11:49:39 GMT
x-frame-options: SAMEORIGIN
ETag: "c97a-4af91517b5ac0"
Strict-Transport-Security: max-age=31536000
p3p: CP="NON CUR OTPi OUR NOR UNI"
Cache-Control: max-age=2751
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 51578
x-xss-protection: 1; mode=block
Expires: Fri, 21 Jan 2022 12:52:02 GMT

GET
H/1.1 200
OK menubtn.png
www.dnb.no/portalfront/dnb/images/gfx/menu/ 1 KB
2 KB 272ms
58ms Image
image/png 104.71.152.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnb.no/portalfront/dnb/images/gfx/menu/menubtn.png

Requested by

Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/files/cssLibrary_2016q1.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.71.152.141 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-152-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

be9e774d1f90d007be3106695fcd39cdbfd2f6b0fac62de68c086090be9f2bb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Last-Modified: Mon, 07 Apr 2014 10:43:19 GMT
x-frame-options: SAMEORIGIN
ETag: "5f2-4f671891d9fc0"
Strict-Transport-Security: max-age=31536000
p3p: CP="NON CUR OTPi OUR NOR UNI"
Cache-Control: max-age=2859
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1522
x-xss-protection: 1; mode=block
Expires: Fri, 21 Jan 2022 12:53:50 GMT

GET
H/1.1 200
OK searchFormsButton.png
www.dnb.no/portalfront/dnb/images/gfx/menu/ 828 B
1 KB 359ms
87ms Image
image/png 104.71.152.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnb.no/portalfront/dnb/images/gfx/menu/searchFormsButton.png

Requested by

Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/files/cssLibrary_2016q1.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.71.152.141 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-152-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

3a7ba1dbe3871338763ecb6a84684ffb751257dee7ebfc23da76eb5ee99500c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
x-content-type-options: nosniff
Last-Modified: Mon, 07 Apr 2014 10:44:33 GMT
x-frame-options: SAMEORIGIN
ETag: "33c-4f6718d86c640"
Strict-Transport-Security: max-age=31536000
p3p: CP="NON CUR OTPi OUR NOR UNI"
Cache-Control: max-age=205
Feature-Policy: geolocation 'self'; camera 'none'; microphone 'none'
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 828
x-xss-protection: 1; mode=block
Expires: Fri, 21 Jan 2022 12:09:36 GMT

GET WF-021636-006889-000449.woff
www.dnb.no/portalfront/dnb/styles/fonts/ 0
0

GET
H/1.1 200
OK questions_button_help.png
www.dnb.no/portalfront/dnb/images/gfx/menu/ 2 KB
2 KB 201ms
47ms Image
image/png 104.71.152.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnb.no/portalfront/dnb/images/gfx/menu/questions_button_help.png

Requested by

Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/files/cssLibrary_2016q1.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.71.152.141 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-152-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

0d8aca5b83e67f7f4a39543d9c13eaccbda823987aa9888178b11a6641ede073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Last-Modified: Mon, 07 Apr 2014 10:23:19 GMT
ETag: "74a-4f671419713c0"
Strict-Transport-Security: max-age=31536000
p3p: CP="NON CUR OTPi OUR NOR UNI"
Cache-Control: max-age=3428
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1866
Expires: Fri, 21 Jan 2022 13:03:19 GMT

GET
H/1.1 200
OK breadcrums.png
www.dnb.no/portalfront/dnb/images/gfx/ 291 B
827 B 152ms
9ms Image
image/png 104.71.152.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnb.no/portalfront/dnb/images/gfx/breadcrums.png

Requested by

Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/files/cssLibrary_2016q1.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.71.152.141 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-152-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

e35221772aff45c1aae5531a23e1d750760223d4ad5aeef750039d6846e847a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
x-content-type-options: nosniff
Last-Modified: Tue, 01 Apr 2014 15:03:55 GMT
x-frame-options: SAMEORIGIN
ETag: "123-4f5fc7a0bccc0"
Strict-Transport-Security: max-age=31536000
p3p: CP="NON CUR OTPi OUR NOR UNI"
Cache-Control: max-age=1482
Feature-Policy: geolocation 'self'; camera 'none'; microphone 'none'
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 291
x-xss-protection: 1; mode=block
Expires: Fri, 21 Jan 2022 12:30:53 GMT

GET
H/1.1 200
OK home.png
www.dnb.no/portalfront/dnb/images/gfx/ 364 B
830 B 216ms
63ms Image
image/png 104.71.152.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnb.no/portalfront/dnb/images/gfx/home.png

Requested by

Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/files/cssLibrary_2016q1.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.71.152.141 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-152-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

c16c4c6e8e85fe88dd24c54a3a37de942b456e0a608af95deb7b6c98be1fe72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
x-content-type-options: nosniff
Last-Modified: Tue, 18 Oct 2011 11:48:28 GMT
x-frame-options: SAMEORIGIN
ETag: "16c-4af914d3ffb00"
Strict-Transport-Security: max-age=31536000
p3p: CP="NON CUR OTPi OUR NOR UNI"
Cache-Control: max-age=1747
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 364
x-xss-protection: 1; mode=block
Expires: Fri, 21 Jan 2022 12:35:18 GMT

GET
H/1.1 200
OK arrow-right_linkOrange.png
www.dnb.no/portalfront/dnb/images/gfx/ 270 B
806 B 197ms
54ms Image
image/png 104.71.152.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnb.no/portalfront/dnb/images/gfx/arrow-right_linkOrange.png

Requested by

Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/files/carousel.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.71.152.141 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-152-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

5da5b3da4935bee9d5483f3c15903ba9f1506abd14bec24c9b335ee71ef1b880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
x-content-type-options: nosniff
Last-Modified: Wed, 16 May 2012 12:37:02 GMT
x-frame-options: SAMEORIGIN
ETag: "10e-4c02693743780"
Strict-Transport-Security: max-age=31536000
p3p: CP="NON CUR OTPi OUR NOR UNI"
Cache-Control: max-age=2256
Feature-Policy: geolocation 'self'; camera 'none'; microphone 'none'
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 270
x-xss-protection: 1; mode=block
Expires: Fri, 21 Jan 2022 12:43:47 GMT

POST session.json
dnb.celebrus.tech-03.net/4275/handler9/ 0
0

GET JavascriptInsert.js
dnb.celebrus.tech-03.net/ 0
0

GET
H/1.1 404
Not Found itemPdf.gif
removepaym-attempt.com/portalfront/dnb/images/icons/ 315 B
315 B 229ms
229ms Image
text/html 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://removepaym-attempt.com/portalfront/dnb/images/icons/itemPdf.gif
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/files/cssLibrary_2016q1.min.css
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/files/cssLibrary_2016q1.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK bgGradientGray.gif
www.dnb.no/portalfront/dnb/images/gfx/ 670 B
1 KB 25ms
25ms Image
image/gif 104.71.152.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnb.no/portalfront/dnb/images/gfx/bgGradientGray.gif

Requested by

Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/files/cssLibrary_2016q1.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.71.152.141 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-152-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

627e2b52143bdb9eed6456b6dbd7fd3487c0e0e4a5e0489efdd52f7f8c350290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
x-content-type-options: nosniff
Last-Modified: Tue, 18 Oct 2011 11:48:11 GMT
x-frame-options: SAMEORIGIN
ETag: "29e-4af914c3c94c0"
Strict-Transport-Security: max-age=31536000
p3p: CP="NON CUR OTPi OUR NOR UNI"
Cache-Control: max-age=2568
Feature-Policy: geolocation 'self'; camera 'none'; microphone 'none'
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 670
x-xss-protection: 1; mode=block
Expires: Fri, 21 Jan 2022 12:48:59 GMT

GET
H/1.1 404
Not Found xxl.gif
removepaym-attempt.com/portalfront/dnb/images/icons/ 315 B
315 B 228ms
228ms Image
text/html 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://removepaym-attempt.com/portalfront/dnb/images/icons/xxl.gif?i=Login%2Cctx%2Cjava%2Clogin%2CloginForm%2CloginFormSubmit%2CloginHelpSoftPopUp%2Cq%2CsearchTerm%2Cusername&d=0~it~q~searchTerm~v_262_32_680_92~!1~is~~~v_43_32_941_92~!4~it~username~*~v_181_32_1004_92~!5~is~loginFormSubmit~Login~v_85_32_1184_92~&w=undefined&x=Phj_AdrSQ1OdFtivgjq1Yg
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found webtrends.gif
removepaym-attempt.com/portalfront/dnb/images/icons/ 315 B
315 B 226ms
226ms Image
text/html 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://removepaym-attempt.com/portalfront/dnb/images/icons/webtrends.gif?v=TG9nb3V0dXRpbA%3D%3D%2CY2hlY2tUYWJJbmRleA%3D%3D%2CY3JlYXRlRmluYWxDdXJyZW5jeUxpc3Q%3D%2CY3JlYXRlSlNPTg%3D%3D%2CY3JlYXRlSlNPTmZvclRyYW5zZmVy%2CYWNjZXNzaWJpbGl0eUxhbmd1YWdlUGlja2Vy%2CYWRkTGFuZ3VhZ2VQaWNrZXJSb2xlcw%3D%3D%2CZG5iY3NhQmQ%3D%2CZG5iY3NhaUJk%2CZG5iY3NhanNTSEE%3D%2CZG5iY3Nhb1RQ%2CZG5iY3Nhb1dB%2CZG5iY3Nhc1dP%2CZG5iY3Nhc2Vzc2lvbnNldA%3D%3D%2CZG5iY3Nhd0k%3D%2Cb3BlblBhZ2VNZW51QWNjZXNzaWJsZQ%3D%3D%2Cb3BlblBhZ2VzQWNjZXNzaWJsZQ%3D%3D%2CbG9nZ2VkSW5JbmZvQnV0dG9u%2CbGFuZ3VhZ2VQaWNrZXJPcGVu%2CbWVyZ2VKU09O&w=undefined&s=&x=YS-qdAdBYreXCgR7-aus_g
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found list-files.php Show response
removepaym-attempt.com/portalfront/portal/list/ 315 B
515 B 417ms
226ms XHR
text/html 34.159.64.91
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: http://removepaym-attempt.com/portalfront/portal/list/list-files.php?paths=%2Fportalfront%2Fnedlast%2Fno%2Fmarkets%2Fanalyser-rapporter%2Fnorske%2Fmakromorgen%2F%7Cusename%3DDaily%20macro%20brief%7Ccount%3D1%2C%2Fportalfront%2Fnedlast%2Fno%2Fmarkets%2Fanalyser-rapporter%2Fengelske%2Fenergy-daily%2F%7Cusename%3DEnergy%20Daily%7Ccount%3D1
Requested by: Host: removepaym-attempt.com
URL: http://removepaym-attempt.com/js/jquery.js
Protocol: HTTP/1.1
Server: 34.159.64.91 Frankfurt am Main, Germany, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 91.64.159.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://removepaym-attempt.com/
X-Requested-With: XMLHttpRequest
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:06:11 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET WF-021636-006889-000449.ttf
www.dnb.no/portalfront/dnb/styles/fonts/ 0
0

GET
H2 200 RCc781c6ee625c484caeb2188404f38b07-source.min.js Show response
assets.adobedtm.com/372a0e79ce5a/08ae0ce880bf/3efc7793a530/ 955 B
806 B 2ms
2ms Script
application/x-javascript 2600:140b:2:980::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/372a0e79ce5a/08ae0ce880bf/3efc7793a530/RCc781c6ee625c484caeb2188404f38b07-source.min.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENabbbd2c3cb0e4f5f8591b5bbac1280ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:2:980::1e80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d4ce7709d8c698d689a9e5babeac3df81aaf96e8e38ee582e343a82277f10419

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 12:06:11 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 12:00:53 GMT
server: AkamaiNetStorage
etag: "a4a2cbf4434aa09796ed1101a355a5d1:1642680053.223292"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://removepaym-attempt.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 537
expires: Fri, 21 Jan 2022 13:06:11 GMT

GET
H2 200 RCce02186eda414acda9bd4bb5851e3147-source.min.js Show response
assets.adobedtm.com/372a0e79ce5a/08ae0ce880bf/3efc7793a530/ 413 B
536 B 2ms
2ms Script
application/x-javascript 2600:140b:2:980::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/372a0e79ce5a/08ae0ce880bf/3efc7793a530/RCce02186eda414acda9bd4bb5851e3147-source.min.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENabbbd2c3cb0e4f5f8591b5bbac1280ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:2:980::1e80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8778372ae7226cf394d4c2bb2fe2e4c63eec8a9429baa9f3db87760e62a25273

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://removepaym-attempt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 12:06:12 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 12:00:53 GMT
server: AkamaiNetStorage
etag: "a4a2cbf4434aa09796ed1101a355a5d1:1642680053.223292"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://removepaym-attempt.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 267
expires: Fri, 21 Jan 2022 13:06:12 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.dnb.no
URL: https://www.dnb.no/portalfront/dnb/styles/fonts/WF-021636-006889-000449.woff

Domain: dnb.celebrus.tech-03.net
URL: http://dnb.celebrus.tech-03.net/4275/handler9/session.json

Domain: dnb.celebrus.tech-03.net
URL: http://dnb.celebrus.tech-03.net/JavascriptInsert.js

Domain: www.dnb.no
URL: https://www.dnb.no/portalfront/dnb/styles/fonts/WF-021636-006889-000449.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DNB (Banking)

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			removepaym-attempt.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 11457411b3af6dcde46fca30a0b751e7
			.removepaym-attempt.com/	1969-12-31 23:59:59	Name: usy46gabsosd Value: dnbcsa_16427667711950.9aea07b42fbbefa0fb735d2bb15b9253_4275

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://removepaym-attempt.com/ Message: Access to font at 'https://www.dnb.no/portalfront/dnb/styles/fonts/WF-021636-006889-000449.woff' from origin 'http://removepaym-attempt.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.dnb.no/portalfront/dnb/styles/fonts/WF-021636-006889-000449.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://removepaym-attempt.com/ Message: Access to font at 'https://www.dnb.no/portalfront/dnb/styles/fonts/WF-021636-006889-000449.ttf' from origin 'http://removepaym-attempt.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.dnb.no/portalfront/dnb/styles/fonts/WF-021636-006889-000449.ttf Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://removepaym-attempt.com/portalfront/portal/list/list-files.php?paths=%2Fportalfront%2Fnedlast%2Fno%2Fmarkets%2Fanalyser-rapporter%2Fnorske%2Fmakromorgen%2F%7Cusename%3DDaily%20macro%20brief%7Ccount%3D1%2C%2Fportalfront%2Fnedlast%2Fno%2Fmarkets%2Fanalyser-rapporter%2Fengelske%2Fenergy-daily%2F%7Cusename%3DEnergy%20Daily%7Ccount%3D1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://removepaym-attempt.com/portalfront/dnb/images/icons/itemPdf.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://removepaym-attempt.com/portalfront/dnb/images/icons/webtrends.gif?v=TG9nb3V0dXRpbA%3D%3D%2CY2hlY2tUYWJJbmRleA%3D%3D%2CY3JlYXRlRmluYWxDdXJyZW5jeUxpc3Q%3D%2CY3JlYXRlSlNPTg%3D%3D%2CY3JlYXRlSlNPTmZvclRyYW5zZmVy%2CYWNjZXNzaWJpbGl0eUxhbmd1YWdlUGlja2Vy%2CYWRkTGFuZ3VhZ2VQaWNrZXJSb2xlcw%3D%3D%2CZG5iY3NhQmQ%3D%2CZG5iY3NhaUJk%2CZG5iY3NhanNTSEE%3D%2CZG5iY3Nhb1RQ%2CZG5iY3Nhb1dB%2CZG5iY3Nhc1dP%2CZG5iY3Nhc2Vzc2lvbnNldA%3D%3D%2CZG5iY3Nhd0k%3D%2Cb3BlblBhZ2VNZW51QWNjZXNzaWJsZQ%3D%3D%2Cb3BlblBhZ2VzQWNjZXNzaWJsZQ%3D%3D%2CbG9nZ2VkSW5JbmZvQnV0dG9u%2CbGFuZ3VhZ2VQaWNrZXJPcGVu%2CbWVyZ2VKU09O&w=undefined&s=&x=YS-qdAdBYreXCgR7-aus_g Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://removepaym-attempt.com/portalfront/dnb/images/icons/xxl.gif?i=Login%2Cctx%2Cjava%2Clogin%2CloginForm%2CloginFormSubmit%2CloginHelpSoftPopUp%2Cq%2CsearchTerm%2Cusername&d=0~it~q~searchTerm~v_262_32_680_92~!1~is~~~v_43_32_941_92~!4~it~username~~v_181_32_1004_92~!5~is~loginFormSubmit~Login~v_85_32_1184_92~&w=undefined&x=Phj_AdrSQ1OdFtivgjq1Yg Message*: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
dnb.celebrus.tech-03.net
removepaym-attempt.com
www.dnb.no
dnb.celebrus.tech-03.net
www.dnb.no
104.71.152.141
2600:140b:2:980::1e80
34.159.64.91
54.194.29.226
0195e043913fe41a704dbd61544cc12b56185e2c445b0990a77729eddf32a2c4
0aa3be1af2df87858bcff3b7a752697e9d851225102b602d31f460c4f18c8ba7
0d8aca5b83e67f7f4a39543d9c13eaccbda823987aa9888178b11a6641ede073
0e677374769b1cc17bc36049a6dbb0a3e4b89c9a4adc741d8c6002611db4e717
12e0ebd15c45f8b8bdb3a63e981a800250498a77dde7cfb18fcb6a0dad60e434
153843d4ad96081f965229de8273f83671ac8c73cf1768c0eee828762812aa7f
1d6f5800b610575066f6225b189b92ad956110f8edbce5537838aa5540616397
25b32fe3a107598daa62ba7e8b4817420e93c82e4b84af80415dfe6e960f6fb3
27b87e8cfaa9af708f418c88682c4d36699d07bd66d749b015d5b8a3e29bc152
28bd90fc26e3a271649730e9491933872f62444fc443f910c2c070f327c99a1f
37435b23119687c4009e8b95e6510205ab2e70fda0fa06f0fbbe2c6ca5656ea8
39135552ef1d9a77c9ec2e5e1c9cea8798a1ed623199d1a4b38adfc1ee5f386d
3a7ba1dbe3871338763ecb6a84684ffb751257dee7ebfc23da76eb5ee99500c7
3af1f4f32b6d55e78e5ad67782a40d345fa02719181e2ab67d58fcf35832840c
41062aa48694305095d40ab97cf943d7007ebb59bfb070c5fbc3a34cc784cf83
4de0733aaf35c2ce107a0df7fcfb1107d8162036374460a12734f53f7301e9cf
531f780b6c63077b7e68470756e816f9b40cd8923d996ea69ccd89f5f32e3b64
5da5b3da4935bee9d5483f3c15903ba9f1506abd14bec24c9b335ee71ef1b880
604f9c1387935cf1cc5d40a115920d2bf160bbc734f98a0762016b8eb8dbfbc5
627e2b52143bdb9eed6456b6dbd7fd3487c0e0e4a5e0489efdd52f7f8c350290
650afb64e4c4b7f856e7ec3b467b59e17599cb51c8718d39f6d9aff805ea5612
6ae2c6ce464e04ce63d659bd4b1bcaf2fb8776cf3302dc082c6c4e4dbd7a94bf
6b9f06b31ae5150a8d87e8ba0e4245e94c58e715c54ebb1c14232be0cf0ea63d
6f348ace79904223e1633b01f630bcfa9ba42159f4a3e6b1526dfd35b7bcca6d
7cc1c0617caf427414c0f3ec68b60f0d6e8c7ca311f05b958ed95a5d6098cef9
8778372ae7226cf394d4c2bb2fe2e4c63eec8a9429baa9f3db87760e62a25273
8cb30741d27113d839b7f963e1db710efceadc685a11600650a928449b8b9517
8d21416f88cb2867017c10cbed999f328822fae1cc9163f39fc2178676438ebe
917ae2f34852dfb44057572cf32cf18941846a45d335fc58f570031b51b076ed
98bcd7624d31f453bb4567c6b70087a22ec069a7152066e0185caf861cc77003
9d41f3249ac82328b747943368c2d42da383c71d80c1b2ac446d69e42cdb444f
a690c816e27b45afe1332b4f10857f0a16e7254070e45648b2e9de9ae1893f75
a8045d0bdf69aabb0bcf96ef23324af6e4f016ac629163aac1032885446863ea
ad79d91cd54b9c8035e946c2299293488740594edb050fe05d5823c195cd4eed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4749566fd2d0bccc3302d617a2266dbada007e373cb2a4e922fd90726d2ed60
b504b55f62b6fa0df81f0b4367825f50b6ba8ae71f1c55da4db80c190b2c83bc
b84225025a69138fa9460496c0b71fdfe91a179f6a27c96a9543d89a40da1507
b8e60155fe883cbf294bf05679e044ab144afa2769fe03ed7a6536577ca20c93
b91d8efa2119becb6c7c8d0b15ae098b2d48cf298d6c7410978990cb8c852616
bd1a344ddb0761cde00039eb4dd5a03236d3630fe7a99a326aa3a25992350683
be9e774d1f90d007be3106695fcd39cdbfd2f6b0fac62de68c086090be9f2bb1
c16c4c6e8e85fe88dd24c54a3a37de942b456e0a608af95deb7b6c98be1fe72c
d1f832b962cda0ff643dc6cbaed554f7eb70bb116e9919239d756f39124b84b1
d4ce7709d8c698d689a9e5babeac3df81aaf96e8e38ee582e343a82277f10419
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dd6223a582ba920f1b9d29dae68a94acfaae105d59b7272d79c7513dc69ff5dd
df95a03ea597fca7cb16e905d00a7499214a24f8fe3d7bf930e32126ba840e98
e35221772aff45c1aae5531a23e1d750760223d4ad5aeef750039d6846e847a8
e98290eed858d1f7d602674964dad409343a76a3c1f9fea7265c6bfc2e8e1aaf
ea2d8e11d564e03b3e1d0d115e16a261659e9813f00a6c64dbd3fb7826c1f451
ee833be386a879b4f7050e785c46a224a0698872ea7ec80573a2c6d38be7cf36
facd3129418d2658b40b586eb0a163201488e5be88900842ed61f896bffb3238
facd785a8ec74e7f08323ad375877d814663bce19d2e340a90387f6e9741e006
fbd1d7b048e6b475c1d72fa4874677aaac594b6f0c8637fb591c5c9bee7d16a1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

removepaym-attempt.com Open in urlscan Pro 34.159.64.91 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

35 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

5 IPs

3 Countries

2278 kBTransfer

2560 kBSize

2 Cookies

17 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

removepaym-attempt.com Open in urlscan Pro
34.159.64.91 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

35 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

2278 kB
Transfer

2560 kB
Size

2
Cookies

63 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!