| api.ipify.org/ |  104.26.13.205 | 200 OK | 12 B |
IP104.26.13.205:443
Requested byhttps://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php CertificateIssuerGoogle Trust Services LLC Subjectipify.org FingerprintC8:1A:05:47:C5:73:C6:CE:DF:1D:A6:DE:00:11:A9:9A:8C:DB:EF:A7 ValidityThu, 21 Mar 2024 19:56:02 GMT - Wed, 19 Jun 2024 19:56:01 GMT
File typeASCII text, with no line terminators Hash35b0bce9d250429df012c0426f88d0bd f81d80af9cbeb0011316fbba3da8002b32251f7a da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d
GET / HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nordea-no.xyz/
Origin: https://nordea-no.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 14:48:28 GMT
content-type: text/plain
content-length: 12
access-control-allow-origin: *
vary: Origin
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8796e4f86d74b512-OSL
X-Firefox-Spdy: h2
|
|
| nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/svg/cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg |  188.114.97.1 | 403 Forbidden | 4.7 kB |
URL GET HTTP/3nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/svg/cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg IP188.114.97.1:443
Requested byhttps://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php CertificateIssuerGoogle Trust Services LLC Subjectnordea-no.xyz FingerprintC9:20:61:81:45:48:07:79:20:13:3D:94:BC:C9:32:A6:78:D2:F2:A6 ValidityMon, 15 Apr 2024 09:23:56 GMT - Sun, 14 Jul 2024 09:23:55 GMT
File typeHTML document, ASCII text Hashfa172c77abd7b03605d83cd1ae373657 9785fb3254695c25c621eb4cd81cf7a2a3c8258f b0c7e6712ecbf97a1e3a14f19e3aed5dbd6553f21a2852565bfc5518925713db
GET /auth/c6435e8874502655b5b9f61408ca78a8/res/svg/cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg HTTP/1.1
Host: nordea-no.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Wed, 24 Apr 2024 14:48:28 GMT
content-type: text/html; charset=iso-8859-1
edge-cache-engine: varnish
edge-request-id: ef8feaec960d0c8b6caff65ffeae83ac
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IS2yQ1Cd1Epb5ZYmSwlRJuliHv%2FHRyK18SzEm5adcgEQa7j7ljDd6T5qexS9OzyIKssGR4b%2Fauoq%2FwzWCt%2BlS1QTyZTD%2FSLc8B94xb8sQU5pJ4pGn%2BprP7Wp86s5qdO1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796e4f75969569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/svg/no-connection-83f79e2367a313b468986e12a237c346.svg | 188.114.97.1 | 403 Forbidden | 318 B |
URL GET HTTP/3nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/svg/no-connection-83f79e2367a313b468986e12a237c346.svg IP188.114.97.1:443
Requested byhttps://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php CertificateIssuerGoogle Trust Services LLC Subjectnordea-no.xyz FingerprintC9:20:61:81:45:48:07:79:20:13:3D:94:BC:C9:32:A6:78:D2:F2:A6 ValidityMon, 15 Apr 2024 09:23:56 GMT - Sun, 14 Jul 2024 09:23:55 GMT
File typeHTML document, ASCII text, with very long lines (329), with no line terminators Hasha76e0e5ab2f70dec98377f906933120d e8c746560f35a864b6eb16568c58c12127bb564d 72a08d90f531230bbdb3e582280b10246ab1f74c2afc3848a7645628c1365ed0
GET /auth/c6435e8874502655b5b9f61408ca78a8/res/svg/no-connection-83f79e2367a313b468986e12a237c346.svg HTTP/1.1
Host: nordea-no.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Wed, 24 Apr 2024 14:48:28 GMT
content-type: text/html; charset=iso-8859-1
edge-cache-engine: varnish
edge-request-id: 308aa65df2a05bbb283a8509f2c888f9
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ZxqViChuucjveQ8yYADMaTrMYF7HPvNmBot27UtTaEzidGXwFfjycajvErMfUD5hEaQWA0PRkNz6%2FVEsLzGKH28%2F6bpU%2BLToESO%2BFA04xHFMowBRnk49MR618yzJw1H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796e4f7596c569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/svg/empty-3857ebe69f653487f8c9d99adde4657f.svg | 188.114.97.1 | 403 Forbidden | 318 B |
URL GET HTTP/3nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/svg/empty-3857ebe69f653487f8c9d99adde4657f.svg IP188.114.97.1:443
Requested byhttps://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php CertificateIssuerGoogle Trust Services LLC Subjectnordea-no.xyz FingerprintC9:20:61:81:45:48:07:79:20:13:3D:94:BC:C9:32:A6:78:D2:F2:A6 ValidityMon, 15 Apr 2024 09:23:56 GMT - Sun, 14 Jul 2024 09:23:55 GMT
File typeHTML document, ASCII text, with very long lines (329), with no line terminators Hasha76e0e5ab2f70dec98377f906933120d e8c746560f35a864b6eb16568c58c12127bb564d 72a08d90f531230bbdb3e582280b10246ab1f74c2afc3848a7645628c1365ed0
GET /auth/c6435e8874502655b5b9f61408ca78a8/res/svg/empty-3857ebe69f653487f8c9d99adde4657f.svg HTTP/1.1
Host: nordea-no.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Wed, 24 Apr 2024 14:48:28 GMT
content-type: text/html; charset=iso-8859-1
edge-cache-engine: varnish
edge-request-id: a2b7c679c899bce50abb624b69aba4a8
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vuQzehoLodjrJccI5gNcPqdnN4zJbjpuxsJHzhi7vu7vYot%2BT1iC9Vr%2F%2FAyGIZyalIMIy4F%2Fv07THKL1lzUuf5LPzFU%2ByfrWdvD2%2BEnTZL3WQGPkPBjNoV0wCLjRz%2Bos"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796e4f7596e569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/favicon.ico | 188.114.97.1 | 403 Forbidden | 318 B |
URL GET HTTP/3nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/favicon.ico IP188.114.97.1:443
Requested byhttps://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php CertificateIssuerGoogle Trust Services LLC Subjectnordea-no.xyz FingerprintC9:20:61:81:45:48:07:79:20:13:3D:94:BC:C9:32:A6:78:D2:F2:A6 ValidityMon, 15 Apr 2024 09:23:56 GMT - Sun, 14 Jul 2024 09:23:55 GMT
File typeHTML document, ASCII text, with very long lines (329), with no line terminators Hasha76e0e5ab2f70dec98377f906933120d e8c746560f35a864b6eb16568c58c12127bb564d 72a08d90f531230bbdb3e582280b10246ab1f74c2afc3848a7645628c1365ed0
GET /auth/c6435e8874502655b5b9f61408ca78a8/res/favicon.ico HTTP/1.1
Host: nordea-no.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Wed, 24 Apr 2024 14:48:28 GMT
content-type: text/html; charset=iso-8859-1
edge-cache-engine: varnish
edge-request-id: 2aa0fc0a4c40862f45b624083203b3f1
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B8edg0xEaP7qj3xNwhDKZvWZfFwgWaQ4QXCLbbivdAjZFicb7TueRn07vvKqKk%2FI56pr65mErZxdBCKDrMlpW9zdG64jYY0qMdWaqsH2ewNZ%2FZRpXiOy2s%2BsaR3AQ2i0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796e4f8cac8569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/svg/bankidnomobile-8bd2f3c1665c6c00eff2af6bd153e9f6.svg | 188.114.97.1 | 403 Forbidden | 318 B |
URL GET HTTP/3nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/svg/bankidnomobile-8bd2f3c1665c6c00eff2af6bd153e9f6.svg IP188.114.97.1:443
Requested byhttps://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php CertificateIssuerGoogle Trust Services LLC Subjectnordea-no.xyz FingerprintC9:20:61:81:45:48:07:79:20:13:3D:94:BC:C9:32:A6:78:D2:F2:A6 ValidityMon, 15 Apr 2024 09:23:56 GMT - Sun, 14 Jul 2024 09:23:55 GMT
File typeHTML document, ASCII text, with very long lines (329), with no line terminators Hasha76e0e5ab2f70dec98377f906933120d e8c746560f35a864b6eb16568c58c12127bb564d 72a08d90f531230bbdb3e582280b10246ab1f74c2afc3848a7645628c1365ed0
GET /auth/c6435e8874502655b5b9f61408ca78a8/res/svg/bankidnomobile-8bd2f3c1665c6c00eff2af6bd153e9f6.svg HTTP/1.1
Host: nordea-no.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Wed, 24 Apr 2024 14:48:28 GMT
content-type: text/html; charset=iso-8859-1
edge-cache-engine: varnish
edge-request-id: b8363e5e6442b5f5e5cafeaafe3cd7f9
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2Bu%2BUOG2qwx3bPgA8m0qu3tTEryclCu1lTl8izWy3KsreLAKdyBhpeEX80bjRMBcBYwbmgY5DZHEsN%2B0bb9O1HQLditg1Gf5%2BTvnWVEgX%2FHm7qsCJiTkr%2B7prU%2FnKvKN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796e4f75963569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/styles.css | 188.114.97.1 | 403 Forbidden | 318 B |
URL GET HTTP/3nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/styles.css IP188.114.97.1:443
Requested byhttps://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php CertificateIssuerGoogle Trust Services LLC Subjectnordea-no.xyz FingerprintC9:20:61:81:45:48:07:79:20:13:3D:94:BC:C9:32:A6:78:D2:F2:A6 ValidityMon, 15 Apr 2024 09:23:56 GMT - Sun, 14 Jul 2024 09:23:55 GMT
File typeHTML document, ASCII text, with very long lines (329), with no line terminators Hasha76e0e5ab2f70dec98377f906933120d e8c746560f35a864b6eb16568c58c12127bb564d 72a08d90f531230bbdb3e582280b10246ab1f74c2afc3848a7645628c1365ed0
GET /auth/c6435e8874502655b5b9f61408ca78a8/res/styles.css HTTP/1.1
Host: nordea-no.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Wed, 24 Apr 2024 14:48:28 GMT
content-type: text/html; charset=iso-8859-1
edge-cache-engine: varnish
edge-request-id: 626a255316e2ea9798b300c1af929c77
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aiD78o20Lg9GgJLSKR%2F1dQdMtFiVt%2FUXihFX118YgV1dHsRJMb1VFbgrXvQ4kewBJXOz6nOe%2FsISU4ws8rggSSulr4R1saUO6g0gLiMFC3vMLqkotp0AP67EDbAHraxl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796e4f7495f569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/svg/bankidno-4ea331ae4c5bc3a12e6cf8340862d4c0.svg | 188.114.97.1 | 403 Forbidden | 318 B |
URL GET HTTP/3nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/svg/bankidno-4ea331ae4c5bc3a12e6cf8340862d4c0.svg IP188.114.97.1:443
Requested byhttps://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php CertificateIssuerGoogle Trust Services LLC Subjectnordea-no.xyz FingerprintC9:20:61:81:45:48:07:79:20:13:3D:94:BC:C9:32:A6:78:D2:F2:A6 ValidityMon, 15 Apr 2024 09:23:56 GMT - Sun, 14 Jul 2024 09:23:55 GMT
File typeHTML document, ASCII text, with very long lines (329), with no line terminators Hasha76e0e5ab2f70dec98377f906933120d e8c746560f35a864b6eb16568c58c12127bb564d 72a08d90f531230bbdb3e582280b10246ab1f74c2afc3848a7645628c1365ed0
GET /auth/c6435e8874502655b5b9f61408ca78a8/res/svg/bankidno-4ea331ae4c5bc3a12e6cf8340862d4c0.svg HTTP/1.1
Host: nordea-no.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Wed, 24 Apr 2024 14:48:28 GMT
content-type: text/html; charset=iso-8859-1
edge-cache-engine: varnish
edge-request-id: 15c944b6688d25ccb9900f3db4804dec
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ykoeoreazFykS7Z9N96R%2FzMfASp8%2F6%2FQkHW2rZO9zRoweF7GHEmXrD6Rc8PE6djx2SACWMaT7thXC5CoFzChIkg2KABP0cChPvMKyl9h0D6yqYzZ3R5JanL1WiLpTUUl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796e4f75961569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/svg/something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg | 188.114.97.1 | 403 Forbidden | 318 B |
URL GET HTTP/3nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/svg/something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg IP188.114.97.1:443
Requested byhttps://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php CertificateIssuerGoogle Trust Services LLC Subjectnordea-no.xyz FingerprintC9:20:61:81:45:48:07:79:20:13:3D:94:BC:C9:32:A6:78:D2:F2:A6 ValidityMon, 15 Apr 2024 09:23:56 GMT - Sun, 14 Jul 2024 09:23:55 GMT
File typeHTML document, ASCII text, with very long lines (329), with no line terminators Hasha76e0e5ab2f70dec98377f906933120d e8c746560f35a864b6eb16568c58c12127bb564d 72a08d90f531230bbdb3e582280b10246ab1f74c2afc3848a7645628c1365ed0
GET /auth/c6435e8874502655b5b9f61408ca78a8/res/svg/something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg HTTP/1.1
Host: nordea-no.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Wed, 24 Apr 2024 14:48:28 GMT
content-type: text/html; charset=iso-8859-1
edge-cache-engine: varnish
edge-request-id: dc2330cfdda474faf4cf1b503cae7f1d
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jD0UUyd%2BcqAeYrhxxwRXA%2F8QlHeJ%2Fl2NeUdeUfZYWg6McumGUAWXmSN06OMIzZRy2wBX6dzqWF4a3Z1E2jP%2BAbiZO505JFzW24Sm7FTBzB2CNxAHa%2BZdNH%2FPClaw%2FkGM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796e4f75966569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/svg/technical-error-91ca9eec9eed6ed945355d650bb10d41.svg | 188.114.97.1 | 403 Forbidden | 318 B |
URL GET HTTP/3nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/svg/technical-error-91ca9eec9eed6ed945355d650bb10d41.svg IP188.114.97.1:443
Requested byhttps://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php CertificateIssuerGoogle Trust Services LLC Subjectnordea-no.xyz FingerprintC9:20:61:81:45:48:07:79:20:13:3D:94:BC:C9:32:A6:78:D2:F2:A6 ValidityMon, 15 Apr 2024 09:23:56 GMT - Sun, 14 Jul 2024 09:23:55 GMT
File typeHTML document, ASCII text, with very long lines (329), with no line terminators Hasha76e0e5ab2f70dec98377f906933120d e8c746560f35a864b6eb16568c58c12127bb564d 72a08d90f531230bbdb3e582280b10246ab1f74c2afc3848a7645628c1365ed0
GET /auth/c6435e8874502655b5b9f61408ca78a8/res/svg/technical-error-91ca9eec9eed6ed945355d650bb10d41.svg HTTP/1.1
Host: nordea-no.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Wed, 24 Apr 2024 14:48:28 GMT
content-type: text/html; charset=iso-8859-1
edge-cache-engine: varnish
edge-request-id: 1dd5e55c851117062afeb1c02b2bdc72
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uz4NZBkS9Uu%2FNQfI9isT%2FEaykbrvlTY5eJsUg8w0fdqPCJZjcfOZTQampSCoFfLW%2B6uMCVXwe74rGsmhZ2%2BwMQkw6K5W%2FlaqUA4q%2FbOaKrm3UFty4atQvoLDjW%2FR6W5Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796e4f7596f569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/jquery.min.js | 188.114.97.1 | 200 OK | 90 kB |
URL GET HTTP/3nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/jquery.min.js IP188.114.97.1:443
Requested byhttps://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php CertificateIssuerGoogle Trust Services LLC Subjectnordea-no.xyz FingerprintC9:20:61:81:45:48:07:79:20:13:3D:94:BC:C9:32:A6:78:D2:F2:A6 ValidityMon, 15 Apr 2024 09:23:56 GMT - Sun, 14 Jul 2024 09:23:55 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /auth/c6435e8874502655b5b9f61408ca78a8/res/jquery.min.js HTTP/1.1
Host: nordea-no.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 14:48:28 GMT
content-type: application/javascript
edge-cache-engine: varnish
edge-request-id: 08d219c34916da6289443b531f91b641
last-modified: Wed, 24 Apr 2024 12:25:22 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 1241
x-request-id: 08d219c34916da6289443b531f91b641
edge-cache-engine-hit: MISS
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Enymwgo7ZQ7JrbmRjSMlgvzvj2VWppgmdLEGQvi%2BYjYhzHsqKwBf0lQu1DNg20%2BzTxtZXzs7QpE7ULf8WYo02nj7f2Ozf2iMSECd%2B3cwiSqx2Qg3l6%2FOeCQDUTYUX8ca"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796e4f75971569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php | 188.114.97.1 | 200 OK | 30 kB |
URL User Request GET HTTP/2nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/login.php IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectnordea-no.xyz FingerprintC9:20:61:81:45:48:07:79:20:13:3D:94:BC:C9:32:A6:78:D2:F2:A6 ValidityMon, 15 Apr 2024 09:23:56 GMT - Sun, 14 Jul 2024 09:23:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | suspicious | Suspicious - Suspicious Javascript code | | urlquery | suspicious | Suspicious - Anti-debugging code |
GET /auth/c6435e8874502655b5b9f61408ca78a8/login.php HTTP/1.1
Host: nordea-no.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 14:48:27 GMT
content-type: text/html; charset=UTF-8
edge-cache-engine: varnish
edge-request-id: 8a7deaa304457e89b50c714d2572ce51
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 19
x-request-id: 8a7deaa304457e89b50c714d2572ce51
edge-cache-engine-hit: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A7%2F8wMt789rEF%2Bspywa0fLuzSTtTshvPwIzBoIJAP4uQWN8F2i7yQqGCFL7ng5OfI0dhWFOeexMGobIEx1fsyDJXXcS2r%2B%2BdWooSL7gmYabUxZ%2B6gEqdjNfiCALyHWYD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796e4f54db35685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|