| nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/script.js | 188.114.97.1 | 403 Forbidden | 6.9 kB |
URL GET HTTP/3nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/script.js IP188.114.97.1:443
Requested byhttps://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/otp.php CertificateIssuerGoogle Trust Services LLC Subjectnordea-no.xyz FingerprintC9:20:61:81:45:48:07:79:20:13:3D:94:BC:C9:32:A6:78:D2:F2:A6 ValidityMon, 15 Apr 2024 09:23:56 GMT - Sun, 14 Jul 2024 09:23:55 GMT
File typeHTML document, ASCII text Hashfa172c77abd7b03605d83cd1ae373657 9785fb3254695c25c621eb4cd81cf7a2a3c8258f b0c7e6712ecbf97a1e3a14f19e3aed5dbd6553f21a2852565bfc5518925713db
GET /auth/c6435e8874502655b5b9f61408ca78a8/script.js HTTP/1.1
Host: nordea-no.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/otp.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Wed, 24 Apr 2024 14:51:42 GMT
content-type: text/html; charset=iso-8859-1
edge-cache-engine: varnish
edge-request-id: a7adeaf48f7cf73bb5608f35f3d77368
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nkLXj9a23L8%2BOKM%2Fis8yEyFg2URHF%2BQquST%2B6hbKYuVliAyUjwSLu4w8Qa8K8idIwfP0QkKV7WYezH2bZl7adOB2HjsdCPndthFical3sLZX2h2s%2Fx2iOx8YEqjGWtsu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796e9b958b85688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/bid_202310261103.css | 188.114.97.1 | 403 Forbidden | 318 B |
URL GET HTTP/3nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/bid_202310261103.css IP188.114.97.1:443
Requested byhttps://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/otp.php CertificateIssuerGoogle Trust Services LLC Subjectnordea-no.xyz FingerprintC9:20:61:81:45:48:07:79:20:13:3D:94:BC:C9:32:A6:78:D2:F2:A6 ValidityMon, 15 Apr 2024 09:23:56 GMT - Sun, 14 Jul 2024 09:23:55 GMT
File typeHTML document, ASCII text, with very long lines (329), with no line terminators Hasha76e0e5ab2f70dec98377f906933120d e8c746560f35a864b6eb16568c58c12127bb564d 72a08d90f531230bbdb3e582280b10246ab1f74c2afc3848a7645628c1365ed0
GET /auth/c6435e8874502655b5b9f61408ca78a8/res/bid_202310261103.css HTTP/1.1
Host: nordea-no.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/otp.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Wed, 24 Apr 2024 14:51:42 GMT
content-type: text/html; charset=iso-8859-1
edge-cache-engine: varnish
edge-request-id: 2c4268c217de516f85f080e5c6891e7d
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RHbbN%2BOGou8HSYKIOOh9e6OV17o0a9pFDZE0Sxq%2F92xiyBtl%2BTzNCIMBa35Z4JRSKDtwIpp695SN6l79CfIeFJLXgpqntiV%2B3XLBO83%2FYpdNdJWXAWF0V531CGnfskkM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796e9b81f755688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/jquery.min.js | 188.114.97.1 | 200 OK | 90 kB |
URL GET HTTP/3nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/jquery.min.js IP188.114.97.1:443
Requested byhttps://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/otp.php CertificateIssuerGoogle Trust Services LLC Subjectnordea-no.xyz FingerprintC9:20:61:81:45:48:07:79:20:13:3D:94:BC:C9:32:A6:78:D2:F2:A6 ValidityMon, 15 Apr 2024 09:23:56 GMT - Sun, 14 Jul 2024 09:23:55 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /auth/c6435e8874502655b5b9f61408ca78a8/res/jquery.min.js HTTP/1.1
Host: nordea-no.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/otp.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 14:51:42 GMT
content-type: application/javascript
edge-cache-engine: varnish
edge-request-id: 08d219c34916da6289443b531f91b641
last-modified: Wed, 24 Apr 2024 12:25:22 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 1435
x-request-id: 08d219c34916da6289443b531f91b641
edge-cache-engine-hit: MISS
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LSB0wuPylO%2Bysx1IJwMxukyu7wevwoN1MYFkQXO4ykL13dtmOB4x9J8ykRz5tefdwQ4YrgD1qQhAFU2enRS%2FvMMcnZ2zl89Kro76%2FwGDiC7v%2BDNcTTlUqDYIMPaK%2Bvd%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796e9b83f9d5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/jquery.min.js | 188.114.97.1 | 200 OK | 90 kB |
URL GET HTTP/3nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/jquery.min.js IP188.114.97.1:443
Requested byhttps://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/otp.php CertificateIssuerGoogle Trust Services LLC Subjectnordea-no.xyz FingerprintC9:20:61:81:45:48:07:79:20:13:3D:94:BC:C9:32:A6:78:D2:F2:A6 ValidityMon, 15 Apr 2024 09:23:56 GMT - Sun, 14 Jul 2024 09:23:55 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /auth/c6435e8874502655b5b9f61408ca78a8/res/jquery.min.js HTTP/1.1
Host: nordea-no.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/otp.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 14:51:42 GMT
content-type: application/javascript
edge-cache-engine: varnish
edge-request-id: 08d219c34916da6289443b531f91b641
last-modified: Wed, 24 Apr 2024 12:25:22 GMT
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 1435
x-request-id: 08d219c34916da6289443b531f91b641
edge-cache-engine-hit: MISS
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r7docxRm%2FmNht0zAQtY9ZhQ8CVpegLVSiZqFGuKSCN3%2BmPJe0qz953ySobAcYTBTY1AefekAO5yf9nEQQiX6n%2BdXNC2SscqhsqfT2e7O9ROt5axqm5%2BALk6kzP9f7j%2BI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796e9b9186d5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/otp.php | 188.114.97.1 | 200 OK | 88 kB |
URL User Request GET HTTP/2nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/otp.php IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectnordea-no.xyz FingerprintC9:20:61:81:45:48:07:79:20:13:3D:94:BC:C9:32:A6:78:D2:F2:A6 ValidityMon, 15 Apr 2024 09:23:56 GMT - Sun, 14 Jul 2024 09:23:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Anti-debugging code |
GET /auth/c6435e8874502655b5b9f61408ca78a8/otp.php HTTP/1.1
Host: nordea-no.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 14:51:42 GMT
content-type: text/html; charset=UTF-8
edge-cache-engine: varnish
edge-request-id: 34f3fa01fb036814a2e47ce5278b97b4
vary: Accept-Encoding
edge-cache-engine-mode: ACTIVE
age: 8
x-request-id: 34f3fa01fb036814a2e47ce5278b97b4
edge-cache-engine-hit: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CjA0D7qfLvDK%2FKcQ47iB4OSgpxSwcL8Vwa1h8f1nq%2BqlLbL7kxe8JBWbVPcG1JVW4buFPePlnKvTza5VgUhzASKbXEj8F9ag0RDq8VBFx%2FmrqMiLarU6Muq%2BnYc6P%2Fsm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796e9b64de9b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/oidc-client.min.css | 188.114.97.1 | 403 Forbidden | 318 B |
URL GET HTTP/3nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/oidc-client.min.css IP188.114.97.1:443
Requested byhttps://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/otp.php CertificateIssuerGoogle Trust Services LLC Subjectnordea-no.xyz FingerprintC9:20:61:81:45:48:07:79:20:13:3D:94:BC:C9:32:A6:78:D2:F2:A6 ValidityMon, 15 Apr 2024 09:23:56 GMT - Sun, 14 Jul 2024 09:23:55 GMT
File typeHTML document, ASCII text, with very long lines (329), with no line terminators Hasha76e0e5ab2f70dec98377f906933120d e8c746560f35a864b6eb16568c58c12127bb564d 72a08d90f531230bbdb3e582280b10246ab1f74c2afc3848a7645628c1365ed0
GET /auth/c6435e8874502655b5b9f61408ca78a8/res/oidc-client.min.css HTTP/1.1
Host: nordea-no.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/otp.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Wed, 24 Apr 2024 14:51:42 GMT
content-type: text/html; charset=iso-8859-1
edge-cache-engine: varnish
edge-request-id: a6e4ec44f360313851e2d9d61e371c47
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lxQ%2FmkeO1hKZnPRuT3KAYSF06iIJkUnhgtncNuwWkG5rPtcYuxrCyNGzx0xF%2Bi8YUgXYBVgGBFS7P8xvxujblGyh1pFYGDVAqqrEjdwkFZfIOEOAMS0jizYPfPUDeS42"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796e9b81f725688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/log_icon.png | 188.114.97.1 | 403 Forbidden | 318 B |
URL GET HTTP/3nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/log_icon.png IP188.114.97.1:443
Requested byhttps://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/otp.php CertificateIssuerGoogle Trust Services LLC Subjectnordea-no.xyz FingerprintC9:20:61:81:45:48:07:79:20:13:3D:94:BC:C9:32:A6:78:D2:F2:A6 ValidityMon, 15 Apr 2024 09:23:56 GMT - Sun, 14 Jul 2024 09:23:55 GMT
File typeHTML document, ASCII text, with very long lines (329), with no line terminators Hasha76e0e5ab2f70dec98377f906933120d e8c746560f35a864b6eb16568c58c12127bb564d 72a08d90f531230bbdb3e582280b10246ab1f74c2afc3848a7645628c1365ed0
GET /auth/c6435e8874502655b5b9f61408ca78a8/res/log_icon.png HTTP/1.1
Host: nordea-no.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/otp.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Wed, 24 Apr 2024 14:51:42 GMT
content-type: text/html; charset=iso-8859-1
edge-cache-engine: varnish
edge-request-id: c912dd1d302c502f97ce5f978e2a6af2
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dXBV896b8O%2B2OfPcmjlLD9TtqC%2FCnqp0mGYpfTZDFoXm7KfGd6znIebIHmV8ARRjyhgHAQ7GdJn%2BXtoY6QN3Fxcch6BcTTQvUbK7gs34tJs%2BvuSgABpXo69bl21WzeZm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796e9b83f9a5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/pass_log.png | 188.114.97.1 | 403 Forbidden | 318 B |
URL GET HTTP/3nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/res/pass_log.png IP188.114.97.1:443
Requested byhttps://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/otp.php CertificateIssuerGoogle Trust Services LLC Subjectnordea-no.xyz FingerprintC9:20:61:81:45:48:07:79:20:13:3D:94:BC:C9:32:A6:78:D2:F2:A6 ValidityMon, 15 Apr 2024 09:23:56 GMT - Sun, 14 Jul 2024 09:23:55 GMT
File typeHTML document, ASCII text, with very long lines (329), with no line terminators Hasha76e0e5ab2f70dec98377f906933120d e8c746560f35a864b6eb16568c58c12127bb564d 72a08d90f531230bbdb3e582280b10246ab1f74c2afc3848a7645628c1365ed0
GET /auth/c6435e8874502655b5b9f61408ca78a8/res/pass_log.png HTTP/1.1
Host: nordea-no.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nordea-no.xyz/auth/c6435e8874502655b5b9f61408ca78a8/otp.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Wed, 24 Apr 2024 14:51:42 GMT
content-type: text/html; charset=iso-8859-1
edge-cache-engine: varnish
edge-request-id: 126f94f555c238c2827064c434a253bd
edge-cache-engine-mode: ACTIVE
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bSzIxATziInCDIOSXI1BGaaRBVBb7%2Febo1gjLJugjA8W9RZkgZSN3HRr5qDfv4LneUyF8zcSbkaiZxvSuq7G3R4Mk6TWHEQ6QhphxvnJYCldJXnSnbmNCGLjr9Edh%2Bzg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796e9b83f9c5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|