Report - nordea-web.com/n

Report Overview

Submitted URL
nordea-web.com/n
IP
45.147.229.241
ASN
#30823 combahton GmbH
Submitted
2022-10-05 12:53:01
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
36

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	18.165.201.17
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	108.156.28.51
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	736 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.191.251.76
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	62 kB	34.120.237.76
nordea-web.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	276 kB	45.147.229.241
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.5 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-10-04	medium	nordea-web.com/n	Nordea Bank

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-05	medium	nordea-web.com/n	Phishing
2022-10-05	medium	nordea-web.com/n/	Phishing
2022-10-05	medium	nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/?	Phishing
2022-10-05	medium	nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?	Phishing
2022-10-05	medium	nordea-web.com/n/bower_components/jquery/dist/jquery.min.js	Phishing
2022-10-05	medium	nordea-web.com/n/bower_components/ua-parser-js/dist/ua-parser.min.js	Phishing
2022-10-05	medium	nordea-web.com/n/core/form/core_form.js	Phishing
2022-10-05	medium	nordea-web.com/n/core/token/core_token.js	Phishing
2022-10-05	medium	nordea-web.com/n/login/ng/ng.js?v=633d7e24a147b	Phishing
2022-10-05	medium	nordea-web.com/n/bower_components/angular/angular.min.js	Phishing
2022-10-05	medium	nordea-web.com/n/login/token/token.js?v=633d7e24a147c	Phishing
2022-10-05	medium	nordea-web.com/n/login/personal_code-8b25004e0a28f54880970f66b275c8ec.svg	Phishing
2022-10-05	medium	nordea-web.com/n/login/service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg	Phishing
2022-10-05	medium	nordea-web.com/n/login/bankid-50be3041fee8c5472da09cf6dc8f0870.svg	Phishing
2022-10-05	medium	nordea-web.com/n/login/qr_reader-da214ba307c965a97824d2e852030475.svg	Phishing
2022-10-05	medium	nordea-web.com/n/login/c233a817ad142919d728ebf4c8b3d54c.woff2	Phishing
2022-10-05	medium	nordea-web.com/n/login/7bc117ce8cbf2ce4b08a7ed17d16cf89.woff2	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	nordea-web.com/n/core/token/core_token.js	17 kB	2023-03-08	2023-03-08
Pretty URL nordea-web.com/n/core/token/core_token.js IP 45.147.229.241 ASN #30823 combahton GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:04:35 Last Seen2023-03-08 06:04:35 Times Seen1 Hash eac6cbadee2840ae3bfa1ad2ce7cde66 3682f0b6b15ae2d9f9da682fa1650cede2e89ea3 36b7d84f7501ff32bbae8556512f140a27a62891b50a2c46ec0312f5ec907fee Loading...

	unknown	0 B	2023-03-07	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 23:03:25 Times Seen36948492 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	nordea-web.com/n/login/ng/ng.js?v=633d7e24a147b	8.9 kB	2023-03-08	2023-03-08
Pretty URL nordea-web.com/n/login/ng/ng.js?v=633d7e24a147b IP 45.147.229.241 ASN #30823 combahton GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:04:35 Last Seen2023-03-08 06:04:35 Times Seen1 Hash 53a44198a338c92b4c9b1163b4a1f24b 78e7f46b8ad8da08a3ae5abeb53833e78296f58d 5ab24b4e4b3c2e3f8d208e370a8860f33bf4afa78f53b264db605b0a55419fbd Loading...

	nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?	2.0 kB	2023-03-08	2023-03-08
Pretty URL nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/? IP 45.147.229.241 ASN #30823 combahton GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:04:35 Last Seen2023-03-08 06:04:35 Times Seen1 Hash 09294de0ee73cbf4789a5f497b0ea2b7 81955be2a81375937d1f37d6b1b3ef3f79a134de e5fd5ce90cc83a4a92526c80a8bbe59250b03c9770043dc7c769002fd9b72949 Loading...

	nordea-web.com/n/login/form/form.js?v=633d7e24a1469	3.5 kB	2023-03-08	2023-03-08
Pretty URL nordea-web.com/n/login/form/form.js?v=633d7e24a1469 IP 45.147.229.241 ASN #30823 combahton GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:04:35 Last Seen2023-03-08 06:04:35 Times Seen1 Hash 28dfcec5e88a36d0399e6c6f49ab6b54 8802af04a678f363cc43c3b6bc4fdd0c6f2e6ce1 93ccec27f634019800f1e85f259eb963757ec46851ebcdb333e4c55b3a025e59 Loading...

	nordea-web.com/n/login/token/token.js?v=633d7e24a147c	3.1 kB	2023-03-08	2023-03-08
Pretty URL nordea-web.com/n/login/token/token.js?v=633d7e24a147c IP 45.147.229.241 ASN #30823 combahton GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:04:35 Last Seen2023-03-08 06:04:35 Times Seen1 Hash f9f4a13e84eda7506615ac0bc7b3bd07 f047ca2d00e50c2fdd897d4deb7059a0c7920a67 81451cf607226d4f7972c5a63ec84a778ba5b335e205acbf140ce14a8434c665 Loading...

	nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?#56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d	57 B	2023-03-08	2023-03-08
Pretty URL nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?#56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:04:35 Last Seen2023-03-08 06:04:35 Times Seen1 Hash 44c49596878c04fb52817ccc8964f3ee ea04ca733fba247036c2fdb4b3ab12a00cf9cb58 dcb0edc1401973a785a9df2d74a4c77d30581eb56f10db9ac26d7bf63273a790 Loading...

	nordea-web.com/n/bower_components/ua-parser-js/dist/ua-parser.min.js	17 kB	2023-03-07	2024-04-09
Pretty URL nordea-web.com/n/bower_components/ua-parser-js/dist/ua-parser.min.js IP 45.147.229.241 ASN #30823 combahton GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:40 Last Seen2024-04-09 18:16:12 Times Seen660 Hash e0ae48c8ebbe57edeacb5b02f16d0df9 0c5a29a88add39486162e0c16f23e2e06fc7842e 0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896 Loading...

	nordea-web.com/n/bower_components/jquery/dist/jquery.min.js	87 kB	2023-03-07	2024-04-18
Pretty URL nordea-web.com/n/bower_components/jquery/dist/jquery.min.js IP 45.147.229.241 ASN #30823 combahton GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-18 22:20:17 Times Seen60630 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	nordea-web.com/n/core/form/core_form.js	24 kB	2023-03-08	2023-03-08
Pretty URL nordea-web.com/n/core/form/core_form.js IP 45.147.229.241 ASN #30823 combahton GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:04:35 Last Seen2023-03-08 06:04:35 Times Seen1 Hash 71d80ee7435ca3c447dec98de6708ac0 95965c64d8b5de92375c469cd79800fa15596a08 854231e09683a0eb56ca43d901b4a89072c3368cf216fb557f6e45ba4849146e Loading...

	nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?#56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d	57 B	2023-03-08	2023-03-08
Pretty URL nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?#56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:04:35 Last Seen2023-03-08 06:04:35 Times Seen1 Hash 03d75818f1410de2108ca7c19780f76f 7d59388a0e27d342eea89b3034c2bbab74f4b87e 123b3162825567e22cdfebf153641b8683381faab4749239613a69729c66239f Loading...

	nordea-web.com/n/	114 B	2023-03-08	2023-03-08
Pretty URL nordea-web.com/n/ IP 45.147.229.241 ASN #30823 combahton GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:04:35 Last Seen2023-03-08 06:04:35 Times Seen1 Hash 03973da3c54b49643694fee37bef848c 2697026c5891a175bef7a29d75b7881f976f4750 c4bc68b29c8f0765f1bfcb5c76f70ef29986d86942930cd178bfcc05569a093f Loading...

HTTP Transactions (46)

URL IP Response Size

nordea-web.com/n

45.147.229.241

301 Moved Permanently

312 B

URL HTTP/1.1
nordea-web.com/n
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
312 B (312 bytes)
Hash
2e821dd8e3f278a0f6919e994f7181aa
f67d62dcc2c2e04a00942467430c5f69c15d7fc4
eed19d3f4f48bd4a2ca17a4901f260f2deb635063edf2acbcf6a0c9f1960a46a

Detections

Analyzer	Verdict	Alert
openphish	Nordea Bank
fortinet	Phishing

HTTP Headers

GET /n HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 05 Oct 2022 12:52:51 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: http://nordea-web.com/n/
Content-Length: 312
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15691
Expires: Wed, 05 Oct 2022 17:14:22 GMT
Date: Wed, 05 Oct 2022 12:52:51 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

18.165.201.17

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
18.165.201.17:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 12:04:33 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 17d60a367e7e38c01f5a3242a9a3e784.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: JE1ZDAKYOLFO3XQ4O3hcHzAixNZayN_zdfJRnq_BMIbhRfAet8ajvw==
Age: 2898

nordea-web.com/n/

45.147.229.241

200 OK

454 B

URL HTTP/1.1
nordea-web.com/n/
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
454 B (454 bytes)
Hash
caf69a8c0e7e9f4b3d669e02d7b98a88
f488ce3ca46c7a39657dccc1b16bb14f1ef43919
c3e03f35a226c09543e999d4d63de857de6288c8c4406d3ea6f5ff58af0f1db1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /n/ HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:51 GMT
Server: Apache/2.4.29 (Ubuntu)
Set-Cookie: real=OK
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 454
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

108.156.28.51

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
108.156.28.51:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 05:21:32 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 d6030d5ab753695c0198f874d4276eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: MD3m5mg34faEHqjWk8VySEIodTZ4tGl7ktNx9vew0_3txuyLrd1cAg==
age: 27166
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 12:52:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

nordea-web.com/favicon.ico

45.147.229.241

404 Not Found

276 B

URL HTTP/1.1
nordea-web.com/favicon.ico
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
276 B (276 bytes)
Hash
8720f9f4270ddc5f03668a6672e2c3d3
c9231ceaa5892efa77a613a935984e49bfb23f80
99ee77856ef8bb88fc947cae0a8e4408dfd7a9775a4a02ca90d0fbfb283fa474

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nordea-web.com/n/

HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 12:52:51 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 276
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

18.165.201.17

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
18.165.201.17:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Wed, 05 Oct 2022 12:33:06 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 05 Oct 2022 12:44:09 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 02dcbe051a75d060274d188948821dcc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: q9-Ff1wGqmrvHk235zCDzxVq8rWpGt0kRl5wG2XB1iLNtdhPx2EiCw==
Age: 1199

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 160
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 12:52:52 GMT
Last-Modified: Wed, 05 Oct 2022 12:50:12 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.191.251.76

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.191.251.76:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qRQqJ0IlGDjvGyL4Bzp0IQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HYqQqVef8IrMChogU7jaYfbOqO0=

nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6?

45.147.229.241

301 Moved Permanently

353 B

URL HTTP/1.1
nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6?
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
353 B (353 bytes)
Hash
2c18ad43e1440bd1e1cdddbcbd782a62
ffa50980489101388df5d255fb188470e3c8a0cc
764a7526543c19a242f9f6e7f1dd9f3cfa0d623119013a4aa178f0ecc33dcb92

HTTP Headers

GET /n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6? HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nordea-web.com/n/
Cookie: real=OK
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 05 Oct 2022 12:52:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/?
Content-Length: 353
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/?

45.147.229.241

302 Found

0 B

URL HTTP/1.1
nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/?
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/? HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nordea-web.com/n/
Connection: keep-alive
Cookie: real=OK
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Wed, 05 Oct 2022 12:52:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Set-Cookie: bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6; expires=Fri, 04-Nov-2022 12:52:52 GMT; Max-Age=2592000; path=/
location: login/?
Content-Length: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?

45.147.229.241

200 OK

10 kB

URL HTTP/1.1
nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1948)
Size
10 kB (10111 bytes)
Hash
13ac5ecc219543be8ee80b5e72c48081
aae0b0fad2607b56d8d1c8421cc2554d23e61537
f0850f5de6fd851cb3098840286cfb748af77056fb54b96e3aa95c3f5e3d9d16

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/? HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nordea-web.com/n/
Connection: keep-alive
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10111
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

nordea-web.com/n/bower_components/jquery/dist/jquery.min.js

45.147.229.241

200 OK

30 kB

URL HTTP/1.1
nordea-web.com/n/bower_components/jquery/dist/jquery.min.js
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
ASCII text, with very long lines (32058)
Size
30 kB (30138 bytes)
Hash
3430607b4301113ad9394c9260eef3f0
8c4db68b161b17e31be300e968a30ab0116b3193
31e4d11375322cd6f94dba7338570426f2412d6c5fa670427966d45c3648098c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /n/bower_components/jquery/dist/jquery.min.js HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 01:50:30 GMT
ETag: "15283-5ea1791834580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30138
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

nordea-web.com/n/bower_components/ua-parser-js/dist/ua-parser.min.js

45.147.229.241

200 OK

6.1 kB

URL HTTP/1.1
nordea-web.com/n/bower_components/ua-parser-js/dist/ua-parser.min.js
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
Unicode text, UTF-8 text, with very long lines (16817)
Size
6.1 kB (6063 bytes)
Hash
14da93cff6d49885bf214d2503f614db
04d64d738cd0fd2b4eee3b8abc5326dfda3f1dea
49e584e9a0aee55b81771b9e010ccf1da6278da03fb8ddba07ef7a1f0a126732

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /n/bower_components/ua-parser-js/dist/ua-parser.min.js HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 01:50:30 GMT
ETag: "4298-5ea1791834580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6063
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

nordea-web.com/n/bower_components/font-awesome/css/font-awesome.min.css

45.147.229.241

200 OK

7.1 kB

URL HTTP/1.1
nordea-web.com/n/bower_components/font-awesome/css/font-awesome.min.css
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
ASCII text, with very long lines (30837)
Size
7.1 kB (7053 bytes)
Hash
52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6

HTTP Headers

GET /n/bower_components/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 01:50:30 GMT
ETag: "7918-5ea1791834580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7053
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

nordea-web.com/n/core/form/core_form.js

45.147.229.241

200 OK

6.6 kB

URL HTTP/1.1
nordea-web.com/n/core/form/core_form.js
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
ASCII text, with very long lines (23480), with no line terminators
Size
6.6 kB (6643 bytes)
Hash
c3ed05f720d725bc8f70111258bf0c4f
8610194c5c950381598ef0ee4f38ee26eeaf68b2
6140d5353a2bbaecf4fb1e628b36281d6de002f5eb62b7228b6830aefce9f4f6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /n/core/form/core_form.js HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 01:50:30 GMT
ETag: "5bb8-5ea1791834580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6643
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

nordea-web.com/n/core/token/core_token.js

45.147.229.241

200 OK

3.7 kB

URL HTTP/1.1
nordea-web.com/n/core/token/core_token.js
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
ASCII text, with very long lines (17161), with no line terminators
Size
3.7 kB (3676 bytes)
Hash
2b2f71a45715019bdbe897571c579284
23e686cd1a224d754e371b7843fb5dc315dea6dd
87f8e2a43f8c60151b69a41711a383c2460382a64260624038df8fc900ca49bd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /n/core/token/core_token.js HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 01:50:30 GMT
ETag: "4309-5ea1791834580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3676
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

nordea-web.com/n/core/form/core_form.css

45.147.229.241

200 OK

1.2 kB

URL HTTP/1.1
nordea-web.com/n/core/form/core_form.css
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
ASCII text
Size
1.2 kB (1199 bytes)
Hash
1597637ed1e39196ed9eb5f35263efca
86102d7d910a512c33a6f9ac1d60cbd9e03e4e65
221f921201dd6b0f0d58c56b25588a28b4b92f85cf92cbca0c4372c9b692b1d8

HTTP Headers

GET /n/core/form/core_form.css HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 01:50:30 GMT
ETag: "1532-5ea1791834580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1199
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

nordea-web.com/n/login/form/css.css

45.147.229.241

200 OK

147 B

URL HTTP/1.1
nordea-web.com/n/login/form/css.css
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
ASCII text
Size
147 B (147 bytes)
Hash
471a3af9778245e5d815ec61f9fa1281
587af73ce1afb15c9a957e71bdd1a79bfe44b72f
2d17220061cf2005311d13750f3d2f09f8001689b9ca475c465d487c05e5e4e8

HTTP Headers

GET /n/login/form/css.css HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 01:50:32 GMT
ETag: "ed-5ea1791a1ca00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 147
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

nordea-web.com/n/login/styles-d718d7c42267d863458e067a0260ab95.css

45.147.229.241

200 OK

6.4 kB

URL HTTP/1.1
nordea-web.com/n/login/styles-d718d7c42267d863458e067a0260ab95.css
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
assembler source, ASCII text
Size
6.4 kB (6350 bytes)
Hash
d17d6291df3b7db14af48986260d97d3
d6c8d69e3b2f51dadee8cd72e08e2ff27d557d1a
2d1945bf20b1276046ed4faeeb96971bea2436721a7d26116ce2ab279c1bac3d

HTTP Headers

GET /n/login/styles-d718d7c42267d863458e067a0260ab95.css HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 01:50:32 GMT
ETag: "9465-5ea1791a1ca00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6350
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

nordea-web.com/n/login/index.css

45.147.229.241

200 OK

109 B

URL HTTP/1.1
nordea-web.com/n/login/index.css
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
ASCII text
Size
109 B (109 bytes)
Hash
abc2bb823f297709ccee48fcca43d11b
7a3d52c22c2f6346dc351537478408b0c5cc222c
8b476cfc4f9d292b0662b0a6c4b081607e7330b9a9458e9e2c52ff477b9c1daf

HTTP Headers

GET /n/login/index.css HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 01:50:32 GMT
ETag: "125-5ea1791a1ca00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 109
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

nordea-web.com/n/login/form/form.js?v=633d7e24a1469

45.147.229.241

200 OK

1.1 kB

URL HTTP/1.1
nordea-web.com/n/login/form/form.js?v=633d7e24a1469
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
ASCII text, with very long lines (3483), with no line terminators
Size
1.1 kB (1123 bytes)
Hash
373c447ffe4409be1824d5b47448f20c
f4c0e4fe352b242286eafab3f2c84d679c1c11ec
165ac14ce20054902fd9b115483c8445819bf7e1e1c487b9d47959b29275f109

HTTP Headers

GET /n/login/form/form.js?v=633d7e24a1469 HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 01:50:32 GMT
ETag: "d9b-5ea1791a1ca00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1123
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

nordea-web.com/n/login/ng/ng.js?v=633d7e24a147b

45.147.229.241

200 OK

2.6 kB

URL HTTP/1.1
nordea-web.com/n/login/ng/ng.js?v=633d7e24a147b
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
ASCII text, with very long lines (8940), with no line terminators
Size
2.6 kB (2636 bytes)
Hash
bcc3436af971c93c7dea96323c59951a
a37e4934e47f9f17c63eb10228f6a3995ea479f9
d17d3e1f86837df9f2eb56a035547359d44bb4fb1b16cf6ed19cb9be3fa63c33

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /n/login/ng/ng.js?v=633d7e24a147b HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 01:50:32 GMT
ETag: "22ec-5ea1791a1ca00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2636
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

nordea-web.com/n/bower_components/angular/angular.min.js

45.147.229.241

200 OK

59 kB

URL HTTP/1.1
nordea-web.com/n/bower_components/angular/angular.min.js
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
ASCII text, with very long lines (552)
Size
59 kB (58946 bytes)
Hash
ef8273bb5f21cf02cdb9ccd56513e7c1
0de400b680cfc9a05f3d182ea010b4ecb6166f7a
369f26576626b7705342e67ae37363858a5655c66755ddff450054dfe9c70bc4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /n/bower_components/angular/angular.min.js HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 01:50:30 GMT
ETag: "2937c-5ea1791834580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

nordea-web.com/n/login/token/token.js?v=633d7e24a147c

45.147.229.241

200 OK

981 B

URL HTTP/1.1
nordea-web.com/n/login/token/token.js?v=633d7e24a147c
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
ASCII text, with very long lines (3062), with no line terminators
Size
981 B (981 bytes)
Hash
1627c8d9cab8f0cd802c25d9e6184185
e6b5ddbab6b916a2c8bda3477d57e317120a431d
92396d1c8a3fa54add106a470853046e95acc650c1226c3174c16be4dbae8b9d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /n/login/token/token.js?v=633d7e24a147c HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 01:50:32 GMT
ETag: "bf6-5ea1791a1ca00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 981
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

nordea-web.com/n/login/personal_code-8b25004e0a28f54880970f66b275c8ec.svg

45.147.229.241

200 OK

556 B

URL HTTP/1.1
nordea-web.com/n/login/personal_code-8b25004e0a28f54880970f66b275c8ec.svg
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (556), with no line terminators
Size
556 B (556 bytes)
Hash
8b25004e0a28f54880970f66b275c8ec
b5a4dafa4d5607e99730ed88eb463f4f39957564
ece7471dc4c8af2f310af1a97a9147c72602165e5d9542536b3bd51535027515

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /n/login/personal_code-8b25004e0a28f54880970f66b275c8ec.svg HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 01:50:32 GMT
ETag: "22c-5ea1791a1ca00"
Accept-Ranges: bytes
Content-Length: 556
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml

nordea-web.com/n/login/service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg

45.147.229.241

200 OK

2.8 kB

URL HTTP/1.1
nordea-web.com/n/login/service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2803), with no line terminators
Size
2.8 kB (2803 bytes)
Hash
f426cda35f41e4c0b7c30c814b5eb2ee
9f278c5bfbf5ddebc2a4d24e4441efa94dd36be7
037024a96d014cbe884a9f81804ceadc25bd1e49d0d9018de09acddac997afbf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /n/login/service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 01:50:32 GMT
ETag: "af3-5ea1791a1ca00"
Accept-Ranges: bytes
Content-Length: 2803
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml

nordea-web.com/n/login/bankid-50be3041fee8c5472da09cf6dc8f0870.svg

45.147.229.241

200 OK

3.2 kB

URL HTTP/1.1
nordea-web.com/n/login/bankid-50be3041fee8c5472da09cf6dc8f0870.svg
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3249), with no line terminators
Size
3.2 kB (3249 bytes)
Hash
50be3041fee8c5472da09cf6dc8f0870
04ed3d50b8091d9cd0eb5b18985be05dd038514a
ce22eb0c405b78a4247ec19eba5816e03a01a3c065e84a2bc58a23875cd1efc7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /n/login/bankid-50be3041fee8c5472da09cf6dc8f0870.svg HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 01:50:32 GMT
ETag: "cb1-5ea1791a1ca00"
Accept-Ranges: bytes
Content-Length: 3249
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml

nordea-web.com/n/login/qr_reader-da214ba307c965a97824d2e852030475.svg

45.147.229.241

200 OK

642 B

URL HTTP/1.1
nordea-web.com/n/login/qr_reader-da214ba307c965a97824d2e852030475.svg
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (642), with no line terminators
Size
642 B (642 bytes)
Hash
da214ba307c965a97824d2e852030475
722e00d99ba541bcbc0a40c9c7cbc53e013da8b5
0b76503946c6f19f7150b0950f704eac5cb94842b7698ea8eb9b0d4372b1bd05

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /n/login/qr_reader-da214ba307c965a97824d2e852030475.svg HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 01:50:32 GMT
ETag: "282-5ea1791a1ca00"
Accept-Ranges: bytes
Content-Length: 642
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml

nordea-web.com/n/login/favicon.ico

45.147.229.241

200 OK

1.2 kB

URL HTTP/1.1
nordea-web.com/n/login/favicon.ico
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
9a39921b4a8d93d5528b4ccdc5d76e91
104a457c782a4f1208b116660746296cb45dcbd6
53ce944ce5a3a9a312816854b4254f5b083d562c45ac63354a00add50fb88cdb

HTTP Headers

GET /n/login/favicon.ico HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:53 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 01:50:32 GMT
ETag: "47e-5ea1791a1ca00"
Accept-Ranges: bytes
Content-Length: 1150
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon

nordea-web.com/n/login/a85818c8c2c809dedd4b365ce33d612a.jpg

45.147.229.241

200 OK

69 kB

URL HTTP/1.1
nordea-web.com/n/login/a85818c8c2c809dedd4b365ce33d612a.jpg
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1536x300, components 3\012- data
Size
69 kB (68574 bytes)
Hash
5dbb8bc48bceea15838b7a4f36dffdd1
a6c66aed2ca319d837ad73d92f8e429baa86e3d8
b0ca988c2a45c3ce7d0c8b7f384fff8297fca1513f4a5b9df54a9e4e36390bed

HTTP Headers

GET /n/login/a85818c8c2c809dedd4b365ce33d612a.jpg HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nordea-web.com/n/login/styles-d718d7c42267d863458e067a0260ab95.css
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:53 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 01:50:32 GMT
ETag: "10bde-5ea1791a1ca00"
Accept-Ranges: bytes
Content-Length: 68574
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

nordea-web.com/n/login/c233a817ad142919d728ebf4c8b3d54c.woff2

45.147.229.241

200 OK

27 kB

URL HTTP/1.1
nordea-web.com/n/login/c233a817ad142919d728ebf4c8b3d54c.woff2
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
Web Open Font Format (Version 2), TrueType, length 26880, version 1.0\012- data
Size
27 kB (26880 bytes)
Hash
20d225e66a86f9298f99431e56d3542b
0000cbacaa66fb1a53227a9c05a08a7b71dd8c72
443bd1fde75a477eaae12ba7828c6cb67608e14bbda783027fca2540c3bb0b03

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /n/login/c233a817ad142919d728ebf4c8b3d54c.woff2 HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nordea-web.com/n/login/styles-d718d7c42267d863458e067a0260ab95.css
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:53 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 01:50:32 GMT
ETag: "6900-5ea1791a1ca00"
Accept-Ranges: bytes
Content-Length: 26880
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive

nordea-web.com/n/login/7bc117ce8cbf2ce4b08a7ed17d16cf89.woff2

45.147.229.241

200 OK

26 kB

URL HTTP/1.1
nordea-web.com/n/login/7bc117ce8cbf2ce4b08a7ed17d16cf89.woff2
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
Web Open Font Format (Version 2), TrueType, length 26420, version 1.0\012- data
Size
26 kB (26420 bytes)
Hash
f63e5b9578e42abb9cdd6334133d35fc
b587b0b87c9f3df735d85d829435f80633012138
a93f6086756b2a2e94db8aaf795faab950a315cd9a8e32c5b0df707636dedfff

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /n/login/7bc117ce8cbf2ce4b08a7ed17d16cf89.woff2 HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nordea-web.com/n/login/styles-d718d7c42267d863458e067a0260ab95.css
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:53 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 01:50:32 GMT
ETag: "6734-5ea1791a1ca00"
Accept-Ranges: bytes
Content-Length: 26420
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive

nordea-web.com/n/home.php?pl=token&link=nordea&bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6&callback=jQuery32109048188352374005_1664974372854&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1664974372855

45.147.229.241

200 OK

57 B

URL HTTP/1.1
nordea-web.com/n/home.php?pl=token&link=nordea&bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6&callback=jQuery32109048188352374005_1664974372854&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1664974372855
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
ASCII text, with no line terminators
Size
57 B (57 bytes)
Hash
03d75818f1410de2108ca7c19780f76f
7d59388a0e27d342eea89b3034c2bbab74f4b87e
123b3162825567e22cdfebf153641b8683381faab4749239613a69729c66239f

HTTP Headers

GET /n/home.php?pl=token&link=nordea&bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6&callback=jQuery32109048188352374005_1664974372854&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1664974372855 HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:53 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 57
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/json

nordea-web.com/n/home.php?pl=token&link=nordea&bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6&callback=jQuery32109048188352374005_1664974372852&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1664974372853

45.147.229.241

200 OK

57 B

URL HTTP/1.1
nordea-web.com/n/home.php?pl=token&link=nordea&bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6&callback=jQuery32109048188352374005_1664974372852&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1664974372853
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
ASCII text, with no line terminators
Size
57 B (57 bytes)
Hash
44c49596878c04fb52817ccc8964f3ee
ea04ca733fba247036c2fdb4b3ab12a00cf9cb58
dcb0edc1401973a785a9df2d74a4c77d30581eb56f10db9ac26d7bf63273a790

HTTP Headers

GET /n/home.php?pl=token&link=nordea&bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6&callback=jQuery32109048188352374005_1664974372852&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1664974372853 HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:53 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 57
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/json

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14680
Expires: Wed, 05 Oct 2022 16:57:33 GMT
Date: Wed, 05 Oct 2022 12:52:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14680
Expires: Wed, 05 Oct 2022 16:57:33 GMT
Date: Wed, 05 Oct 2022 12:52:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14680
Expires: Wed, 05 Oct 2022 16:57:33 GMT
Date: Wed, 05 Oct 2022 12:52:53 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg

34.120.237.76

200 OK

3.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.6 kB (3585 bytes)
Hash
5d7d7df8d4c440f9db445c3d99e818d6
612b6dbd4ba895c167964ff7e6d9263013b52b0a
bf527a814c78f9e010cce4ba593c9146d54a2137d1f147f7a6250fbad81956ac

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3585
x-amzn-requestid: 43c510d4-d87c-4665-a132-d798b836d415
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaJbLHEOoAMFfxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a55e0-614faff31425ff183b7ca4dd;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:24:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d1LCc44Gj_0Je8adu7Iv3I9MwkaDPgWqlNHI96UAtZub22l210J65A==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:53:07 GMT
age: 28786
etag: "612b6dbd4ba895c167964ff7e6d9263013b52b0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727060c5-cdba-4c73-92c7-eb01c35aff59.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9907 bytes)
Hash
1bc04f249ff8da1e71ebd8bc5dfda85d
da3f9add6816af819df6aac08796dc7478dd0517
9f4a02cde38c7d61352f390a8d91cf9028652395ad55a3a49966df4a63642a85

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727060c5-cdba-4c73-92c7-eb01c35aff59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9907
x-amzn-requestid: b1b9a896-c745-496a-89df-b253d458f903
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWRm_EkKoAMF4cQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338c95f-3330e14379849de85eb3dda4;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:12:31 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rrf-jHPj_RmO82bA9cfmwFZunZ8E-EhFZ3AEdBbbPn0dI6GOcpveCQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 11:26:43 GMT
age: 5170
etag: "da3f9add6816af819df6aac08796dc7478dd0517"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8926 bytes)
Hash
1de7c17a0ba9295135e7f8b490b6a8d3
70e8d1589f3daf71378965dd197934e220fb6aa4
ee559ce3166479e2b930be7d18525f5c2d164aed8ca005302ddaf3bfe37eec24

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8926
x-amzn-requestid: 27fc8976-af8d-40a3-b701-0642fa135ec4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1GSbIAMFTiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4d4c7837576e0fdb5828fe3b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzVofPSJC-YVU1Q1V9AnjNeQTa1BQEh6ZiH2HjSeeX5RygysFP7oAA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:43:25 GMT
age: 54568
etag: "70e8d1589f3daf71378965dd197934e220fb6aa4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

17 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07ed6d4e-f8d6-4fa4-a7da-a497e3667e10.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
17 kB (17279 bytes)
Hash
420f8420af76fa258690bb842ff38db7
a37e39e4429d869abcf95cf3cb2c74675e174040
1d45d4f188ff54b5f66cd3c828affdd5d90b621c875c58a9fa6cd265f456d622

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07ed6d4e-f8d6-4fa4-a7da-a497e3667e10.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 17279
x-amzn-requestid: 381c1622-0b7a-407a-a98e-ad5e10b67a33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1ExxoAMFsAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4ed02978326aebf338ccd998;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CIZCBfsULoj_hm3G56Um57QTYuGUjN63x_H1Bb3xPKeacmsrTLqLYw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:43:45 GMT
age: 54548
etag: "a37e39e4429d869abcf95cf3cb2c74675e174040"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10158 bytes)
Hash
4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aeOU8fGkf5uHuYZ79k17EzxiFnwm0_z7SeZJElgwECzRyhR2N_SYJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:06:09 GMT
age: 31604
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5832 bytes)
Hash
3257b782efae9b64e6e18a547866ec50
4daf0c001e86af8477fb097e8ca932edb8e5f981
899f9692e86405aa288d88dd285a6fe26bedab1a2ca4693212476063890b01a5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5832
x-amzn-requestid: c4427edd-3d71-47d0-a2d3-b3bfed089535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1FuUoAMFhBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-46ddff150da4141d23fc0d8a;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iR82CJ6A06dpqy_nm6JrmjeUJT-uhI5rr0dr6ZnhrQQo9Jqxh10qRQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:43:43 GMT
age: 54550
etag: "4daf0c001e86af8477fb097e8ca932edb8e5f981"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

45.147.229.241

200 OK

57 B

URL HTTP/1.1
nordea-web.com/n/home.php?pl=token&link=nordea&bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6&callback=jQuery32109048188352374005_1664974372852&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1664974372856
IP
45.147.229.241:0
ASN
#30823 combahton GmbH

File type
ASCII text, with no line terminators
Size
57 B (57 bytes)
Hash
44c49596878c04fb52817ccc8964f3ee
ea04ca733fba247036c2fdb4b3ab12a00cf9cb58
dcb0edc1401973a785a9df2d74a4c77d30581eb56f10db9ac26d7bf63273a790

HTTP Headers

GET /n/home.php?pl=token&link=nordea&bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6&callback=jQuery32109048188352374005_1664974372852&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1664974372856 HTTP/1.1
Host: nordea-web.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://nordea-web.com/n/a1b2c3/7e4c7fffd4fd82fd4d6ca64b76bcdfa6/login/?
Cookie: real=OK; bid=7e4c7fffd4fd82fd4d6ca64b76bcdfa6

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:52:58 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 57
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/json

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP