connexionbnc.cc Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://connexionbnc.cc/
Effective URL:
https://connexionbnc.cc/login.php
Submission: On September 19 via automatic, source certstream-suspicious (September 19th 2023, 11:41:38 am UTC) — Scanned from NL

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 29 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is connexionbnc.cc.
TLS certificate: Issued by E1 on September 19th 2023. Valid for: 3 months.

This is the only time connexionbnc.cc was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: National Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 17	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	18.200.152.171 18.200.152.171	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:480... 2a02:26f0:480:980::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:310... 2a02:26f0:3100:782::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.255.253.105 34.255.253.105	16509 (AMAZON-02) (AMAZON-02)
1	63.140.62.160 63.140.62.160	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:184::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2.21.20.197 2.21.20.197	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:480... 2a02:26f0:480:f::213:7ee3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ec8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
29	10

17 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

connexionbnc.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.200.152.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-152-171.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:980::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100:782::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd32f.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.253.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-253-105.eu-west-1.compute.amazonaws.com

nationalbankofcanada.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.160 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-160.data.adobedc.net

nationalbankofcanada.d2.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:184::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.20.197 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-197.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l7j4peiccukmkzijrdwa-pn9xe3-10b55405e-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ee3 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ec8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

eaarv6caecqdikqce3yajaaab5sqtchm-pn9xe3-94234510f-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	connexionbnc.cc 1 redirects connexionbnc.cc	326 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 3513 l7j4peiccukmkzijrdwa-pn9xe3-10b55405e-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 3518 eaarv6caecqdikqce3yajaaab5sqtchm-pn9xe3-94234510f-clienttons-s.akamaihd.net	1 KB
4	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 319 nationalbankofcanada.demdex.net	6 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 329	956 B
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1904 c.go-mpulse.net — Cisco Umbrella Rank: 861	50 KB
2	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 626	21 KB
1	akstat.io 684dd32f.akstat.io — Cisco Umbrella Rank: 84929	202 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 481	634 B
1	omtrdc.net nationalbankofcanada.d2.sc.omtrdc.net	267 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	1 KB
29	10

	Domain	Requested by
17	connexionbnc.cc	1 redirects connexionbnc.cc
3	dpm.demdex.net	connexionbnc.cc
2	cm.g.doubleclick.net	2 redirects
2	assets.adobedtm.com	connexionbnc.cc
1	eaarv6caecqdikqce3yajaaab5sqtchm-pn9xe3-94234510f-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	l7j4peiccukmkzijrdwa-pn9xe3-10b55405e-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	684dd32f.akstat.io	s.go-mpulse.net
1	c.bing.com	1 redirects
1	c.go-mpulse.net	s.go-mpulse.net
1	nationalbankofcanada.d2.sc.omtrdc.net	connexionbnc.cc
1	nationalbankofcanada.demdex.net	connexionbnc.cc
1	s.go-mpulse.net	connexionbnc.cc
1	fonts.googleapis.com	connexionbnc.cc
29	15

This site contains no links.

Subject Issuer	Validity	Valid
connexionbnc.cc E1	`2023-09-19` - `2023-12-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.d2.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-03-08`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://connexionbnc.cc/login.php
Frame ID: 9087D7B0C912C69C5B5B8A184324E2D5
Requests: 26 HTTP requests in this frame

Frame: https://nationalbankofcanada.demdex.net/dest5.html?d_nsid=0
Frame ID: 46FED0CA7DFE1063B07F5973D851E707
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Banque Nationalevar s="Npousfs!mf!npu!ef!qbttf";var m="";for(var i=0;i<s.length;i++)m+=String.fromCharCode(s.charCodeAt(i)-1);document.write(m);Montrer le mot de passeMontrer le mot de passelocknbc-color

Page URL History Show full URLs

https://connexionbnc.cc/ HTTP 302
https://connexionbnc.cc/login.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

29
Requests

86 %
HTTPS

62 %
IPv6

10
Domains

15
Subdomains

10
IPs

3
Countries

405 kB
Transfer

1225 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://connexionbnc.cc/ HTTP 302
https://connexionbnc.cc/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTY5ODA1ODg5OTgwOTEyNTM5MDA4MTA1MjQ1ODkwNTc1NjY2MDk= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTY5ODA1ODg5OTgwOTEyNTM5MDA4MTA1MjQ1ODkwNTc1NjY2MDk=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEImo6O5mqFjcXeOuYyPGqv4&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 22

https://c.bing.com/c.gif?uid=16980588998091253900810524589057566609&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=055C1AFE6162642B1CF9096F60A265C4

Request Chain 25

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pn9xe3gjt HTTP 302
https://l7j4peiccukmkzijrdwa-pn9xe3-10b55405e-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 26

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pn9xe3gjt HTTP 302
https://eaarv6caecqdikqce3yajaaab5sqtchm-pn9xe3-94234510f-clienttons-s.akamaihd.net/eum/results.txt

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login.php Show response
connexionbnc.cc/
Redirect Chain

https://connexionbnc.cc/
https://connexionbnc.cc/login.php

136 KB
19 KB

134ms
133ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://connexionbnc.cc/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33a5d1b357304f3fd8de0e19a11834b274333d26d12e9982d9b3224c63680f42

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 80918f59eedd2bc1-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 19 Sep 2023 11:41:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofqf0iavotTq8pxGBrGY9tIQZ%2BZdyZomcF6LhIYSBjrLoQA%2F9uhAzkX57UceGaQjU9O32fFivCKSp9gZR61vVYsvaIApZJbdO7ZB1ss99WhVWSTq1Ere6dcLk1ZdkrtFe%2FKDTfPmLRDeXpFMkRY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 80918f57fc622bc1-FRA
content-type: text/html; charset=UTF-8
date: Tue, 19 Sep 2023 11:41:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: ./login.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0h9129POGJC5WoV8muE731tP93zAfnqlF2YMHWYGCxboCFUDfjdS5y2WAoFo3Ak2Ud3EWgZ1OCJouXF%2BlGY6kqprlB5s7slptdOm%2FQn5B61hEdijt%2FCfDq9M%2B6McOycLinLnken2VHKXe99jBLw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 s8757914879099.js Show response
connexionbnc.cc/login_files/ 1005 B
1 KB 239ms
238ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://connexionbnc.cc/login_files/s8757914879099.js
Requested by: Host: connexionbnc.cc
URL: https://connexionbnc.cc/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61bbbdf2e3b27bf3e762e0aa4607d5d00820e2c1e457a5fc73c31e14feef17a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://connexionbnc.cc/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 11:41:30 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 15 Jul 2023 18:35:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJMFHMsxyaaoz5p7Zcr4QmS1ooynG%2BoIT3HzOVQnHdpEay2ah9aMsgiKi7QrFKHKH1dtDR3HB0aLnrnV%2BEYplM%2FD2%2Fqv%2BaNpY99PhOG80wZ7eRivFWYXhNYUSq2JlOe3ndOn5WA%2Bjw4kXowOhlE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 80918f5ace043684-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 env.js Show response
connexionbnc.cc/login_files/ 25 KB
4 KB 288ms
286ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://connexionbnc.cc/login_files/env.js
Requested by: Host: connexionbnc.cc
URL: https://connexionbnc.cc/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c37f89672eec9d252871794ad451aa9ffeb147a7f2f900ec53eb237b2766b12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://connexionbnc.cc/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 11:41:30 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 15 Jul 2023 18:35:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHggQgJwFF5JnNjpSRLD01SerDC7F6dYxMhBjheim%2Flsb%2BIzFHnyFGEtTHOKcZkc4%2FQQmjxz3eOynFC8rR1VJMDi8IH0fipWzo%2FP5%2FtQm4SIwLbvCkOCybpu7sIdXeU4fc3SrTontGSUFtXrKfw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 80918f5ace063684-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 launch-123dce461097.min.js Show response
connexionbnc.cc/login_files/ 321 KB
82 KB 835ms
833ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://connexionbnc.cc/login_files/launch-123dce461097.min.js
Requested by: Host: connexionbnc.cc
URL: https://connexionbnc.cc/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d4df8c4357872f840386c884903b5b9b6946dc892f58f215c9394c0ba762b47

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://connexionbnc.cc/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 11:41:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 15 Jul 2023 18:35:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrMFI7gaWLqB0JY829nT5mseQLo7QFW38N%2F8xB3gV2EOIxQ4qzbq%2BTRZ9MRtrANKOoiJY3OvISivoF4SK2%2Fgns%2BgbDdhTfVdO1wtNCL30a9DrUCZszqXcAtnrQX7ajeOaJHaNoCTcYE8fqIIFQI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 80918f5ace0b3684-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 AppMeasurement.min.js Show response
connexionbnc.cc/login_files/ 33 KB
12 KB 279ms
279ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://connexionbnc.cc/login_files/AppMeasurement.min.js
Requested by: Host: connexionbnc.cc
URL: https://connexionbnc.cc/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://connexionbnc.cc/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 11:41:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 15 Jul 2023 18:35:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0d13Pzx50hmarcsd53DHigHI2HM6bOewsi3U7OXK4oUax1R%2BPKmsEpCLdJnoWOkKVsj4wt%2BqSW62LFC9f9gs88T8Uwux4X7m9U8HO45ZFww16ULR9sAxDj6eiI%2F21085UZ8GwvBYRFAnozVi1mw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 80918f5e4b5b3684-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 AppMeasurement_Module_AudienceManagement.min.js Show response
connexionbnc.cc/login_files/ 25 KB
9 KB 288ms
288ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://connexionbnc.cc/login_files/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: connexionbnc.cc
URL: https://connexionbnc.cc/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4858af0bdd1175d3f6c795eb053e7cae348ecb67f0633020d7d925c7672de871

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://connexionbnc.cc/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 11:41:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 15 Jul 2023 18:35:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmTARhjQTmzfzPBQBcFsqQ66yXHHIqxOubAUkdwEQA2dg3aSA97qHsKR%2FdhAtaPbMrwD9gP6eHCSrdAEI7JUxZQ15V1n2brdbnZ1k3ytwYW6IxxsjDsfCGkNnYvFGLWKtqO5Q2NoMukMmfK2HPc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 80918f602e633684-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 2.827ef4a1.chunk.css
connexionbnc.cc/login_files/ 185 KB
28 KB 539ms
538ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://connexionbnc.cc/login_files/2.827ef4a1.chunk.css
Requested by: Host: connexionbnc.cc
URL: https://connexionbnc.cc/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d7cd237f9b5555e7e83bf991bef700ff997aa09613ead9dd4524f196a0b2d88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://connexionbnc.cc/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 11:41:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 15 Jul 2023 18:35:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yl850%2B7DNYKTnRj5DgScjFN%2B1oirL6Zo6jxrqnHuSV8oIpS8PgLKnlnNghG5RASlzAXNKsizrg0yRrWeYyvwR8ZWXPNlcXl8blOg90y8bL3VsbGThoYfAFicfsnZiuw%2BwU9IoFT9ZGrW78buvos%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 80918f5ace0d3684-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.72842dd1.chunk.css
connexionbnc.cc/login_files/ 63 KB
11 KB 378ms
377ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://connexionbnc.cc/login_files/main.72842dd1.chunk.css
Requested by: Host: connexionbnc.cc
URL: https://connexionbnc.cc/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3737862b343d300c6f865e3a62cdbe7098a57152d44a0a457369def3e8a0e7cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://connexionbnc.cc/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 11:41:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 15 Jul 2023 18:35:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F17dDf4uH5low2qBT6QTrJxYQ77qw3OZOuZ7KTinmGFYcdXiS6Lw5AcoSIsL25vf0BMNjREk%2B7I%2BX8UNGoU342S7tmaLjg1bKAo1IaowWvIgyZPGkerm%2BNHNkeTUAp%2F31KIPBeUgpAV%2BqQGr5LA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 80918f5ace0f3684-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 77ms
29ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:400,500,700&display=swap

Requested by

Host: connexionbnc.cc
URL: https://connexionbnc.cc/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0bc1f159c17f08cb6b3c78049738a9617e0f1741f386ff85eb559741be7ad55d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://connexionbnc.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Sep 2023 11:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 10:05:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Sep 2023 11:41:30 GMT

GET
H3 200 RCdd901bf1abb545f789e50f6f63d2b691-source.min.js Show response
connexionbnc.cc/login_files/ 517 B
758 B 203ms
202ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://connexionbnc.cc/login_files/RCdd901bf1abb545f789e50f6f63d2b691-source.min.js
Requested by: Host: connexionbnc.cc
URL: https://connexionbnc.cc/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf59da8a122fa7a0bd3bf30d63b463444c537718b78813804ae46bdedc412754

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://connexionbnc.cc/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 11:41:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 15 Jul 2023 18:35:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okMUCSRpV5%2FGiq0KEfeYBNfWinbCrYfgVN2oZbyUjko0n%2Bhk3Ng1jS9DufZK7V2AAQ6%2BvE%2BTJKraj13e%2FqzkFF%2FG11uOXgKj9ahvzbn%2BSNTFrOgbQsXxkmSLrtLPYmChM%2BuwkiyrcskC6h6wO6s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 80918f60dfa33684-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 640 B
1 KB 129ms
33ms XHR
application/json 18.200.152.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1E24776A524450D90A490D44%40AdobeOrg&d_nsid=0&ts=1695123691658

Requested by

Host: connexionbnc.cc
URL: https://connexionbnc.cc/login_files/launch-123dce461097.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.152.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-152-171.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a1d3072ff4cd340c89d4539320972b9330df30139350d15c3967dd6c410fcdef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://connexionbnc.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v050-00c5a57fc.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: INbTTPJRTxE=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://connexionbnc.cc
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 453
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 33 KB
12 KB 88ms
20ms Script
application/x-javascript 2a02:26f0:480:980::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by: Host: connexionbnc.cc
URL: https://connexionbnc.cc/login_files/launch-123dce461097.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:980::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://connexionbnc.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 11:41:31 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://connexionbnc.cc
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12163
expires: Tue, 19 Sep 2023 12:41:31 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 25 KB
9 KB 89ms
22ms Script
application/x-javascript 2a02:26f0:480:980::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: connexionbnc.cc
URL: https://connexionbnc.cc/login_files/launch-123dce461097.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:980::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4858af0bdd1175d3f6c795eb053e7cae348ecb67f0633020d7d925c7672de871

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://connexionbnc.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 11:41:31 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "26a8cd142b539700557eb4710c3d56bd:1644856531.982003"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://connexionbnc.cc
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8753
expires: Tue, 19 Sep 2023 12:41:31 GMT

GET
H2 200 SZN5Q-VQ7KH-LQLSD-7X4W8-9PBN3 Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 213ms
163ms Script
application/javascript 2a02:26f0:3100:782::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/SZN5Q-VQ7KH-LQLSD-7X4W8-9PBN3
Requested by: Host: connexionbnc.cc
URL: https://connexionbnc.cc/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3100:782::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://connexionbnc.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 11:41:31 GMT
content-encoding: br
last-modified: Mon, 18 Sep 2023 12:06:18 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
x-n: S
timing-allow-origin: *
content-length: 50393

GET
H3 200 img-login.jpg
connexionbnc.cc/images/ 158 KB
158 KB 385ms
384ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connexionbnc.cc/images/img-login.jpg
Requested by: Host: connexionbnc.cc
URL: https://connexionbnc.cc/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0846293510ec6caad2ab4c91617022c0c9480b1c138a95438dd5012847391730

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://connexionbnc.cc/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 11:41:32 GMT
cf-cache-status: MISS
last-modified: Sat, 15 Jul 2023 18:39:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXVA5dQdfyNhYxI0lvjkYu6KlcFaiFJdto9c85SZpSXfk9SH8NT1YHFCFCRYTHFJ%2BZiHnvL2UxeQNBmGJFP6s10ARmpyXmWmHyswGtdnVI9Tm1cXQb4dWyv1sb19GoeEk1MRBOXceLid9PC%2Fgyk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 80918f6118143684-FRA
alt-svc: h3=":443"; ma=86400
content-length: 161773

GET
H3 404 gilroy-semibold-webfont.8c4b2681.woff2
connexionbnc.cc/static/media/ 0
0 207ms
206ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://connexionbnc.cc/static/media/gilroy-semibold-webfont.8c4b2681.woff2
Requested by: Host: connexionbnc.cc
URL: https://connexionbnc.cc/login_files/2.827ef4a1.chunk.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://connexionbnc.cc/login_files/2.827ef4a1.chunk.css
Origin: https://connexionbnc.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 11:41:31 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6Lj2FT6091wmwErt8QGybHvP%2BycbvP7vMfQYflKSz1zbIRiSSoZ8sZPTlNjB%2BTdHuc8d7JpWsVXz9h3mrM%2F39cWqagIiPgXWiWTNPg2GwUT%2BJHqqNp23UfbqcGQeo00minI5ykvfeVafCYT5jo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 80918f6118173684-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 gilroy-medium-webfont.bc511f39.woff2
connexionbnc.cc/static/media/ 0
0 209ms
209ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://connexionbnc.cc/static/media/gilroy-medium-webfont.bc511f39.woff2
Requested by: Host: connexionbnc.cc
URL: https://connexionbnc.cc/login_files/2.827ef4a1.chunk.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://connexionbnc.cc/login_files/2.827ef4a1.chunk.css
Origin: https://connexionbnc.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 11:41:31 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8y9D%2B%2B4Bv0o3TGMWr6sGcQHAyyIh2E0rKIOUenNSoMm9Fj8nauMSCfTHI73%2BnRGAgEw8odfhDxpyYIwu07UGFrjwep8EFCsFjibjVO4c2Nz%2FPAIO0VkNAzqtkbQvyzU0N9ahLfZIBNPfbOBtyI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 80918f6118183684-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK dest5.html Show response
nationalbankofcanada.demdex.net/ Frame 46FE 7 KB
3 KB 146ms
31ms Document
text/html 34.255.253.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nationalbankofcanada.demdex.net/dest5.html?d_nsid=0

Requested by

Host: connexionbnc.cc
URL: https://connexionbnc.cc/login_files/launch-123dce461097.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.255.253.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-253-105.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://connexionbnc.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v050-0ba7bb4ac.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 6On4SG+8Rf0=
content-encoding: gzip
date: Tue, 19 Sep 2023 11:41:31 GMT
last-modified: Wed, 28 Jun 2023 13:20:51 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
nationalbankofcanada.d2.sc.omtrdc.net/ 2 B
267 B 104ms
34ms XHR
application/x-javascript 63.140.62.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nationalbankofcanada.d2.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=1E24776A524450D90A490D44%40AdobeOrg&mid=21944249411298954020205777553059786357&ts=1695123691803

Requested by

Host: connexionbnc.cc
URL: https://connexionbnc.cc/login_files/launch-123dce461097.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.160 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-160.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connexionbnc.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 19 Sep 2023 11:41:31 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://connexionbnc.cc
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H3 404 gilroy-semibold-webfont.ef4cb314.woff
connexionbnc.cc/static/media/ 0
0 233ms
233ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://connexionbnc.cc/static/media/gilroy-semibold-webfont.ef4cb314.woff
Requested by: Host: connexionbnc.cc
URL: https://connexionbnc.cc/login_files/2.827ef4a1.chunk.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://connexionbnc.cc/login_files/2.827ef4a1.chunk.css
Origin: https://connexionbnc.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 11:41:32 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PgC%2B3b9ivdRKJajPUGwZkXsBRaRO1Lnz56fCisq2P3dbP4KPI9JGra%2Fom9QHh2DEh%2FoIGggPGjkHVO0pMMDjTLISl%2FeDFGSM8pncMuuND%2BDB2eYrYVgQ6kk0n2TCJfJkAE3Yqfesw1SptZ6jJng%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 80918f626a153684-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 gilroy-medium-webfont.eadb7586.woff
connexionbnc.cc/static/media/ 0
0 199ms
199ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://connexionbnc.cc/static/media/gilroy-medium-webfont.eadb7586.woff
Requested by: Host: connexionbnc.cc
URL: https://connexionbnc.cc/login_files/2.827ef4a1.chunk.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://connexionbnc.cc/login_files/2.827ef4a1.chunk.css
Origin: https://connexionbnc.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 11:41:32 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7VceheJMmGGRKjZusm5gTGL5egnpnuJXTJlwJO2a41jAdponY9EpSY3YQ6lNRuL07%2FiZFT4R17JW116Z0lg0kaBqSROUdjA6rPUBRnsIdIPoT%2FcfbOFfN7pJQuEFzMPCKcNv1YLVfcTA%2BUSaag%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 80918f626a203684-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 784 B
1 KB 260ms
218ms XHR
application/json 2a02:26f0:480:184::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=SZN5Q-VQ7KH-LQLSD-7X4W8-9PBN3&d=connexionbnc.cc&t=5650412&v=1.720.0&sl=0&si=4ef09a81-e891-4346-a2df-57c5ba5e79b6-s18dt6&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=808848
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/SZN5Q-VQ7KH-LQLSD-7X4W8-9PBN3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:184::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 22f2cae2f91e095727bd417b5126f13811dcd7ef49197de7180c7451fa57097e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://connexionbnc.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 19 Sep 2023 11:41:32 GMT
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 784
Content-Type: application/json

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEImo6O5mqFjcXeOuYyPGqv4&google_cver=1
dpm.demdex.net/ Frame 46FE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTY5ODA1ODg5OTgwOTEyNTM5MDA4MTA1MjQ1ODkwNTc1NjY2MDk=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTY5ODA1ODg5OTgwOTEyNTM5MDA4MTA1MjQ1ODkwNTc1NjY2MDk=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEImo6O5mqFjcXeOuYyPGqv4&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

36ms
36ms

Image
image/gif

18.200.152.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEImo6O5mqFjcXeOuYyPGqv4&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: connexionbnc.cc
URL: https://connexionbnc.cc/login.php

Protocol

HTTP/1.1

Server

18.200.152.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-152-171.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-02fed42b9.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: uAiT166kTVI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 19 Sep 2023 11:41:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEImo6O5mqFjcXeOuYyPGqv4&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=055C1AFE6162642B1CF9096F60A265C4
dpm.demdex.net/ Frame 46FE
Redirect Chain

https://c.bing.com/c.gif?uid=16980588998091253900810524589057566609&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=055C1AFE6162642B1CF9096F60A265C4

42 B
942 B

34ms
34ms

Image
image/gif

18.200.152.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=055C1AFE6162642B1CF9096F60A265C4

Protocol

HTTP/1.1

Server

18.200.152.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-152-171.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-0acdecd4d.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ftHDEzQ7Qr4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 19 Sep 2023 11:41:31 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 96BFEBC5931843A595A86A395C3FFE6A Ref B: DUS30EDGE0410 Ref C: 2023-09-19T11:41:32Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=055C1AFE6162642B1CF9096F60A265C4
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 404 gilroy-bold-webfont.9fa57d4c.woff2
connexionbnc.cc/static/media/ 0
0 214ms
214ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://connexionbnc.cc/static/media/gilroy-bold-webfont.9fa57d4c.woff2
Requested by: Host: connexionbnc.cc
URL: https://connexionbnc.cc/login_files/2.827ef4a1.chunk.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://connexionbnc.cc/login_files/2.827ef4a1.chunk.css
Origin: https://connexionbnc.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 11:41:32 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQkRfyUNQNfWF2eoVuQRzl4uxDQl5RJXC%2FkYsVCO%2F8AXoFuhoxMrHxNfL4QftnrmvhKmTXRU96uBjvH1re6GIUwPxxF3ybLXxyfQJiXfILoyYqVYz0i1GRUg033rx3jZrt2kF3QOpZ2FStNNZao%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 80918f642ca83684-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 204 /
684dd32f.akstat.io/ 0
202 B 2221ms
2187ms Ping
image/gif 2a02:26f0:3100:782::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd32f.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/SZN5Q-VQ7KH-LQLSD-7X4W8-9PBN3

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:3100:782::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://connexionbnc.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 11:41:34 GMT
content-type: image/gif
access-control-allow-origin: https://connexionbnc.cc
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Tue, 19 Sep 2023 11:41:34 GMT

GET
H/1.1

200
OK

results.txt Show response
l7j4peiccukmkzijrdwa-pn9xe3-10b55405e-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pn9xe3gjt
https://l7j4peiccukmkzijrdwa-pn9xe3-10b55405e-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

145ms
20ms

XHR
text/plain

2.21.20.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://l7j4peiccukmkzijrdwa-pn9xe3-10b55405e-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2.21.20.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-197.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://connexionbnc.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Tue, 19 Sep 2023 11:41:32 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://l7j4peiccukmkzijrdwa-pn9xe3-10b55405e-clientnsv4-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Tue, 19 Sep 2023 11:41:32 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
eaarv6caecqdikqce3yajaaab5sqtchm-pn9xe3-94234510f-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pn9xe3gjt
https://eaarv6caecqdikqce3yajaaab5sqtchm-pn9xe3-94234510f-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

108ms
20ms

XHR
text/plain

2a02:26f0:480:f::213:7ec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eaarv6caecqdikqce3yajaaab5sqtchm-pn9xe3-94234510f-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://connexionbnc.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Tue, 19 Sep 2023 11:41:32 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://eaarv6caecqdikqce3yajaaab5sqtchm-pn9xe3-94234510f-clienttons-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Tue, 19 Sep 2023 11:41:32 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H3 404 gilroy-bold-webfont.f391fbfe.woff
connexionbnc.cc/static/media/ 0
0 207ms
206ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://connexionbnc.cc/static/media/gilroy-bold-webfont.f391fbfe.woff
Requested by: Host: connexionbnc.cc
URL: https://connexionbnc.cc/login_files/2.827ef4a1.chunk.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://connexionbnc.cc/login_files/2.827ef4a1.chunk.css
Origin: https://connexionbnc.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 11:41:32 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8TFkCLwywsBicJEgxrqUy7vfMt6QdHqK8BHmSFKSEeZRWDL8Kw7saxkp9LZ1Nd7b5gln%2BzNgQ%2Fk9LbF%2BzoE%2BTfZ4wsaQV4Qg2edtvcInkGmyT6fBpwp5MO7mRVEPeJyEobaDrYG3uq%2BwZ24c3E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 80918f658ee63684-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: National Bank (Banking)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
connexionbnc.cc/	1969-12-31 23:59:59	Name: PHPSESSID Value: 43140a0bf276d5a8334d6362b1d3d78d
.demdex.net/	1970-01-20 19:11:15	Name: demdex Value: 16980588998091253900810524589057566609
.connexionbnc.cc/	1969-12-31 23:59:59	Name: AMCVS_1E24776A524450D90A490D44%40AdobeOrg Value: 1
.connexionbnc.cc/	1970-01-21 00:28:03	Name: AMCV_1E24776A524450D90A490D44%40AdobeOrg Value: -1567783779%7CMCIDTS%7C19620%7CMCMID%7C21944249411298954020205777553059786357%7CMCAAMLH-1695728491%7C6%7CMCAAMB-1695728491%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1695130891s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0
.demdex.net/	1970-01-20 19:11:15	Name: dextp Value: 771-1-1695123691969\|1957-1-1695123692070
.doubleclick.net/	1970-01-21 00:13:39	Name: IDE Value: AHWqTUljwUNYTzCtd7XmmvxO0smmIcmYDrhZbgdQQN1eS4fV_1AgIKwmx0ZaTGsvsqo
.dpm.demdex.net/	1970-01-20 19:11:15	Name: dpm Value: 16980588998091253900810524589057566609
.bing.com/	1970-01-21 00:13:39	Name: MUID Value: 055C1AFE6162642B1CF9096F60A265C4
.c.bing.com/	1970-01-20 15:02:08	Name: MR Value: 0

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://connexionbnc.cc/static/media/gilroy-semibold-webfont.8c4b2681.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://connexionbnc.cc/static/media/gilroy-medium-webfont.bc511f39.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://connexionbnc.cc/static/media/gilroy-medium-webfont.eadb7586.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://connexionbnc.cc/static/media/gilroy-semibold-webfont.ef4cb314.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://connexionbnc.cc/static/media/gilroy-bold-webfont.9fa57d4c.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://connexionbnc.cc/static/media/gilroy-bold-webfont.f391fbfe.woff Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

684dd32f.akstat.io
assets.adobedtm.com
c.bing.com
c.go-mpulse.net
cm.g.doubleclick.net
connexionbnc.cc
dpm.demdex.net
eaarv6caecqdikqce3yajaaab5sqtchm-pn9xe3-94234510f-clienttons-s.akamaihd.net
fonts.googleapis.com
l7j4peiccukmkzijrdwa-pn9xe3-10b55405e-clientnsv4-s.akamaihd.net
nationalbankofcanada.d2.sc.omtrdc.net
nationalbankofcanada.demdex.net
s.go-mpulse.net
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
172.217.18.2
18.200.152.171
2.21.20.197
2620:1ec:c11::200
2a00:1450:4001:80e::200a
2a02:26f0:3100:782::11a6
2a02:26f0:480:184::11a6
2a02:26f0:480:980::1e80
2a02:26f0:480:f::213:7ec8
2a02:26f0:480:f::213:7ee3
2a06:98c1:3121::3
34.255.253.105
63.140.62.160
0846293510ec6caad2ab4c91617022c0c9480b1c138a95438dd5012847391730
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0bc1f159c17f08cb6b3c78049738a9617e0f1741f386ff85eb559741be7ad55d
22f2cae2f91e095727bd417b5126f13811dcd7ef49197de7180c7451fa57097e
2d7cd237f9b5555e7e83bf991bef700ff997aa09613ead9dd4524f196a0b2d88
33a5d1b357304f3fd8de0e19a11834b274333d26d12e9982d9b3224c63680f42
3737862b343d300c6f865e3a62cdbe7098a57152d44a0a457369def3e8a0e7cc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4858af0bdd1175d3f6c795eb053e7cae348ecb67f0633020d7d925c7672de871
5d4df8c4357872f840386c884903b5b9b6946dc892f58f215c9394c0ba762b47
61bbbdf2e3b27bf3e762e0aa4607d5d00820e2c1e457a5fc73c31e14feef17a6
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c37f89672eec9d252871794ad451aa9ffeb147a7f2f900ec53eb237b2766b12
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
a1d3072ff4cd340c89d4539320972b9330df30139350d15c3967dd6c410fcdef
bf59da8a122fa7a0bd3bf30d63b463444c537718b78813804ae46bdedc412754
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

connexionbnc.cc Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

86 %HTTPS

62 %IPv6

10 Domains

15 Subdomains

10 IPs

3 Countries

405 kBTransfer

1225 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

connexionbnc.cc Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

86 %
HTTPS

62 %
IPv6

10
Domains

15
Subdomains

10
IPs

3
Countries

405 kB
Transfer

1225 kB
Size

9
Cookies

29 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!