nordicmafia.org Open in urlscan Pro
2606:4700:20::681a:443 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nordicmafia.org/
Effective URL:
https://nordicmafia.org/home
Submission: On May 06 via api (May 6th 2024, 7:35:36 pm UTC) from US — Scanned from DE

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 25 HTTP transactions. The main IP is 2606:4700:20::681a:443, located in United States and belongs to CLOUDFLARENET, US. The main domain is nordicmafia.org.
TLS certificate: Issued by GTS CA 1P5 on April 14th 2024. Valid for: 3 months.

This is the only time nordicmafia.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 18	2606:4700:20:... 2606:4700:20::681a:443	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:7a0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
25	7

18 2606:4700:20::681a:443 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

nordicmafia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:7a0 (United States)

ASN13335 (CLOUDFLARENET, US)

www.termsfeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	nordicmafia.org 2 redirects nordicmafia.org	571 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	257 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	855 B
1	termsfeed.com www.termsfeed.com — Cisco Umbrella Rank: 72337	59 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 804	7 KB
25	6

	Domain	Requested by
18	nordicmafia.org	2 redirects nordicmafia.org static.cloudflareinsights.com
3	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	nordicmafia.org
1	www.gstatic.com	www.google.com
1	www.google.com	www.termsfeed.com
1	www.termsfeed.com	nordicmafia.org
1	static.cloudflareinsights.com	nordicmafia.org
25	7

This site contains no links.

Subject Issuer	Validity	Valid
nordicmafia.org GTS CA 1P5	`2024-04-14` - `2024-07-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
termsfeed.com E1	`2024-03-26` - `2024-06-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://nordicmafia.org/home
Frame ID: 287C2C57853BA3048579AFAE1F268245
Requests: 22 HTTP requests in this frame

Frame: https://nordicmafia.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
Frame ID: 8DCEB0427546B7F3560F10E726763C52
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nordicmafia - Slaget om Norden

Page URL History Show full URLs

http://nordicmafia.org/ HTTP 307
https://nordicmafia.org/ HTTP 302
https://nordicmafia.org/home Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

25
Requests

96 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

895 kB
Transfer

2003 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nordicmafia.org/ HTTP 307
https://nordicmafia.org/ HTTP 302
https://nordicmafia.org/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://nordicmafia.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://nordicmafia.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request home Show response
nordicmafia.org/
Redirect Chain

http://nordicmafia.org/
https://nordicmafia.org/
https://nordicmafia.org/home

6 KB
3 KB

94ms
94ms

Document
text/html

2606:4700:20::681a:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nordicmafia.org/home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e54f3014a6544f5b485c1233ab76db6d24958186bd4d3f7d4520a9d9a25e241

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 87fb69f27fd99280-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 06 May 2024 19:35:31 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PmC%2BIZCGOacomBw66K%2BS4awWXEZYDHjRIYHd3FEJrr0aItjVwZ28Kpv74EBNOH%2FHyGTIuLxlAPI7jO0TliRVNX3Mbx%2BRUCE28xQDKQiyyPUyiGOHMCTdtZHqcc1KZ%2Bf5Wn2q6km1ZwZXGzYGHA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 87fb69f1aee19280-FRA
content-type: text/html; charset=UTF-8
date: Mon, 06 May 2024 19:35:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: home
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=owiCVRTfmu6pWVtM3uFkDY4KuseOVr4WjoRFvcxm3IAFDhfXu54GnGmLzmlcY5mpdxusLcnNKiBw7eWewN95WRlPZuCjXiJG97jlHsxngwCI4OxRE%2BoPJsC8nbT1dcUsrE184vWorYO9R%2BxsoA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 bootstrap.css
nordicmafia.org/static/bootstrap/css/ 152 KB
25 KB 147ms
145ms Stylesheet
text/css 2606:4700:20::681a:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nordicmafia.org/static/bootstrap/css/bootstrap.css
Requested by: Host: nordicmafia.org
URL: https://nordicmafia.org/home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4116314cbb9cec9521aea815c853cc04ad654c6d92c1c972055f7e76051dbbd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nordicmafia.org/home
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:35:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Thu, 13 Apr 2023 15:35:02 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=192348
etag: W/"2ef5c-5f93977ce1580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1U8%2FckjcqRtziUvfQih9ePgaeyYEcMMHPEcXBy3CjSLUEVUv3VwXDBJD%2FsthxW5xDHMU018V5ZPC0JH2YeYqDZVLPz2Xn9Fzkq52en4GKdb1Eftr2FW%2BWoxp7rnypeJ9MPfToNK5k71QZgtXSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 87fb69f399589280-FRA

GET
H2 200 css
fonts.googleapis.com/ 9 KB
864 B 148ms
57ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Requested by

Host: nordicmafia.org
URL: https://nordicmafia.org/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nordicmafia.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 May 2024 19:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 May 2024 18:52:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 May 2024 19:35:31 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
850 B 142ms
52ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap

Requested by

Host: nordicmafia.org
URL: https://nordicmafia.org/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

69509915b760fa00fbcc9bef4c2a020d056e98c80fd45ac7ab3b883143969a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nordicmafia.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 May 2024 19:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 May 2024 19:35:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 May 2024 19:35:31 GMT

GET
H2 200 bundle_auth.css
nordicmafia.org/static/bundles/ 9 KB
3 KB 131ms
130ms Stylesheet
text/css 2606:4700:20::681a:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nordicmafia.org/static/bundles/bundle_auth.css?
Requested by: Host: nordicmafia.org
URL: https://nordicmafia.org/home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f1e4eb3992e0a30f23d1ccf822255a206c1879b387abef78e6c637f2cdb5c1d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nordicmafia.org/home
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:35:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Thu, 02 May 2024 07:32:18 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=9471
etag: W/"24ff-617739a51e480"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c7wR8wXCQ4X1w9A%2BrbY8bNJjhFBEa1LlH74nuxRJZlxzXpMm390TVga4y11o0%2BdCjnGMEv6kpA3C0Zx0UhJum6ou1%2FRYaGuWBmbErla%2BkQyTyy1WEBGt7s2JkSr%2B206qjQcIMyPywerYF4uyRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 87fb69f3a95d9280-FRA

GET
H2 200 entry_auth.css
nordicmafia.org/static/bundles/ 14 KB
3 KB 136ms
136ms Stylesheet
text/css 2606:4700:20::681a:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nordicmafia.org/static/bundles/entry_auth.css?
Requested by: Host: nordicmafia.org
URL: https://nordicmafia.org/home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec004ea798d3be2ab3cde200b59505f3b65515081f2269105015cf2c4190319b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nordicmafia.org/home
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:35:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Thu, 02 May 2024 08:07:38 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=14192
etag: W/"3770-6177418ae8680"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3r980pkPnx9XMJeCIJsbcViv4mH75wB1N6hGbPLksbK1raj%2BQKDyj1GFyMxs0zZ8Mky%2FeaaB4Icl3vi7dZHnEl3WI5hbB4c%2Fewf2fByg9mwVm74rmcVEbYRc5z0Q0F3AX5qNvALSiqWXO2ygOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 87fb69f3a95f9280-FRA

GET
H2 200 rocket-loader.min.js Show response
nordicmafia.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 45ms
45ms Script
application/javascript 2606:4700:20::681a:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordicmafia.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: nordicmafia.org
URL: https://nordicmafia.org/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nordicmafia.org/home
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Apr 2024 15:20:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66310c39-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zZ3OuNurzclr5BGjg0kTbESnxyGptvXURPe9e4lP0Nv%2FJjw0vItncQV1VXsrGU0Rj%2Bba5I2T3unT90CF41BAZdLGNPjPpIALEzHqcqXNeF1Y7h3ORS9RC06hl%2FuFUSlvzQcGoeitn1%2Br9Lpe7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 87fb69f3b97c9280-FRA
expires: Wed, 08 May 2024 19:35:31 GMT

GET
H2 200 vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 212ms
126ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Requested by: Host: nordicmafia.org
URL: https://nordicmafia.org/home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nordicmafia.org/
Origin: https://nordicmafia.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:35:31 GMT
content-encoding: gzip
last-modified: Mon, 06 May 2024 19:01:13 GMT
server: cloudflare
etag: W/"2024.4.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 87fb69f44be94da2-FRA

GET
H2 200 entry_auth.js Show response
nordicmafia.org/static/bundles/ 380 KB
121 KB 135ms
134ms Script
application/javascript 2606:4700:20::681a:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nordicmafia.org/static/bundles/entry_auth.js?
Requested by: Host: nordicmafia.org
URL: https://nordicmafia.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dde78c2a4952f5cde88649df04646f9f09b52b8f686fd9068f9d75639bd999a4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nordicmafia.org/home
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:35:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Thu, 02 May 2024 08:07:38 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=389230
etag: W/"5f06e-6177418ae8680"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y0WZKtvvP5ZTBp1SmJQRm4ohUqHdTElrCt49fJaiQ3lQI5sEkGikDYEh0nxjsrAtiIFch%2F1teDf20zjOfHC%2FsamqWCCiseuFHW1%2F5D5KjnnjDMrc7HLZDd65ie0%2FtLH5hby15cwRQZPeK6bKtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 87fb69f4aad19280-FRA

GET
H2 200 cookie-consent.js Show response
www.termsfeed.com/public/cookie-consent/4.1.0/ 210 KB
59 KB 173ms
70ms Script
application/javascript 2606:4700:20::681a:7a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.termsfeed.com/public/cookie-consent/4.1.0/cookie-consent.js

Requested by

Host: nordicmafia.org
URL: https://nordicmafia.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a51bc50699c186930e68de1b858f038ba71cf3b4b5bb4ef646d20570a2c4171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nordicmafia.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-priority: 5/n
date: Mon, 06 May 2024 19:35:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27562
cf-polished: origSize=214664
x-z: 5179
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Mon, 06 May 2024 10:48:43 GMT
server: cloudflare
etag: W/"28ac9ed2d5a2ce67019e83beecc8622a"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7zXaH3AvoOhLxCQGYxoZLdmhidjc7GbVbnxQzMq0U%2FqV6KJdawcy9qq7TQEjUe7HH7n4lHHVz%2F5X%2Fpt3BVo8ylhunjxBpgKrL7zocaIX3iZfO0uawVyqxENN4iJJ4sc5lUwhioKwOXzUConeeg0s"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, immutable, max-age=3600
cf-ray: 87fb69f54cc49bd0-FRA
expires: Mon, 06 May 2024 12:48:43 GMT

GET
H2 200 bootstrap.bundle.js Show response
nordicmafia.org/static/bootstrap/js/ 122 KB
30 KB 175ms
175ms Script
application/javascript 2606:4700:20::681a:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nordicmafia.org/static/bootstrap/js/bootstrap.bundle.js
Requested by: Host: nordicmafia.org
URL: https://nordicmafia.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: befc3e77fa3c8a25cd16ad52f5fbac02381922b05c1de3e46f284d970040d510

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nordicmafia.org/home
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:35:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Thu, 13 Apr 2023 15:35:02 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=222911
etag: W/"366bf-5f93977ce1580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JBVD2mkO0d6s0ItAxIT1UaH%2FbnW6Py8T6JHIBLSpxczW%2FxNGNfnTW7%2Bh0Nx%2Bx00S44crfZQ1C0mUfVfefLvFHG5IDt0crRDCjbyi5taoggSZhJEIKHAnNmdCMrZGNm9CtaFl43qEmSEIJkD4HA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 87fb69f4aad29280-FRA

GET
H2

200

main.js Show response
nordicmafia.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/ Frame 8DCE
Redirect Chain

https://nordicmafia.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://nordicmafia.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js

8 KB
4 KB

61ms
61ms

Script
application/javascript

2606:4700:20::681a:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordicmafia.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js

Protocol

Server

2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5404752c13576bad61400fee00e4f7132018bdf2b5cd4a64fefbb7f8a3c5af83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Mon, 06 May 2024 19:35:31 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Lr2Vf5Dmp99KAZl7HDOFJjRf6zInNtKMwstpwVWBx6KRaTuwrfSCFg9%2F6Gs%2B2EQadkgkjm2lZiYP%2Fl7A81m01nvQMqK7PJ%2BgNGUvWyfPtrOLwAVqW%2FVEfvzMuEn2Q1FpLiYFI%2BrgJ8HAyCA6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 87fb69f5ccaf9280-FRA

Redirect headers

date: Mon, 06 May 2024 19:35:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FUINOxcxj2I01rvX%2BYrN2zXVsAlycfVpB%2F1B4NA4Kb%2F0bqig0NZa5tIqC2QMOkLaSQH%2Fz9JwZS%2FFJuUdVLuS1W6yJuhKvQP1ojnJIv2BKDrgar%2FnSUBkPlCYlmSzyn%2FHseXXNMys58kg4JcUqg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 87fb69f51b809280-FRA
content-length: 0

GET
H2 200 favicon-32x32.png
nordicmafia.org/static/resources/favicon// 2 KB
2 KB 116ms
116ms Other
image/png 2606:4700:20::681a:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nordicmafia.org/static/resources/favicon//favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4c1bc99110a463c10d1ac0b487d529864ad702ed7805c6aee808594cfdc56f3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nordicmafia.org/home
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:35:31 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:100,h2pri
last-modified: Wed, 24 Apr 2024 08:17:58 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2345
etag: "929-616d34ee7f980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L5NiBFkI%2BrH%2F%2F35oV%2BAVCAGAVk4B19960rfhyRWsqsYoSg7k8WB8eGl5CVFlB6QzMWMmOE6OYSnkrC8AOPyvFkThjBt5fauqAh765juBNv0Ii3EKk%2F5K3TAm75szPvum21WsKZ9GTPSSNVtXrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 87fb69f51b859280-FRA
content-length: 2021

GET
H2 200 logo_square_transp.png
nordicmafia.org/static/resources/landing_page/ 155 KB
156 KB 158ms
158ms Image
image/png 2606:4700:20::681a:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nordicmafia.org/static/resources/landing_page/logo_square_transp.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e31e1421ca7578d020f0d96eab1706b5a9623407dd67e28e0d5fa898bfe670c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nordicmafia.org/home
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:35:31 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:100,h2pri
last-modified: Wed, 24 Apr 2024 08:17:58 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=171823
etag: "29f2f-616d34ee7f980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZE6pkEjnXYqS%2Feywbgrd5kJxINw8uuRb%2BkZ8vbE98hmJM1SP31aZ%2BOt3q9riIUklMUSfMNPN5uEG2gzzm6LCIoJA3W5Em%2Fnayt1KFFJgu3AZHQLxa7p6nF6Rt8Pi0VLZIe%2BLI7feOGrpW3CyFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 87fb69f60cfe9280-FRA
content-length: 158904

GET
H2 200 logo.svg
nordicmafia.org/static/resources/images/ 199 KB
76 KB 66ms
65ms Image
image/svg+xml 2606:4700:20::681a:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nordicmafia.org/static/resources/images/logo.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b612cd218645b9bcbafd4953b355a86b48a3b379a35857aeaf952c9cdf850fcd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nordicmafia.org/home
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:35:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 08:17:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6467
etag: W/"31d5f-616d34ee7f980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MCM7nJ5r6uFSzj6vcfvUOEM%2F8OqhuYu9vayOP6QMOPCLLmt8RTC9h60NKOZRxEOqZLY6mjpeac8bOtbXi%2FTGYMZanOuZC%2BhfIAVTKrKXdhBXvFLnjgQp6FPmOx2qIvi74b%2Biq0OQIjSrBjJ%2BXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 87fb69f60d059280-FRA

GET
H2 200 ellar.png
nordicmafia.org/static/resources/landing_page/ 9 KB
10 KB 144ms
143ms Image
image/png 2606:4700:20::681a:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nordicmafia.org/static/resources/landing_page/ellar.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1978475fce2b1914a5e2d639f307b63c16d47139445953c874067ff4298b1cd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nordicmafia.org/home
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:35:31 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:100,h2pri
last-modified: Wed, 24 Apr 2024 08:17:58 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=16349
etag: "3fdd-616d34ee7f980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BytrvY%2B8elLfrmX3YQ1uA6l2fEetYonx58dPvDYK%2BijhSNyCz7lNeFjdxiuRXkyB2%2FOU%2BgQljYkuriV1PwxnYkQjM2aLJxW6HFdnsBBMLM%2FjrKiHGhcYJXD1G5c3vkkjtgkt%2FQkLn3%2FXJJQCeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 87fb69f60d079280-FRA
content-length: 9543

GET
H2 200 nm_landing_bg.webp
nordicmafia.org/static/resources/landing_page/ 132 KB
132 KB 112ms
112ms Image
image/webp 2606:4700:20::681a:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nordicmafia.org/static/resources/landing_page/nm_landing_bg.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cbc76a984ded61dd3567200934acfdf864fb0467b34a35b8f0c1a85c8442296

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nordicmafia.org/home
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:35:31 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 24 Apr 2024 08:17:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "20ef8-616d34ee7f980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mU6sl8JJ8HWdmcv2y1RG4WvsnyrGuxhMbk2NJXBYUL6zxLp0eD%2FazkkwMRAqv4YDmiP5zchD%2F4mxz2y1AgLBScUxBQ4IlLbqe%2BeBuxdmnjNhesi7ScgymCi5UUDbYeLpO6uXRilRkO4RVT%2FbFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 87fb69f60d0c9280-FRA
content-length: 134904

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 22 KB
22 KB 171ms
83ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://nordicmafia.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:57:31 GMT
x-content-type-options: nosniff
age: 560280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 07:57:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 128ms
40ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://nordicmafia.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 13:27:43 GMT
x-content-type-options: nosniff
age: 540468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 13:27:43 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 137ms
50ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://nordicmafia.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 00:45:23 GMT
x-content-type-options: nosniff
age: 240608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 May 2025 00:45:23 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
855 B 136ms
51ms Script
text/javascript 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.termsfeed.com
URL: https://www.termsfeed.com/public/cookie-consent/4.1.0/cookie-consent.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

b4a87969c4cc52d70e75db24b6bda485dbb1beef9ab5c4074e4020176ea1713b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nordicmafia.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 06 May 2024 19:35:31 GMT

POST
H2 204 rum Show response
nordicmafia.org/cdn-cgi/ 0
159 B 68ms
68ms XHR
text/plain 2606:4700:20::681a:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nordicmafia.org/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://nordicmafia.org/home
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Mon, 06 May 2024 19:35:31 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://nordicmafia.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 87fb69f61d259280-FRA

POST
H2 200 87fb69f27fd99280 Show response
nordicmafia.org/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 8DCE 0
493 B 88ms
88ms XHR
text/plain 2606:4700:20::681a:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nordicmafia.org/cdn-cgi/challenge-platform/h/b/jsd/r/87fb69f27fd99280
Requested by: Host: nordicmafia.org
URL: https://nordicmafia.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 May 2024 19:35:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fb69f68dd29280-FRA
content-length: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mnNL%2F3YclhDk%2FfnkZDjx6FAT1p2DAAKCRilu%2FmZKS8Mp2PbYI9jUReS4BlGDaA91CsIKcGI0BiJRLQLjXt12eCChLyIqMv%2B%2FjfYIj%2B8f2KkUI3RhnvOFHkRIHn3jqY6y04BBgi8vXzXgdrtw3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

POST
H2 200 87fb69f27fd99280 Show response
nordicmafia.org/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 8DCE 0
467 B 74ms
74ms XHR
text/plain 2606:4700:20::681a:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nordicmafia.org/cdn-cgi/challenge-platform/h/b/jsd/r/87fb69f27fd99280
Requested by: Host: nordicmafia.org
URL: https://nordicmafia.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 May 2024 19:35:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fb69f6de719280-FRA
content-length: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ruc6SjDhQ2SF4G20Y1dAHi5Lnif5iRWqJhIdvnCgavo4Op1oyZfdgz4TKCmnlJoJCRW%2FjcQs%2FPwKUUFsbhCuWsQRVZxL6tzC4%2FdDTVy8t7FgK2vtTBAQ1r9jHN%2BnQ1CGSHAQ6Xiw1JB9jrjwMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/ 509 KB
203 KB 160ms
51ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nordicmafia.org/
Origin: https://nordicmafia.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 18:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207268
x-xss-protection: 0
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 May 2025 18:22:05 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nordicmafia.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: ib2d6iq5u2ji7dd9aiql6t0buq
nordicmafia.org/	1970-01-21 05:59:44	Name: cookie_consent_level Value: %7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Afalse%2C%22tracking%22%3Afalse%2C%22targeting%22%3Afalse%7D
.nordicmafia.org/	1970-01-21 05:09:20	Name: cf_clearance Value: jBeM35uC9h4wXdpaB1vCgcfNlx7yA.XqHJKYU_sP.24-1715024131-1.0.1.1-nyJpVjbI_KW9tMXma.0wXoTn7SmJKw99WHzmEbKI63AdFZyEsdQF1cIFjuLJCgTuLvlF0viQfmTfhqKy3WoORg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
nordicmafia.org
static.cloudflareinsights.com
www.google.com
www.gstatic.com
www.termsfeed.com
142.250.186.68
2606:4700:20::681a:443
2606:4700:20::681a:7a0
2606:4700::6810:5049
2a00:1450:4001:800::2003
2a00:1450:4001:801::200a
2a00:1450:4001:81c::2003
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0e31e1421ca7578d020f0d96eab1706b5a9623407dd67e28e0d5fa898bfe670c
1e54f3014a6544f5b485c1233ab76db6d24958186bd4d3f7d4520a9d9a25e241
352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824
3cbc76a984ded61dd3567200934acfdf864fb0467b34a35b8f0c1a85c8442296
4f1e4eb3992e0a30f23d1ccf822255a206c1879b387abef78e6c637f2cdb5c1d
5404752c13576bad61400fee00e4f7132018bdf2b5cd4a64fefbb7f8a3c5af83
69509915b760fa00fbcc9bef4c2a020d056e98c80fd45ac7ab3b883143969a39
6a51bc50699c186930e68de1b858f038ba71cf3b4b5bb4ef646d20570a2c4171
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
b4a87969c4cc52d70e75db24b6bda485dbb1beef9ab5c4074e4020176ea1713b
b612cd218645b9bcbafd4953b355a86b48a3b379a35857aeaf952c9cdf850fcd
befc3e77fa3c8a25cd16ad52f5fbac02381922b05c1de3e46f284d970040d510
c4c1bc99110a463c10d1ac0b487d529864ad702ed7805c6aee808594cfdc56f3
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192
dde78c2a4952f5cde88649df04646f9f09b52b8f686fd9068f9d75639bd999a4
e1978475fce2b1914a5e2d639f307b63c16d47139445953c874067ff4298b1cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec004ea798d3be2ab3cde200b59505f3b65515081f2269105015cf2c4190319b
f4116314cbb9cec9521aea815c853cc04ad654c6d92c1c972055f7e76051dbbd
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

nordicmafia.org Open in urlscan Pro 2606:4700:20::681a:443 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

96 %HTTPS

86 %IPv6

6 Domains

7 Subdomains

7 IPs

2 Countries

895 kBTransfer

2003 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

3 Cookies

Indicators

nordicmafia.org Open in urlscan Pro
2606:4700:20::681a:443 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

96 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

895 kB
Transfer

2003 kB
Size

3
Cookies

25 HTTP transactions
0 data transactions