kc.orkla-dev.nexo.zone
Open in
urlscan Pro
34.118.41.102
Public Scan
Effective URL: https://kc.orkla-dev.nexo.zone/realms/orkla/protocol/openid-connect/auth?client_id=ocean-local&redirect_uri=https%3A%2F%2Forkla...
Submission Tags: @phish_report
Submission: On June 13 via api from FI — Scanned from PL
Summary
TLS certificate: Issued by R3 on May 20th 2024. Valid for: 3 months.
This is the only time kc.orkla-dev.nexo.zone was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 34.118.12.72 34.118.12.72 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
2 | 104.21.234.235 104.21.234.235 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 34.118.41.102 34.118.41.102 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
11 | 3 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 72.12.118.34.bc.googleusercontent.com
orkla.nexo.zone |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 102.41.118.34.bc.googleusercontent.com
kc.orkla-dev.nexo.zone |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
nexo.zone
orkla.nexo.zone kc.orkla-dev.nexo.zone |
490 KB |
2 |
rsms.me
rsms.me — Cisco Umbrella Rank: 14330 |
340 KB |
11 | 2 |
Domain | Requested by | |
---|---|---|
5 | kc.orkla-dev.nexo.zone |
orkla.nexo.zone
kc.orkla-dev.nexo.zone |
4 | orkla.nexo.zone |
orkla.nexo.zone
|
2 | rsms.me |
orkla.nexo.zone
rsms.me |
11 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
orkla.nexo.zone R11 |
2024-06-13 - 2024-09-11 |
3 months | crt.sh |
rsms.me E1 |
2024-04-25 - 2024-07-24 |
3 months | crt.sh |
kc.orkla-dev.nexo.zone R3 |
2024-05-20 - 2024-08-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://kc.orkla-dev.nexo.zone/realms/orkla/protocol/openid-connect/auth?client_id=ocean-local&redirect_uri=https%3A%2F%2Forkla-dev.nexo.zone&response_type=code&scope=openid&state=f6f8fb50719542aa9260a878b195fcdf&code_challenge=Vv1nswmGk9zQ_th_Go0Icxal5yES-01XukhAp4vdtcI&code_challenge_method=S256
Frame ID: 9E12D7E6E73FC56D32388C847007D964
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Sign in to orklaPage URL History Show full URLs
-
http://orkla.nexo.zone/
HTTP 307
https://orkla.nexo.zone/ Page URL
- https://kc.orkla-dev.nexo.zone/realms/orkla/protocol/openid-connect/auth?client_id=ocean-local&redirect_uri... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://orkla.nexo.zone/
HTTP 307
https://orkla.nexo.zone/ Page URL
- https://kc.orkla-dev.nexo.zone/realms/orkla/protocol/openid-connect/auth?client_id=ocean-local&redirect_uri=https%3A%2F%2Forkla-dev.nexo.zone&response_type=code&scope=openid&state=f6f8fb50719542aa9260a878b195fcdf&code_challenge=Vv1nswmGk9zQ_th_Go0Icxal5yES-01XukhAp4vdtcI&code_challenge_method=S256 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://orkla.nexo.zone/ HTTP 307
- https://orkla.nexo.zone/
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
orkla.nexo.zone/ Redirect Chain
|
587 B 806 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
inter.css
rsms.me/inter/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-0ciX2a1V.js
orkla.nexo.zone/assets/ |
436 KB 436 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-CS3Ny-Bt.css
orkla.nexo.zone/assets/ |
33 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
InterVariable.woff2
rsms.me/inter/font-files/ |
337 KB 338 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vite.svg
orkla.nexo.zone/ |
1 KB 2 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
openid-configuration
kc.orkla-dev.nexo.zone/realms/orkla/.well-known/ |
6 KB 6 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
auth
kc.orkla-dev.nexo.zone/realms/orkla/protocol/openid-connect/ |
4 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
output.css
kc.orkla-dev.nexo.zone/resources/6acvt/login/orkla/css/ |
24 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.svg
kc.orkla-dev.nexo.zone/resources/6acvt/login/orkla/img/ |
248 B 351 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.svg
kc.orkla-dev.nexo.zone/resources/6acvt/login/orkla/img/ |
248 B 0 |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
kc.orkla-dev.nexo.zone/realms/orkla/ | Name: AUTH_SESSION_ID Value: 9072a03c-bbc3-4659-9cf4-e0f05c286465.keycloak-bbd5b49c5-mk69p-51521 |
|
kc.orkla-dev.nexo.zone/realms/orkla/ | Name: AUTH_SESSION_ID_LEGACY Value: 9072a03c-bbc3-4659-9cf4-e0f05c286465.keycloak-bbd5b49c5-mk69p-51521 |
|
kc.orkla-dev.nexo.zone/realms/orkla/ | Name: KC_RESTART Value: eyJhbGciOiJIUzUxMiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJiY2U0OTYyNy1iNDdjLTQ1NjctYWJmOS01MmY5MzM0NTgzN2MifQ.eyJjaWQiOiJvY2Vhbi1sb2NhbCIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHBzOi8vb3JrbGEtZGV2Lm5leG8uem9uZSIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7InNjb3BlIjoib3BlbmlkIiwiaXNzIjoiaHR0cHM6Ly9rYy5vcmtsYS1kZXYubmV4by56b25lL3JlYWxtcy9vcmtsYSIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwiY29kZV9jaGFsbGVuZ2VfbWV0aG9kIjoiUzI1NiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vb3JrbGEtZGV2Lm5leG8uem9uZSIsInN0YXRlIjoiZjZmOGZiNTA3MTk1NDJhYTkyNjBhODc4YjE5NWZjZGYiLCJjb2RlX2NoYWxsZW5nZSI6IlZ2MW5zd21Hazl6UV90aF9HbzBJY3hhbDV5RVMtMDFYdWtoQXA0dmR0Y0kifX0.KQkDvi-btuo7RisDA9eBgGpX_hYhb4Cohn8wJn3NghH0_T1zvTrIFZrnHYKMpH6xQcL0Lt7QhE3XWzIwwPZkrA |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15768000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
kc.orkla-dev.nexo.zone
orkla.nexo.zone
rsms.me
104.21.234.235
34.118.12.72
34.118.41.102
24bc56e5e539f3d359e9044d90588c3bbe544851c369ada0b04af0f9787afeea
3b40dd6a81a77fe784ce9a1dc6ceb68e42673a13ae0e9574ba91b55eb459e26f
4a748afd443918bb16591c834c401dae33e87861ab5dbad0811c3a3b4a9214fb
83e39bddc13b8363308011f5831880de5687946c7ebcdea32efb0f1db2da06af
8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18
953ac7bb606305f0d886fab87097bac2f92f3559c98e09f9f0bda462ac950bd3
c078426d333bb5b4a367fc9deb6aed364b82c22882fe9efab85b399ed5511553
c5f03b9b65bcb8f1534d6e34352642fd6118a486c393b5b9fc82c3d79a510b8b
c6606200df0b0066ef04137f2a529050e1a308020a76333fa16bdecabd7c221c