udkaksaray.com Open in urlscan Pro
37.230.106.206  Malicious Activity! Public Scan

24 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://udkaksaray.com/cli/f/login1.php Page URL
2. http://udkaksaray.com/cli/f/sms3.php Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	login1.php Show response udkaksaray.com/cli/f/	117 KB 17 KB	234ms 148ms	Document text/html	37.230.106.206 AEROTEK-AS
General Check archive.org Show headers Download Go to Full URL http://udkaksaray.com/cli/f/login1.php Protocol HTTP/1.1 Server 37.230.106.206 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc49.turhost.com Software / PHP/7.3.23 Resource Hash 5fa97e7af939a00dfad7f6bbc8f267a5efee19f08e88794ccf585c06f23b0227 Security Headers Name Value X-Content-Type-Options nosniff Request headers Host udkaksaray.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Connection Keep-Alive X-Powered-By PHP/7.3.23 Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Content-Encoding gzip Vary Accept-Encoding Date Tue, 02 Feb 2021 06:34:29 GMT X-Content-Type-Options nosniff
GET H/1.1	200 OK	nordeapn4134.css solo1.nordea.fi/nsp/css/	64 KB 15 KB	313ms 43ms	Stylesheet text/css	158.233.249.8 NORDEA-AS
General Check archive.org Show headers Download Go to Full URL https://solo1.nordea.fi/nsp/css/nordeapn4134.css Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/login1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.233.249.8 , Finland, ASN201271 (NORDEA-AS, SE), Reverse DNS Software / Servlet/2.5 JSP/2.1 Resource Hash 4ea8c5d1cfe47987cbcef1d45925812c57bfe450f148fb5f97d6771ae8befeaa Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Frame-Options SAMEORIGIN Request headers Referer http://udkaksaray.com/cli/f/login1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 06:34:30 GMT Content-Encoding gzip Last-Modified Fri, 22 Jan 2021 16:27:04 GMT X-Powered-By Servlet/2.5 JSP/2.1 ntCoent-Length 65665 X-Frame-Options SAMEORIGIN Content-Type text/css; charset=UTF-8 Cache-Control private Transfer-Encoding chunked Strict-Transport-Security max-age=157680000 Accept-Ranges bytes
GET H/1.1	404 Not Found	logoprint.gif udkaksaray.com/cli/f/general/images/	1000 B 1000 B	3765ms 3748ms	Image text/html	37.230.106.206 AEROTEK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://udkaksaray.com/cli/f/general/images/logoprint.gif Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/login1.php Protocol HTTP/1.1 Server 37.230.106.206 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc49.turhost.com Software / PHP/7.3.23 Resource Hash 81c22331735c164f946337232024b6d7e1625b37dfe774c03076226ac0c65163 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://udkaksaray.com/cli/f/login1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 02 Feb 2021 06:34:33 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Powered-By PHP/7.3.23 Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Length 531
GET H/1.1	200 OK	new_nordea_logo.gif solo1.nordea.fi/nsp/general/images/	987 B 2 KB	308ms 40ms	Image image/gif	158.233.249.8 NORDEA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://solo1.nordea.fi/nsp/general/images/new_nordea_logo.gif Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/login1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.233.249.8 , Finland, ASN201271 (NORDEA-AS, SE), Reverse DNS Software / Servlet/2.5 JSP/2.1 Resource Hash 416c43c7789970ffa77271a78cb9ea02eebf7191fdcc4d15d13501c9cdb30c0d Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Frame-Options SAMEORIGIN Request headers Referer http://udkaksaray.com/cli/f/login1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 06:34:30 GMT Last-Modified Tue, 12 May 2020 00:21:47 GMT X-Powered-By Servlet/2.5 JSP/2.1 X-Frame-Options SAMEORIGIN Content-Type image/gif Strict-Transport-Security max-age=157680000 Accept-Ranges bytes Content-Length 987
GET H/1.1	200 OK	headline_netbank.gif solo1.nordea.fi/nsp/dev/fullsize/htmlcss/fi_FI/images/	827 B 1 KB	309ms 41ms	Image image/gif	158.233.249.8 NORDEA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://solo1.nordea.fi/nsp/dev/fullsize/htmlcss/fi_FI/images/headline_netbank.gif Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/login1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.233.249.8 , Finland, ASN201271 (NORDEA-AS, SE), Reverse DNS Software / Servlet/2.5 JSP/2.1 Resource Hash f22d3649d56bf8c49dee3bbf8a167d3ac450016273d8fcccdb6772fc4f062c12 Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Frame-Options SAMEORIGIN Request headers Referer http://udkaksaray.com/cli/f/login1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 06:34:30 GMT Last-Modified Tue, 12 May 2020 00:29:00 GMT X-Powered-By Servlet/2.5 JSP/2.1 X-Frame-Options SAMEORIGIN Content-Type image/gif Strict-Transport-Security max-age=157680000 Accept-Ranges bytes Content-Length 827
GET H/1.1	404 Not Found	jquery-1.12.4.min.js udkaksaray.com/cli/f/js/jquery/	0 0	3764ms 3753ms	Script text/html	37.230.106.206 AEROTEK-AS
General Check archive.org Show headers Download Go to Full URL http://udkaksaray.com/cli/f/js/jquery/jquery-1.12.4.min.js Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/login1.php Protocol HTTP/1.1 Server 37.230.106.206 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc49.turhost.com Software / PHP/7.3.23 Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://udkaksaray.com/cli/f/login1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 02 Feb 2021 06:34:33 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Powered-By PHP/7.3.23 Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Length 531
GET H/1.1	404 Not Found	IncorrectInput.gif udkaksaray.com/cli/f/general/images/	1000 B 1000 B	3761ms 3747ms	Image text/html	37.230.106.206 AEROTEK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://udkaksaray.com/cli/f/general/images/IncorrectInput.gif Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/login1.php Protocol HTTP/1.1 Server 37.230.106.206 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc49.turhost.com Software / PHP/7.3.23 Resource Hash 81c22331735c164f946337232024b6d7e1625b37dfe774c03076226ac0c65163 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://udkaksaray.com/cli/f/login1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 02 Feb 2021 06:34:33 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Powered-By PHP/7.3.23 Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Length 531
GET H/1.1	404 Not Found	pi4_Netbank-fi-launch-186X130-FI.jpg.jpg udkaksaray.com/web_elements/images/web/local/fi3/fi/Picture/	1000 B 1000 B	3763ms 3721ms	Image text/html	37.230.106.206 AEROTEK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://udkaksaray.com/web_elements/images/web/local/fi3/fi/Picture/pi4_Netbank-fi-launch-186X130-FI.jpg.jpg Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/login1.php Protocol HTTP/1.1 Server 37.230.106.206 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc49.turhost.com Software / PHP/7.3.23 Resource Hash 81c22331735c164f946337232024b6d7e1625b37dfe774c03076226ac0c65163 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://udkaksaray.com/cli/f/login1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 02 Feb 2021 06:34:33 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Powered-By PHP/7.3.23 Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Length 531
GET H/1.1	404 Not Found	ic4_icon_popup.gif udkaksaray.com/web_elements/images/web/common/content/All/Icon/	1000 B 1000 B	147ms 147ms	Image text/html	37.230.106.206 AEROTEK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://udkaksaray.com/web_elements/images/web/common/content/All/Icon/ic4_icon_popup.gif Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/login1.php Protocol HTTP/1.1 Server 37.230.106.206 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc49.turhost.com Software / PHP/7.3.23 Resource Hash 81c22331735c164f946337232024b6d7e1625b37dfe774c03076226ac0c65163 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://udkaksaray.com/cli/f/login1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 02 Feb 2021 06:34:33 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Powered-By PHP/7.3.23 Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Length 531
GET H/1.1	404 Not Found	ic4_icon_arrow.gif udkaksaray.com/web_elements/images/web/local/fi3/All/Icon/	1000 B 1000 B	149ms 149ms	Image text/html	37.230.106.206 AEROTEK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://udkaksaray.com/web_elements/images/web/local/fi3/All/Icon/ic4_icon_arrow.gif Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/login1.php Protocol HTTP/1.1 Server 37.230.106.206 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc49.turhost.com Software / PHP/7.3.23 Resource Hash 81c22331735c164f946337232024b6d7e1625b37dfe774c03076226ac0c65163 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://udkaksaray.com/cli/f/login1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 02 Feb 2021 06:34:33 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Powered-By PHP/7.3.23 Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Length 531
GET H/1.1	404 Not Found	bt.gif udkaksaray.com/cli/f/general/images/	1000 B 1000 B	155ms 155ms	Image text/html	37.230.106.206 AEROTEK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://udkaksaray.com/cli/f/general/images/bt.gif Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/login1.php Protocol HTTP/1.1 Server 37.230.106.206 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc49.turhost.com Software / PHP/7.3.23 Resource Hash 81c22331735c164f946337232024b6d7e1625b37dfe774c03076226ac0c65163 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://udkaksaray.com/cli/f/login1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 02 Feb 2021 06:34:33 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Powered-By PHP/7.3.23 Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Length 531
GET H/1.1	404 Not Found	tealium_FI.js udkaksaray.com/cli/f/js/	0 0	3813ms 3798ms	Script text/html	37.230.106.206 AEROTEK-AS
General Check archive.org Show headers Download Go to Full URL http://udkaksaray.com/cli/f/js/tealium_FI.js Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/login1.php Protocol HTTP/1.1 Server 37.230.106.206 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc49.turhost.com Software / PHP/7.3.23 Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://udkaksaray.com/cli/f/login1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 02 Feb 2021 06:34:33 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Powered-By PHP/7.3.23 Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Length 531
GET H/1.1	404 Not Found	createPageTitleAndContentGroup_WT.js udkaksaray.com/cli/f/js/	0 0	3808ms 3793ms	Script text/html	37.230.106.206 AEROTEK-AS
General Check archive.org Show headers Download Go to Full URL http://udkaksaray.com/cli/f/js/createPageTitleAndContentGroup_WT.js Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/login1.php Protocol HTTP/1.1 Server 37.230.106.206 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc49.turhost.com Software / PHP/7.3.23 Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://udkaksaray.com/cli/f/login1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 02 Feb 2021 06:34:33 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Powered-By PHP/7.3.23 Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Length 531
GET H/1.1	200 OK	f09f6a78_panel-fi.js Show response policy.cookiereports.com/	120 KB 23 KB	50ms 28ms	Script application/javascript	34.107.253.133 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://policy.cookiereports.com/f09f6a78_panel-fi.js Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/login1.php Protocol HTTP/1.1 Server 34.107.253.133 , United States, ASN15169 (GOOGLE, US), Reverse DNS 133.253.107.34.bc.googleusercontent.com Software Apache / Resource Hash 35def5406cfa802d28edb7ea4bedea9a52590a230fda05008c7d7f50fee03a67 Request headers Referer http://udkaksaray.com/cli/f/login1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 06:34:29 GMT Via 1.1 google Server Apache Vary Accept-Encoding Content-Type application/javascript Cache-Control public,max-age=3600 Transfer-Encoding chunked Content-Encoding gzip
GET H/1.1	200 OK	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 31 KB	14ms 7ms	Script text/javascript	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL http://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/login1.php Protocol HTTP/1.1 Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://udkaksaray.com/cli/f/login1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 01 Feb 2021 11:11:27 GMT Content-Encoding gzip X-Content-Type-Options nosniff Age 69782 Cross-Origin-Resource-Policy cross-origin Content-Length 31021 X-XSS-Protection 0 Last-Modified Fri, 08 May 2020 07:05:03 GMT Server sffe Vary Accept-Encoding Content-Type text/javascript; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000, stale-while-revalidate=2592000 Accept-Ranges bytes Timing-Allow-Origin * Expires Tue, 01 Feb 2022 11:11:27 GMT
GET H/1.1	200 OK	tab_left_on.gif solo1.nordea.fi/nsp/general/images/	146 B 731 B	38ms 37ms	Image image/gif	158.233.249.8 NORDEA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://solo1.nordea.fi/nsp/general/images/tab_left_on.gif Requested by Host: solo1.nordea.fi URL: https://solo1.nordea.fi/nsp/css/nordeapn4134.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.233.249.8 , Finland, ASN201271 (NORDEA-AS, SE), Reverse DNS Software / Servlet/2.5 JSP/2.1 Resource Hash afa364466000fd40797a1f566c025d6306131179d284aeee1a24825b6f594397 Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Frame-Options SAMEORIGIN Request headers Referer https://solo1.nordea.fi/nsp/css/nordeapn4134.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 06:34:30 GMT Last-Modified Tue, 12 May 2020 00:26:53 GMT X-Powered-By Servlet/2.5 JSP/2.1 X-Frame-Options SAMEORIGIN Content-Type image/gif Strict-Transport-Security max-age=157680000 Accept-Ranges bytes Content-Length 146
GET H/1.1	200 OK	tab_right_on.gif solo1.nordea.fi/nsp/general/images/	374 B 959 B	38ms 38ms	Image image/gif	158.233.249.8 NORDEA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://solo1.nordea.fi/nsp/general/images/tab_right_on.gif Requested by Host: solo1.nordea.fi URL: https://solo1.nordea.fi/nsp/css/nordeapn4134.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.233.249.8 , Finland, ASN201271 (NORDEA-AS, SE), Reverse DNS Software / Servlet/2.5 JSP/2.1 Resource Hash 5dd358892efe04d5013be059df15be67ec2e2baf532584c5678d3f30d8e29951 Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Frame-Options SAMEORIGIN Request headers Referer https://solo1.nordea.fi/nsp/css/nordeapn4134.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 06:34:30 GMT Last-Modified Tue, 12 May 2020 00:20:43 GMT X-Powered-By Servlet/2.5 JSP/2.1 X-Frame-Options SAMEORIGIN Content-Type image/gif Strict-Transport-Security max-age=157680000 Accept-Ranges bytes Content-Length 374
GET H/1.1	200 OK	tab_left.gif solo1.nordea.fi/nsp/general/images/	383 B 968 B	38ms 37ms	Image image/gif	158.233.249.8 NORDEA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://solo1.nordea.fi/nsp/general/images/tab_left.gif Requested by Host: solo1.nordea.fi URL: https://solo1.nordea.fi/nsp/css/nordeapn4134.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.233.249.8 , Finland, ASN201271 (NORDEA-AS, SE), Reverse DNS Software / Servlet/2.5 JSP/2.1 Resource Hash 0418589b166ace440d1803124f08b913868e0929bd14e1951f4383347cc6a149 Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Frame-Options SAMEORIGIN Request headers Referer https://solo1.nordea.fi/nsp/css/nordeapn4134.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 06:34:30 GMT Last-Modified Tue, 12 May 2020 00:25:50 GMT X-Powered-By Servlet/2.5 JSP/2.1 X-Frame-Options SAMEORIGIN Content-Type image/gif Strict-Transport-Security max-age=157680000 Accept-Ranges bytes Content-Length 383
GET H/1.1	200 OK	tab_right.gif solo1.nordea.fi/nsp/general/images/	2 KB 2 KB	76ms 37ms	Image image/gif	158.233.249.8 NORDEA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://solo1.nordea.fi/nsp/general/images/tab_right.gif Requested by Host: solo1.nordea.fi URL: https://solo1.nordea.fi/nsp/css/nordeapn4134.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.233.249.8 , Finland, ASN201271 (NORDEA-AS, SE), Reverse DNS Software / Servlet/2.5 JSP/2.1 Resource Hash 44a89d72c65a0becbc9458eada2156301143c423095decd950303d7a44128131 Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Frame-Options SAMEORIGIN Request headers Referer https://solo1.nordea.fi/nsp/css/nordeapn4134.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 06:34:30 GMT Last-Modified Tue, 12 May 2020 00:28:56 GMT X-Powered-By Servlet/2.5 JSP/2.1 X-Frame-Options SAMEORIGIN Content-Type image/gif Strict-Transport-Security max-age=157680000 Accept-Ranges bytes Content-Length 1708
GET H/1.1	200 OK	tabC_background.gif solo1.nordea.fi/nsp/general/images/	54 B 638 B	38ms 37ms	Image image/gif	158.233.249.8 NORDEA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://solo1.nordea.fi/nsp/general/images/tabC_background.gif Requested by Host: solo1.nordea.fi URL: https://solo1.nordea.fi/nsp/css/nordeapn4134.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.233.249.8 , Finland, ASN201271 (NORDEA-AS, SE), Reverse DNS Software / Servlet/2.5 JSP/2.1 Resource Hash 20b64bed9c688786e32515b5ae1d05692cce12fd8ce2c9313f84a3c0fedbadf7 Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Frame-Options SAMEORIGIN Request headers Referer https://solo1.nordea.fi/nsp/css/nordeapn4134.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 06:34:33 GMT Last-Modified Tue, 12 May 2020 00:20:43 GMT X-Powered-By Servlet/2.5 JSP/2.1 X-Frame-Options SAMEORIGIN Content-Type image/gif Strict-Transport-Security max-age=157680000 Accept-Ranges bytes Content-Length 54
GET H/1.1	200 OK	tabC_left.gif solo1.nordea.fi/nsp/general/images/	231 B 816 B	39ms 38ms	Image image/gif	158.233.249.8 NORDEA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://solo1.nordea.fi/nsp/general/images/tabC_left.gif Requested by Host: solo1.nordea.fi URL: https://solo1.nordea.fi/nsp/css/nordeapn4134.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.233.249.8 , Finland, ASN201271 (NORDEA-AS, SE), Reverse DNS Software / Servlet/2.5 JSP/2.1 Resource Hash 0c890d3ab9c18caca77a012366dbf880a06eabd93fb066a12ded4dca005f3a16 Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Frame-Options SAMEORIGIN Request headers Referer https://solo1.nordea.fi/nsp/css/nordeapn4134.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 06:34:33 GMT Last-Modified Tue, 12 May 2020 00:22:44 GMT X-Powered-By Servlet/2.5 JSP/2.1 X-Frame-Options SAMEORIGIN Content-Type image/gif Strict-Transport-Security max-age=157680000 Accept-Ranges bytes Content-Length 231
GET H/1.1	200 OK	tabC_right.gif solo1.nordea.fi/nsp/general/images/	2 KB 3 KB	38ms 38ms	Image image/gif	158.233.249.8 NORDEA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://solo1.nordea.fi/nsp/general/images/tabC_right.gif Requested by Host: solo1.nordea.fi URL: https://solo1.nordea.fi/nsp/css/nordeapn4134.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.233.249.8 , Finland, ASN201271 (NORDEA-AS, SE), Reverse DNS Software / Servlet/2.5 JSP/2.1 Resource Hash 4313ac7ef8101848558c691f423fed35650f4420835460aa7fb5880ea9172de3 Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Frame-Options SAMEORIGIN Request headers Referer https://solo1.nordea.fi/nsp/css/nordeapn4134.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 06:34:33 GMT Last-Modified Tue, 12 May 2020 00:29:58 GMT X-Powered-By Servlet/2.5 JSP/2.1 X-Frame-Options SAMEORIGIN Content-Type image/gif Strict-Transport-Security max-age=157680000 Accept-Ranges bytes Content-Length 2004
GET H/1.1	200 OK	tabC_left_on.gif solo1.nordea.fi/nsp/general/images/	173 B 757 B	37ms 36ms	Image image/gif	158.233.249.8 NORDEA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://solo1.nordea.fi/nsp/general/images/tabC_left_on.gif Requested by Host: solo1.nordea.fi URL: https://solo1.nordea.fi/nsp/css/nordeapn4134.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.233.249.8 , Finland, ASN201271 (NORDEA-AS, SE), Reverse DNS Software / Servlet/2.5 JSP/2.1 Resource Hash a6862835b321ceba2b9c159f9677d7b73b83f529aaaf7077d21c0324c0c84eee Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Frame-Options SAMEORIGIN Request headers Referer https://solo1.nordea.fi/nsp/css/nordeapn4134.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 06:34:33 GMT Last-Modified Tue, 12 May 2020 00:28:57 GMT X-Powered-By Servlet/2.5 JSP/2.1 X-Frame-Options SAMEORIGIN Content-Type image/gif Strict-Transport-Security max-age=157680000 Accept-Ranges bytes Content-Length 173
GET H/1.1	200 OK	tabC_right_on.gif solo1.nordea.fi/nsp/general/images/	627 B 1 KB	76ms 37ms	Image image/gif	158.233.249.8 NORDEA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://solo1.nordea.fi/nsp/general/images/tabC_right_on.gif Requested by Host: solo1.nordea.fi URL: https://solo1.nordea.fi/nsp/css/nordeapn4134.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.233.249.8 , Finland, ASN201271 (NORDEA-AS, SE), Reverse DNS Software / Servlet/2.5 JSP/2.1 Resource Hash cd640ec6972da2912796f181f490b0e5ddf151a378ff448f9dd820f589951247 Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Frame-Options SAMEORIGIN Request headers Referer https://solo1.nordea.fi/nsp/css/nordeapn4134.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 06:34:33 GMT Last-Modified Tue, 12 May 2020 00:25:51 GMT X-Powered-By Servlet/2.5 JSP/2.1 X-Frame-Options SAMEORIGIN Content-Type image/gif Strict-Transport-Security max-age=157680000 Accept-Ranges bytes Content-Length 627
GET H/1.1	200 OK	bar1_bg.gif solo1.nordea.fi/nsp/general/images/	180 B 765 B	56ms 37ms	Image image/gif	158.233.249.8 NORDEA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://solo1.nordea.fi/nsp/general/images/bar1_bg.gif Requested by Host: solo1.nordea.fi URL: https://solo1.nordea.fi/nsp/css/nordeapn4134.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.233.249.8 , Finland, ASN201271 (NORDEA-AS, SE), Reverse DNS Software / Servlet/2.5 JSP/2.1 Resource Hash fc2c3b723631f2dcd5777133c97c2aaee28ea7bc9a498680e7fc8b4afee262e6 Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Frame-Options SAMEORIGIN Request headers Referer https://solo1.nordea.fi/nsp/css/nordeapn4134.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 06:34:33 GMT Last-Modified Tue, 12 May 2020 00:29:58 GMT X-Powered-By Servlet/2.5 JSP/2.1 X-Frame-Options SAMEORIGIN Content-Type image/gif Strict-Transport-Security max-age=157680000 Accept-Ranges bytes Content-Length 180
GET H/1.1	404 Not Found	createPageTitleAndContentGroup_WT.js udkaksaray.com/cli/f/js/	0 0	134ms 133ms	Script text/html	37.230.106.206 AEROTEK-AS
General Check archive.org Show headers Download Go to Full URL http://udkaksaray.com/cli/f/js/createPageTitleAndContentGroup_WT.js Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/login1.php Protocol HTTP/1.1 Server 37.230.106.206 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc49.turhost.com Software / PHP/7.3.23 Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://udkaksaray.com/cli/f/login1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 02 Feb 2021 06:34:33 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Powered-By PHP/7.3.23 Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Length 531
GET H/1.1	200 OK	Primary Request sms3.php Show response udkaksaray.com/cli/f/	23 KB 6 KB	129ms 115ms	Document text/html	37.230.106.206 AEROTEK-AS
General Check archive.org Show headers Download Go to Full URL http://udkaksaray.com/cli/f/sms3.php Protocol HTTP/1.1 Server 37.230.106.206 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc49.turhost.com Software / PHP/7.3.23 Resource Hash 6d5df1b9d359ce4c4fab0a34e3a16f051a311cd4a984ae2a1c63d6826fce2a22 Security Headers Name Value X-Content-Type-Options nosniff Request headers Host udkaksaray.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://udkaksaray.com/cli/f/login1.php Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://udkaksaray.com/cli/f/login1.php Response headers Connection Keep-Alive X-Powered-By PHP/7.3.23 Content-Type text/html; charset=UTF-8 Content-Length 6324 Content-Encoding gzip Vary Accept-Encoding Date Tue, 02 Feb 2021 06:34:49 GMT X-Content-Type-Options nosniff
GET H/1.1	200 OK	styles-90d1ba6c2eef1d8f73fc94069cfe444b.css identify.nordea.com/assets/	29 KB 6 KB	325ms 42ms	Stylesheet text/css	158.233.249.230 NORDEA-AS
General Check archive.org Show headers Download Go to Full URL https://identify.nordea.com/assets/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/sms3.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.233.249.230 , Finland, ASN201271 (NORDEA-AS, SE), Reverse DNS Software / Resource Hash c52420b71e624dbd9e17fd88a0b97df1ba38d3c92a43592a251c0bd62fa0825c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://udkaksaray.com/cli/f/sms3.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 06:34:49 GMT Content-Encoding gzip Referrer-Policy origin Last-Modified Thu, 17 Dec 2020 05:44:40 GMT X-Backside-Transport OK OK,OK OK Transfer-Encoding chunked Content-Type text/css nnCoection close X-XSS-Protection 1; mode=block Cache-Control max-age=86400 X-Global-Transaction-ID eb55ecf66018f289e6e5dbb1 Vary Accept-Encoding, User-Agent X-Content-Type-Options nosniff
GET H/1.1	404 Not Found	service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg udkaksaray.com/assets/images/	1000 B 1000 B	113ms 112ms	Image text/html	37.230.106.206 AEROTEK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://udkaksaray.com/assets/images/service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/sms3.php Protocol HTTP/1.1 Server 37.230.106.206 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc49.turhost.com Software / PHP/7.3.23 Resource Hash 81c22331735c164f946337232024b6d7e1625b37dfe774c03076226ac0c65163 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://udkaksaray.com/cli/f/sms3.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 02 Feb 2021 06:34:49 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Powered-By PHP/7.3.23 Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Length 531
GET H2	200	images encrypted-tbn0.gstatic.com/	4 KB 5 KB	60ms 40ms	Image image/png	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQElt_MRG-g25B7XsXV-2jpVh2-7fdmYQq9bQ&usqp=CAU Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/sms3.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 227c81c6cd528f9fc78e6cf95787737d899133791092d591485de13a306dc6bb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://udkaksaray.com/cli/f/sms3.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 02 Feb 2021 06:34:49 GMT x-content-type-options nosniff last-modified Fri, 01 May 2020 16:04:07 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4389 x-xss-protection 0 expires Wed, 02 Feb 2022 06:34:49 GMT
GET H/1.1	404 Not Found	technical-error-91ca9eec9eed6ed945355d650bb10d41.svg udkaksaray.com/assets/images/	1000 B 1000 B	233ms 219ms	Image text/html	37.230.106.206 AEROTEK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://udkaksaray.com/assets/images/technical-error-91ca9eec9eed6ed945355d650bb10d41.svg Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/sms3.php Protocol HTTP/1.1 Server 37.230.106.206 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc49.turhost.com Software / PHP/7.3.23 Resource Hash 81c22331735c164f946337232024b6d7e1625b37dfe774c03076226ac0c65163 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://udkaksaray.com/cli/f/sms3.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 02 Feb 2021 06:34:49 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Powered-By PHP/7.3.23 Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Length 531
GET H/1.1	404 Not Found	something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg udkaksaray.com/assets/images/	1000 B 1000 B	276ms 262ms	Image text/html	37.230.106.206 AEROTEK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://udkaksaray.com/assets/images/something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/sms3.php Protocol HTTP/1.1 Server 37.230.106.206 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc49.turhost.com Software / PHP/7.3.23 Resource Hash 81c22331735c164f946337232024b6d7e1625b37dfe774c03076226ac0c65163 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://udkaksaray.com/cli/f/sms3.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 02 Feb 2021 06:34:49 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Powered-By PHP/7.3.23 Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Length 531
GET H/1.1	404 Not Found	cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg udkaksaray.com/assets/images/	1000 B 1000 B	244ms 230ms	Image text/html	37.230.106.206 AEROTEK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://udkaksaray.com/assets/images/cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/sms3.php Protocol HTTP/1.1 Server 37.230.106.206 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc49.turhost.com Software / PHP/7.3.23 Resource Hash 81c22331735c164f946337232024b6d7e1625b37dfe774c03076226ac0c65163 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://udkaksaray.com/cli/f/sms3.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 02 Feb 2021 06:34:49 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Powered-By PHP/7.3.23 Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Length 531
GET H/1.1	404 Not Found	no-connection-83f79e2367a313b468986e12a237c346.svg udkaksaray.com/assets/images/	1000 B 1000 B	251ms 238ms	Image text/html	37.230.106.206 AEROTEK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://udkaksaray.com/assets/images/no-connection-83f79e2367a313b468986e12a237c346.svg Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/sms3.php Protocol HTTP/1.1 Server 37.230.106.206 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc49.turhost.com Software / PHP/7.3.23 Resource Hash 81c22331735c164f946337232024b6d7e1625b37dfe774c03076226ac0c65163 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://udkaksaray.com/cli/f/sms3.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 02 Feb 2021 06:34:49 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Powered-By PHP/7.3.23 Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Length 531
GET H/1.1	404 Not Found	empty-3857ebe69f653487f8c9d99adde4657f.svg udkaksaray.com/assets/images/	1000 B 1000 B	253ms 239ms	Image text/html	37.230.106.206 AEROTEK-AS
General Check archive.org Show headers Download Go to Show image Full URL http://udkaksaray.com/assets/images/empty-3857ebe69f653487f8c9d99adde4657f.svg Requested by Host: udkaksaray.com URL: http://udkaksaray.com/cli/f/sms3.php Protocol HTTP/1.1 Server 37.230.106.206 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc49.turhost.com Software / PHP/7.3.23 Resource Hash 81c22331735c164f946337232024b6d7e1625b37dfe774c03076226ac0c65163 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://udkaksaray.com/cli/f/sms3.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 02 Feb 2021 06:34:49 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Powered-By PHP/7.3.23 Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Length 531
GET		blank.html 887603fc-95d3-4795-a140-3d8f868b4cfb/ Frame A096	0 0
GET		blank.html 887603fc-95d3-4795-a140-3d8f868b4cfb/ Frame 268E	0 0
GET H/1.1	200 OK	564d0ff0f3578b7128a458ef269b286a.jpg identify.nordea.com/assets/	67 KB 67 KB	42ms 41ms	Image image/jpeg	158.233.249.230 NORDEA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://identify.nordea.com/assets/564d0ff0f3578b7128a458ef269b286a.jpg Requested by Host: identify.nordea.com URL: https://identify.nordea.com/assets/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.233.249.230 , Finland, ASN201271 (NORDEA-AS, SE), Reverse DNS Software / Resource Hash 836393ac52708bd75b2e1c88defb51faa58f0fdfa374d57d2529e0a6554882ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://identify.nordea.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 06:34:49 GMT Content-Encoding gzip Referrer-Policy origin Last-Modified Thu, 17 Dec 2020 05:44:40 GMT X-Backside-Transport OK OK,OK OK Transfer-Encoding chunked Content-Type image/jpeg nnCoection close X-XSS-Protection 1; mode=block Cache-Control max-age=86400 X-Global-Transaction-ID 19aea2636018f2892b070f29 X-Content-Type-Options nosniff
GET		c233a817ad142919d728ebf4c8b3d54c.woff2 identify.nordea.com/assets/	0 0
GET		7bc117ce8cbf2ce4b08a7ed17d16cf89.woff2 identify.nordea.com/assets/	0 0
GET		bb0a855a4f155c9c835a419f38c85653.woff2 identify.nordea.com/assets/	0 0
GET		e18bb962ed5dc6adc929833b78251735.woff identify.nordea.com/assets/	0 0
GET		837ba80d0ba906e8c20d2f2342790992.woff identify.nordea.com/assets/	0 0
GET		8303da27eb3496a604f280ca8f3b4388.woff identify.nordea.com/assets/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

887603fc-95d3-4795-a140-3d8f868b4cfb

URL

moz-extension://887603fc-95d3-4795-a140-3d8f868b4cfb/blank.html

Domain

887603fc-95d3-4795-a140-3d8f868b4cfb

URL

moz-extension://887603fc-95d3-4795-a140-3d8f868b4cfb/blank.html

Domain

identify.nordea.com

URL

https://identify.nordea.com/assets/c233a817ad142919d728ebf4c8b3d54c.woff2

Domain

identify.nordea.com

URL

https://identify.nordea.com/assets/7bc117ce8cbf2ce4b08a7ed17d16cf89.woff2

Domain

identify.nordea.com

URL

https://identify.nordea.com/assets/bb0a855a4f155c9c835a419f38c85653.woff2

Domain

identify.nordea.com

URL

https://identify.nordea.com/assets/e18bb962ed5dc6adc929833b78251735.woff

Domain

identify.nordea.com

URL

https://identify.nordea.com/assets/837ba80d0ba906e8c20d2f2342790992.woff

Domain

identify.nordea.com

URL

https://identify.nordea.com/assets/8303da27eb3496a604f280ca8f3b4388.woff

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nordea (Banking)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| GetMessageByChannelID function| GetSystemStatusUrl function| GetQueryStringParams function| success function| error function| parseSystemStatusToolResponse function| autoTab function| formSubmit number| formSubmitted function| toggleRadioButton string| currDate string| currTime string| invoiceNumber string| pageId object| utag_data string| tealium_url undefined| _tag function| call_webtrends function| addLoadEvent function| create_Tealium_tags object| _cookiereports function| $ function| jQuery function| justdoit function| create_WT_tags object| cookieTable object| elm

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			udkaksaray.com/	1969-12-31 23:59:59	Name: d9d2d2597b03978892fdb29ba1ee1650 Value: 3d76740305297d732d4eb34ee92a86ce

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

887603fc-95d3-4795-a140-3d8f868b4cfb
ajax.googleapis.com
encrypted-tbn0.gstatic.com
identify.nordea.com
policy.cookiereports.com
solo1.nordea.fi
udkaksaray.com
887603fc-95d3-4795-a140-3d8f868b4cfb
identify.nordea.com
158.233.249.230
158.233.249.8
2a00:1450:4001:827::200a
2a00:1450:4001:828::200e
34.107.253.133
37.230.106.206
0418589b166ace440d1803124f08b913868e0929bd14e1951f4383347cc6a149
0c890d3ab9c18caca77a012366dbf880a06eabd93fb066a12ded4dca005f3a16
20b64bed9c688786e32515b5ae1d05692cce12fd8ce2c9313f84a3c0fedbadf7
227c81c6cd528f9fc78e6cf95787737d899133791092d591485de13a306dc6bb
35def5406cfa802d28edb7ea4bedea9a52590a230fda05008c7d7f50fee03a67
416c43c7789970ffa77271a78cb9ea02eebf7191fdcc4d15d13501c9cdb30c0d
4313ac7ef8101848558c691f423fed35650f4420835460aa7fb5880ea9172de3
44a89d72c65a0becbc9458eada2156301143c423095decd950303d7a44128131
4ea8c5d1cfe47987cbcef1d45925812c57bfe450f148fb5f97d6771ae8befeaa
5dd358892efe04d5013be059df15be67ec2e2baf532584c5678d3f30d8e29951
5fa97e7af939a00dfad7f6bbc8f267a5efee19f08e88794ccf585c06f23b0227
6d5df1b9d359ce4c4fab0a34e3a16f051a311cd4a984ae2a1c63d6826fce2a22
81c22331735c164f946337232024b6d7e1625b37dfe774c03076226ac0c65163
836393ac52708bd75b2e1c88defb51faa58f0fdfa374d57d2529e0a6554882ff
a6862835b321ceba2b9c159f9677d7b73b83f529aaaf7077d21c0324c0c84eee
afa364466000fd40797a1f566c025d6306131179d284aeee1a24825b6f594397
c52420b71e624dbd9e17fd88a0b97df1ba38d3c92a43592a251c0bd62fa0825c
cd640ec6972da2912796f181f490b0e5ddf151a378ff448f9dd820f589951247
f22d3649d56bf8c49dee3bbf8a167d3ac450016273d8fcccdb6772fc4f062c12
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc2c3b723631f2dcd5777133c97c2aaee28ea7bc9a498680e7fc8b4afee262e6