urlscan.io logo urlscan.io
SecurityTrails logo

nordicmafia.org Open in urlscan Pro
2606:4700:20::681a:443  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nordicmafia.org/
Effective URL: https://nordicmafia.org/home
Submission: On April 29 via manual from NO — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 25 HTTP transactions. The main IP is 2606:4700:20::681a:443, located in United States and belongs to CLOUDFLARENET, US. The main domain is nordicmafia.org.
TLS certificate: Issued by GTS CA 1P5 on April 14th 2024. Valid for: 3 months.
This is the only time nordicmafia.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 18 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.164 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
25 7
18    2606:4700:20::681a:443 (United States)

ASN13335 (CLOUDFLARENET, US)
nordicmafia.org
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2606:4700:20::681a:7a0 (United States)

ASN13335 (CLOUDFLARENET, US)
www.termsfeed.com
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
18 nordicmafia.org
nordicmafia.org
571 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
256 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
854 B
1 termsfeed.com
www.termsfeed.com — Cisco Umbrella Rank: 70354
59 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 817
7 KB
25 6
Domain Requested by
18 nordicmafia.org 2 redirects nordicmafia.org
static.cloudflareinsights.com
3 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com nordicmafia.org
1 www.gstatic.com www.google.com
1 www.google.com www.termsfeed.com
1 www.termsfeed.com nordicmafia.org
1 static.cloudflareinsights.com nordicmafia.org
25 7

This site contains no links.

Subject Issuer Validity Valid
nordicmafia.org
GTS CA 1P5		 2024-04-14 -
2024-07-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
termsfeed.com
E1		 2024-03-26 -
2024-06-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://nordicmafia.org/home
Frame ID: 298C11CED44F1A82AEB6DD3C2D00835E
Requests: 22 HTTP requests in this frame

Frame: https://nordicmafia.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Frame ID: E12F2E944904951721EFC9C6A60FF9B8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nordicmafia - Slaget om Norden

Page URL History Show full URLs

  1. http://nordicmafia.org/ HTTP 307
    https://nordicmafia.org/ HTTP 302
    https://nordicmafia.org/home Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

25
Requests

96 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

894 kB
Transfer

2002 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nordicmafia.org/ HTTP 307
    https://nordicmafia.org/ HTTP 302
    https://nordicmafia.org/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://nordicmafia.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://nordicmafia.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request home
nordicmafia.org/
Redirect Chain
  • http://nordicmafia.org/
  • https://nordicmafia.org/
  • https://nordicmafia.org/home
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nordicmafia.org/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10a3f401f9539371c6de1852b2b35607c2329ceb05950692ef80dc7a03843bea

Request headers

Accept-Language
no-NO,no;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
87bec7428bf0d90a-HEL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 29 Apr 2024 10:58:41 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yemPhuJ%2FdLkPs7DT9WT3i32INehUGdpWEcRRSiXilFnQxcxZSVgg3Xf3lZXTV41gu1kS23%2B%2B3SF4FsoGCsN2uO9Kyt9OKV4OqGVW8JM4WvG3yAMYP7DeDyOVoX4t3HZhPkmA%2FQhE%2Bh6Bm8REnw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
87bec7421ba6d90a-HEL
content-type
text/html; charset=UTF-8
date
Mon, 29 Apr 2024 10:58:41 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
home
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2Br9n4OXi6RzQRUkQHOoN%2FzYrgW5ByXxyliVE6bryWsiwfQBgfvJKLYq5BPjQ%2BwuLEN2cwVsFeDoVSj6QVQc2c8sCCToSDIUMkrAwVHpqJuV5fFdO7UjVDjPqWee2qqzP8eHoPnRWe1NVXsbew%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
bootstrap.css
nordicmafia.org/static/bootstrap/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nordicmafia.org/static/bootstrap/css/bootstrap.css
Requested by
Host: nordicmafia.org
URL: https://nordicmafia.org/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4116314cbb9cec9521aea815c853cc04ad654c6d92c1c972055f7e76051dbbd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nordicmafia.org/home
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 10:58:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sat, 04 Feb 2023 11:55:20 GMT
server
cloudflare
age
4393
cf-polished
origSize=192348
etag
W/"2ef5c-5f3de78e33a00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q5VCVLuIglHtonxSC7aZTRjJkgHxPc7u99SBNN2sIRa6gdN%2FCOEO20ZH%2F9DIEJwmA0tftKRANTkinzJy6fa%2F8waRUsVC98ahXVfp1%2BGlbXpk4hmYE%2BvtxAj%2BaUYAGoyq%2Blsw07WPE6Dn9OZOHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=86400
cf-ray
87bec7430c3ed90a-HEL
css
fonts.googleapis.com/ 		9 KB
864 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: nordicmafia.org
URL: https://nordicmafia.org/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nordicmafia.org/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 Apr 2024 10:58:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 29 Apr 2024 10:10:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Apr 2024 10:58:41 GMT
css2
fonts.googleapis.com/ 		2 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap
Requested by
Host: nordicmafia.org
URL: https://nordicmafia.org/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
69509915b760fa00fbcc9bef4c2a020d056e98c80fd45ac7ab3b883143969a39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nordicmafia.org/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 Apr 2024 10:58:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 29 Apr 2024 10:58:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Apr 2024 10:58:41 GMT
bundle_auth.css
nordicmafia.org/static/bundles/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nordicmafia.org/static/bundles/bundle_auth.css?
Requested by
Host: nordicmafia.org
URL: https://nordicmafia.org/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cf8dc17b9edbd60e1d31bb3301bac543af03122c3fbbb4a3d2a3f58d76031f4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nordicmafia.org/home
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 10:58:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 11 Apr 2024 19:17:24 GMT
server
cloudflare
age
4393
cf-polished
origSize=9430
etag
W/"24d6-615d701495900"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pGqMW1F3%2F%2BR6vfG5DagW%2BRTl4rAJz2uyr7Hv4rHNISSGjNOt1tYQONzEh7SHtFnIhdGenB4V7SAhU71kpWY0%2Bxh3%2BgkGOrudtJApFqtx6nz%2Bg89SyYnvrR1oC%2FEv4Ma1kKBbzON3Z67k3y7H%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=86400
cf-ray
87bec7430c3fd90a-HEL
entry_auth.css
nordicmafia.org/static/bundles/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nordicmafia.org/static/bundles/entry_auth.css?
Requested by
Host: nordicmafia.org
URL: https://nordicmafia.org/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec004ea798d3be2ab3cde200b59505f3b65515081f2269105015cf2c4190319b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nordicmafia.org/home
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 10:58:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sun, 21 Apr 2024 11:16:20 GMT
server
cloudflare
age
4393
cf-polished
origSize=14192
etag
W/"3770-6169973456900"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FXkf1wK4jbUIHWui5uIzgeMESpEO7d90DMdZemp9dd0Xi0AGVRTMTbtKPN2SFSf0R4kNS61Sy%2FMzHutEuFoKj8D66sk5Cgq7SLwXdNVYOyGn4%2B1w%2FsrH47rI0pghWeGi9FDGmoP4IPVJKvnQLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=86400
cf-ray
87bec7430c40d90a-HEL
rocket-loader.min.js
nordicmafia.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordicmafia.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: nordicmafia.org
URL: https://nordicmafia.org/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nordicmafia.org/home
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 10:58:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Apr 2024 20:54:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6622d9ef-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j0%2BQZZFSva61DtDUwEBmGU%2BKRjx5z5fsAS%2BTOryZiZOCqf5AnSG1GFTm7t%2BDHXbZO8tcEsfmWSLARe%2FvrSL1lTof97%2BhGsp8GzULwv2fn2p7rPgxqWszffAfFB9RoVv%2B5jCoJvTzTlLQ560SRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
87bec7432c4ed90a-HEL
expires
Wed, 01 May 2024 10:58:41 GMT
v55bfa2fee65d44688e90c00735ed189a1713218998793
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
Requested by
Host: nordicmafia.org
URL: https://nordicmafia.org/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nordicmafia.org/
Origin
https://nordicmafia.org
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 10:58:41 GMT
content-encoding
gzip
last-modified
Tue, 23 Apr 2024 12:12:17 GMT
server
cloudflare
etag
W/"2024.4.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
87bec743fdd5b521-OSL
entry_auth.js
nordicmafia.org/static/bundles/ 		380 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordicmafia.org/static/bundles/entry_auth.js?
Requested by
Host: nordicmafia.org
URL: https://nordicmafia.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18eb8497b14a4d46d5fd2b1a963dc0a9c0464dfc54b91332653e563bc4566f32

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nordicmafia.org/home
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 10:58:42 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sun, 21 Apr 2024 11:16:20 GMT
server
cloudflare
age
4394
cf-polished
origSize=389154
etag
W/"5f022-6169973456900"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cFlZ%2FjLonPm9eqk36jzmBQIf8t%2F2wH990vkQ2X6mWqqLs2EONdkEFfgnYK360YB%2BfvmpFEtjInLZ8p2Wd8X%2BG77g1o5v0feLM%2F%2BTszNYXDcoEWglrq998cxdDIOgK2a067StKJgi%2BHLpx8zENA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=86400
cf-ray
87bec7449d47d90a-HEL
cookie-consent.js
www.termsfeed.com/public/cookie-consent/4.1.0/ 		210 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.termsfeed.com/public/cookie-consent/4.1.0/cookie-consent.js
Requested by
Host: nordicmafia.org
URL: https://nordicmafia.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a51bc50699c186930e68de1b858f038ba71cf3b4b5bb4ef646d20570a2c4171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nordicmafia.org/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-priority
5/n
date
Mon, 29 Apr 2024 10:58:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25242
cf-polished
origSize=214664
x-z
5179
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Sun, 28 Apr 2024 20:45:50 GMT
server
cloudflare
etag
W/"807c933d51701c520db0f0ed660a1e37"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C8%2BDnT9zRhVii6cLAiCcOP56krbOvPWGGFHdUp7YpKnPE5A8kOdvleVra0Zl5Jn0UNR6LzI1E7uP3ZJSRa456%2FdCsIpL9twl1VNbLIQoWMEoRy0FE9cYHvtTvvoSd9Cm4ypz%2FoE5iE%2BbEIld76N7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
public, immutable, max-age=3600
cf-ray
87bec74559b0d93b-HEL
expires
Sun, 28 Apr 2024 22:45:50 GMT
bootstrap.bundle.js
nordicmafia.org/static/bootstrap/js/ 		122 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordicmafia.org/static/bootstrap/js/bootstrap.bundle.js
Requested by
Host: nordicmafia.org
URL: https://nordicmafia.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
befc3e77fa3c8a25cd16ad52f5fbac02381922b05c1de3e46f284d970040d510

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nordicmafia.org/home
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 10:58:42 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sat, 04 Feb 2023 11:55:20 GMT
server
cloudflare
age
4394
cf-polished
origSize=222911
etag
W/"366bf-5f3de78e33a00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=muNjfNnUwZdfns%2F7gimuDfcdpziWRJUpVzt9Fx7VGpdSGlgv%2F78Lf8ttGpm818jDNP%2FoIsvYVtbBNBUrUMWJB%2BlFXpQ029r57Usj0%2F5S4V2LItPrJWzPdqg494dSdAHgMSOVhd3KZQiuLRFtKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=86400
cf-ray
87bec7449d48d90a-HEL
main.js
nordicmafia.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/ Frame E12F
Redirect Chain
  • https://nordicmafia.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://nordicmafia.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordicmafia.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Protocol
H2
Server
2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7ee1acb5b0bbf71c553459ece7d8ecb32b153563d9fe0f96e22fb65cbde8996
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
no-NO,no;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Apr 2024 10:58:42 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a2lCUg2RRXd3kh0MPCJBFv7zIgbevURXyOsLGNKEu%2FbX9R2kiwj4oO9Dr8ouFv1Umo%2BHn6vcjFAzpy%2FyaEs5NYqd52JgW38aBfYbYy8aUaoPiYc72MqdSrIINs7Bu5eE42FcNpHF7VSBW%2BLxog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
87bec744fd79d90a-HEL

Redirect headers

date
Mon, 29 Apr 2024 10:58:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2BogWrCyfMVR0vdyQufzwKMdUjTK4Jg3vTJe1I21oCtjgC0i7ssNGUObLtwWqje4cPzXvMxClFJBhh2K88Qb3Oe5OfhIg3KXslCEPp1HE1Z%2FsOgsPfh2nv%2FwqWuFhL3g1cCiAauH%2B%2F8K2LAwAg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
cache-control
max-age=300, public
cf-ray
87bec7449d4bd90a-HEL
content-length
0
favicon-32x32.png
nordicmafia.org/static/resources/favicon// 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nordicmafia.org/static/resources/favicon//favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4c1bc99110a463c10d1ac0b487d529864ad702ed7805c6aee808594cfdc56f3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nordicmafia.org/home
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 10:58:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4394
cf-polished
origSize=2345
content-length
2021
cf-bgj
imgq:100,h2pri
last-modified
Fri, 01 Mar 2024 13:44:38 GMT
server
cloudflare
etag
"929-6129993b9fd80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fKWNQXdc%2BpBGnvhSfepjzLWpP2FZyVHApi3tKvPuSZJs%2FUAJacevveVHixTZLZ7B054Nj2fBOhs3fYHK8ohHa7uMt37qmWKS8QE6SVQBLchamcNKR7GdUE88coF%2Fjbx0tF%2F3C6Mr2pOAk7SXUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
87bec744ad4ed90a-HEL
87bec7428bf0d90a
nordicmafia.org/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame E12F 		0
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nordicmafia.org/cdn-cgi/challenge-platform/h/b/jsd/r/87bec7428bf0d90a
Requested by
Host: nordicmafia.org
URL: https://nordicmafia.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 29 Apr 2024 10:58:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
87bec745ce1cd90a-HEL
content-length
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6hGlAtDfOG3wYy%2BqalnHu%2FXV9FMdk%2BRWhHBb6fM9Wz0SAbrrMBKpnZnSGRuQiNw4N5FLA6tV%2BK23wsGATE99%2FNM3AADSyYyk%2Fk7jBKJ%2F%2BMABU8zRkKGcFA1Owz%2FyX2Az1M6F9z1yw%2FRbgjk%2BtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
logo_square_transp.png
nordicmafia.org/static/resources/landing_page/ 		155 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordicmafia.org/static/resources/landing_page/logo_square_transp.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e31e1421ca7578d020f0d96eab1706b5a9623407dd67e28e0d5fa898bfe670c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nordicmafia.org/home
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 10:58:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2894
cf-polished
origSize=171823
content-length
158904
cf-bgj
imgq:100,h2pri
last-modified
Fri, 01 Mar 2024 13:44:38 GMT
server
cloudflare
etag
"29f2f-6129993b9fd80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sq9xufOAydwbpWlPgHvBkRcvlhjpG%2B9vP5H1XrooaCyyjPXSP720jrk6RM8Cei90ZtIuYvGuDoPC%2FUMHNh04NxaOADX2UuzL91sLaPKhPNsNpAOvtmHa6zcoTwx2SVYV48abzxxv%2Bg%2BwLctgWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
87bec7461e4bd90a-HEL
logo.svg
nordicmafia.org/static/resources/images/ 		199 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordicmafia.org/static/resources/images/logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b612cd218645b9bcbafd4953b355a86b48a3b379a35857aeaf952c9cdf850fcd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nordicmafia.org/home
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 10:58:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Mar 2024 13:44:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4394
etag
W/"31d5f-6129993b9fd80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VXPBEZT530YGBTWAamJ3rA3K7jSzBqvZjpjICEkB4TfXrvHd%2B444vmcXyc0cRoIWfdo3Jzi1GaI0AcisbVIw1MEBvEKQUF4ntUP4lplMHE8ykuZQ9N2YnFsjYCLnLYlg3%2FpBA6n4LcPkDx1LOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
87bec7461e4cd90a-HEL
ellar.png
nordicmafia.org/static/resources/landing_page/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordicmafia.org/static/resources/landing_page/ellar.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1978475fce2b1914a5e2d639f307b63c16d47139445953c874067ff4298b1cd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nordicmafia.org/home
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 10:58:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4394
cf-polished
origSize=16349
content-length
9543
cf-bgj
imgq:100,h2pri
last-modified
Fri, 01 Mar 2024 13:44:38 GMT
server
cloudflare
etag
"3fdd-6129993b9fd80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oUzfWatiVH4ThJkLxFackV%2FWY8UW3cEa4Pj%2BdtJlq5R2KcAqhhk8Oj%2FSA7YE3heCQ1X8tEtBMrEHLRvUvgxoFK%2FZgRyXkrpQdqv9OHKdrKxAq3oZmt%2Bwwic3lyiW7OFInuY3UzQRAZ18RBSYug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
87bec7461e4dd90a-HEL
nm_landing_bg.webp
nordicmafia.org/static/resources/landing_page/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordicmafia.org/static/resources/landing_page/nm_landing_bg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cbc76a984ded61dd3567200934acfdf864fb0467b34a35b8f0c1a85c8442296

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nordicmafia.org/home
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 10:58:42 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Mar 2024 13:44:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2405
etag
"20ef8-6129993b9fd80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2FHiux0AqPp13EConL5M9RsD398vcSlrrpHF2oK%2F8pABHx%2Be1mw1Jm41GZmczU6Q0NGrmehCQmsHFZs8P%2BIh4umnnqAcPY91vAWFliFZlMO3%2Bb99KBgAbb%2FEvxgi6k%2FrvBUlKW3FvWKv9%2FD70A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
87bec7461e4ed90a-HEL
content-length
134904
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://nordicmafia.org
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 12:16:59 GMT
x-content-type-options
nosniff
age
168103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Apr 2025 12:16:59 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://nordicmafia.org
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 05:26:16 GMT
x-content-type-options
nosniff
age
192746
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Apr 2025 05:26:16 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://nordicmafia.org
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 11:56:44 GMT
x-content-type-options
nosniff
age
428518
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Apr 2025 11:56:44 GMT
api.js
www.google.com/recaptcha/ 		1 KB
854 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.termsfeed.com
URL: https://www.termsfeed.com/public/cookie-consent/4.1.0/cookie-consent.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
6e898fd4f085f68b92aa2aeed8518789f63e17cb05f7884be5bc6cd3e1002fc6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nordicmafia.org/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 10:58:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 29 Apr 2024 10:58:42 GMT
87bec7428bf0d90a
nordicmafia.org/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame E12F 		0
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nordicmafia.org/cdn-cgi/challenge-platform/h/b/jsd/r/87bec7428bf0d90a
Requested by
Host: nordicmafia.org
URL: https://nordicmafia.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 29 Apr 2024 10:58:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
87bec746aec8d90a-HEL
content-length
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TtcovUn8jXoXWjuvDPXI%2BQOklp53ELngJB%2BE%2FaqQ%2BLSJChI1ddrGM%2FzXmgMtHgrXDxf6Nkay7yZ6jyUAPgmmaypW5QIm3lpII%2FWhhY7nQKKvcsruTnQ6y0hT0zF1DYCMOpc85ZmTxV9avtpi%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
rum
nordicmafia.org/cdn-cgi/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nordicmafia.org/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:443 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://nordicmafia.org/home
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 29 Apr 2024 10:58:42 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://nordicmafia.org
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
87bec746aecfd90a-HEL
recaptcha__no.js
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/ 		508 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__no.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9812d3900a855f6817f4b6413e96e87c06a941f70b78a9723296389b42569a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://nordicmafia.org/
Origin
https://nordicmafia.org
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 02:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202526
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206688
x-xss-protection
0
last-modified
Mon, 22 Apr 2024 21:03:35 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 27 Apr 2025 02:43:16 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __cfQR object| __cfBeacon object| bootstrap object| cookieconsent string| __reactRouterVersion boolean| __cfRLUnblockHandlers object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha

3 Cookies

Domain/Path Name / Value
nordicmafia.org/ Name: PHPSESSID
Value: f56ljfuj6bsgb8df6ks469jqpk
nordicmafia.org/ Name: cookie_consent_level
Value: %7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Afalse%2C%22tracking%22%3Afalse%2C%22targeting%22%3Afalse%7D
.nordicmafia.org/ Name: cf_clearance
Value: LlEYiJa4S11w.1w29NafNAx1auX9Qow290To3uUA0V8-1714388322-1.0.1.1-g0gQhm7eyJ3LRwfo97p03E.IOYh7.SnTijwY0y8oTOzjAaDnoCZ0Br3ytYyj0.DV7oczrKie3HOVBF51h7.RMA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
nordicmafia.org
static.cloudflareinsights.com
www.google.com
www.gstatic.com
www.termsfeed.com
142.250.186.164
2606:4700:20::681a:443
2606:4700:20::681a:7a0
2606:4700::6810:5049
2a00:1450:4001:812::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0e31e1421ca7578d020f0d96eab1706b5a9623407dd67e28e0d5fa898bfe670c
10a3f401f9539371c6de1852b2b35607c2329ceb05950692ef80dc7a03843bea
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
18eb8497b14a4d46d5fd2b1a963dc0a9c0464dfc54b91332653e563bc4566f32
3cbc76a984ded61dd3567200934acfdf864fb0467b34a35b8f0c1a85c8442296
69509915b760fa00fbcc9bef4c2a020d056e98c80fd45ac7ab3b883143969a39
6a51bc50699c186930e68de1b858f038ba71cf3b4b5bb4ef646d20570a2c4171
6e898fd4f085f68b92aa2aeed8518789f63e17cb05f7884be5bc6cd3e1002fc6
7cf8dc17b9edbd60e1d31bb3301bac543af03122c3fbbb4a3d2a3f58d76031f4
a7ee1acb5b0bbf71c553459ece7d8ecb32b153563d9fe0f96e22fb65cbde8996
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
b612cd218645b9bcbafd4953b355a86b48a3b379a35857aeaf952c9cdf850fcd
befc3e77fa3c8a25cd16ad52f5fbac02381922b05c1de3e46f284d970040d510
c4c1bc99110a463c10d1ac0b487d529864ad702ed7805c6aee808594cfdc56f3
c9812d3900a855f6817f4b6413e96e87c06a941f70b78a9723296389b42569a5
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e1978475fce2b1914a5e2d639f307b63c16d47139445953c874067ff4298b1cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec004ea798d3be2ab3cde200b59505f3b65515081f2269105015cf2c4190319b
f4116314cbb9cec9521aea815c853cc04ad654c6d92c1c972055f7e76051dbbd
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615