bankid.gcnaura.in Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/
Submission: On July 06 via manual (July 6th 2023, 7:08:33 am UTC) from NO — Scanned from NO

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is bankid.gcnaura.in.
TLS certificate: Issued by E1 on June 26th 2023. Valid for: 3 months.

This is the only time bankid.gcnaura.in was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BankID (Banking)

Domain & IP information

	IP Address	AS Autonomous System
3 12	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.46 18.66.97.46	16509 (AMAZON-02) (AMAZON-02)
7	51.210.166.81 51.210.166.81	16276 (OVH) (OVH)
17	4

12 2a06:98c1:3121::3 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

bankid.gcnaura.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-46.fra56.r.cloudfront.net

cdn.socket.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.210.166.81 (France)

ASN16276 (OVH, FR)
PTR: ip81.ip-51-210-166.eu

cdn-js.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	gcnaura.in 3 redirects bankid.gcnaura.in	63 KB
7	cdn-js.com cdn-js.com	2 KB
1	socket.io cdn.socket.io — Cisco Umbrella Rank: 52510	13 KB
17	3

	Domain	Requested by
12	bankid.gcnaura.in	3 redirects bankid.gcnaura.in
7	cdn-js.com	cdn.socket.io
1	cdn.socket.io	bankid.gcnaura.in
17	3

This site contains no links.

Subject Issuer	Validity	Valid
gcnaura.in E1	`2023-06-26` - `2023-09-24`	3 months	crt.sh
cdn.socket.io Amazon RSA 2048 M01	`2023-02-22` - `2023-12-20`	10 months	crt.sh
cdn-js.com ZeroSSL RSA Domain Secure Site CA	`2023-06-26` - `2023-09-24`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/
Frame ID: DD1B4EFAF43C0EB543D79716AF177832
Requests: 26 HTTP requests in this frame

Frame: https://bankid.gcnaura.in/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
Frame ID: 190D3A258C2BD46F5551562C013E907C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BankID

Page URL History Show full URLs

https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9 HTTP 301
http://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/ HTTP 301
https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/ Page URL

Detected technologies

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Page Statistics

17
Requests

94 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

76 kB
Transfer

300 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9 HTTP 301
http://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/ HTTP 301
https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://bankid.gcnaura.in/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://bankid.gcnaura.in/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js

17 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/
Redirect Chain

https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9
http://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/
https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/

83 KB
21 KB

1600ms
1599ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 215bbd2ed078a2a46f16e65299f61f61201724c9519b368eee50431e50d923b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e26043cee3fb518-OSL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 06 Jul 2023 07:08:28 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugZwdjbN1f93YW0Fg0Fhf3bs6vpp2ITyAsDrXQmH1TywLPxUMw6aUZGQDdWraHIq2KlJQjYMOFEyAIgoh%2F7HKnezXEE%2Fg1U9kuFpXGYI3Wro8h301YIP6gnhyNOeVGagKdIF74eNNgRLYYB2DqoZpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 7e26043c9b0fb4fa-OSL
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 06 Jul 2023 07:08:26 GMT
Expires: Thu, 06 Jul 2023 08:08:26 GMT
Location: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ajc6FQWjbdtVQBGpEfWDBo5ArbG99Li%2FuV4zSSapWEwo5kdJr1SjGmJ0H67%2F7YZ5Ib0kK3OnL%2BD1EEp5aPphbXNG1LZnOcJVxf326uc0fKmQxrz0IgCC9otAyOA15fExxqEGJaopDzxIs%2F6DNj4I9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H3 200 common_auth.css
bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/assets/css/ 9 KB
3 KB 40ms
39ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/assets/css/common_auth.css
Requested by: Host: bankid.gcnaura.in
URL: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d4ff4117e8f7f9da541cba635327a05770499b79e51e32e679c2923a4bc27b2

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 06 Jul 2023 07:08:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Jul 2023 13:00:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3226
etag: W/"22d0-5ffbcfc94a0f4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VdGU3PiZCTVkLyCxlIXdoTEzq6ECkOGgZUMd0rO6p8hMT%2B1xzdA7r6b3BzT%2BNcpEFJ%2FadmTEyRK5zihpbzf94rd4Z4cytzcHN21D3G4UIQwhNKVobxeE4G13%2B8nu34BnTQ8t1fImJcgTv%2FAcGQTeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e260446ee77b515-OSL
alt-svc: h3=":443"; ma=86400

GET
H3 200 bidm.css
bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/assets/css/ 42 KB
5 KB 47ms
45ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/assets/css/bidm.css
Requested by: Host: bankid.gcnaura.in
URL: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31412635ed02fd2c9a9ac4c4d9093c0601a687cfe305aba0dea75c1943d7dd72

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 06 Jul 2023 07:08:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Jul 2023 13:00:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3225
etag: W/"a782-5ffbcfc94a0f4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6Dzey3n1CTS8F7f%2BmPGA%2F6DmT%2BhPMGoHXS0CwE4U%2BOOPAm0i%2BPBLSRxAPdn6vnEUjdfhmMpdh0G6xx%2B1qOW6Y8QJq37ezbZa2Z7LltuiPvSOsswjRsroXBKkMKNlXciJOYnqsaEeISY9%2BdqxxuHKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e260446ee7ab515-OSL
alt-svc: h3=":443"; ma=86400

GET
H3 200 3625.css
bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/assets/css/ 4 KB
1 KB 46ms
44ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/assets/css/3625.css
Requested by: Host: bankid.gcnaura.in
URL: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 304c378b4700d25f783a2a7d6142c0b4d9dd9df890722064788eee96a12999d8

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 06 Jul 2023 07:08:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Jul 2023 13:00:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3225
etag: W/"f64-5ffbcfc94a0f4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IC58jIpXERzKz1aR74Ano5e9k1i9t5DQsgEu8Iu3yJUDVVVeveG%2B3jmQGcQy3bXNusX%2FjiSZw6G3q%2FkA%2FnQiEd8xi7hleaXiggGm0dFoe26qVwVfdehVpkcVz1Q3pagEbqw6M5J%2BMyp14dbUE73HTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e260446ee7cb515-OSL
alt-svc: h3=":443"; ma=86400

GET
H3 200 45.css
bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/assets/css/ 80 KB
13 KB 71ms
70ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/assets/css/45.css
Requested by: Host: bankid.gcnaura.in
URL: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddd1f36ddcc1ad4a9c129cf350f710a38f4054bbc06838f9062b31dd8caf9cfa

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 06 Jul 2023 07:08:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Jul 2023 13:00:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3225
etag: W/"141bc-5ffbcfc94a0f4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dh6jNNFiE3M7sUVTuVzhtAR4lLlG8oQqWubqGGQBDOdTSqorRpcBuTRkYFlwonYaKsOJCw0Fqy8zn%2B9DsRVP157P%2BgWP8KTt%2FaH2bHEHIvxYtVt4i6vqnsUzn%2BMp%2BCMUcDkrqv13V4JEKkOyIeWILQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e260446ee7eb515-OSL
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo1.png
bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/assets/img/ 12 KB
12 KB 47ms
45ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/assets/img/logo1.png
Requested by: Host: bankid.gcnaura.in
URL: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fbcb3628e9d79d89e9350ee5d075818cf0f6763d5fa8763ea78c13902d6691b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 06 Jul 2023 07:08:28 GMT
cf-cache-status: HIT
last-modified: Wed, 05 Jul 2023 13:00:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3225
etag: "2e84-5ffbcfc94a0f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2F3V%2FH1glUoD32iSwAAzngr5i0yGTfVyg5Z3nS0iSu%2Fk6FHBMZqCmvvD3GyH5DSm1YqdvZjnyR0%2BrrEdnuXBRzLvRDHPfiP%2FOAR4TGjJH92P6dFT3lffk5VUuSAgLyJiA%2FUrGltfXalMT%2BhyZEJ%2BIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e260446ee7fb515-OSL
alt-svc: h3=":443"; ma=86400
content-length: 11908

GET
H3 200 logo2.svg
bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/assets/img/ 3 KB
2 KB 46ms
45ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/assets/img/logo2.svg
Requested by: Host: bankid.gcnaura.in
URL: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a73c566909304a2dd2a1794118e19941502759f5d0771daf39440a745512177

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 06 Jul 2023 07:08:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Jul 2023 13:00:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3225
etag: W/"dd9-5ffbcfc94a0f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRcZ%2FX3OMBZWp%2FVLEt74siAIsQD3STgTxU1%2B4e7uXya9XBfi%2BhrAJrHhCvPnLmpXYb8qohVYaj1Jn88t3fkiUjUFD2X3QH8PVimUWuDIZ2MVBK3OeTLIOb%2BfXJqTS8ngwRsLIppn2MB87KErriWa9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7e260446ee82b515-OSL
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fbbbda646f6c6004b2f3670d40a1ad4d5df6c8a0089943845aa5fe55a749e92

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 254868d92f9456d518064051d29f9ff0532bf9a5da291b06f8accb0900e40072

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 172 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4dca530d4682ddf6f4b9053173c007f95875c2634a6b61c9573d93fc21483766

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 494 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e356f94cb14b1e3c53975eb33c18f36f0c9dd1b4866940d6e243d2063546fa30

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 366 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1129010d99dbbadc009c2fe07a56d8e634df144a854a328f36a30e0a5344b5b6

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 296 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 296d8f67dcf848a35385d138a46404f00c21f1a8eb22249473ddd9aab1f411ab

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 760 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f766030e9de9c68acdacfc671963f8cd00ba8783fc9c25e1d3f3319ebbecbd1

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 747312e0c4caebec5e356cb9de4a170632c78f10e784c644e0fd3b4d48faaac0

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 338 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9f665238e94d159d8b439ac29f6c644dfd1e1e3843e4f1425943986e1136693

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 898 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e2036b1455c31bd42d2ad4334698ff9108f7eae94274fa6700df6f13656813f

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad1f527aa7d99ebc714be21abd920717333bf504251ea49416d1875d10f3920c

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/jpeg

GET
H2 200 socket.io.min.js Show response
cdn.socket.io/4.5.4/ 43 KB
13 KB 230ms
66ms Script
application/javascript 18.66.97.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.socket.io/4.5.4/socket.io.min.js

Requested by

Host: bankid.gcnaura.in
URL: https://bankid.gcnaura.in/wzPrj6SdjWYjNUEv8NvuJhLeUo8nZ26llksUQtiU32oUcY5nGMqFVmbj9/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-46.fra56.r.cloudfront.net

Software

Vercel /

Resource Hash

18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bankid.gcnaura.in/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 15 May 2023 09:07:30 GMT
content-encoding: gzip
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000
x-amz-cf-pop: FRA56-P2
age: 9684455
x-cache: Hit from cloudfront
content-disposition: inline; filename="socket.io.min.js"
server: Vercel
x-vercel-id: fra1:fra1::2cs64-1684141650592-cf9bb7315313
etag: W/"db9bf2a88958a37857fb8f7b56e0fe04"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: FmzdwwUTVqpSi3uW7E-NMZ4OBCRWC8yKPtZEgSEfbKIuxqGlTGu33Q==

GET
H/1.1 200
OK / Show response
cdn-js.com/socket.io/ 97 B
334 B 394ms
116ms XHR
text/plain 51.210.166.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.com:8081/socket.io/?EIO=4&transport=polling&t=Oag1-bV
Requested by: Host: cdn.socket.io
URL: https://cdn.socket.io/4.5.4/socket.io.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.210.166.81 , France, ASN16276 (OVH, FR),
Reverse DNS: ip81.ip-51-210-166.eu
Software: /
Resource Hash: eb7b5a6337a7b2c4d90655044cc7e4593ac0b07bf3d32aa469a6220ad9dfd248

Request headers

Accept: */*
Referer: https://bankid.gcnaura.in/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Access-Control-Allow-Origin: https://bankid.gcnaura.in
Date: Thu, 06 Jul 2023 07:08:29 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 97
Content-Type: text/plain; charset=UTF-8

GET
H3

200

invisible.js Show response
bankid.gcnaura.in/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/ Frame 190D
Redirect Chain

https://bankid.gcnaura.in/cdn-cgi/challenge-platform/scripts/invisible.js
https://bankid.gcnaura.in/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js

7 KB
4 KB

39ms
38ms

Script
application/javascript

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bankid.gcnaura.in/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

472141baa1ddac4b8092bfb6e856a0f50ff2cdba91275a64cdfb3b8e5384dcb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 06 Jul 2023 07:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqxt65wDbgJeeB8LnfrG076w%2FNjqvMpmESQ3YUWWUC2G5%2F8bTJe5hZD%2BvFGwHa2sdskHTBUWaeoZMJP2eNQv93OLDzU3mHKVFxowIsu9rUkBC5RXJV9J4oEPkvgDxL0X0YiT5NU7e4HussHOwVIAyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7e2604491951b515-OSL
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 06 Jul 2023 07:08:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FD%2F2tenk8GEJBf75FO1vFkKPVDfMmBbjeWrUijbueG9A8n9xZ%2BpMOqefg2Pzxlayw08AF%2FaboV67BrETT%2F8P8AQ%2B%2F1HVfmpIeWhsl%2BdzIg02ID7lKZSqeHA8GGs8I3SYhxwZwnnmE4W113CzOOYUGw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
cache-control: max-age=300, public
cf-ray: 7e260448d8ffb515-OSL
alt-svc: h3=":443"; ma=86400

POST
H3 200 7e26043cee3fb518 Show response
bankid.gcnaura.in/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 190D 0
580 B 53ms
53ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bankid.gcnaura.in/cdn-cgi/challenge-platform/h/g/cv/result/7e26043cee3fb518
Requested by: Host: bankid.gcnaura.in
URL: https://bankid.gcnaura.in/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: application/json

Response headers

date: Thu, 06 Jul 2023 07:08:29 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rheqYfJPRdNQVyrBKAWLtljcTHK3PsMcoBekC%2Bp9MApwwQm8Rc0aPrxi5GoQy5oIVZtJiJoXl3AO3JinSpohQqJbASRForHRSigS0KgLOosBB5nqR9LN8B20DW0gVDaC7vQPqg6Idf%2F6gA8cXfqDCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7e26044a3aecb515-OSL
alt-svc: h3=":443"; ma=86400

POST
H/1.1 200
OK / Show response
cdn-js.com/socket.io/ 2 B
223 B 60ms
59ms XHR
text/plain 51.210.166.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.com:8081/socket.io/?EIO=4&transport=polling&t=Oag1-hi&sid=jLnAElD6FVjll9UbAAbQ
Requested by: Host: cdn.socket.io
URL: https://cdn.socket.io/4.5.4/socket.io.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.210.166.81 , France, ASN16276 (OVH, FR),
Reverse DNS: ip81.ip-51-210-166.eu
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: */*
Referer: https://bankid.gcnaura.in/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://bankid.gcnaura.in
Date: Thu, 06 Jul 2023 07:08:29 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Content-Type: text/plain

GET
H/1.1 200
OK / Show response
cdn-js.com/socket.io/ 114 B
352 B 125ms
66ms XHR
application/octet-stream 51.210.166.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.com:8081/socket.io/?EIO=4&transport=polling&t=Oag1-hj&sid=jLnAElD6FVjll9UbAAbQ
Requested by: Host: cdn.socket.io
URL: https://cdn.socket.io/4.5.4/socket.io.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.210.166.81 , France, ASN16276 (OVH, FR),
Reverse DNS: ip81.ip-51-210-166.eu
Software: /
Resource Hash: ea5425a8340474b1dbc9ace8d26932085441a93938b175d8d80425faf6da78ed

Request headers

Accept: */*
Referer: https://bankid.gcnaura.in/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Access-Control-Allow-Origin: https://bankid.gcnaura.in
Date: Thu, 06 Jul 2023 07:08:29 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 114
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK / Show response
cdn-js.com/socket.io/ 1 B
237 B 59ms
59ms XHR
text/plain 51.210.166.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.com:8081/socket.io/?EIO=4&transport=polling&t=Oag1-jh&sid=jLnAElD6FVjll9UbAAbQ
Requested by: Host: cdn.socket.io
URL: https://cdn.socket.io/4.5.4/socket.io.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.210.166.81 , France, ASN16276 (OVH, FR),
Reverse DNS: ip81.ip-51-210-166.eu
Software: /
Resource Hash: e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

Accept: */*
Referer: https://bankid.gcnaura.in/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Access-Control-Allow-Origin: https://bankid.gcnaura.in
Date: Thu, 06 Jul 2023 07:08:29 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Content-Type: text/plain; charset=UTF-8

POST
H/1.1 200
OK / Show response
cdn-js.com/socket.io/ 2 B
223 B 3564ms
3563ms XHR
text/plain 51.210.166.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.com:8081/socket.io/?EIO=4&transport=polling&t=Oag1-ji&sid=jLnAElD6FVjll9UbAAbQ
Requested by: Host: cdn.socket.io
URL: https://cdn.socket.io/4.5.4/socket.io.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.210.166.81 , France, ASN16276 (OVH, FR),
Reverse DNS: ip81.ip-51-210-166.eu
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: */*
Referer: https://bankid.gcnaura.in/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://bankid.gcnaura.in
Date: Thu, 06 Jul 2023 07:08:32 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Content-Type: text/plain

GET
H/1.1 200
OK / Show response
cdn-js.com/socket.io/ 1 B
237 B 59ms
59ms XHR
text/plain 51.210.166.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.com:8081/socket.io/?EIO=4&transport=polling&t=Oag1-ke&sid=jLnAElD6FVjll9UbAAbQ
Requested by: Host: cdn.socket.io
URL: https://cdn.socket.io/4.5.4/socket.io.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.210.166.81 , France, ASN16276 (OVH, FR),
Reverse DNS: ip81.ip-51-210-166.eu
Software: /
Resource Hash: e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

Accept: */*
Referer: https://bankid.gcnaura.in/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Access-Control-Allow-Origin: https://bankid.gcnaura.in
Date: Thu, 06 Jul 2023 07:08:29 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK / Show response
cdn-js.com/socket.io/ 1 B
237 B 64ms
64ms XHR
text/plain 51.210.166.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.com:8081/socket.io/?EIO=4&transport=polling&t=Oag1-lb&sid=jLnAElD6FVjll9UbAAbQ
Requested by: Host: cdn.socket.io
URL: https://cdn.socket.io/4.5.4/socket.io.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.210.166.81 , France, ASN16276 (OVH, FR),
Reverse DNS: ip81.ip-51-210-166.eu
Software: /
Resource Hash: e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

Accept: */*
Referer: https://bankid.gcnaura.in/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Access-Control-Allow-Origin: https://bankid.gcnaura.in
Date: Thu, 06 Jul 2023 07:08:29 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Content-Type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BankID (Banking)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bankid.gcnaura.in/	1969-12-31 23:59:59	Name: PHPSESSID Value: o9no0h3pklmc33fpm17lnnsnv4
			.gcnaura.in/	1970-01-20 13:03:49	Name: __cf_bm Value: bGo2DXUClURSvlAx7Uhi150WlXsFF5s0W8CTA1R.BgI-1688627309-0-AQAm85jG6Z++ElYbP76RiAspLS9nDAwIDIP/jPKY1lU5iPORmX2isY2NPnv4PR7FVQ==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bankid.gcnaura.in
cdn-js.com
cdn.socket.io
18.66.97.46
2a06:98c1:3121::3
51.210.166.81
1129010d99dbbadc009c2fe07a56d8e634df144a854a328f36a30e0a5344b5b6
18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b
215bbd2ed078a2a46f16e65299f61f61201724c9519b368eee50431e50d923b4
254868d92f9456d518064051d29f9ff0532bf9a5da291b06f8accb0900e40072
296d8f67dcf848a35385d138a46404f00c21f1a8eb22249473ddd9aab1f411ab
2fbbbda646f6c6004b2f3670d40a1ad4d5df6c8a0089943845aa5fe55a749e92
304c378b4700d25f783a2a7d6142c0b4d9dd9df890722064788eee96a12999d8
31412635ed02fd2c9a9ac4c4d9093c0601a687cfe305aba0dea75c1943d7dd72
3a73c566909304a2dd2a1794118e19941502759f5d0771daf39440a745512177
472141baa1ddac4b8092bfb6e856a0f50ff2cdba91275a64cdfb3b8e5384dcb7
4dca530d4682ddf6f4b9053173c007f95875c2634a6b61c9573d93fc21483766
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5d4ff4117e8f7f9da541cba635327a05770499b79e51e32e679c2923a4bc27b2
747312e0c4caebec5e356cb9de4a170632c78f10e784c644e0fd3b4d48faaac0
7e2036b1455c31bd42d2ad4334698ff9108f7eae94274fa6700df6f13656813f
7f766030e9de9c68acdacfc671963f8cd00ba8783fc9c25e1d3f3319ebbecbd1
7fbcb3628e9d79d89e9350ee5d075818cf0f6763d5fa8763ea78c13902d6691b
ad1f527aa7d99ebc714be21abd920717333bf504251ea49416d1875d10f3920c
ddd1f36ddcc1ad4a9c129cf350f710a38f4054bbc06838f9062b31dd8caf9cfa
e356f94cb14b1e3c53975eb33c18f36f0c9dd1b4866940d6e243d2063546fa30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
e9f665238e94d159d8b439ac29f6c644dfd1e1e3843e4f1425943986e1136693
ea5425a8340474b1dbc9ace8d26932085441a93938b175d8d80425faf6da78ed
eb7b5a6337a7b2c4d90655044cc7e4593ac0b07bf3d32aa469a6220ad9dfd248

bankid.gcnaura.in Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

94 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

76 kBTransfer

300 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bankid.gcnaura.in Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

76 kB
Transfer

300 kB
Size

2
Cookies

17 HTTP transactions
11 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!