customer8.nordiccrisismanager.com

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 7 HTTP transactions. The main IP is 91.195.155.228, located in Uddevalla, Sweden and belongs to ITCONNECT-AS, SE. The main domain is customer8.nordiccrisismanager.com.
TLS certificate: Issued by R3 on April 26th 2022. Valid for: 3 months.

This is the only time customer8.nordiccrisismanager.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	91.195.155.228 91.195.155.228	43770 (ITCONNECT-AS) (ITCONNECT-AS)
2	172.67.158.42 172.67.158.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.88.20 104.16.88.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	3

5 91.195.155.228 (Uddevalla, Sweden) 1 redirects

ASN43770 (ITCONNECT-AS, SE)

customer8.nordiccrisismanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.158.42 (United States)

ASN13335 (CLOUDFLARENET, US)

rsms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	nordiccrisismanager.com 1 redirects customer8.nordiccrisismanager.com	5 MB
2	rsms.me rsms.me — Cisco Umbrella Rank: 14113	224 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 437	8 KB
7	3

	Domain	Requested by
5	customer8.nordiccrisismanager.com	1 redirects customer8.nordiccrisismanager.com
2	rsms.me	customer8.nordiccrisismanager.com rsms.me
1	cdn.jsdelivr.net	customer8.nordiccrisismanager.com
7	3

This site contains no links.

Subject Issuer	Validity	Valid
customer8.nordiccrisismanager.com R3	`2022-04-26` - `2022-07-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://customer8.nordiccrisismanager.com/login
Frame ID: 9356715EB57DC4FCDC46F5A0AEADFA17
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nordic Crisis Manager

Page URL History Show full URLs

https://customer8.nordiccrisismanager.com/ HTTP 302
https://customer8.nordiccrisismanager.com/login Page URL

Detected technologies

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

/alpine(?:\.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

5629 kB
Transfer

5644 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://customer8.nordiccrisismanager.com/ HTTP 302
https://customer8.nordiccrisismanager.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
customer8.nordiccrisismanager.com/
Redirect Chain

https://customer8.nordiccrisismanager.com/
https://customer8.nordiccrisismanager.com/login

4 KB
2 KB

65ms
65ms

Document
text/html

91.195.155.228
ITCONNECT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://customer8.nordiccrisismanager.com/login

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

91.195.155.228 Uddevalla, Sweden, ASN43770 (ITCONNECT-AS, SE),

Reverse DNS

Software

nginx /

Resource Hash

aa781d15f4eb1090bd41d715034111a93ff6d26ab88d28ae5a8585490c3afec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 26 Apr 2022 13:14:51 GMT
server: nginx
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Tue, 26 Apr 2022 13:14:51 GMT
location: https://customer8.nordiccrisismanager.com/login
server: nginx
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 app.js Show response
customer8.nordiccrisismanager.com/js/ 2 MB
2 MB 79ms
78ms Script
application/javascript 91.195.155.228
ITCONNECT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://customer8.nordiccrisismanager.com/js/app.js

Requested by

Host: customer8.nordiccrisismanager.com
URL: https://customer8.nordiccrisismanager.com/login

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

91.195.155.228 Uddevalla, Sweden, ASN43770 (ITCONNECT-AS, SE),

Reverse DNS

Software

nginx /

Resource Hash

ca4b239a8e3f2174696231abcd17b25e6b976212ee11b530d6fe65b9142d49eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://customer8.nordiccrisismanager.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 13:14:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Dec 2021 10:23:45 GMT
server: nginx
etag: "61a89eb1-1e13a7"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1971111
x-xss-protection: 1; mode=block
expires: Thu, 26 May 2022 13:14:51 GMT

GET
H2 200 inter.css
rsms.me/inter/ 6 KB
2 KB 171ms
77ms Stylesheet
text/css 172.67.158.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/inter.css
Requested by: Host: customer8.nordiccrisismanager.com
URL: https://customer8.nordiccrisismanager.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: effd7ce6ed5f47c331ed9333eb10d6ad78f496277f95dabb0d7dcba847d34a97

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://customer8.nordiccrisismanager.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fastly-request-id: 90d56de6f25693c43cb4ab05bde9740090625207
date: Tue, 26 Apr 2022 13:14:51 GMT
via: 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466
x-cache: HIT
x-cache-hits: 1
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-osl6525-OSL
last-modified: Fri, 22 Apr 2022 23:31:22 GMT
server: cloudflare
x-github-request-id: AE10:5D86:9503D2:994630:62633B2C
x-timer: S1650670587.612056,VS0,VE0
etag: W/"62633aca-1966"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rcn2Lj44uelV28MM0NtD9RXbd0VLTbrV9r82%2BgXOD2dJ0wJPAIgVykOh5p3ppCyo%2FcaNrnSaV4H5grtMhYmF0Ih%2BgHUizvOysoqzS%2BHBHm3VJF65Uexw93wZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: HIT
cf-ray: 701f9579d9b1d875-CPH
x-origin-cache: HIT
expires: Fri, 22 Apr 2022 23:42:29 GMT

GET
H2 200 app.css
customer8.nordiccrisismanager.com/css/ 3 MB
3 MB 120ms
120ms Stylesheet
text/css 91.195.155.228
ITCONNECT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://customer8.nordiccrisismanager.com/css/app.css

Requested by

Host: customer8.nordiccrisismanager.com
URL: https://customer8.nordiccrisismanager.com/login

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

91.195.155.228 Uddevalla, Sweden, ASN43770 (ITCONNECT-AS, SE),

Reverse DNS

Software

nginx /

Resource Hash

3883a304ff4b3e33e3941e63d323052669350e21776116324c86f41da3ee46cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://customer8.nordiccrisismanager.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 13:14:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Dec 2021 10:23:45 GMT
server: nginx
etag: "61a89eb1-360858"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3541080
x-xss-protection: 1; mode=block
expires: Thu, 26 May 2022 13:14:51 GMT

GET
H2 200 logo.svg
customer8.nordiccrisismanager.com/images/ 5 KB
6 KB 120ms
120ms Image
image/svg+xml 91.195.155.228
ITCONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://customer8.nordiccrisismanager.com/images/logo.svg

Requested by

Host: customer8.nordiccrisismanager.com
URL: https://customer8.nordiccrisismanager.com/login

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

91.195.155.228 Uddevalla, Sweden, ASN43770 (ITCONNECT-AS, SE),

Reverse DNS

Software

nginx /

Resource Hash

a211edd9a2812c6ad306f111ab564c42f53e8fff4d08f621ccf0cfd6982b3e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://customer8.nordiccrisismanager.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 13:14:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Nov 2021 10:33:25 GMT
server: nginx
etag: "6183b6f5-159f"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5535
x-xss-protection: 1; mode=block
expires: Thu, 26 May 2022 13:14:51 GMT

GET
H2 200 alpine.js Show response
cdn.jsdelivr.net/gh/alpinejs/alpine@v2.0.1/dist/ 24 KB
8 KB 115ms
45ms Script
application/javascript 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/alpinejs/alpine@v2.0.1/dist/alpine.js

Requested by

Host: customer8.nordiccrisismanager.com
URL: https://customer8.nordiccrisismanager.com/login

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

372d176d9effaf945828d38ab45ca0ea72cfa4cf2dfd4c3b06bf68dae1a31c3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://customer8.nordiccrisismanager.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 13:14:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3124235
x-jsd-version: 2.0.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19121-FRA, cache-bma1671-BMA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"6087-M1bV+brVbvOK8O0cbaokayC7SmY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEWoqZvsn%2B2HZWGDN%2Flv7LEwIN%2FoRZDB8zMQ3osvDN6hiFWBdrIgpoUfUkvutzvqTETOGz9M6KoRKPYqeOVaEEunb7bdT7Shz8g23YrVn2wMY1JrXLMzxeOktYp9CC0PP3I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 701f9579a97c0d3a-ARN

GET
H3 200 Inter-roman.var.woff2
rsms.me/inter/font-files/ 222 KB
223 KB 110ms
63ms Font
font/woff2 172.67.158.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-roman.var.woff2?v=3.19
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://customer8.nordiccrisismanager.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-fastly-request-id: dcbeac2eb04f7326a87f948207acb09f8ca4ffe7
date: Tue, 26 Apr 2022 13:14:52 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
x-cache-hits: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 227180
x-served-by: cache-osl6525-OSL
last-modified: Fri, 22 Apr 2022 23:31:18 GMT
server: cloudflare
x-github-request-id: 24B6:2F78:1653799:17042E5:6266E67B
x-timer: S1650978893.596667,VS0,VE0
etag: "62633ac6-3776c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iArekSY1HxlnBn8Z%2B4O62kA8wJt7JkfL6rlVDlLqeGSrb53VuiWhyxcGqypGUeBTjbIr6dJeV82DeNswf%2BcGzQ9lVeZ9dPvCOW2bNMe2aIxCMHYyu8OPxmQ7"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
x-proxy-cache: MISS
accept-ranges: bytes
cf-ray: 701f957ead2b735b-CPH
x-origin-cache: HIT
expires: Mon, 25 Apr 2022 18:30:43 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			customer8.nordiccrisismanager.com/	1970-01-20 02:39:11	Name: XSRF-TOKEN Value: eyJpdiI6IjFtUjczOHZGYzlZMEliTWhNK245RUE9PSIsInZhbHVlIjoiZzBVL3VCSTJNZ0NEUWNGM3gxblRGN1ZTTkNhakZJRmsvdk5Uc3dha1NiZXdyR04rRkRZQktuT01HTWgvMk1ZM3l1bUlKbGxldWh1ZDM0MXNwSGxYWVYxVWJmODhxZkFVYS8vbkZPSk1LV1lmcGhzT2JaV1hOV3llZVZycW1Ob3ciLCJtYWMiOiIwNDRmZTYwYWU3YmY0MzllYmQ0YzlmZDNmMzhjNDEzODFhNjcwYzU3Mzg1OWZlYzdiODU4NzhmODYzNTE4YTlkIn0%3D
			customer8.nordiccrisismanager.com/	1970-01-20 02:39:11	Name: nordic_crisis_manager_session Value: eyJpdiI6ImVsZTNiYk9ESGJpLzgwNU5WKzhkcVE9PSIsInZhbHVlIjoibVcxenIxZWZWcUNDNDlCODMzaXpHOENlUkFGZzhVdTcybEEwUWdrejlpVWZQNXQ0NTJkQkVXcDczYkFDUjB2S0NaUzJnYlBnQm9BczZiMVBvamJ5Wi9TT3hSRm1wWFdXNjZkdFUvcUtDbkN5T09LS3VSeEgzMWwvTlJ6ZGNqTTMiLCJtYWMiOiI4ZmViMDY0OGNkNThiOTk2MzBlNTFhYjVhNzEzMzJjNjhjMjQ3ODI4OWI5YzA1MGFmNTNiOTg5NjRjOTY3ZGUwIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
customer8.nordiccrisismanager.com
rsms.me
104.16.88.20
172.67.158.42
91.195.155.228
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
372d176d9effaf945828d38ab45ca0ea72cfa4cf2dfd4c3b06bf68dae1a31c3b
3883a304ff4b3e33e3941e63d323052669350e21776116324c86f41da3ee46cc
a211edd9a2812c6ad306f111ab564c42f53e8fff4d08f621ccf0cfd6982b3e77
aa781d15f4eb1090bd41d715034111a93ff6d26ab88d28ae5a8585490c3afec6
ca4b239a8e3f2174696231abcd17b25e6b976212ee11b530d6fe65b9142d49eb
effd7ce6ed5f47c331ed9333eb10d6ad78f496277f95dabb0d7dcba847d34a97

customer8.nordiccrisismanager.com Open in urlscan Pro 91.195.155.228 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

5629 kBTransfer

5644 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

customer8.nordiccrisismanager.com Open in urlscan Pro
91.195.155.228 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

5629 kB
Transfer

5644 kB
Size

2
Cookies

7 HTTP transactions
0 data transactions