nettbank.sor.no Open in urlscan Pro
139.112.170.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bank.bosnia.no/
Effective URL:
https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1
Submission: On November 03 via automatic, source certstream-suspicious (November 3rd 2021, 5:14:39 am UTC) — Scanned from DE

Summary HTTP 18 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 18 HTTP transactions. The main IP is 139.112.170.34, located in Jessheim, Norway and belongs to EVRY-NO TietoEVRY Norway, NO. The main domain is nettbank.sor.no.
TLS certificate: Issued by Buypass Class 3 CA 2 on June 4th 2020. Valid for: 2 years.

This is the only time nettbank.sor.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a01:5b40:0:2... 2a01:5b40:0:248::52	12996 (DOMENESHO...) (DOMENESHOP Oslo)
2 15	139.112.170.34 139.112.170.34	5619 (EVRY-NO T...) (EVRY-NO TietoEVRY Norway)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:aa00:e:887:44c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.156.98.77 18.156.98.77	16509 (AMAZON-02) (AMAZON-02)
18	4

1 2a01:5b40:0:248::52 (Norway) 1 redirects

ASN12996 (DOMENESHOP Oslo, Norway, NO)

bank.bosnia.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 139.112.170.34 (Jessheim, Norway) 2 redirects

ASN5619 (EVRY-NO TietoEVRY Norway, NO)

nettbank.sor.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:aa00:e:887:44c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.webtrends.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.98.77 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-98-77.eu-central-1.compute.amazonaws.com

statse.webtrendslive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	sor.no 2 redirects nettbank.sor.no	514 KB
2	webtrends.com s.webtrends.com	77 KB
2	youtube.com www.youtube.com	1 KB
1	webtrendslive.com statse.webtrendslive.com	102 B
1	bosnia.no 1 redirects bank.bosnia.no	144 B
18	5

	Domain	Requested by
15	nettbank.sor.no	2 redirects nettbank.sor.no
2	s.webtrends.com	nettbank.sor.no s.webtrends.com
2	www.youtube.com	nettbank.sor.no www.youtube.com
1	statse.webtrendslive.com	s.webtrends.com
1	bank.bosnia.no	1 redirects
18	5

This site contains links to these domains. Also see Links.

Domain
www.sor.no

Subject Issuer	Validity	Valid
nettbank.sor.no Buypass Class 3 CA 2	`2020-06-04` - `2022-06-04`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
s.webtrends.com Entrust Certification Authority - L1K	`2020-04-03` - `2022-07-02`	2 years	crt.sh
statse.webtrendslive.com Entrust Certification Authority - L1K	`2021-09-17` - `2022-10-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1
Frame ID: 8D6FE3E636ECA56E3812F6051351BAFA
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sparebanken Sør

Page URL History Show full URLs

https://bank.bosnia.no/ HTTP 301
https://nettbank.sor.no/ HTTP 301
https://nettbank.sor.no/authenticate/login/selectauth?configKey=sb2811 HTTP 302
https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953... Page URL

Page Statistics

18
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

591 kB
Transfer

594 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sor.no/

Search URL Search Domain Scan URL

URL: https://www.sor.no/kort-og-betaling/bankid-app/
Title: BankID-app

Search URL Search Domain Scan URL

URL: https://www.sor.no/felles/hjelp/nettbank/
Title: Her finner du ofte stilte spørsmål.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bank.bosnia.no/ HTTP 301
https://nettbank.sor.no/ HTTP 301
https://nettbank.sor.no/authenticate/login/selectauth?configKey=sb2811 HTTP 302
https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1 Show response
nettbank.sor.no/authenticate/login/
Redirect Chain

https://bank.bosnia.no/
https://nettbank.sor.no/
https://nettbank.sor.no/authenticate/login/selectauth?configKey=sb2811
https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1

5 KB
5 KB

48ms
48ms

Document
text/html

139.112.170.34
EVRY-NO TietoEVRY...

General

Check archive.org

Show headers Download Go to

Full URL

https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.112.170.34 Jessheim, Norway, ASN5619 (EVRY-NO TietoEVRY Norway, NO),

Reverse DNS

Software

Resource Hash

915e251b12e91ec9c09d8ba46334b85c29328628125bca2fb8152af2460644e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 03 Nov 2021 05:14:35 GMT
X-UA-Compatible: IE=edge,chrome=1
Cache-Control: no-store
Keep-Alive: timeout=15, max=786
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Strict-Transport-Security: max-age=2592000

Redirect headers

Date: Wed, 03 Nov 2021 05:14:35 GMT
X-UA-Compatible: IE=edge,chrome=1
Location: https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: no-store, no-cache=set-cookie
Content-Length: 0
Keep-Alive: timeout=15, max=796
Connection: Keep-Alive
Content-Language: en-US
Strict-Transport-Security: max-age=2592000

GET
H/1.1 200
OK loginservice.css
nettbank.sor.no/hb-doc/cssnb/loginService/rob2811/ 21 KB
21 KB 41ms
40ms Stylesheet
text/css 139.112.170.34
EVRY-NO TietoEVRY...

General

Check archive.org

Show headers Download Go to

Full URL

https://nettbank.sor.no/hb-doc/cssnb/loginService/rob2811/loginservice.css

Requested by

Host: nettbank.sor.no
URL: https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.112.170.34 Jessheim, Norway, ASN5619 (EVRY-NO TietoEVRY Norway, NO),

Reverse DNS

Software

Resource Hash

76a1ff2a98553d390f111990443edbf4cff91524afdba92453472be325d27216

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 05:14:35 GMT
Last-Modified: Thu, 22 Apr 2021 09:05:15 GMT
ETag: "5402-5c08bfa4272cf"
Strict-Transport-Security: max-age=2592000
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=797
Content-Length: 21506

GET
H/1.1 200
OK intlTelInput.min.css
nettbank.sor.no/authenticate/intl-tel-input/css/ 19 KB
19 KB 85ms
43ms Stylesheet
text/css 139.112.170.34
EVRY-NO TietoEVRY...

General

Check archive.org

Show headers Download Go to

Full URL

https://nettbank.sor.no/authenticate/intl-tel-input/css/intlTelInput.min.css

Requested by

Host: nettbank.sor.no
URL: https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.112.170.34 Jessheim, Norway, ASN5619 (EVRY-NO TietoEVRY Norway, NO),

Reverse DNS

Software

Resource Hash

c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 05:14:35 GMT
Last-Modified: Wed, 10 Mar 2021 06:26:14 GMT
Strict-Transport-Security: max-age=2592000
Content-Language: en-US
Connection: Keep-Alive
Content-Type: text/css
Keep-Alive: timeout=15, max=793
Content-Length: 19157

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
nettbank.sor.no/authenticate/scripts/ 87 KB
88 KB 132ms
53ms Script
application/x-javascript 139.112.170.34
EVRY-NO TietoEVRY...

General

Check archive.org

Show headers Download Go to

Full URL

https://nettbank.sor.no/authenticate/scripts/jquery-3.5.1.min.js

Requested by

Host: nettbank.sor.no
URL: https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.112.170.34 Jessheim, Norway, ASN5619 (EVRY-NO TietoEVRY Norway, NO),

Reverse DNS

Software

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 05:14:35 GMT
Last-Modified: Wed, 10 Mar 2021 06:26:14 GMT
Strict-Transport-Security: max-age=2592000
Content-Language: en-US
Connection: Keep-Alive
Content-Type: application/x-javascript
Keep-Alive: timeout=15, max=795
Content-Length: 89476

GET
H/1.1 200
OK bluebird-3.7.1.min.js Show response
nettbank.sor.no/authenticate/scripts/ 80 KB
80 KB 121ms
41ms Script
application/x-javascript 139.112.170.34
EVRY-NO TietoEVRY...

General

Check archive.org

Show headers Download Go to

Full URL

https://nettbank.sor.no/authenticate/scripts/bluebird-3.7.1.min.js?v=1

Requested by

Host: nettbank.sor.no
URL: https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.112.170.34 Jessheim, Norway, ASN5619 (EVRY-NO TietoEVRY Norway, NO),

Reverse DNS

Software

Resource Hash

cf954f0536ab911a4722a85c252c64136d8edde61d74964431e97b4f7e54bb0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 05:14:35 GMT
Last-Modified: Fri, 31 Jan 2020 10:51:28 GMT
Strict-Transport-Security: max-age=2592000
Content-Language: en-US
Connection: Keep-Alive
Content-Type: application/x-javascript
Keep-Alive: timeout=15, max=785
Content-Length: 81852

GET
H/1.1 200
OK jose.js Show response
nettbank.sor.no/authenticate/scripts/ 75 KB
75 KB 120ms
40ms Script
application/x-javascript 139.112.170.34
EVRY-NO TietoEVRY...

General

Check archive.org

Show headers Download Go to

Full URL

https://nettbank.sor.no/authenticate/scripts/jose.js?v=1

Requested by

Host: nettbank.sor.no
URL: https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.112.170.34 Jessheim, Norway, ASN5619 (EVRY-NO TietoEVRY Norway, NO),

Reverse DNS

Software

Resource Hash

385986babcdb9be1116bfbdeaa3f38de81ba4d9070506b671050d058fa2220ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 05:14:35 GMT
Last-Modified: Mon, 08 Jul 2019 08:47:50 GMT
Strict-Transport-Security: max-age=2592000
Content-Language: en-US
Connection: Keep-Alive
Content-Type: application/x-javascript
Keep-Alive: timeout=15, max=796
Content-Length: 76830

GET
H/1.1 200
OK header-logo.png
nettbank.sor.no/hb-doc/cssnb/loginService/rob2811/images/ 165 KB
166 KB 40ms
40ms Image
image/png 139.112.170.34
EVRY-NO TietoEVRY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nettbank.sor.no/hb-doc/cssnb/loginService/rob2811/images/header-logo.png

Requested by

Host: nettbank.sor.no
URL: https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.112.170.34 Jessheim, Norway, ASN5619 (EVRY-NO TietoEVRY Norway, NO),

Reverse DNS

Software

Resource Hash

338aae89dd5cb813f9058faa97762c4f31f52584e29ef9a360084b7b168f9867

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 05:14:35 GMT
Last-Modified: Thu, 22 Apr 2021 09:05:50 GMT
ETag: "294f3-5c08bfc6250a8"
Strict-Transport-Security: max-age=2592000
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=794
Content-Length: 169203

GET
H/1.1 200
OK jsf.js;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1 Show response
nettbank.sor.no/authenticate/login/javax.faces.resource/ 43 KB
44 KB 50ms
50ms Script
application/x-javascript 139.112.170.34
EVRY-NO TietoEVRY...

General

Check archive.org

Show headers Download Go to

Full URL

https://nettbank.sor.no/authenticate/login/javax.faces.resource/jsf.js;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?ln=javax.faces

Requested by

Host: nettbank.sor.no
URL: https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.112.170.34 Jessheim, Norway, ASN5619 (EVRY-NO TietoEVRY Norway, NO),

Reverse DNS

Software

Resource Hash

e905ffb004e884decc0118b5596596fe6fb88fefde62113402f3f8e1ac3bba8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 05:14:35 GMT
Last-Modified: Fri, 25 Oct 2019 12:08:58 GMT
ETag: W/"44376-1572005338000"
Strict-Transport-Security: max-age=2592000
Content-Language: en-US
Connection: Keep-Alive
Content-Type: application/x-javascript
Keep-Alive: timeout=15, max=792
Content-Length: 44333
Expires: Wed, 10 Nov 2021 05:14:35 GMT

GET
H/1.1 200
OK sparsor_150909.js Show response
nettbank.sor.no/hb-doc/2811/js/ 1 KB
2 KB 41ms
40ms Script
application/x-javascript 139.112.170.34
EVRY-NO TietoEVRY...

General

Check archive.org

Show headers Download Go to

Full URL

https://nettbank.sor.no/hb-doc/2811/js/sparsor_150909.js

Requested by

Host: nettbank.sor.no
URL: https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.112.170.34 Jessheim, Norway, ASN5619 (EVRY-NO TietoEVRY Norway, NO),

Reverse DNS

Software

Resource Hash

729425c176d4c550cb5b83d7a2535f76c8c2a97564bb860ea1f7ee79ef64f961

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 05:14:35 GMT
Last-Modified: Mon, 12 Feb 2018 11:50:56 GMT
ETag: "507-565027da72800"
Strict-Transport-Security: max-age=2592000
Content-Type: application/x-javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=784
Content-Length: 1287

GET
H/1.1 200
OK set-numeric-fields.js Show response
nettbank.sor.no/authenticate/scripts/ 663 B
952 B 42ms
41ms Script
application/x-javascript 139.112.170.34
EVRY-NO TietoEVRY...

General

Check archive.org

Show headers Download Go to

Full URL

https://nettbank.sor.no/authenticate/scripts/set-numeric-fields.js

Requested by

Host: nettbank.sor.no
URL: https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.112.170.34 Jessheim, Norway, ASN5619 (EVRY-NO TietoEVRY Norway, NO),

Reverse DNS

Software

Resource Hash

48164751edf89e3e8878bf71b4afa59bc07e5eddec4f4775b3effecff8d08aa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nettbank.sor.no/authenticate/login/selectauth;jsessionid=0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1?execution=e1s1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 05:14:35 GMT
Last-Modified: Thu, 11 Apr 2019 08:54:08 GMT
Strict-Transport-Security: max-age=2592000
Content-Language: en-US
Connection: Keep-Alive
Content-Type: application/x-javascript
Keep-Alive: timeout=15, max=795
Content-Length: 663

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 1103ms
340ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: nettbank.sor.no
URL: https://nettbank.sor.no/hb-doc/2811/js/sparsor_150909.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb99c32794b1affb1cbb789a6df76c7b2d17301b158616b95d75cd18b85765b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nettbank.sor.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 05:14:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires: Wed, 03 Nov 2021 05:14:36 GMT

GET
H2 200 webtrends.js Show response
s.webtrends.com/js/ 58 KB
58 KB 61ms
8ms Script
application/javascript 2600:9000:2057:aa00:e:887:44c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.webtrends.com/js/webtrends.js
Requested by: Host: nettbank.sor.no
URL: https://nettbank.sor.no/hb-doc/2811/js/sparsor_150909.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:aa00:e:887:44c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8faa8deade3d5172d5cd040744d3a94371391b71e34259477c7542f7af2cd5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nettbank.sor.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified: Tue, 25 Feb 2020 23:34:11 GMT
server: AmazonS3
age: 355907
etag: "59060a27bf2e0a5584c9475b7d8c2767"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sat, 30 Oct 2021 02:22:49 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 59191
x-amz-cf-id: h-gVivpt4lAok2XgIaKTI4hTuvCI6C8zaUPin2HQKGsn9bW1uxRmVQ==

GET
H/1.1 200
OK icon-bankid-mobile.svg
nettbank.sor.no/hb-doc/cssnb/loginService/rob2811/images/ 3 KB
4 KB 41ms
41ms Image
image/svg+xml 139.112.170.34
EVRY-NO TietoEVRY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nettbank.sor.no/hb-doc/cssnb/loginService/rob2811/images/icon-bankid-mobile.svg

Requested by

Host: nettbank.sor.no
URL: https://nettbank.sor.no/hb-doc/cssnb/loginService/rob2811/loginservice.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.112.170.34 Jessheim, Norway, ASN5619 (EVRY-NO TietoEVRY Norway, NO),

Reverse DNS

Software

Resource Hash

9d9c6059fb8f829dc2b8e502117654747ee6a9f67b63f54f13b1440a4827db0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nettbank.sor.no/hb-doc/cssnb/loginService/rob2811/loginservice.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 05:14:35 GMT
Last-Modified: Thu, 22 Apr 2021 09:05:51 GMT
ETag: "d80-5c08bfc68e826"
Strict-Transport-Security: max-age=2592000
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=791
Content-Length: 3456

GET
H/1.1 200
OK icon-bankid.svg
nettbank.sor.no/hb-doc/cssnb/loginService/rob2811/images/ 7 KB
7 KB 40ms
40ms Image
image/svg+xml 139.112.170.34
EVRY-NO TietoEVRY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nettbank.sor.no/hb-doc/cssnb/loginService/rob2811/images/icon-bankid.svg

Requested by

Host: nettbank.sor.no
URL: https://nettbank.sor.no/hb-doc/cssnb/loginService/rob2811/loginservice.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.112.170.34 Jessheim, Norway, ASN5619 (EVRY-NO TietoEVRY Norway, NO),

Reverse DNS

Software

Resource Hash

eb2f37237afec43987ba810efd8a4ee56ee3d5a2c359dc0c2db2f426de8b379c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nettbank.sor.no/hb-doc/cssnb/loginService/rob2811/loginservice.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 05:14:35 GMT
Last-Modified: Thu, 22 Apr 2021 09:05:51 GMT
ETag: "1c86-5c08bfc6c9975"
Strict-Transport-Security: max-age=2592000
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=783
Content-Length: 7302

GET
H/1.1 200
OK icon-go3.svg
nettbank.sor.no/hb-doc/cssnb/loginService/rob2811/images/ 925 B
1 KB 40ms
40ms Image
image/svg+xml 139.112.170.34
EVRY-NO TietoEVRY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nettbank.sor.no/hb-doc/cssnb/loginService/rob2811/images/icon-go3.svg

Requested by

Host: nettbank.sor.no
URL: https://nettbank.sor.no/hb-doc/cssnb/loginService/rob2811/loginservice.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.112.170.34 Jessheim, Norway, ASN5619 (EVRY-NO TietoEVRY Norway, NO),

Reverse DNS

Software

Resource Hash

02ae20422fb42ea1b232b9d4d78f32e283a825eea4fb26507a1b127a2e87e141

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nettbank.sor.no/hb-doc/cssnb/loginService/rob2811/loginservice.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 05:14:35 GMT
Last-Modified: Thu, 22 Apr 2021 09:05:52 GMT
ETag: "39d-5c08bfc7ba118"
Strict-Transport-Security: max-age=2592000
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=794
Content-Length: 925

GET
H2 200 webtrends.yt.js Show response
s.webtrends.com/js/ 18 KB
19 KB 7ms
6ms Script
application/javascript 2600:9000:2057:aa00:e:887:44c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.webtrends.com/js/webtrends.yt.js
Requested by: Host: s.webtrends.com
URL: https://s.webtrends.com/js/webtrends.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:aa00:e:887:44c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 717245a3eac2bb7c0a9ae52fa7a81524186739a9f6547f8ee9bfb4752f0e8045

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nettbank.sor.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified: Tue, 25 Feb 2020 23:34:01 GMT
server: AmazonS3
age: 38580
etag: "d5c15ea3e44c8aff0d43b8eae32af333"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 02 Nov 2021 18:47:10 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 18680
x-amz-cf-id: vaZ2kE5Yw7YCRdRR-A54nXkcrorMut2WmMDHYHsyg3x8nJUkgRK4PA==

GET
H2 200 wtid.js Show response
statse.webtrendslive.com/dcs82zndjuz5bdn4avcy1zn5c_3y7w/ 10 B
102 B 45ms
9ms Script
application/x-javascript 18.156.98.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://statse.webtrendslive.com/dcs82zndjuz5bdn4avcy1zn5c_3y7w/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback

Requested by

Host: s.webtrends.com
URL: https://s.webtrends.com/js/webtrends.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.156.98.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-98-77.eu-central-1.compute.amazonaws.com

Software

Resource Hash

d3f45949797ac9329127b9e128b0e0656aa48d5dbd8d5e8e42c8b451780c34f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nettbank.sor.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Nov 2021 05:14:35 GMT
content-length: 10
content-type: application/x-javascript

GET
H2 200 www-widgetapi.js
www.youtube.com/s/player/9216d1f7/www-widgetapi.vflset/ 8 KB
0 334ms
333ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9216d1f7/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nettbank.sor.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 23:49:18 GMT
x-content-type-options: nosniff
age: 19518
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145033
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 00:15:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 02 Nov 2022 23:49:18 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nettbank.sor.no/authenticate	1969-12-31 23:59:59	Name: JSESSIONID Value: 0000ZnBeFaLVyNbVIPhUzVTTQ-G:1082953800p1
nettbank.sor.no/	1969-12-31 23:59:59	Name: BIGipServerpool_evry_eBank-Person-Prod_81 Value: !8I71BWpBm6k6oDsHy4AJAhPVzun3hZ16dKifM/ADBkiHzM/5gHyEQDIMu042xKl3Orm7pduVUpqSXw==
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: K5TlPGvZzKE
.youtube.com/	1970-01-20 02:44:28	Name: VISITOR_INFO1_LIVE Value: kuuCIuc2Sfc

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bank.bosnia.no
nettbank.sor.no
s.webtrends.com
statse.webtrendslive.com
www.youtube.com
139.112.170.34
18.156.98.77
2600:9000:2057:aa00:e:887:44c0:93a1
2a00:1450:4001:80f::200e
2a01:5b40:0:248::52
02ae20422fb42ea1b232b9d4d78f32e283a825eea4fb26507a1b127a2e87e141
338aae89dd5cb813f9058faa97762c4f31f52584e29ef9a360084b7b168f9867
385986babcdb9be1116bfbdeaa3f38de81ba4d9070506b671050d058fa2220ea
48164751edf89e3e8878bf71b4afa59bc07e5eddec4f4775b3effecff8d08aa9
717245a3eac2bb7c0a9ae52fa7a81524186739a9f6547f8ee9bfb4752f0e8045
729425c176d4c550cb5b83d7a2535f76c8c2a97564bb860ea1f7ee79ef64f961
76a1ff2a98553d390f111990443edbf4cff91524afdba92453472be325d27216
915e251b12e91ec9c09d8ba46334b85c29328628125bca2fb8152af2460644e7
9d9c6059fb8f829dc2b8e502117654747ee6a9f67b63f54f13b1440a4827db0a
c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845
cb99c32794b1affb1cbb789a6df76c7b2d17301b158616b95d75cd18b85765b8
cf954f0536ab911a4722a85c252c64136d8edde61d74964431e97b4f7e54bb0c
d3f45949797ac9329127b9e128b0e0656aa48d5dbd8d5e8e42c8b451780c34f2
e8faa8deade3d5172d5cd040744d3a94371391b71e34259477c7542f7af2cd5b
e905ffb004e884decc0118b5596596fe6fb88fefde62113402f3f8e1ac3bba8a
eb2f37237afec43987ba810efd8a4ee56ee3d5a2c359dc0c2db2f426de8b379c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

nettbank.sor.no Open in urlscan Pro 139.112.170.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

18 Requests

100 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

4 IPs

3 Countries

591 kBTransfer

594 kBSize

4 Cookies

3 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

nettbank.sor.no Open in urlscan Pro
139.112.170.34 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

591 kB
Transfer

594 kB
Size

4
Cookies

18 HTTP transactions
0 data transactions