seb.mobilsakerhet.com Open in urlscan Pro
2606:4700:3035::6815:189  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request uppdatering Show response seb.mobilsakerhet.com/	5 KB 4 KB	612ms 341ms	Document text/html	2606:4700:3035::6815:189 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://seb.mobilsakerhet.com/uppdatering Protocol HTTP/1.1 Server 2606:4700:3035::6815:189 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2279b57be741505fb6e2ef389c71f491e1fd98942c6c39c427efb624ee9b8a0b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language en-US,en;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 7d7bd2560a67da8b-MIA Cache-Control no-cache, private Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Thu, 15 Jun 2023 15:24:44 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZdAZqFAx1Q8E4VVEv8vlNujDw2jyXnI6K1CfbpQe9XnVOp90F0hBlC1kFnQ%2BrsZg41Nrq%2BmU%2BNNFH2Lb3IKmWyelPXxyBhuto8WDrE5MTaKX4BgVTsDAvAHgiIu3FrTqsTLRhqSIKrKBe3WxBnnc%2FvmJCw%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block alt-svc h3=":443"; ma=86400
GET H2	200	app.css seb.mobilsakerhet.com/css/seb/	12 KB 4 KB	375ms 289ms	Stylesheet text/css	2606:4700:3030::ac43:8165 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seb.mobilsakerhet.com/css/seb/app.css?id=63b807b31a58fd46ae1096e56098dd33 Requested by Host: seb.mobilsakerhet.com URL: http://seb.mobilsakerhet.com/uppdatering Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:8165 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8cb192542b4fbc6b348f0c5a175c3a43203cc18c883ac553c442cbd5e2226951 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer http://seb.mobilsakerhet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 15:24:44 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 11 Apr 2023 14:20:58 GMT server cloudflare etag W/"64356cca-2f03" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEcsxn8%2FLnOEgGQ5Miey2hXFG0LDx%2BPDcmQ822uaMqSZZAuy4MvPF83uHZzIwOPt%2Fg7v%2BFm5vncK3ix7OW6GCpgUO6zbdWtGbgDYuZosPpzX095mfUsFMZ7hXWUNFgxmzWqmqOleOoAAflwsWEjg8OV%2BgQI%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 cf-ray 7d7bd258bfeddafd-MIA
GET H/1.1	200 OK	bankid.svg seb.mobilsakerhet.com/images/	3 KB 2 KB	295ms 294ms	Image image/svg+xml	2606:4700:3035::6815:189 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://seb.mobilsakerhet.com/images/bankid.svg Requested by Host: seb.mobilsakerhet.com URL: http://seb.mobilsakerhet.com/uppdatering Protocol HTTP/1.1 Server 2606:4700:3035::6815:189 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce22eb0c405b78a4247ec19eba5816e03a01a3c065e84a2bc58a23875cd1efc7 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer http://seb.mobilsakerhet.com/uppdatering User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Thu, 15 Jun 2023 15:24:44 GMT Content-Encoding gzip X-Content-Type-Options nosniff CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 X-XSS-Protection 1; mode=block Last-Modified Tue, 11 Apr 2023 14:20:58 GMT Server cloudflare ETag W/"64356cca-cb1" X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type image/svg+xml Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jqgb5jrvAhFSIfUz62xC6osgxYZ99pqyVzrPlBqHgkblhNiXzHiaqvhRWqWt6CAiki9Eh1HFF718MHtO2QeNtHCZo9FHLJvFWfc5UiNnKBi175xPtgAskdu5crT4ESE75Ud%2B8lggnJMSmnswKEuFhU8R9lg%3D"}],"group":"cf-nel","max_age":604800} Cache-Control max-age=14400 CF-RAY 7d7bd2583ec3da8b-MIA
GET H/1.1	200 OK	seb-digipass.png seb.mobilsakerhet.com/images/seb/	163 KB 164 KB	581ms 550ms	Image image/png	2606:4700:3035::6815:189 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://seb.mobilsakerhet.com/images/seb/seb-digipass.png Requested by Host: seb.mobilsakerhet.com URL: http://seb.mobilsakerhet.com/uppdatering Protocol HTTP/1.1 Server 2606:4700:3035::6815:189 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d8ee7bc0ed0e64fcad7894ca984b51f80e422d0e8674d6d35375f925ce6f5176 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer http://seb.mobilsakerhet.com/uppdatering User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Thu, 15 Jun 2023 15:24:45 GMT X-Content-Type-Options nosniff CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 166919 X-XSS-Protection 1; mode=block Last-Modified Tue, 11 Apr 2023 14:20:58 GMT Server cloudflare ETag "64356cca-28c07" X-Frame-Options SAMEORIGIN Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCGDNDh819IlHTby1jkNfnSj8F3gZPwbjGCT9oQm2g2vDvj%2FfFqOXXOWU9y3gNz5shtWXFHQD%2Bp%2FWe4cAqhhgNJOr6PTgGFOo94AiWuAUEUTEE7EtNbZmAz0wIiXehT9Kov2JmM3e1G1%2FUGglggD%2BMdes50%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Vary Accept-Encoding Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 7d7bd25a8b9bda8b-MIA
GET H2	200	app.js Show response seb.mobilsakerhet.com/js/seb/	224 KB 67 KB	573ms 572ms	Script application/javascript	2606:4700:3030::ac43:8165 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seb.mobilsakerhet.com/js/seb/app.js?id=f65ead0ff96fe627dbf16ce6c26fbc42 Requested by Host: seb.mobilsakerhet.com URL: http://seb.mobilsakerhet.com/uppdatering Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:8165 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3163a965c0b3778fd3489661837fa536aee8e649c0ac2dcdc19ccb23112b7176 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer http://seb.mobilsakerhet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 15:24:45 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 23 May 2023 16:44:35 GMT server cloudflare etag W/"646ced73-380da" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GaSIlv1woMUi9GhrEXI9VoBTtKs6TL3UIxbLL62rUe4OOD9vjinhnyL6QX3oIOl6vn8Ywpp0ku%2FtrY1xp0C8PiCr3Gbm8RzZydFYEa7xb5NZVTN4jn5qeoszIXuiN1yoe5LfcivzoHAsljayXJsst%2BW2%2FHY%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 cf-ray 7d7bd25aabdcdafd-MIA
GET H/1.1	200 OK	fog-and-trees.jpg id.seb.se/assets/	257 KB 258 KB	899ms 172ms	Image image/jpeg	129.178.73.10 SEBNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://id.seb.se/assets/fog-and-trees.jpg Requested by Host: seb.mobilsakerhet.com URL: https://seb.mobilsakerhet.com/css/seb/app.css?id=63b807b31a58fd46ae1096e56098dd33 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 129.178.73.10 , Sweden, ASN44320 (SEBNET-AS, SE), Reverse DNS id.seb.se Software / Resource Hash 557a7d0a1ffc8d177fdb8aaa8e65639f07fecd9833fe04a92968e1cfad72ca5a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://seb.mobilsakerhet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Thu, 15 Jun 2023 15:24:45 GMT Strict-Transport-Security max-age=15552000; includeSubDomains Frame-Options deny Last-Modified Wed, 01 Mar 2023 14:15:05 GMT ETag "63ff5de9-40509" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 263433
GET		SEBSansSerif-Medium.308ab8de3c2e2535.woff2 seb.mobilsakerhet.com/fonts/seb/	0 0
GET		SEBSansSerif-Regular.4c7865fb24ae2790.woff2 seb.mobilsakerhet.com/fonts/seb/	0 0
GET		SEBSansSerif-Medium.308ab8de3c2e2535.woff seb.mobilsakerhet.com/fonts/seb/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

seb.mobilsakerhet.com

URL

https://seb.mobilsakerhet.com/fonts/seb/SEBSansSerif-Medium.308ab8de3c2e2535.woff2

Domain

seb.mobilsakerhet.com

URL

https://seb.mobilsakerhet.com/fonts/seb/SEBSansSerif-Regular.4c7865fb24ae2790.woff2

Domain

seb.mobilsakerhet.com

URL

https://seb.mobilsakerhet.com/fonts/seb/SEBSansSerif-Medium.308ab8de3c2e2535.woff

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SEB Group (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| customerId object| preOTP1 object| preOTP2 boolean| enableSMS function| axios object| QRCode object| Alpine function| Vue

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			seb.mobilsakerhet.com/	1970-01-20 12:34:09	Name: XSRF-TOKEN Value: eyJpdiI6Im9PaDZRd1Bndnc1TUdXVzJIOVQzZnc9PSIsInZhbHVlIjoiT3dVd0tDeEMybFJ1RlJJNURZOEF4c1phdDk2cnlqdVRRMkNFNXphOHRWcHFQaDJ6TC9sRUFJQXNFS1h1dkVHcm1URHJ4VWI2R2tHVFg2K25qaWZHZzR2NExtb2VtUU5QMXI5SFE5dVhlQnJaNlZLMW5BOUFBVXFJNDdud2wzemwiLCJtYWMiOiI1MTNhYTYyNWJjZTg0N2NkN2ZjMDdjMDkxYWNlYjc5OTk0NmIzZmI5ZDM5ZWUyYTRiMjFiODVkMDE5Njk4YmNmIiwidGFnIjoiIn0%3D
			seb.mobilsakerhet.com/	1970-01-20 12:34:09	Name: laravel_session Value: eyJpdiI6IlExbHF5ci91QXVsYldTWVNYb1ZLSVE9PSIsInZhbHVlIjoidHJDaVpSaDlPdkJiQTJEeG9vekd0Y0M2MHdZaGFJT254Q1VKTlRvdXpSWFVnSnQrcncvNG5KUmpCaEVLS3ZyRXFpakhPbm1nUytJeGJSUVhqSjBtTWFVNVdHSEV1TytIQmlmb0ZLR2tLR0x1bm96Zm9mcHdSbTVpSzhIcHpXeHUiLCJtYWMiOiJmNDAyYzdlM2U3OTIzZDBmZjAwYzQ4ZjczNzhlYTk2ZGQyZDJiZWVhMGY0Yzg5ZGU2NjMwYjI5MWZmNTBlMTcyIiwidGFnIjoiIn0%3D
			id.seb.se/	1969-12-31 23:59:59	Name: BIGipServerssi_prd~auth-front_seb-login-client_8080_pool Value: 1422329610.36895.0000

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://seb.mobilsakerhet.com/uppdatering Message: Access to font at 'https://seb.mobilsakerhet.com/fonts/seb/SEBSansSerif-Medium.308ab8de3c2e2535.woff2' from origin 'http://seb.mobilsakerhet.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://seb.mobilsakerhet.com/fonts/seb/SEBSansSerif-Medium.308ab8de3c2e2535.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://seb.mobilsakerhet.com/uppdatering Message: Access to font at 'https://seb.mobilsakerhet.com/fonts/seb/SEBSansSerif-Regular.4c7865fb24ae2790.woff2' from origin 'http://seb.mobilsakerhet.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://seb.mobilsakerhet.com/fonts/seb/SEBSansSerif-Regular.4c7865fb24ae2790.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://seb.mobilsakerhet.com/uppdatering Message: Access to font at 'https://seb.mobilsakerhet.com/fonts/seb/SEBSansSerif-Medium.308ab8de3c2e2535.woff' from origin 'http://seb.mobilsakerhet.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://seb.mobilsakerhet.com/fonts/seb/SEBSansSerif-Medium.308ab8de3c2e2535.woff Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

id.seb.se
seb.mobilsakerhet.com
seb.mobilsakerhet.com
129.178.73.10
2606:4700:3030::ac43:8165
2606:4700:3035::6815:189
2279b57be741505fb6e2ef389c71f491e1fd98942c6c39c427efb624ee9b8a0b
3163a965c0b3778fd3489661837fa536aee8e649c0ac2dcdc19ccb23112b7176
557a7d0a1ffc8d177fdb8aaa8e65639f07fecd9833fe04a92968e1cfad72ca5a
8cb192542b4fbc6b348f0c5a175c3a43203cc18c883ac553c442cbd5e2226951
ce22eb0c405b78a4247ec19eba5816e03a01a3c065e84a2bc58a23875cd1efc7
d8ee7bc0ed0e64fcad7894ca984b51f80e422d0e8674d6d35375f925ce6f5176