nordea.o-fi.eu Open in urlscan Pro
2606:4700:3030::6815:31ca Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mol.is/Nordea
Effective URL:
https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/
Submission: On May 25 via manual (May 25th 2023, 12:28:10 pm UTC) from FI — Scanned from FI

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3030::6815:31ca, located in United States and belongs to CLOUDFLARENET, US. The main domain is nordea.o-fi.eu.
TLS certificate: Issued by GTS CA 1P5 on May 21st 2023. Valid for: 3 months.

This is the only time nordea.o-fi.eu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nordea (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2 2	46.175.14.14 46.175.14.14	12741 (AS-NETIA ...) (AS-NETIA Warszawa 02-822)
2 28	2606:4700:303... 2606:4700:3030::6815:31ca	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3033::ac43:a717	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	45.81.39.134 45.81.39.134	() ()
29	2

2 46.175.14.14 (Solec Kujawski, Poland) 2 redirects

ASN12741 (AS-NETIA Warszawa 02-822, PL)
PTR: h1.cloud9.pl

mol.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:3030::6815:31ca (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

nordea.o-fi.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:a717 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nordea.o-fi.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.81.39.134 (None, )

ASN- ()

xllx1.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	o-fi.eu 3 redirects nordea.o-fi.eu	203 KB
3	xllx1.site xllx1.site	1 KB
2	mol.is 2 redirects mol.is	1 KB
29	3

	Domain	Requested by
29	nordea.o-fi.eu	3 redirects nordea.o-fi.eu
3	xllx1.site	nordea.o-fi.eu
2	mol.is	2 redirects
29	3

This site contains no links.

Subject Issuer	Validity	Valid
o-fi.eu GTS CA 1P5	`2023-05-21` - `2023-08-19`	3 months	crt.sh
xllx1.site R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/
Frame ID: 78704DEC1F4CC6B4B38100CE8558DE01
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nordea - Authentication

Page URL History Show full URLs

http://mol.is/Nordea HTTP 301
https://mol.is/Nordea HTTP 301
https://nordea.o-fi.eu/n/ Page URL
https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502 HTTP 301
http://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/ HTTP 301
https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/ HTTP 302
https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/ Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

202 kB
Transfer

508 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mol.is/Nordea HTTP 301
https://mol.is/Nordea HTTP 301
https://nordea.o-fi.eu/n/ Page URL
https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502 HTTP 301
http://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/ HTTP 301
https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/ HTTP 302
https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://mol.is/Nordea HTTP 301
https://mol.is/Nordea HTTP 301
https://nordea.o-fi.eu/n/

29 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ nordea.o-fi.eu/n/ Redirect Chain http://mol.is/Nordea https://mol.is/Nordea https://nordea.o-fi.eu/n/	728 B 910 B	602ms 347ms	Document text/html	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea.o-fi.eu/n/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7ccdc65cced72d6b-ARN content-encoding br content-type text/html; charset=UTF-8 date Thu, 25 May 2023 12:27:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dc7W%2F3shFZWCIg5RN66fG5JhclI3O2nZ2imt%2B0mfvSGB4lIueYAuzvT5WsW1UoPq3NgAIw9LB2lUbItGWgpfa22PYZ57my%2BKrovLJBgL4dD2EWc8p46ePfXA74qqE00SFgoxUwPSZUP5umAERQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers cache-control no-store, no-cache, must-revalidate content-length 0 content-security-policy block-all-mixed-content content-type text/html; charset=UTF-8 date Thu, 25 May 2023 12:27:50 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location https://nordea.o-fi.eu/n/ permissions-policy geolocation=, midi=(), sync-xhr=(self "https://mol.is" "https://www.mol.is"), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self "https://mol.is" "https://www.mol.is" ) pragma* no-cache referrer-policy no-referrer-when-downgrade server nginx strict-transport-security max-age=31536000 vary User-Agent x-content-type-options nosniff x-dns-prefetch-control on x-download-options noopen x-frame-options SAMEORIGIN x-permitted-cross-domain-policies master-only x-powered-by PHP/7.4.32 x-xss-protection 1
GET H3	200	Primary Request / Show response nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/ Redirect Chain https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502? http://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/? https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/? https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/?	17 KB 5 KB	127ms 116ms	Document text/html	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ae466dc441f79395a1e2ea3606a82fbff018b7a37a9433f3734c1fd6d3599804` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 7ccdc66978950b55-OSL content-encoding br content-type text/html; charset=UTF-8 date Thu, 25 May 2023 12:27:53 GMT expires 0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DOHA0zdo%2FWzZciU8fvUPlyJE46fHMMaP3BQNlEw1S8VjG7MazAD2jw%2Blu1gYXfxRs8A%2Bcho0PbVdiPoYmelcpR3956pO2wHsoKkX0NN3I1QM4BSO52QUYLofkhzbuRnN2SXACzLrHKQLJVz%2Bdw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7ccdc6684eb30b55-OSL content-type text/html; charset=UTF-8 date Thu, 25 May 2023 12:27:53 GMT location login/? nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzG28r8sDVEGbmZtenJntGoKSy7tlHqrPIgIF3SEz2dUZrvmlkruZWoeWBwQltMyjI%2Bln77wepU4fb55rf2RxogpGJZnuDAew1stVaQrxuVrvv6ovc8OgqXKaNDvo%2F2gxK7L5ajIDi4KSOGJHg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	jquery.min.js Show response nordea.o-fi.eu/n/bower_components/jquery/dist/	85 KB 31 KB	243ms 243ms	Script application/javascript	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea.o-fi.eu/n/bower_components/jquery/dist/jquery.min.js Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:53 GMT content-encoding br cf-cache-status MISS last-modified Fri, 03 Sep 2021 04:19:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"15283-5cb0f99fd1000-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIv9%2FmUXhRqLFIdTvLBsBN8GjVeS27hKIy8evJh%2B3t4%2BWShsQDVPwIN0cNvcgm2v%2BOYYhQGncrfp106tuCCTLDvR2xAd%2FCSCj76AbdvKXBmkQXiDeIeboEslFK3%2BMPes1s4tKh%2Bxi5MX3GOmSA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7ccdc66b7c760b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	ua-parser.min.js Show response nordea.o-fi.eu/n/bower_components/ua-parser-js/dist/	17 KB 7 KB	132ms 132ms	Script application/javascript	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea.o-fi.eu/n/bower_components/ua-parser-js/dist/ua-parser.min.js Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:53 GMT content-encoding br cf-cache-status MISS last-modified Fri, 03 Sep 2021 04:19:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"4298-5cb0f99fd1000-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8HbRLleN9fa4Q0uC7Ys2INsf5ReyQj%2Ff%2B2pBY%2B00JKV3EZX7IbTrBcP5pqe%2BzT0etpI%2BzNmJ6HeRV5vdlLi70%2FbH0%2B0%2B7cSl4hUnX1iXa30U4kLWUXgtGmp2YzKAJm%2BMLcGFaqpreV5BocnGw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7ccdc66b8c800b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	font-awesome.min.css nordea.o-fi.eu/n/bower_components/font-awesome/css/	30 KB 7 KB	122ms 121ms	Stylesheet text/css	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea.o-fi.eu/n/bower_components/font-awesome/css/font-awesome.min.css Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:53 GMT content-encoding br cf-cache-status MISS last-modified Fri, 03 Sep 2021 04:19:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"7918-5cb0f99fd1000-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kRyK7StSidt8tdENxaoynlclPJ9ujUPkPFWiUkan8%2Ff4%2Buw64kYbFCjtUB0OS%2FjZ9lh%2F%2BjZTeUg3tB4XVe7fyItpP8zTgWDwp3cYvzODoAptZRaUmiCoaihx96h%2BhUOd3blIWqlA%2BgBANdhEg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7ccdc66b8c860b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	core_form.js Show response nordea.o-fi.eu/n/core/form/	19 KB 5 KB	178ms 178ms	Script application/javascript	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea.o-fi.eu/n/core/form/core_form.js Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0ed07982724ee7ef18f9f353a14959b539b2515b76ad65dd52840afb298c257a` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:53 GMT content-encoding br cf-cache-status MISS last-modified Mon, 22 May 2023 21:39:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"4c01-5fc4f1c99a300-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMXKfH4F660EHApoeyWrrrFksqMHHInuwIBZ2yT4GKzxjn7atoFB30gyvW8sXoeM1%2FRkpoblA1Ki1oX5JSc5QNlrLgMmtjf8cRGTJ%2BatpxOS9IC8aeTLOe8Tl%2BOd5CmfK%2BK08ZvR4z%2FQTlPXwA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7ccdc66b9c9a0b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	core_token.js Show response nordea.o-fi.eu/n/core/token/	15 KB 2 KB	176ms 175ms	Script application/javascript	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea.o-fi.eu/n/core/token/core_token.js?1685017673 Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d2184157425f030856ecbe5011c09f433f8fad99647405dcd28f8efd7f01715f` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:53 GMT content-encoding br cf-cache-status MISS last-modified Tue, 23 May 2023 03:07:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3c30-5fc53aeff3800-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STErBh%2BYoIFH15zDgGFrJ96FCkVjFq1GRYJZ737rUuYGiBjMmerTftCRjH5KD2pBrQoRPMEseAEkvoKEQJXmBZZXYw75XOhcwCQpDCFzVNDJgOvNLvvzu%2FXAgiAQHvPWZn9GMTMl4NpzVGGO7Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7ccdc66baca40b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	angular.min.js Show response nordea.o-fi.eu/n/bower_components/angular/	165 KB 59 KB	279ms 279ms	Script application/javascript	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea.o-fi.eu/n/bower_components/angular/angular.min.js Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:53 GMT content-encoding br cf-cache-status MISS last-modified Fri, 03 Sep 2021 04:19:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2937c-5cb0f99fd1000-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQ0G9gM%2FCceTRYPlqR4OLqPJ5sE3bCgtVL8CWTE62v9SJikKEi%2Bb3aWa2Hm8ypsl5tVIm5fidypZniNeNlWR3Vb6y%2FjPm12twglSFve62aLzZu6c1PGyynX5G3F7cTgx1FboZzd3OiNIoDQ7HA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7ccdc66bacac0b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	jquery.maskedinput.min.js Show response nordea.o-fi.eu/n/bower_components/jquery.maskedinput/dist/	16 KB 4 KB	2856ms 2856ms	Script application/javascript	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea.o-fi.eu/n/bower_components/jquery.maskedinput/dist/jquery.maskedinput.min.js Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6a2f967ab83a1b16b06c60bbbbbe901f1719b620718f43ee6b7a48d7578cee67` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:56 GMT content-encoding br cf-cache-status MISS last-modified Fri, 03 Sep 2021 04:19:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"4001-5cb0f99fd1000-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Shqnok%2BB5I1ePohcHW1rEOn%2FHt%2Fw%2BcJOTHBCeJWqWXukvCTSgf7dCUh67LGEgqa3w5KyVcpsbPqoGt8%2FKkW1qeIeY5Ol5%2FwNt1y5Ys9HOyDMrZ9nec8BvQ4of9LXjy6fuCyQDjhbt3pWUqdkTg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7ccdc66bccda0b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	core_form.css nordea.o-fi.eu/n/core/form/	3 KB 1 KB	191ms 190ms	Stylesheet text/css	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea.o-fi.eu/n/core/form/core_form.css Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `406a11c423ffe3d6c6c94df7fbe6eaf6f49a70086e9f82bbfa0cad51fbd31ad8` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:53 GMT content-encoding br cf-cache-status MISS last-modified Fri, 03 Sep 2021 04:19:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"adb-5cb0f99fd1000-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hc8Z1exvFXUK6lP5EpAYUseLtSrL4J1r%2FJvLUkz1GanCnK1yPS4mYpW%2BKyHgm0A9EJeh4NLPoZeS0sdjekFl0SdOWKt7t8iqhYE2Q6bCTEpILuLxvW1luGkvuwLmqZo1OVdZ7wXaL3y6CEoppA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7ccdc66bccdd0b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	css.css nordea.o-fi.eu/n/login/form/	0 477 B	2844ms 2842ms	Stylesheet text/css	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea.o-fi.eu/n/login/form/css.css Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:56 GMT cf-cache-status MISS last-modified Fri, 03 Sep 2021 04:19:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "0-5cb0f99fd1000" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trBoQW9titpEd6%2F5BK8p0%2BFZHinKxSSVuUaPvtNWXprzAtux6V%2FyPXXNnLiF0wz3e5TCVQA3FHkLLt8%2F4X8VoLgrmWskfMkh%2FpVMZLPtrcuD1UUxu6cj9TpTPp4exj6Kp7lxU8%2F8sL0MEvmkIQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 accept-ranges bytes cf-ray 7ccdc66bcce00b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H3	200	reset.css nordea.o-fi.eu/n/login/	2 KB 1 KB	774ms 772ms	Stylesheet text/css	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea.o-fi.eu/n/login/reset.css Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3c268c23de2cdc03399f28e51ad14dbf933052ba513f9d85d466e38a67e7ebb1` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:54 GMT content-encoding br cf-cache-status MISS last-modified Fri, 03 Sep 2021 04:19:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"997-5cb0f99fd1000-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIKUYjMaajKBX%2BehUcyVoEYabHezg7jPhFahCfpEnwhv%2FNaCmLqmq5FCRcredfdy%2BSmcTmOJo7oYVd%2FpKiqDThKxHuTvgPaDvapph3j1reGRKb9x5hevwEiFJi%2FQA6BsjMV2YZJKvmRm9G9naw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7ccdc66bdce30b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	backbase-portal.css nordea.o-fi.eu/n/login/	3 KB 1 KB	2817ms 2816ms	Stylesheet text/css	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea.o-fi.eu/n/login/backbase-portal.css Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a30b67e102e644f091fd5736b8eb5f195f738422c6bfc706fd68af6073c6de26` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:56 GMT content-encoding br cf-cache-status MISS last-modified Fri, 03 Sep 2021 04:19:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"a82-5cb0f99fd1000-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95xI6wxJd6wOyZTnORJciOSuiVKm1dFY9eRTK9SHJvJZy1pzBSb2i7eqVxlJtDJINmCZxMD9ESMO%2Fr6Am3emPQQaX%2F%2FSR7W7uDA0QKK0yiXDQvs5KGnuZyib%2Bsbt31kB73eXJVgTkSQeysLgsg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7ccdc66bdce50b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	all.css nordea.o-fi.eu/n/login/	10 KB 3 KB	1795ms 1793ms	Stylesheet text/css	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea.o-fi.eu/n/login/all.css Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `041a9e12d19dc2165f7e1435d6611f0a6efeba4d7375ca2bbb778364f9320561` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:55 GMT content-encoding br cf-cache-status MISS last-modified Fri, 03 Sep 2021 04:19:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2820-5cb0f99fd1000-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqEuyUZW4coqsq1yRQS6NH5Y%2FeBN5hVu7oMJkTPld0sRk5T09m2vHFA%2FagzFRl0J4f%2BbaA3itnDUVqTVdz0GzNhgO0AUB8AdD%2FeVne6OI7rMnVSbz%2BqgYt%2FHT2sZflO0PGz7x8L4WVPf40vlvw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7ccdc66bdce60b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	aurora.min.css nordea.o-fi.eu/n/login/	21 KB 5 KB	181ms 180ms	Stylesheet text/css	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea.o-fi.eu/n/login/aurora.min.css Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `31c87dedf2d3a1bd2e2fa1e026abb9b3c32040d7ada2651b4a125bf8418fc2b5` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:53 GMT content-encoding br cf-cache-status MISS last-modified Fri, 03 Sep 2021 04:19:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"5225-5cb0f99fd1000-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BkCOdA%2FO1vTEP%2FkxxVwznI1KDMxsUpFryzLiNUT2QgFh5canpIXJJtAWMs1jp%2FEPn5OIPW9R3FTAGMd7ueeP5qYZ97rMZuT3edkQBo8GABoYo1s41tqNhqVMPzKuLio7sRIUjfpcjJSEYZyoQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7ccdc66bdce70b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	styles-6af237f07b117508ecc428f538073c25.css nordea.o-fi.eu/n/login/	36 KB 7 KB	1829ms 1828ms	Stylesheet text/css	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea.o-fi.eu/n/login/styles-6af237f07b117508ecc428f538073c25.css Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6c3bbbab182d097c3a57db37a6fc64da4065c65765816439f0b9c6104a3b0e97` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:55 GMT content-encoding br cf-cache-status MISS last-modified Fri, 03 Sep 2021 04:19:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"91ee-5cb0f99fd1000-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WFUG8L%2BMNFTx35ghFb2mLUMAlHaNJtyoiWEMR1sczP2VGOIgGCQBq76WqUGd%2B6RTk91DyVahIAjUh1w3QxKUevYczGFd%2B2BKpPvepGSlTTeDsXoniNgMlwBbw2TOFc%2FC10SFm04YELMLg925A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7ccdc66bdce80b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg nordea.o-fi.eu/n/login/	3 KB 2 KB	963ms 939ms	Image image/svg+xml	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nordea.o-fi.eu/n/login/service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `037024a96d014cbe884a9f81804ceadc25bd1e49d0d9018de09acddac997afbf` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:57 GMT content-encoding br cf-cache-status MISS last-modified Fri, 03 Sep 2021 04:19:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"af3-5cb0f99fd1000" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIOYZHHl%2FDK9BdKP%2FZzY52mV%2FqMMFsLqbA7jIiOjZSXjpYXTpZbPI0Kg6%2FJuoCRW6u%2BODtt6sak4casiVyBXr11zpFFhtsoSflwEwMo6ZRLeIAWy3XVNequSF0kr2lSnX98fi4tvOkHHUv3UuA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 7ccdc67e0d750b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	codes_app-a89defc476c5ea3f806b6f5360157e81.svg nordea.o-fi.eu/n/login/	1 KB 1 KB	1119ms 1094ms	Image image/svg+xml	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nordea.o-fi.eu/n/login/codes_app-a89defc476c5ea3f806b6f5360157e81.svg Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b88b6130e6d786e3793f9811c6ad215e23237c3875b1bd85330505dc8ff350f9` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:57 GMT content-encoding br cf-cache-status MISS last-modified Fri, 03 Sep 2021 04:19:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"5a2-5cb0f99fd1000" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUPwCuv38sq5cX8RovZv%2FEJB3jrZFYYy56Ma4bguhsGI8%2BVDm7Hzv9wAbDuA4alVdbbkcWZpMvgOJfE6WEvMNgoGkB%2FB0gyJ7oqcp2HsrNBgWPItbD9sXZxMcpsU1%2FSgjAsOvavPjpXe02nftw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 7ccdc67e0d760b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	offline-8599dbe5088e0566b0e39373d3a56b60.svg nordea.o-fi.eu/n/login/	2 KB 1 KB	1107ms 1083ms	Image image/svg+xml	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nordea.o-fi.eu/n/login/offline-8599dbe5088e0566b0e39373d3a56b60.svg Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4bb0667918cd4d97513a0d51d50ed3f3cf4d61ddb35f6319cde294149ebb79ae` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:57 GMT content-encoding br cf-cache-status MISS last-modified Fri, 03 Sep 2021 04:19:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"751-5cb0f99fd1000" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gyIapFimiIpTDQYHhBl6%2FVvp0%2Fsr7yqiRNKTFP0kNZT6QkE5C32AvS7gpPVYcsP8BstSDRoc6xVEYFm9B5Q2hyJpixReFxGpIJGUuJP6loQKVicWRot6IQ2tHz0cJLR8425%2BqrOqm%2BJl0onOA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 7ccdc67e0d780b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	code_calculator-6af4aa53625a02dcb8b5cfd7ac2d30bd.svg nordea.o-fi.eu/n/login/	671 B 747 B	119ms 96ms	Image image/svg+xml	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nordea.o-fi.eu/n/login/code_calculator-6af4aa53625a02dcb8b5cfd7ac2d30bd.svg Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `23c76e6a9df05e6f95e1384fbf5566300447cf8a2e658af4de19bb52c14eeadf` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:56 GMT content-encoding br cf-cache-status MISS last-modified Fri, 03 Sep 2021 04:19:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"29f-5cb0f99fd1000" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9eQgOElmJOmtBkCXDXpHybq%2BSUdSwY16K472IUwQIaDk8i4l7mqOqBfphfSFr%2FGUWobAoCn1jQxu6Z49dPMNPyQYuk0BG7OC1QLkLyk95geP5ivpYdeAF3Z8yf1n0MHgaYYXPycMgOtOEmYqQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 7ccdc67e0d790b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	form.js Show response nordea.o-fi.eu/n/login/form/	3 KB 1 KB	140ms 140ms	Script application/javascript	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea.o-fi.eu/n/login/form/form.js?v=646f54493715e Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `907d66973b8a86469b449cbf61d1dd0e17df8cbdb894efb6ea47cae06cd67c3f` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:56 GMT content-encoding br cf-cache-status MISS last-modified Fri, 03 Sep 2021 04:19:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"bf7-5cb0f99fd1000-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJbE0JmuB0ApoNJzTGRVvfvmQs2nkrYgrZboM4Cixdq%2FecObvk%2Fm7JHdXnyeXsg0vTV3iY4G%2FfrXnI9vaKBxhMHAZGj0mLs%2FAFBDCgJn2353KUFQMJsgpD9mA4P3%2B%2BV6hpjWms1z4EzwwCOyZw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7ccdc67d9cd40b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	ng.js Show response nordea.o-fi.eu/n/login/ng/	6 KB 2 KB	1088ms 1065ms	Script application/javascript	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea.o-fi.eu/n/login/ng/ng.js?v=646f54493716b Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c214695e0609b540ab0885b59787f76a0e0be8ccb2a333d8d2231ecae1825f4b` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:57 GMT content-encoding br cf-cache-status MISS last-modified Fri, 03 Sep 2021 04:19:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"16af-5cb0f99fd1000-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=883c1qMCpodhKGt3%2B3ivCiLUYUaxaRi7aqH2XPBpg92qv3LTLkMJnO7jeBteL0GCHidxsvdiEzYzRDeWwHiNlZgpqmfl3xmwmS51eXG2RWzGNjnt%2FtnsHbKV8oZmoU7JCw6KK%2F7XKm%2FpSxP6sg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7ccdc67e0d730b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	token.js Show response nordea.o-fi.eu/n/login/token/	1 KB 1 KB	1031ms 1008ms	Script application/javascript	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea.o-fi.eu/n/login/token/token.js?v=646f54493716c Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0b63703f04491785f7f55d1cf7bf2a2a79958125f3ccd1a2f050e1208195540a` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/a1b2c3/1038304989106c30551918fcf8f8c502/login/? User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:57 GMT content-encoding br cf-cache-status MISS last-modified Fri, 03 Sep 2021 04:19:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"536-5cb0f99fd1000-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DK1PBljFirnRNByGIHjRnOf1vjc8D4BXfOM7lf3hlFuZ9KHZO656ABSjCST5YxeUCnkUWK1%2BFGLOqoljAMj%2BAJmyWhIHdsbddvQkxxCkuUd0XJyT63Kw42Dxf%2FtP6gBeTycSWq%2BQGNfz5%2Bk4wg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7ccdc67e0d740b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	564d0ff0f3578b7128a458ef269b286a.jpg nordea.o-fi.eu/n/login/	276 B 276 B	1065ms 1052ms	Image text/html	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nordea.o-fi.eu/n/login/564d0ff0f3578b7128a458ef269b286a.jpg Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/login/styles-6af237f07b117508ecc428f538073c25.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1729c40c6326803f2c9d36952cb5f2cb5aea507c8336608c9e8657202404808c` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/n/login/styles-6af237f07b117508ecc428f538073c25.css User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:57 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6xkfYuZxueBAi3VAtDn%2F5t5CVNcPYmxnNj641rzpn%2BtLKMXout3w4aF665iho%2FRvpOOWoeLYT22731SfDf0oOcEpGWj%2FRWUb8m1clrJgfqujuKjVJeIkoNjTx0u8Zh2z32zOUxn2y5QyjL3YQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7ccdc67e7e1c0b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	7bc117ce8cbf2ce4b08a7ed17d16cf89.woff2 nordea.o-fi.eu/n/login/	26 KB 26 KB	1039ms 1039ms	Font application/octet-stream	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea.o-fi.eu/n/login/7bc117ce8cbf2ce4b08a7ed17d16cf89.woff2 Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/login/styles-6af237f07b117508ecc428f538073c25.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a93f6086756b2a2e94db8aaf795faab950a315cd9a8e32c5b0df707636dedfff` Request headers Referer https://nordea.o-fi.eu/n/login/styles-6af237f07b117508ecc428f538073c25.css Origin https://nordea.o-fi.eu accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:57 GMT cf-cache-status MISS last-modified Fri, 03 Sep 2021 04:19:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6734-5cb0f99fd1000" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rJpsoMUKsZSQr%2BijF61BAG8nw41Z82VDnUplqhU9rBM%2BXaBxh87UxdenA1qS6X2XLXa2lASWve23WAZ%2F%2FtE70f7oXZL5Xbfl8RvqoSGGZ6Tjc4bWdj7fdk5RpHkSErfs5bVXpSm9PW3E215XQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 accept-ranges bytes cf-ray 7ccdc67eeefc0b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 26420
GET H3	200	c233a817ad142919d728ebf4c8b3d54c.woff2 nordea.o-fi.eu/n/login/	26 KB 27 KB	1070ms 1070ms	Font application/octet-stream	2606:4700:3030::6815:31ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea.o-fi.eu/n/login/c233a817ad142919d728ebf4c8b3d54c.woff2 Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/login/styles-6af237f07b117508ecc428f538073c25.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:31ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `443bd1fde75a477eaae12ba7828c6cb67608e14bbda783027fca2540c3bb0b03` Request headers Referer https://nordea.o-fi.eu/n/login/styles-6af237f07b117508ecc428f538073c25.css Origin https://nordea.o-fi.eu accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Thu, 25 May 2023 12:27:57 GMT cf-cache-status MISS last-modified Fri, 03 Sep 2021 04:19:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6900-5cb0f99fd1000" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P15TcVpLWxENCrfDKcqQnvA%2FvUuwcuQBfxTbEqpNxaovhBxomigZ%2FJnbnUcVownsY9CfTJq5RxdaUwbv4uBqF4LwKfn6WLJJjXrsRhAvKGQCI7TG5wPvxbPwzeDcKq9bg%2BS5UFXCXb%2Bn8H8%2FoA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 accept-ranges bytes cf-ray 7ccdc67eeeff0b55-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 26880
GET H/1.1	200 OK	gate.php Show response xllx1.site/uadmin/	57 B 357 B	235ms 65ms	Script application/javascript	45.81.39.134
General Check archive.org Show headers Download Go to Full URL https://xllx1.site/uadmin/gate.php?pl=token&link=Nordea&bid=1038304989106c30551918fcf8f8c502&callback=jQuery32105508169322684158_1685017673865&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1685017673866 Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/bower_components/jquery/dist/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 45.81.39.134 -, , ASN (), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash `ec1031f62a801c930bd6ba6ea04eaae2248987c31c1cd1e1dbbd4c1d489d09a3` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/ User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers Date Thu, 25 May 2023 12:27:57 GMT Server Apache/2.4.29 (Ubuntu) Access-Control-Max-Age 1000 Access-Control-Allow-Methods POST Content-Type application/javascript Access-Control-Allow-Origin * Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 57
GET H/1.1	200 OK	gate.php Show response xllx1.site/uadmin/	57 B 357 B	232ms 64ms	Script application/javascript	45.81.39.134
General Check archive.org Show headers Download Go to Full URL https://xllx1.site/uadmin/gate.php?pl=token&link=Nordea&bid=1038304989106c30551918fcf8f8c502&callback=jQuery32105508169322684158_1685017673867&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1685017673868 Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/bower_components/jquery/dist/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 45.81.39.134 -, , ASN (), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash `f778d2c27402db0e6aae11633265e3b24290f2b34fe37fb7292f15a38604a254` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/ User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers Date Thu, 25 May 2023 12:27:57 GMT Server Apache/2.4.29 (Ubuntu) Access-Control-Max-Age 1000 Access-Control-Allow-Methods POST Content-Type application/javascript Access-Control-Allow-Origin * Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 57
GET H/1.1	200 OK	gate.php xllx1.site/uadmin/	57 B 356 B	62ms 62ms	Script application/javascript	45.81.39.134
General Check archive.org Show headers Download Go to Full URL https://xllx1.site/uadmin/gate.php?pl=token&link=Nordea&bid=1038304989106c30551918fcf8f8c502&callback=jQuery32105508169322684158_1685017673865&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1685017673869 Requested by Host: nordea.o-fi.eu URL: https://nordea.o-fi.eu/n/bower_components/jquery/dist/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 45.81.39.134 -, , ASN (), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea.o-fi.eu/ User-Agent Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers Date Thu, 25 May 2023 12:28:02 GMT Server Apache/2.4.29 (Ubuntu) Access-Control-Max-Age 1000 Access-Control-Allow-Methods POST Content-Type application/javascript Access-Control-Allow-Origin * Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 57

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nordea (Banking)

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nordea.o-fi.eu/n	1969-12-31 23:59:59	Name: real Value: OK
mol.is/	1969-12-31 23:59:59	Name: PHPSESSID Value: 269d15f44c3d3fd4e8c9630c55bb3021
mol.is/	1970-01-20 12:03:38	Name: short_382 Value: 1
nordea.o-fi.eu/	1970-01-20 12:46:49	Name: bid Value: 1038304989106c30551918fcf8f8c502

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://nordea.o-fi.eu/n/login/564d0ff0f3578b7128a458ef269b286a.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mol.is
nordea.o-fi.eu
xllx1.site
2606:4700:3030::6815:31ca
2606:4700:3033::ac43:a717
45.81.39.134
46.175.14.14
037024a96d014cbe884a9f81804ceadc25bd1e49d0d9018de09acddac997afbf
041a9e12d19dc2165f7e1435d6611f0a6efeba4d7375ca2bbb778364f9320561
0b63703f04491785f7f55d1cf7bf2a2a79958125f3ccd1a2f050e1208195540a
0ed07982724ee7ef18f9f353a14959b539b2515b76ad65dd52840afb298c257a
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
1729c40c6326803f2c9d36952cb5f2cb5aea507c8336608c9e8657202404808c
23c76e6a9df05e6f95e1384fbf5566300447cf8a2e658af4de19bb52c14eeadf
31c87dedf2d3a1bd2e2fa1e026abb9b3c32040d7ada2651b4a125bf8418fc2b5
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
3c268c23de2cdc03399f28e51ad14dbf933052ba513f9d85d466e38a67e7ebb1
406a11c423ffe3d6c6c94df7fbe6eaf6f49a70086e9f82bbfa0cad51fbd31ad8
443bd1fde75a477eaae12ba7828c6cb67608e14bbda783027fca2540c3bb0b03
4bb0667918cd4d97513a0d51d50ed3f3cf4d61ddb35f6319cde294149ebb79ae
6a2f967ab83a1b16b06c60bbbbbe901f1719b620718f43ee6b7a48d7578cee67
6c3bbbab182d097c3a57db37a6fc64da4065c65765816439f0b9c6104a3b0e97
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
907d66973b8a86469b449cbf61d1dd0e17df8cbdb894efb6ea47cae06cd67c3f
a30b67e102e644f091fd5736b8eb5f195f738422c6bfc706fd68af6073c6de26
a93f6086756b2a2e94db8aaf795faab950a315cd9a8e32c5b0df707636dedfff
ae466dc441f79395a1e2ea3606a82fbff018b7a37a9433f3734c1fd6d3599804
b88b6130e6d786e3793f9811c6ad215e23237c3875b1bd85330505dc8ff350f9
c214695e0609b540ab0885b59787f76a0e0be8ccb2a333d8d2231ecae1825f4b
d2184157425f030856ecbe5011c09f433f8fad99647405dcd28f8efd7f01715f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec1031f62a801c930bd6ba6ea04eaae2248987c31c1cd1e1dbbd4c1d489d09a3
f778d2c27402db0e6aae11633265e3b24290f2b34fe37fb7292f15a38604a254

nordea.o-fi.eu Open in urlscan Pro 2606:4700:3030::6815:31ca Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

100 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

202 kBTransfer

508 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nordea.o-fi.eu Open in urlscan Pro
2606:4700:3030::6815:31ca Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

202 kB
Transfer

508 kB
Size

4
Cookies

29 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!