urlscan.io logo urlscan.io
SecurityTrails logo

nordea.apurahat.net Open in urlscan Pro
81.22.246.157  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nordea.aspicore-asp.net/
Effective URL: https://nordea.apurahat.net/nordea/
Submission: On July 06 via manual from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 81.22.246.157, located in Espoo, Finland and belongs to MEDIAM-AS, FI. The main domain is nordea.apurahat.net.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on March 14th 2022. Valid for: a year.
This is the only time nordea.apurahat.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 136.243.167.88 24940 (HETZNER-AS)
2 7 81.22.246.157 39324 (MEDIAM-AS)
5 1
Apex Domain
Subdomains		 Transfer
7 apurahat.net
nordea.apurahat.net
218 KB
2 aspicore-asp.net
nordea.aspicore-asp.net
353 B
5 2
Domain Requested by
7 nordea.apurahat.net 2 redirects nordea.apurahat.net
2 nordea.aspicore-asp.net 2 redirects
5 2

This site contains links to these domains. Also see Links.

Domain
www.nordea.fi
www.nordeaprivatebanking.fi
ehrnrooth.apurahat.net
kivensaatio.apurahat.net
Subject Issuer Validity Valid
*.apurahat.net
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-14 -
2023-03-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://nordea.apurahat.net/nordea/
Frame ID: 4C9C20284746B651554AD23BB1217E77
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page URL History Show full URLs

  1. http://nordea.aspicore-asp.net/ HTTP 301
    https://nordea.aspicore-asp.net/ HTTP 301
    https://nordea.apurahat.net// HTTP 302
    https://nordea.apurahat.net/nordea HTTP 301
    https://nordea.apurahat.net/nordea/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <input[^>]+name="__VIEWSTATE

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

217 kB
Transfer

217 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nordea.aspicore-asp.net/ HTTP 301
    https://nordea.aspicore-asp.net/ HTTP 301
    https://nordea.apurahat.net// HTTP 302
    https://nordea.apurahat.net/nordea HTTP 301
    https://nordea.apurahat.net/nordea/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nordea.apurahat.net/nordea/
Redirect Chain
  • http://nordea.aspicore-asp.net/
  • https://nordea.aspicore-asp.net/
  • https://nordea.apurahat.net//
  • https://nordea.apurahat.net/nordea
  • https://nordea.apurahat.net/nordea/
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nordea.apurahat.net/nordea/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.22.246.157 Espoo, Finland, ASN39324 (MEDIAM-AS, FI),
Reverse DNS
srv-g157.esp.mediateam.fi
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
06a08f2bbd278bb8ffcf09c1ce2fb6b68b494cbb0dbbd820421f18f5ae674622
Security Headers
Name Value
Content-Security-Policy default-src 'self' http://www.google.com data: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
private
content-length
3198
content-security-policy
default-src 'self' http://www.google.com data: 'unsafe-inline' 'unsafe-eval';
content-type
text/html; charset=utf-8
date
Wed, 06 Jul 2022 06:47:44 GMT
referrer-policy
same-origin
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000
x-aspnet-version
4.0.30319
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

content-length
158
content-security-policy
default-src 'self' http://www.google.com data: 'unsafe-inline' 'unsafe-eval';
content-type
text/html; charset=UTF-8
date
Wed, 06 Jul 2022 06:47:44 GMT
location
https://nordea.apurahat.net/nordea/
referrer-policy
same-origin
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
Styles.css
nordea.apurahat.net/nordea/style/ 		31 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nordea.apurahat.net/nordea/style/Styles.css
Requested by
Host: nordea.apurahat.net
URL: https://nordea.apurahat.net/nordea/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.22.246.157 Espoo, Finland, ASN39324 (MEDIAM-AS, FI),
Reverse DNS
srv-g157.esp.mediateam.fi
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
eb2c87d43e9c79468bd8f19dfa3be420074db76b1ec740181e3a7618e5a0943f
Security Headers
Name Value
Content-Security-Policy default-src 'self' http://www.google.com data: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://nordea.apurahat.net/nordea/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src 'self' http://www.google.com data: 'unsafe-inline' 'unsafe-eval';
referrer-policy
same-origin
last-modified
Thu, 20 Dec 2018 09:05:53 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
date
Wed, 06 Jul 2022 06:47:44 GMT
etag
"cad817364398d41:0"
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
32163
x-content-type-options
nosniff
logo.gif
nordea.apurahat.net/nordea/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordea.apurahat.net/nordea/images/logo.gif
Requested by
Host: nordea.apurahat.net
URL: https://nordea.apurahat.net/nordea/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.22.246.157 Espoo, Finland, ASN39324 (MEDIAM-AS, FI),
Reverse DNS
srv-g157.esp.mediateam.fi
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3c26528003ddd7adaceead764b326f3550cbfe3205c5fe0a2fc65437e4a03b0e
Security Headers
Name Value
Content-Security-Policy default-src 'self' http://www.google.com data: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://nordea.apurahat.net/nordea/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src 'self' http://www.google.com data: 'unsafe-inline' 'unsafe-eval';
referrer-policy
same-origin
last-modified
Thu, 20 Dec 2018 09:05:47 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/gif
x-xss-protection
1; mode=block
date
Wed, 06 Jul 2022 06:47:44 GMT
etag
"e81250324398d41:0"
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1694
x-content-type-options
nosniff
PBLogo.gif
nordea.apurahat.net/nordea/images/ 		684 B
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordea.apurahat.net/nordea/images/PBLogo.gif
Requested by
Host: nordea.apurahat.net
URL: https://nordea.apurahat.net/nordea/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.22.246.157 Espoo, Finland, ASN39324 (MEDIAM-AS, FI),
Reverse DNS
srv-g157.esp.mediateam.fi
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c61c9bd9f1a8ec114756bf240e53be0f7abefcafc6e8042f59d26b83a50425d7
Security Headers
Name Value
Content-Security-Policy default-src 'self' http://www.google.com data: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://nordea.apurahat.net/nordea/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src 'self' http://www.google.com data: 'unsafe-inline' 'unsafe-eval';
referrer-policy
same-origin
last-modified
Thu, 20 Dec 2018 09:05:47 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/gif
x-xss-protection
1; mode=block
date
Wed, 06 Jul 2022 06:47:44 GMT
etag
"3a5762324398d41:0"
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
684
x-content-type-options
nosniff
launch_logo.jpg
nordea.apurahat.net/nordea/images/ 		180 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordea.apurahat.net/nordea/images/launch_logo.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.22.246.157 Espoo, Finland, ASN39324 (MEDIAM-AS, FI),
Reverse DNS
srv-g157.esp.mediateam.fi
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fd2927ca0312fae54a4959f7dd898d33bc84fc201fdbb78d31be05f521a2e78e
Security Headers
Name Value
Content-Security-Policy default-src 'self' http://www.google.com data: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://nordea.apurahat.net/nordea/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src 'self' http://www.google.com data: 'unsafe-inline' 'unsafe-eval';
referrer-policy
same-origin
last-modified
Thu, 20 Dec 2018 09:05:47 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-xss-protection
1; mode=block
date
Wed, 06 Jul 2022 06:47:44 GMT
etag
"558252324398d41:0"
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
184175
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

1 Cookies

Domain/Path Name / Value
nordea.apurahat.net/ Name: APURAHA-NORDEA.ASP.NET_SessionId
Value: v5b4vttf2n4sicnvn5hypugj

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' http://www.google.com data: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block