slbv.se Open in urlscan Pro
93.188.2.53 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://forvaltningsstiftelsen.se/h
Effective URL:
https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86
Submission: On April 12 via manual (April 12th 2023, 2:28:24 pm UTC) from NO — Scanned from NO

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 24 HTTP transactions. The main IP is 93.188.2.53, located in Sweden and belongs to LOOPIA, SE. The main domain is slbv.se.
TLS certificate: Issued by R3 on March 12th 2023. Valid for: 3 months.

This is the only time slbv.se was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DNB (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2 2	77.111.241.103 77.111.241.103	51468 (ONECOM) (ONECOM)
5 29	93.188.2.53 93.188.2.53	39570 (LOOPIA) (LOOPIA)
24	2

2 77.111.241.103 (Denmark) 2 redirects

ASN51468 (ONECOM, DK)
PTR: webcluster2.wordpresspod2-cph3.one.com

forvaltningsstiftelsen.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 93.188.2.53 (Sweden) 5 redirects

ASN39570 (LOOPIA, SE)
PTR: webfront3.webcluster.loopia.se

slbv.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	slbv.se 5 redirects slbv.se	249 KB
2	forvaltningsstiftelsen.se 2 redirects forvaltningsstiftelsen.se	461 B
24	2

	Domain	Requested by
29	slbv.se	5 redirects slbv.se
2	forvaltningsstiftelsen.se	2 redirects
24	2

This site contains no links.

Subject Issuer	Validity	Valid
slbv.se R3	`2023-03-12` - `2023-06-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86
Frame ID: 5303699A8196F3DEE6B19CD71D1B4DDF
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kredittkort - DNB

Page URL History Show full URLs

https://forvaltningsstiftelsen.se/h HTTP 301
https://forvaltningsstiftelsen.se/h/ HTTP 302
https://slbv.se/dnb/?791690629b30fdfd7ad82a3e5cb83925 HTTP 302
https://slbv.se/dnb/rv?=&298cf492466029451a8719d1325932f8 HTTP 301
http://slbv.se/dnb/rv/?=&298cf492466029451a8719d1325932f8 HTTP 301
https://slbv.se/dnb/rv/?=&298cf492466029451a8719d1325932f8 HTTP 302
https://slbv.se/dnb/rv/ldn1.php?2c625a5d4eb156345ffb0d9c8bd6c64f Page URL
https://slbv.se/dnb/rv/rd1.php HTTP 302
https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

24
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

249 kB
Transfer

734 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://forvaltningsstiftelsen.se/h HTTP 301
https://forvaltningsstiftelsen.se/h/ HTTP 302
https://slbv.se/dnb/?791690629b30fdfd7ad82a3e5cb83925 HTTP 302
https://slbv.se/dnb/rv?=&298cf492466029451a8719d1325932f8 HTTP 301
http://slbv.se/dnb/rv/?=&298cf492466029451a8719d1325932f8 HTTP 301
https://slbv.se/dnb/rv/?=&298cf492466029451a8719d1325932f8 HTTP 302
https://slbv.se/dnb/rv/ldn1.php?2c625a5d4eb156345ffb0d9c8bd6c64f Page URL
https://slbv.se/dnb/rv/rd1.php HTTP 302
https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://forvaltningsstiftelsen.se/h HTTP 301
https://forvaltningsstiftelsen.se/h/ HTTP 302
https://slbv.se/dnb/?791690629b30fdfd7ad82a3e5cb83925 HTTP 302
https://slbv.se/dnb/rv?=&298cf492466029451a8719d1325932f8 HTTP 301
http://slbv.se/dnb/rv/?=&298cf492466029451a8719d1325932f8 HTTP 301
https://slbv.se/dnb/rv/?=&298cf492466029451a8719d1325932f8 HTTP 302
https://slbv.se/dnb/rv/ldn1.php?2c625a5d4eb156345ffb0d9c8bd6c64f

24 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	ldn1.php Show response slbv.se/dnb/rv/ Redirect Chain https://forvaltningsstiftelsen.se/h https://forvaltningsstiftelsen.se/h/ https://slbv.se/dnb/?791690629b30fdfd7ad82a3e5cb83925 https://slbv.se/dnb/rv?=&298cf492466029451a8719d1325932f8 http://slbv.se/dnb/rv/?=&298cf492466029451a8719d1325932f8 https://slbv.se/dnb/rv/?=&298cf492466029451a8719d1325932f8 https://slbv.se/dnb/rv/ldn1.php?2c625a5d4eb156345ffb0d9c8bd6c64f	2 KB 1 KB	60ms 60ms	Document text/html	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Full URL https://slbv.se/dnb/rv/ldn1.php?2c625a5d4eb156345ffb0d9c8bd6c64f Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / PHP/8.1.13 Resource Hash `a81dd78ab8e002d1eb4f0ecb557bedd52deb206304e8c9f1939f035226f93f16` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language no-NO,no;q=0.9 Response headers content-encoding br content-type text/html; charset=UTF-8 date Wed, 12 Apr 2023 14:28:20 GMT server nginx vary Accept-Encoding x-loopia-node 172.22.223.76 x-powered-by PHP/8.1.13 Redirect headers content-length 0 content-type text/html; charset=UTF-8 date Wed, 12 Apr 2023 14:28:20 GMT location ./ldn1.php?2c625a5d4eb156345ffb0d9c8bd6c64f server nginx x-loopia-node 172.22.223.76 x-powered-by PHP/8.1.13
GET H2	200	bid_202208220130.css slbv.se/dnb/rv/index_fichiers/	131 KB 23 KB	110ms 110ms	Stylesheet text/css	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Full URL https://slbv.se/dnb/rv/index_fichiers/bid_202208220130.css Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/ldn1.php?2c625a5d4eb156345ffb0d9c8bd6c64f Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `b7172d740e1c8d9e1f955ffdc9c597ac4e6b9b96a15218a434a8c40146cd15ca` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/ldn1.php?2c625a5d4eb156345ffb0d9c8bd6c64f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:20 GMT content-encoding br last-modified Fri, 24 Feb 2023 18:19:44 GMT server nginx etag W/"20cf5-5f5762c6f7000" vary Accept-Encoding content-type text/css x-loopia-node 172.22.223.76
GET DATA	200 OK	truncated /	366 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `bc795cf00117d34096de8876731329301cb631c7cc5b33cd34d56ec87b917822` Request headers accept-language no-NO,no;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	Primary Request kertso.php Show response slbv.se/dnb/rv/ Redirect Chain https://slbv.se/dnb/rv/rd1.php https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86	12 KB 4 KB	63ms 62ms	Document text/html	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Full URL https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / PHP/8.1.13 Resource Hash `0adddac41be895c886770fd6d108247e7990f8233c795f04c80572cd49f6c06c` Request headers Referer https://slbv.se/dnb/rv/ldn1.php?2c625a5d4eb156345ffb0d9c8bd6c64f Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language no-NO,no;q=0.9 Response headers content-encoding br content-type text/html; charset=UTF-8 date Wed, 12 Apr 2023 14:28:23 GMT server nginx vary Accept-Encoding x-loopia-node 172.22.223.76 x-powered-by PHP/8.1.13 Redirect headers content-length 0 content-type text/html; charset=UTF-8 date Wed, 12 Apr 2023 14:28:23 GMT location ./kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 server nginx x-loopia-node 172.22.223.76 x-powered-by PHP/8.1.13
GET H2	200	cssLibrary_2014q2.css slbv.se/dnb/rv/index_fichiers/	90 KB 20 KB	65ms 60ms	Stylesheet text/css	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Full URL https://slbv.se/dnb/rv/index_fichiers/cssLibrary_2014q2.css Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `5f9077324653045e5bbbdb6eea61c37df5c398cc2debe992a79078a90ffa7b06` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:23 GMT content-encoding br last-modified Wed, 22 Mar 2023 21:22:46 GMT server nginx etag W/"16682-5f783c2e33580" vary Accept-Encoding content-type text/css x-loopia-node 172.22.223.76
GET H2	200	iphone.css slbv.se/dnb/rv/index_fichiers/	199 KB 34 KB	114ms 108ms	Stylesheet text/css	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Full URL https://slbv.se/dnb/rv/index_fichiers/iphone.css Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `037e578ec1a56d3e7dc31410ec07ecbd90c49892883d34cff52d0059a6d26c6a` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:23 GMT content-encoding br last-modified Wed, 22 Mar 2023 14:58:44 GMT server nginx etag W/"31c21-5f77e657a3100" vary Accept-Encoding content-type text/css x-loopia-node 172.22.223.76
GET H2	200	mdnb.css slbv.se/dnb/rv/index_fichiers/	55 KB 11 KB	113ms 109ms	Stylesheet text/css	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Full URL https://slbv.se/dnb/rv/index_fichiers/mdnb.css Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `e69105f8fde93d6ef6833c3e546a76099e99b049895e9d57a7eb8adac0b73ffd` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:23 GMT content-encoding br last-modified Wed, 22 Mar 2023 14:27:38 GMT server nginx etag W/"db69-5f77df6414a80" vary Accept-Encoding content-type text/css x-loopia-node 172.22.223.76
GET H2	200	style_mob_login_20130525.css slbv.se/dnb/rv/index_fichiers/	2 KB 898 B	165ms 161ms	Stylesheet text/css	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Full URL https://slbv.se/dnb/rv/index_fichiers/style_mob_login_20130525.css Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `cf3e87518a9534e93bbdc2cc7ac7caece8c9daafbb02e6d804640c2707d7190c` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:23 GMT content-encoding br last-modified Wed, 22 Mar 2023 22:08:36 GMT server nginx etag W/"7b2-5f78466cce100" vary Accept-Encoding content-type text/css x-loopia-node 172.22.223.76
GET H2	200	imask.min.js Show response slbv.se/dnb/rv/js/	45 KB 16 KB	168ms 164ms	Script application/javascript	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Full URL https://slbv.se/dnb/rv/js/imask.min.js Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `03990a41a168d5868c1d5a8a810529247506b2e0e3c0621643398002e96661e9` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:23 GMT content-encoding br last-modified Fri, 30 Dec 2022 20:07:14 GMT server nginx etag W/"b219-5f11125c5a080" vary Accept-Encoding content-type application/javascript x-loopia-node 172.22.223.76
GET H2	200	script.js Show response slbv.se/dnb/rv/js/	96 KB 34 KB	212ms 209ms	Script application/javascript	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Full URL https://slbv.se/dnb/rv/js/script.js Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `4b29570ccd4eb182097a77750e4594c53b889aa7c606ffa0da191ea0bcc82fea` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:23 GMT content-encoding br last-modified Thu, 06 Aug 2020 05:02:12 GMT server nginx etag W/"17e3b-5ac2e64225d00" vary Accept-Encoding content-type application/javascript x-loopia-node 172.22.223.76
GET H2	200	steg.1_rod.gif slbv.se/dnb/rv/index_fichiers/	13 KB 13 KB	60ms 59ms	Image image/gif	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://slbv.se/dnb/rv/index_fichiers/steg.1_rod.gif Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `b867f3c8a228543b699b4bdefb0009273a9aed1acea3447ba172b0dfd7023d1f` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:23 GMT last-modified Wed, 22 Mar 2023 16:24:00 GMT server nginx etag "3477-5f77f966a2800" content-type image/gif x-loopia-node 172.22.223.76 accept-ranges bytes content-length 13431
GET H2	200	steg.2.gif slbv.se/dnb/rv/index_fichiers/	13 KB 13 KB	58ms 57ms	Image image/gif	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://slbv.se/dnb/rv/index_fichiers/steg.2.gif Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `10b58c8420120b059d8c7b2fbb26c324a397987cad31e144982a0c762d9d5c08` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:23 GMT last-modified Wed, 22 Mar 2023 16:26:36 GMT server nginx etag "348b-5f77f9fb68700" content-type image/gif x-loopia-node 172.22.223.76 accept-ranges bytes content-length 13451
GET H2	200	steg.3.gif slbv.se/dnb/rv/index_fichiers/	13 KB 13 KB	58ms 58ms	Image image/gif	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://slbv.se/dnb/rv/index_fichiers/steg.3.gif Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `85a578e072759618e03e0286ee09072b52e9497b59ebcfcc5c03284cea252b9e` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:23 GMT last-modified Wed, 22 Mar 2023 16:26:58 GMT server nginx etag "348c-5f77fa1063880" content-type image/gif x-loopia-node 172.22.223.76 accept-ranges bytes content-length 13452
GET H2	200	iconBack.png slbv.se/dnb/rv/index_fichiers/	833 B 989 B	59ms 58ms	Image image/png	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://slbv.se/dnb/rv/index_fichiers/iconBack.png Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/index_fichiers/iphone.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `c8063bc3284ec079d3e74bd95c35ee1180b33385c65719cfe02042518b86f4ce` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/index_fichiers/iphone.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:23 GMT last-modified Wed, 22 Mar 2023 14:54:48 GMT server nginx etag "341-5f77e57691e00" content-type image/png x-loopia-node 172.22.223.76 accept-ranges bytes content-length 833
GET H2	200	iconDNBLogo.png slbv.se/dnb/rv/index_fichiers/	2 KB 2 KB	60ms 58ms	Image image/png	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://slbv.se/dnb/rv/index_fichiers/iconDNBLogo.png Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/index_fichiers/iphone.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `4911b3cfbbf5f21221a404753053284d32f9f8e7014c9de1a42accffb6d9965b` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/index_fichiers/iphone.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:23 GMT last-modified Sun, 19 Mar 2023 22:51:54 GMT server nginx etag "728-5f748a8211680" content-type image/png x-loopia-node 172.22.223.76 accept-ranges bytes content-length 1832
GET H2	200	iconMenu.png slbv.se/dnb/rv/index_fichiers/	443 B 599 B	58ms 56ms	Image image/png	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://slbv.se/dnb/rv/index_fichiers/iconMenu.png Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/index_fichiers/iphone.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `333b27ae8653ef842b6933ccf006856e15fdf8b1d389cb468682ad991beaa40c` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/index_fichiers/iphone.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:23 GMT last-modified Sun, 19 Mar 2023 22:52:44 GMT server nginx etag "1bb-5f748ab1c0700" content-type image/png x-loopia-node 172.22.223.76 accept-ranges bytes content-length 443
GET H2	200	wf.topMiddle.gif slbv.se/dnb/rv/index_fichiers/	157 B 313 B	61ms 60ms	Image image/gif	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://slbv.se/dnb/rv/index_fichiers/wf.topMiddle.gif Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `1d102e897e9d9c8c225674cf65c8f45c3812ff5870fcbfe59d7b6a272719c053` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:23 GMT last-modified Wed, 22 Mar 2023 16:20:14 GMT server nginx etag "9d-5f77f88f1ab80" content-type image/gif x-loopia-node 172.22.223.76 accept-ranges bytes content-length 157
GET H2	200	wf.topLeft.gif slbv.se/dnb/rv/index_fichiers/	419 B 575 B	62ms 60ms	Image image/gif	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://slbv.se/dnb/rv/index_fichiers/wf.topLeft.gif Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `d9c8330495b40fd3de84328667adb4a40231a0d78a870bfba50ddfab7bd90e40` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:23 GMT last-modified Wed, 22 Mar 2023 16:21:04 GMT server nginx etag "1a3-5f77f8bec9c00" content-type image/gif x-loopia-node 172.22.223.76 accept-ranges bytes content-length 419
GET H2	200	wf.topRight.gif slbv.se/dnb/rv/index_fichiers/	419 B 575 B	62ms 61ms	Image image/gif	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://slbv.se/dnb/rv/index_fichiers/wf.topRight.gif Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `450970a2b64848fcd09d3ea26e0163f09b79ee1a24633c210a2571c0a76b2b49` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:23 GMT last-modified Wed, 22 Mar 2023 16:22:14 GMT server nginx etag "1a3-5f77f9018b980" content-type image/gif x-loopia-node 172.22.223.76 accept-ranges bytes content-length 419
GET H2	200	wf.ProcessArrow.gif slbv.se/dnb/rv/index_fichiers/	909 B 1 KB	60ms 59ms	Image image/gif	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://slbv.se/dnb/rv/index_fichiers/wf.ProcessArrow.gif Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `c532f1cd228e089c0ea8834eef7b78c616f5dbe4c16c019aaffe914a7b6fecd7` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:23 GMT last-modified Wed, 22 Mar 2023 16:23:20 GMT server nginx etag "38d-5f77f9407ce00" content-type image/gif x-loopia-node 172.22.223.76 accept-ranges bytes content-length 909
GET H2	200	s.svg slbv.se/dnb/rv/index_fichiers/	1002 B 587 B	62ms 61ms	Image image/svg+xml	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://slbv.se/dnb/rv/index_fichiers/s.svg Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `1d27415d9753198d78522950652dc62d6dd68903c9b52ac30fa6531e95293f08` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/kertso.php?a46c3fa3db92f1d7c6b421efe6b33c86 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:23 GMT content-encoding br last-modified Wed, 01 Mar 2023 18:42:42 GMT server nginx etag W/"3ea-5f5db13c6ec80" vary Accept-Encoding content-type image/svg+xml x-loopia-node 172.22.223.76
GET H2	200	cns.png slbv.se/dnb/rv/index_fichiers/	1 KB 1 KB	60ms 59ms	Image image/png	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://slbv.se/dnb/rv/index_fichiers/cns.png Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/index_fichiers/style_mob_login_20130525.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `b80399d39fc6c2c3b996bc06648309123adf8c268f74806a325c550db59de378` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/index_fichiers/style_mob_login_20130525.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:23 GMT last-modified Sun, 19 Mar 2023 22:54:48 GMT server nginx etag "48b-5f748b2801e00" content-type image/png x-loopia-node 172.22.223.76 accept-ranges bytes content-length 1163
GET H2	200	iconMessage.png slbv.se/dnb/rv/index_fichiers/	677 B 833 B	82ms 81ms	Image image/png	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://slbv.se/dnb/rv/index_fichiers/iconMessage.png Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/index_fichiers/mdnb.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `6f58242619211232dcb9d16e458316e9f2f83b9aabf448330e9231a7f1a2c8de` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/index_fichiers/mdnb.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:23 GMT last-modified Wed, 22 Mar 2023 14:26:28 GMT server nginx etag "2a5-5f77df2152d00" content-type image/png x-loopia-node 172.22.223.76 accept-ranges bytes content-length 677
GET H2	404	application_footer_shadow.png slbv.se/portalfront/dnb_mob/images/	298 B 298 B	79ms 79ms	Image text/html	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://slbv.se/portalfront/dnb_mob/images/application_footer_shadow.png Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/index_fichiers/iphone.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `895ae1cf054d108ea31220109fa335b27dfdde0d558a9e1d5b640cbede816a79` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/index_fichiers/iphone.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:23 GMT content-encoding br server nginx x-loopia-node 172.22.223.76 vary Accept-Encoding content-type text/html; charset=iso-8859-1
GET H2	200	flags.png slbv.se/dnb/rv/index_fichiers/	56 KB 57 KB	80ms 80ms	Image image/png	93.188.2.53 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://slbv.se/dnb/rv/index_fichiers/flags.png Requested by Host: slbv.se URL: https://slbv.se/dnb/rv/index_fichiers/mdnb.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.188.2.53 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS webfront3.webcluster.loopia.se Software nginx / Resource Hash `6e2bbaf2dddfe04e741748358a71f6897d97ba5a6702d9478d955ab682b8c553` Request headers accept-language no-NO,no;q=0.9 Referer https://slbv.se/dnb/rv/index_fichiers/mdnb.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 12 Apr 2023 14:28:23 GMT last-modified Sun, 19 Mar 2023 22:53:32 GMT server nginx etag "e13f-5f748adf87300" content-type image/png x-loopia-node 172.22.223.76 accept-ranges bytes content-length 57663

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DNB (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| __core-js_shared__ object| core function| IMask

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			slbv.se/	1969-12-31 23:59:59	Name: PHPSESSID Value: f14cb1676296c0e6fae49df231694a44

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://slbv.se/portalfront/dnb_mob/images/application_footer_shadow.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

forvaltningsstiftelsen.se
slbv.se
77.111.241.103
93.188.2.53
037e578ec1a56d3e7dc31410ec07ecbd90c49892883d34cff52d0059a6d26c6a
03990a41a168d5868c1d5a8a810529247506b2e0e3c0621643398002e96661e9
0adddac41be895c886770fd6d108247e7990f8233c795f04c80572cd49f6c06c
10b58c8420120b059d8c7b2fbb26c324a397987cad31e144982a0c762d9d5c08
1d102e897e9d9c8c225674cf65c8f45c3812ff5870fcbfe59d7b6a272719c053
1d27415d9753198d78522950652dc62d6dd68903c9b52ac30fa6531e95293f08
333b27ae8653ef842b6933ccf006856e15fdf8b1d389cb468682ad991beaa40c
450970a2b64848fcd09d3ea26e0163f09b79ee1a24633c210a2571c0a76b2b49
4911b3cfbbf5f21221a404753053284d32f9f8e7014c9de1a42accffb6d9965b
4b29570ccd4eb182097a77750e4594c53b889aa7c606ffa0da191ea0bcc82fea
5f9077324653045e5bbbdb6eea61c37df5c398cc2debe992a79078a90ffa7b06
6e2bbaf2dddfe04e741748358a71f6897d97ba5a6702d9478d955ab682b8c553
6f58242619211232dcb9d16e458316e9f2f83b9aabf448330e9231a7f1a2c8de
85a578e072759618e03e0286ee09072b52e9497b59ebcfcc5c03284cea252b9e
895ae1cf054d108ea31220109fa335b27dfdde0d558a9e1d5b640cbede816a79
a81dd78ab8e002d1eb4f0ecb557bedd52deb206304e8c9f1939f035226f93f16
b7172d740e1c8d9e1f955ffdc9c597ac4e6b9b96a15218a434a8c40146cd15ca
b80399d39fc6c2c3b996bc06648309123adf8c268f74806a325c550db59de378
b867f3c8a228543b699b4bdefb0009273a9aed1acea3447ba172b0dfd7023d1f
bc795cf00117d34096de8876731329301cb631c7cc5b33cd34d56ec87b917822
c532f1cd228e089c0ea8834eef7b78c616f5dbe4c16c019aaffe914a7b6fecd7
c8063bc3284ec079d3e74bd95c35ee1180b33385c65719cfe02042518b86f4ce
cf3e87518a9534e93bbdc2cc7ac7caece8c9daafbb02e6d804640c2707d7190c
d9c8330495b40fd3de84328667adb4a40231a0d78a870bfba50ddfab7bd90e40
e69105f8fde93d6ef6833c3e546a76099e99b049895e9d57a7eb8adac0b73ffd

slbv.se Open in urlscan Pro 93.188.2.53 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

249 kBTransfer

734 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

slbv.se Open in urlscan Pro
93.188.2.53 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

249 kB
Transfer

734 kB
Size

1
Cookies

24 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!