sikker-konto.com
Open in
urlscan Pro
82.180.175.77
Malicious Activity!
Public Scan
Submission: On September 02 via manual from NO — Scanned from NO
Summary
TLS certificate: Issued by R3 on September 1st 2022. Valid for: 3 months.
This is the only time sikker-konto.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Nordea (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
26 | 82.180.175.77 82.180.175.77 | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
1 | 23.36.163.243 23.36.163.243 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
27 | 2 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-243.deploy.static.akamaitechnologies.com
www.nordea.no |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
sikker-konto.com
sikker-konto.com |
221 KB |
1 |
nordea.no
www.nordea.no |
240 B |
27 | 2 |
Domain | Requested by | |
---|---|---|
26 | sikker-konto.com |
sikker-konto.com
|
1 | www.nordea.no |
sikker-konto.com
|
27 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.nordea.no |
nettbanken.nordea.no |
nordea.no |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sikker-konto.com R3 |
2022-09-01 - 2022-11-30 |
3 months | crt.sh |
nordea.fi Entrust Certification Authority - L1M |
2022-02-16 - 2023-03-15 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://sikker-konto.com/pages/?p=index&resend
Frame ID: A0BB8D3EEC21B54AB50BC7E8709FD568
Requests: 27 HTTP requests in this frame
5 Outgoing links
These are links going to different origins than the main page.
Title: Finn hjelp om BankID og Nordea ID
Search URL Search Domain Scan URL
Title: Glemt BankID-passordet?
Search URL Search Domain Scan URL
Title: Bli kunde
Search URL Search Domain Scan URL
Title: Last ned Nordea ID-appen
Search URL Search Domain Scan URL
Title: Les mer om BankID på mobil
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
sikker-konto.com/pages/ |
42 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles-8c1e98528fc76c70b90223dafb85c78d.css
sikker-konto.com/front_end/front_end_files/ |
36 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
sikker-konto.com/js/cntdjs/ |
87 KB 29 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.js
sikker-konto.com/js/cntdjs/ |
23 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cntd.js
sikker-konto.com/js/cntdjs/ |
3 KB 947 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.js
sikker-konto.com/js/shared/ |
2 KB 724 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
online_status.js
sikker-konto.com/js/shared/ |
998 B 468 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bankidno-4ea331ae4c5bc3a12e6cf8340862d4c0.svg
sikker-konto.com/front_end/front_end_files/ |
3 KB 1017 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bankidnomobile-8bd2f3c1665c6c00eff2af6bd153e9f6.svg
sikker-konto.com/front_end/front_end_files/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
codes_app-a89defc476c5ea3f806b6f5360157e81.svg
sikker-konto.com/front_end/front_end_files/ |
1 KB 763 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
technical-error-91ca9eec9eed6ed945355d650bb10d41.svg
sikker-konto.com/front_end/front_end_files/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg
sikker-konto.com/front_end/front_end_files/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg
sikker-konto.com/front_end/front_end_files/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
no-connection-83f79e2367a313b468986e12a237c346.svg
sikker-konto.com/front_end/front_end_files/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
empty-3857ebe69f653487f8c9d99adde4657f.svg
sikker-konto.com/front_end/front_end_files/ |
2 KB 692 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg
sikker-konto.com/front_end/front_end_files/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts-4b5607fdadcce9c7feffef4b2cb6007d.js.download
sikker-konto.com/front_end/front_end_files/ |
124 KB 24 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
564d0ff0f3578b7128a4-b7a1feddcbbebce5f93166d4e2765fff.jpg
sikker-konto.com/front_end/front_end_files/ |
67 KB 67 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aa1ee103968475b48934-3a4d9a8b6adf39716f28af71fc9b030a.woff
sikker-konto.com/front_end/front_end_files/ |
30 KB 31 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b90f1e1b93f3b23dd79e-11eca7aa5a85ec0c6cc3deba794b264e.woff
sikker-konto.com/front_end/front_end_files/ |
31 KB 31 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getMessage
www.nordea.no/wemapp/api/ |
11 B 240 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
technical-error-91ca9eec9eed6ed945355d650bb10d41.svg
sikker-konto.com/assets/images/ |
0 174 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg
sikker-konto.com/assets/images/ |
0 60 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg
sikker-konto.com/assets/images/ |
0 28 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
no-connection-83f79e2367a313b468986e12a237c346.svg
sikker-konto.com/assets/images/ |
0 28 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
empty-3857ebe69f653487f8c9d99adde4657f.svg
sikker-konto.com/assets/images/ |
0 28 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg
sikker-konto.com/assets/images/ |
0 28 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Nordea (Banking)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| safeLog string| urlroot string| uniqueid function| $ function| jQuery object| controller string| url function| hide_inputs function| enable_bankid function| enable_bankid_mobile object| App1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sikker-konto.com/ | Name: PHPSESSID Value: bd12fb7e14b5fdaf5bac2f993fe660cc |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
sikker-konto.com
www.nordea.no
23.36.163.243
82.180.175.77
037024a96d014cbe884a9f81804ceadc25bd1e49d0d9018de09acddac997afbf
21a2a17b532837aeafeb95de9f252bfec714028517f79fb4143845ca4d23353c
3776b3d7301ce1088468281aa330e191bf29b1b62301ef39f2ee0952712e2084
3fc2607b1e133fb89affeca8fa96db25e9af2fa9d2f7960d2a9602df9e96ef72
4bdc871a71df801aa86926434d6fbed9744ec4757af4e9d6d40978724ea59134
4f98589b5ad297e797fc12ed5b90a5e9244a17dbc34c5cee66e01ae8c1455d2c
5b056148977cddad1d04190e8588f71549f5fbce2c8504fd0a52699a451896ca
742f4ac7148ead577b274c9d2ee2d5b6a4916bcfcf483d7a0c1d75bae8fe1261
836393ac52708bd75b2e1c88defb51faa58f0fdfa374d57d2529e0a6554882ff
8a22f5ea2bc34877a3334b91210c881523678eec1e915cf6a4ee261ba58121b1
8e983af3546212ed1e62b9c26c00f0f3a4c6fa7c17c9b852cd2910f8b425f8d3
8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
a386a6170805a64ba2e46bcc37c79500b5207bd708b0d1da83cbcbc483e64cb7
b88b6130e6d786e3793f9811c6ad215e23237c3875b1bd85330505dc8ff350f9
b975a20ac8501dbf7abed0f091ee6ee09078bb7875db3c9075c8019482faea70
d690ce1d3a1304fff86d11c4f38ad540da84949d881ea0c04b49bcc0f13483e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64e9d464beb9fe2717cd8bd8d093bb04d570f08a15c65f14533733904e12be7
f2fd0674eda1fdeeea15fb69e66bf576338f80bca46fa1291ce24ffb6473470a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff28a732b1fc6a547797b7a9a7c29025ae41b74cc5e208232418d9c41fb43c44