nordea-banking.eu Open in urlscan Pro
2606:4700:3034::6815:2503 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.ly/Nordea
Effective URL:
https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/
Submission: On July 11 via manual (July 11th 2022, 7:45:52 am UTC) from DK — Scanned from FI

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3034::6815:2503, located in United States and belongs to CLOUDFLARENET, US. The main domain is nordea-banking.eu.
TLS certificate: Issued by GTS CA 1P5 on July 9th 2022. Valid for: 3 months.

This is the only time nordea-banking.eu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nordea (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::6815:1a62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 23	2606:4700:303... 2606:4700:3034::6815:2503	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2

1 2606:4700:3033::6815:1a62 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:3034::6815:2503 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

nordea-banking.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	nordea-banking.eu 3 redirects nordea-banking.eu	147 KB
1	t.ly 1 redirects t.ly — Cisco Umbrella Rank: 235185	1 KB
25	2

	Domain	Requested by
23	nordea-banking.eu	3 redirects nordea-banking.eu
1	t.ly	1 redirects
25	2

This site contains no links.

Subject Issuer	Validity	Valid
*.nordea-banking.eu GTS CA 1P5	`2022-07-09` - `2022-10-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/
Frame ID: 4368C50D74A159318E0C7D1A1917E09B
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.ly/Nordea HTTP 301
https://nordea-banking.eu/n/ Page URL
https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3 HTTP 301
http://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/ HTTP 301
https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/ HTTP 302
https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/ Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

80 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

146 kB
Transfer

449 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.ly/Nordea HTTP 301
https://nordea-banking.eu/n/ Page URL
https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3 HTTP 301
http://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/ HTTP 301
https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/ HTTP 302
https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://t.ly/Nordea HTTP 301
https://nordea-banking.eu/n/

25 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response nordea-banking.eu/n/ Redirect Chain https://t.ly/Nordea https://nordea-banking.eu/n/	670 B 952 B	320ms 144ms	Document text/html	2606:4700:3034::6815:2503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea-banking.eu/n/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:2503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6355cf8baa2166b60849a46b634f9a260a2036ccb3442e0b3f46d5b92c5e7261` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 728febce8a8fb348-PRG content-encoding br content-type text/html; charset=UTF-8 date Mon, 11 Jul 2022 07:45:42 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2B0WnLftQONEkYex8ORguN%2FZt4C%2BSGrsmK5vr84GZl3B6wdWgu%2Fz1YAXwdzNe016yF9attmZ9S%2BQrRm7IKkWF2ztjVzatCIhJOZetVC8SF7%2BgCffu3LlHJeG1spU8jhFxGgtCkFcVXI1dZpw%2FtFB5w%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 728febcbbb1a2d5b-KBP content-type text/html; charset=UTF-8 date Mon, 11 Jul 2022 07:45:41 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" location https://nordea-banking.eu/n/ nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sXoGy5VBZE%2F38y%2Bhdzy%2FKMbbIG6sp0uPj4WoPUzlm6cJS2fkZCkpnbEC01Q8UdAHA23ppuestyTnV33VDxPLYf22jYnCJXZvjkbVsgWn61NflZMGw8XXByjCYUeQL%2BORtjn"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff x-frame-options SAMEORIGIN x-whom tly-2 x-xss-protection 1; mode=block
GET H3	200	Primary Request / Show response nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/ Redirect Chain https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3? http://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/? https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/? https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/?	11 KB 4 KB	164ms 163ms	Document text/html	2606:4700:3034::6815:2503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? Requested by Host: nordea-banking.eu URL: https://nordea-banking.eu/n/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:2503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2ce74d6c2c94d5f136c977a247bdadae5ca7d537b01ef648a5a1f2e7e12bf8fa` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 728febd88ce52d8b-KBP content-encoding br content-type text/html; charset=UTF-8 date Mon, 11 Jul 2022 07:45:43 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires 0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNVlYlIsPm2SqCan1xGcRJfc%2B1Hz4mCd%2B1THAbHFCsi7Lqz%2F3c1R6Llnp%2F66RWLF%2FN%2FI3n%2BxR8hV4c%2BXXbHuU8Bi3D%2BZLIyVqZee9DVmZDiE%2BXK3Y2rBgs7KlyZQN5PO6HcT9RMoVstNrYOxBBeAKw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 728febd79a032d8b-KBP content-type text/html; charset=UTF-8 date Mon, 11 Jul 2022 07:45:43 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" location login/? nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJWd9zkwXezIcRkEWJlNz3Jyi6r8DCOE2D9WAWMDF3HRFi0XpOYiJH9DOyVf3xE1yerKGfQCLeUchqmdqVUWbxehCcJYaS5ZOhgMdgA1dAaVpx2c1Nsft6D0qv%2F4K0aCmLXPUvzpqn4MJdFyMFb2xg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	jquery.min.js Show response nordea-banking.eu/n/bower_components/jquery/dist/	85 KB 31 KB	214ms 213ms	Script application/javascript	2606:4700:3034::6815:2503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea-banking.eu/n/bower_components/jquery/dist/jquery.min.js Requested by Host: nordea-banking.eu URL: https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:2503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:45:44 GMT content-encoding br cf-cache-status MISS last-modified Thu, 30 Sep 2021 06:21:58 GMT server cloudflare etag W/"15283-5cd3076c06d80-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqA%2FUjREIKIHmqof1ycmVF3KZUsAAHbKa3x34nMcE3WOIYSkwW9j%2FoZKW6J%2BxXXBJBeEC%2BjrKDA4mFOFSymsNzvNjuSgR%2BMUUtFLyuNmApcPNeP%2Be1M4Wka5t1OHpSNfwyFazCiPjmYH4iWRoWmVFw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 728febd99f832d8b-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	ua-parser.min.js Show response nordea-banking.eu/n/bower_components/ua-parser-js/dist/	17 KB 7 KB	157ms 148ms	Script application/javascript	2606:4700:3034::6815:2503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea-banking.eu/n/bower_components/ua-parser-js/dist/ua-parser.min.js Requested by Host: nordea-banking.eu URL: https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:2503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:45:44 GMT content-encoding br cf-cache-status MISS last-modified Thu, 30 Sep 2021 06:21:58 GMT server cloudflare etag W/"4298-5cd3076c06d80-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mwc%2BqvWs8dOvf%2BmekLh9bc5DCa2czHmKMJkMU4xVKFwoiGNoK09XuA4rvtHfhdDhrkusCbY9K5TbQuh0hvNleDnrhnUhTrZK%2F0oLj5NiOk6MWkJWG1H3%2BfZm7iC1RjWFKfNivuLHb56ux2z8f9Zqrw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 728febd9afa52d8b-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	font-awesome.min.css nordea-banking.eu/n/bower_components/font-awesome/css/	30 KB 7 KB	214ms 206ms	Stylesheet text/css	2606:4700:3034::6815:2503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea-banking.eu/n/bower_components/font-awesome/css/font-awesome.min.css Requested by Host: nordea-banking.eu URL: https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:2503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:45:44 GMT content-encoding br cf-cache-status MISS last-modified Thu, 30 Sep 2021 06:21:58 GMT server cloudflare etag W/"7918-5cd3076c06d80-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QxEs%2FuDgx36ICKkdZav%2FFC%2F2gaoHwQxpmfrkTEXRrs617eONQ0JQaolJLwWSxUOGiMAdhhWAO9wWSddbsvdETp8mybVTCt5OKDtyl5lreCnRw%2FWBbvj2%2F%2BhGSSYYmtvaq4RmteytoPl7fWAH8fz77Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 728febd9afa92d8b-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	core_form.js Show response nordea-banking.eu/n/core/form/	20 KB 5 KB	158ms 150ms	Script application/javascript	2606:4700:3034::6815:2503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea-banking.eu/n/core/form/core_form.js Requested by Host: nordea-banking.eu URL: https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:2503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `42819081a59552935103c6abd6382a702043bcb3cc890f6209d3385a6b6412bf` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:45:44 GMT content-encoding br cf-cache-status MISS last-modified Thu, 30 Sep 2021 06:21:58 GMT server cloudflare etag W/"4ee0-5cd3076c06d80-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYahDKFlR3vWfULifYlDhvFhng9RzEVq7L2ed4Vodm4BGXTHtQ6RFnpMFC3s%2B2ROc9ocNNKb1J8qhuHzcGhtPwDR2KmWmipbJrNEotClP0XxGYmYAAqialjLEGEicQK%2FLTn8QM%2F9x4zkdf55Fjn1Gg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 728febd9afac2d8b-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	core_token.js Show response nordea-banking.eu/n/core/token/	19 KB 2 KB	1729ms 1721ms	Script application/javascript	2606:4700:3034::6815:2503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea-banking.eu/n/core/token/core_token.js?1657525543 Requested by Host: nordea-banking.eu URL: https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:2503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cdb983eca1873b27ebfa5bf52407a91923518463bca5c9343b4bf7397f642040` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:45:45 GMT content-encoding br cf-cache-status MISS last-modified Thu, 30 Sep 2021 06:21:58 GMT server cloudflare etag W/"4a7a-5cd3076c06d80-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3mtoOH5BP%2BCeQ4OB%2FxRqa0Rack8a3Ppj8MsKGPsh2wWewRmwQPoA9W0kTIAr37n4nPqknl7u6Ufd8Kvma%2FftppSl%2B9wDSiMN72dQPYNQK059on6ayMrGknsBzjiYh8zXvlE1Bu6q%2Bt3ACero3UdLw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 728febd9afaf2d8b-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	angular.min.js Show response nordea-banking.eu/n/bower_components/angular/	165 KB 59 KB	269ms 261ms	Script application/javascript	2606:4700:3034::6815:2503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea-banking.eu/n/bower_components/angular/angular.min.js Requested by Host: nordea-banking.eu URL: https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:2503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:45:44 GMT content-encoding br cf-cache-status EXPIRED last-modified Thu, 30 Sep 2021 06:21:58 GMT server cloudflare etag W/"2937c-5cd3076c06d80-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0gWeqQ9I%2Bm72MxUXSdf54S4%2FWs%2BUCVIzCrxIXrSRXSd1dgPW%2BSY1sfxjVB21jmEU%2BclWSCZzlPpcciv1ESqH2ZAV%2FAdfmku0Idh1KeIvF3QwjAEgbreMVFYF0tHXjFQFkUswYt2lmz9GCKjg%2BzNw4w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 728febd9afb22d8b-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	jquery.maskedinput.min.js Show response nordea-banking.eu/n/bower_components/jquery.maskedinput/dist/	16 KB 4 KB	2733ms 2725ms	Script application/javascript	2606:4700:3034::6815:2503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea-banking.eu/n/bower_components/jquery.maskedinput/dist/jquery.maskedinput.min.js Requested by Host: nordea-banking.eu URL: https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:2503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6a2f967ab83a1b16b06c60bbbbbe901f1719b620718f43ee6b7a48d7578cee67` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:45:46 GMT content-encoding br cf-cache-status MISS last-modified Thu, 30 Sep 2021 06:21:58 GMT server cloudflare etag W/"4001-5cd3076c06d80-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aeSk4%2F%2BO%2F72w%2B7pvvI700gUxM95m83YwGcH%2F2l2CVlxpcTuddYykNLORJv0ejwoxZ3841wddYl5lvOsQXRmDxVQ8BVh5LwgYI14KlTlzSBH%2FqGWXcWmjsH2UKIFQEvbSYDJVS3%2BXunWE%2B%2BdGakOSQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 728febd9afb52d8b-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	core_form.css nordea-banking.eu/n/core/form/	3 KB 1 KB	718ms 711ms	Stylesheet text/css	2606:4700:3034::6815:2503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea-banking.eu/n/core/form/core_form.css Requested by Host: nordea-banking.eu URL: https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:2503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `406a11c423ffe3d6c6c94df7fbe6eaf6f49a70086e9f82bbfa0cad51fbd31ad8` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:45:44 GMT content-encoding br cf-cache-status MISS last-modified Thu, 30 Sep 2021 06:21:58 GMT server cloudflare etag W/"adb-5cd3076c06d80-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DC9INJR3p4jZKIkf%2BDP%2Btrg9BgY6ldrFZD6yS7UCb8AGBAicqt%2F12Scty%2FBKx%2FNoaekVbYWAR370bFwzJdBofRNKD0RkdJITXMDfUbJXefvpwGkEWGDwtgyJjQcGwuZ8kfiHOpj%2FFg3HcQZqxHkChQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 728febd9afb72d8b-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	css.css nordea-banking.eu/n/login/form/	0 560 B	151ms 143ms	Stylesheet text/css	2606:4700:3034::6815:2503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea-banking.eu/n/login/form/css.css Requested by Host: nordea-banking.eu URL: https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:2503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:45:44 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 last-modified Thu, 30 Sep 2021 06:21:58 GMT server cloudflare etag "0-5cd3076c06d80" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCbWToWvhCSP9t23ljBMDJ%2FY5xPJjZz3cXwVG3enC4B4hvy316gaAtLcOoeTsNZw2CpqTHVj%2FxaCDGeDyXyJQaa74J1E5bzjppJwlx1YX3pdllcZJq%2Bx1kc1n0StxoP5%2BcJt3fpeEccqqCTmcyc0Jw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 accept-ranges bytes cf-ray 728febd9afb92d8b-KBP cf-bgj minify
GET H3	200	reset.css nordea-banking.eu/n/login/	2 KB 1 KB	320ms 313ms	Stylesheet text/css	2606:4700:3034::6815:2503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea-banking.eu/n/login/reset.css Requested by Host: nordea-banking.eu URL: https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:2503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3c268c23de2cdc03399f28e51ad14dbf933052ba513f9d85d466e38a67e7ebb1` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:45:44 GMT content-encoding br cf-cache-status MISS last-modified Thu, 30 Sep 2021 06:21:58 GMT server cloudflare etag W/"997-5cd3076c06d80-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syf%2F0qUqXHqruPVoxoZl2c7nRZWMwevPMd30B31c4PZMsm%2FoPMNjqqDY4x8RXMQFvo6e%2FVzOoczm%2B6rbUR7dm6mFBGKyILew4zaurngD8UAFGlSKtQ2OOSG4hwKHg6glae%2FO38e1qAZs9dS%2F5gn4wQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 728febd9afbd2d8b-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	backbase-portal.css nordea-banking.eu/n/login/	3 KB 1 KB	2008ms 2001ms	Stylesheet text/css	2606:4700:3034::6815:2503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea-banking.eu/n/login/backbase-portal.css Requested by Host: nordea-banking.eu URL: https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:2503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a30b67e102e644f091fd5736b8eb5f195f738422c6bfc706fd68af6073c6de26` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:45:45 GMT content-encoding br cf-cache-status MISS last-modified Thu, 30 Sep 2021 06:21:58 GMT server cloudflare etag W/"a82-5cd3076c06d80-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EuYhEyl82IQl7%2FDnQFQtROnf4g02GcB568AuNIkIuzU8qlL4O%2F31aXHvAgsM0WGsQxvfk4ud7jy2KHumkn0QfiV0xlHbmy8NLtHqhGoxD6kcTWFHStqmBFDA3E7JRksdXlDOdwePGwGgujvDURC%2BFQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 728febd9afc02d8b-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	all.css nordea-banking.eu/n/login/	10 KB 3 KB	1722ms 1715ms	Stylesheet text/css	2606:4700:3034::6815:2503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea-banking.eu/n/login/all.css Requested by Host: nordea-banking.eu URL: https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:2503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `041a9e12d19dc2165f7e1435d6611f0a6efeba4d7375ca2bbb778364f9320561` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:45:45 GMT content-encoding br cf-cache-status MISS last-modified Thu, 30 Sep 2021 06:21:58 GMT server cloudflare etag W/"2820-5cd3076c06d80-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCAOhdekv0l7OwApNMl3TrFPCIIngNsk0%2BnlpYIa68aGdv3nAs9NNpTaSPrC9vgocGsfeK20f1Pvf7RgC%2BolnHTQEMOimT1R15aVQcHkLBZPcnYEUkrhhgd9DPKeHO1uD1B1jT8pi0CHDNxvPuf4tA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 728febd9afc12d8b-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	aurora.min.css nordea-banking.eu/n/login/	21 KB 5 KB	319ms 313ms	Stylesheet text/css	2606:4700:3034::6815:2503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea-banking.eu/n/login/aurora.min.css Requested by Host: nordea-banking.eu URL: https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:2503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `31c87dedf2d3a1bd2e2fa1e026abb9b3c32040d7ada2651b4a125bf8418fc2b5` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:45:44 GMT content-encoding br cf-cache-status EXPIRED last-modified Thu, 30 Sep 2021 06:21:58 GMT server cloudflare etag W/"5225-5cd3076c06d80-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFLXk6XvR3z%2FbwU0ZM8esczNrC1T7p%2BFq38jNFXf3myo33lbJxcc3EnkjR83J%2FxCNgnWBmpA8dX3zDYWdgrHZmAh5lFs1eNlvNYJ8EwBzWSX%2BJQeNPC4%2FTXJIdDMLCBpV0tP1p3%2F71d2VT2DLfIZEg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 728febd9afc42d8b-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	styles-6af237f07b117508ecc428f538073c25.css nordea-banking.eu/n/login/	36 KB 7 KB	2731ms 2725ms	Stylesheet text/css	2606:4700:3034::6815:2503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea-banking.eu/n/login/styles-6af237f07b117508ecc428f538073c25.css Requested by Host: nordea-banking.eu URL: https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:2503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6c3bbbab182d097c3a57db37a6fc64da4065c65765816439f0b9c6104a3b0e97` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:45:46 GMT content-encoding br cf-cache-status EXPIRED last-modified Thu, 30 Sep 2021 06:21:58 GMT server cloudflare etag W/"91ee-5cd3076c06d80-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FcNvFmqj9QbYpCP5RHd7%2FNC07SR2NewCLbhH7flAxVWuHRPI3tbF2T0HyjiZoJqU6SwbpFUkfkX5kpKLV44OKx4HsB3inlO96oEYnK1wZQ%2FMGYV79m0TNO6Iw6N4emPqys%2BKMPi79DEylMbvKaHWw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 728febd9afc52d8b-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg nordea-banking.eu/n/login/	3 KB 2 KB	126ms 122ms	Image image/svg+xml	2606:4700:3034::6815:2503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nordea-banking.eu/n/login/service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg Requested by Host: nordea-banking.eu URL: https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:2503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `037024a96d014cbe884a9f81804ceadc25bd1e49d0d9018de09acddac997afbf` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:45:46 GMT content-encoding br cf-cache-status MISS last-modified Thu, 30 Sep 2021 06:21:58 GMT server cloudflare etag W/"af3-5cd3076c06d80" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjE6wB8%2FniABiO8eayLDe%2FEnLClXdCl1pIyWTE9C9FsbBg1uJs%2FQZVPPEf1i8hvNPcRkBGAIIaRQGqvQLp2wUCH7z0bxTjBJouvbrM4nLaaU8%2Fv%2FyPB5t98rdt0HDFJ1KLQWxM%2BCQFvjTacg%2FNzflA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 728febeadc092d8b-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		offline-8599dbe5088e0566b0e39373d3a56b60.svg nordea-banking.eu/n/login/	0 0

GET H3	200	code_calculator-6af4aa53625a02dcb8b5cfd7ac2d30bd.svg nordea-banking.eu/n/login/	671 B 829 B	165ms 162ms	Image image/svg+xml	2606:4700:3034::6815:2503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nordea-banking.eu/n/login/code_calculator-6af4aa53625a02dcb8b5cfd7ac2d30bd.svg Requested by Host: nordea-banking.eu URL: https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:2503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `23c76e6a9df05e6f95e1384fbf5566300447cf8a2e658af4de19bb52c14eeadf` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:45:46 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 30 Sep 2021 06:21:58 GMT server cloudflare etag W/"29f-5cd3076c06d80" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhwebkJZTvuAxfMyz4wKZlMzfVvf9AzTpiKlWEWYT%2B%2F0deuteBkyeWrmxM1vdITAZkc%2FaN4GFp0njTWW1MCgC%2FRReZWM9DbkLwUb1OGDpT7KrDHIYxSPT4vacY5yplnRQKANkf7%2BiLwmw2yBNkChow%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 728febeadc0e2d8b-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	form.js Show response nordea-banking.eu/n/login/form/	3 KB 1 KB	136ms 134ms	Script application/javascript	2606:4700:3034::6815:2503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea-banking.eu/n/login/form/form.js?v=62cbd527ce771 Requested by Host: nordea-banking.eu URL: https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:2503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `907d66973b8a86469b449cbf61d1dd0e17df8cbdb894efb6ea47cae06cd67c3f` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:45:46 GMT content-encoding br cf-cache-status MISS last-modified Thu, 30 Sep 2021 06:21:58 GMT server cloudflare etag W/"bf7-5cd3076c06d80-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G88%2FzcLLv3uRoQQ8k72hK8YotJMpBTDW%2BKCk3WpR7JfBR4BzA%2BiFx83anx66VN4z1EPkfbRAEW2SbQALQ55Uz%2B79gVkUjKbmpQBMcqwZPrak40z3hX3zGPfPqD0zmJrFcWMdIGcgPDPKiZi2XRAAjA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 728febeacbe72d8b-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	ng.js Show response nordea-banking.eu/n/login/ng/	6 KB 2 KB	160ms 158ms	Script application/javascript	2606:4700:3034::6815:2503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nordea-banking.eu/n/login/ng/ng.js?v=62cbd527ce7cc Requested by Host: nordea-banking.eu URL: https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:2503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c214695e0609b540ab0885b59787f76a0e0be8ccb2a333d8d2231ecae1825f4b` Request headers accept-language fi-FI,fi;q=0.9 Referer https://nordea-banking.eu/n/a1b2c3/35bca115465577a553f72dcc3237eaa3/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 07:45:46 GMT content-encoding br cf-cache-status MISS last-modified Thu, 30 Sep 2021 06:21:58 GMT server cloudflare etag W/"16af-5cd3076c06d80-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUC%2Bq5kh%2BaYijEVMaEHhcEfPWANMfAkY572L02vLnkuFTvgdfUdRGM60kAAOxLLeOquKMX22JX%2BSxb73gJKVnAFZyoBlEWEQs0hpNVePWsEOdkqoFohxsXTqZs8Fvg7%2BkU7vvd%2Ferb5MoTK7n05FrQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 728febeacbea2d8b-KBP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		token.js nordea-banking.eu/n/login/token/	0 0

GET		564d0ff0f3578b7128a458ef269b286a.jpg nordea-banking.eu/n/login/	0 0

GET		c233a817ad142919d728ebf4c8b3d54c.woff2 nordea-banking.eu/n/login/	0 0

GET		7bc117ce8cbf2ce4b08a7ed17d16cf89.woff2 nordea-banking.eu/n/login/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nordea-banking.eu
URL: https://nordea-banking.eu/n/login/offline-8599dbe5088e0566b0e39373d3a56b60.svg

Domain: nordea-banking.eu
URL: https://nordea-banking.eu/n/login/token/token.js?v=62cbd527ce81e

Domain: nordea-banking.eu
URL: https://nordea-banking.eu/n/login/564d0ff0f3578b7128a458ef269b286a.jpg

Domain: nordea-banking.eu
URL: https://nordea-banking.eu/n/login/c233a817ad142919d728ebf4c8b3d54c.woff2

Domain: nordea-banking.eu
URL: https://nordea-banking.eu/n/login/7bc117ce8cbf2ce4b08a7ed17d16cf89.woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nordea (Banking)

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nordea-banking.eu/n	1969-12-31 23:59:59	Name: real Value: OK
t.ly/	1970-01-20 04:45:35	Name: XSRF-TOKEN Value: eyJpdiI6IjEwRWFmbnNNbDVvV1QzNjRvVTlzVlE9PSIsInZhbHVlIjoibEpYZmFDczdJdHF5Q2NiYUNoWHY1cUowZHVNRU96Tll1NDVSN1VPc2Ixc2ZXbkRZNm8ydU9CM01KU2YxWHNNbEVIOGUzYS9vY0lGVnAvcllTZ0FzR0o1bUZlMXI1UlB0ZkxSRER1Z0tGM3ZvOFFXRUxjMGpRcDRzRS9hK3VuK1oiLCJtYWMiOiI3ZmRkN2M5YjAyMDhmYzExMmUzOThhNTEyZWE2MTFiMzdhYzgzZDdhOTg3MDM5MjQxNjhhMjFkODk2MmU1OTk1IiwidGFnIjoiIn0%3D
t.ly/	1970-01-20 04:45:35	Name: tly_session Value: eyJpdiI6IkliQnpwaUhTYzNvM3R4WnNqL29GcWc9PSIsInZhbHVlIjoiVHAyMnJ0blZyRmJUclFxYlAyTG1WcWh0ZWdZT0FkR1NtVnNIUVUrKzIxdnFLSlN0cVZDZFFZSXp3V0VCSkhmcS9zNXMvNitLb2tqZlpzeFVYdXJFdXdFRi96d2hjTVllOUcwcHduaE1GUXRSemFGUXpiUXlhV1Z4UCs3M1oraHIiLCJtYWMiOiI2OGU4YTc4NTNkYzlhNTIxMGE4NWFkODkzMWU2YjY2NjZlNzZhMDYxNzIyZTg1NzE5NTJlYmY1ZDVlMDU0ZTM4IiwidGFnIjoiIn0%3D
nordea-banking.eu/	1970-01-20 05:08:37	Name: bid Value: 35bca115465577a553f72dcc3237eaa3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nordea-banking.eu
t.ly
nordea-banking.eu
2606:4700:3033::6815:1a62
2606:4700:3034::6815:2503
037024a96d014cbe884a9f81804ceadc25bd1e49d0d9018de09acddac997afbf
041a9e12d19dc2165f7e1435d6611f0a6efeba4d7375ca2bbb778364f9320561
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
23c76e6a9df05e6f95e1384fbf5566300447cf8a2e658af4de19bb52c14eeadf
2ce74d6c2c94d5f136c977a247bdadae5ca7d537b01ef648a5a1f2e7e12bf8fa
31c87dedf2d3a1bd2e2fa1e026abb9b3c32040d7ada2651b4a125bf8418fc2b5
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
3c268c23de2cdc03399f28e51ad14dbf933052ba513f9d85d466e38a67e7ebb1
406a11c423ffe3d6c6c94df7fbe6eaf6f49a70086e9f82bbfa0cad51fbd31ad8
42819081a59552935103c6abd6382a702043bcb3cc890f6209d3385a6b6412bf
6355cf8baa2166b60849a46b634f9a260a2036ccb3442e0b3f46d5b92c5e7261
6a2f967ab83a1b16b06c60bbbbbe901f1719b620718f43ee6b7a48d7578cee67
6c3bbbab182d097c3a57db37a6fc64da4065c65765816439f0b9c6104a3b0e97
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
907d66973b8a86469b449cbf61d1dd0e17df8cbdb894efb6ea47cae06cd67c3f
a30b67e102e644f091fd5736b8eb5f195f738422c6bfc706fd68af6073c6de26
c214695e0609b540ab0885b59787f76a0e0be8ccb2a333d8d2231ecae1825f4b
cdb983eca1873b27ebfa5bf52407a91923518463bca5c9343b4bf7397f642040
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

nordea-banking.eu Open in urlscan Pro 2606:4700:3034::6815:2503 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

80 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

146 kBTransfer

449 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

48 JavaScript Global Variables

4 Cookies

Indicators

nordea-banking.eu Open in urlscan Pro
2606:4700:3034::6815:2503 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

80 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

146 kB
Transfer

449 kB
Size

4
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!