totalin.plusgirot.se Open in urlscan Pro
158.233.250.79 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://totalin.plusgirot.se/
Effective URL:
https://totalin.plusgirot.se/
Submission: On February 01 via manual (February 1st 2023, 7:17:44 am UTC) from FI — Scanned from SE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 21 HTTP transactions. The main IP is 158.233.250.79, located in Finland and belongs to NORDEA-AS, FI. The main domain is totalin.plusgirot.se.
TLS certificate: Issued by Entrust Certification Authority - L1K on July 11th 2022. Valid for: a year.

This is the only time totalin.plusgirot.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	158.233.250.79 158.233.250.79	201271 (NORDEA-AS) (NORDEA-AS)
3	158.233.249.6 158.233.249.6	201271 (NORDEA-AS) (NORDEA-AS)
21	2

19 158.233.250.79 (Finland) 1 redirects

ASN201271 (NORDEA-AS, FI)

totalin.plusgirot.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 158.233.249.6 (Finland)

ASN201271 (NORDEA-AS, FI)

internetbanken.privat.nordea.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	plusgirot.se 1 redirects totalin.plusgirot.se	292 KB
3	nordea.se internetbanken.privat.nordea.se	40 KB
21	2

	Domain	Requested by
19	totalin.plusgirot.se	1 redirects totalin.plusgirot.se
3	internetbanken.privat.nordea.se	totalin.plusgirot.se
21	2

This site contains no links.

Subject Issuer	Validity	Valid
totalin.plusgirot.se Entrust Certification Authority - L1K	`2022-07-11` - `2023-08-08`	a year	crt.sh
internetbanken.privat.nordea.se Entrust Certification Authority - L1M	`2022-10-18` - `2023-10-21`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://totalin.plusgirot.se/
Frame ID: 0A99A291374CDE7437C91894D5BE01CB
Requests: 1 HTTP requests in this frame

Frame: https://totalin.plusgirot.se/tlimages/tlfrascr.html
Frame ID: 4DC6F7AE0B0EE47C2CE581ED9DEE21D8
Requests: 3 HTTP requests in this frame

Frame: https://totalin.plusgirot.se/LOGINSIDA?CERT_TYP=&sprak=&LOGMSG1=&TEXT=
Frame ID: 199CEB97E954F4FAC12E973D0D1791CB
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PlusGirot - Total IN

Page URL History Show full URLs

http://totalin.plusgirot.se/ HTTP 301
https://totalin.plusgirot.se/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

332 kB
Transfer

350 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://totalin.plusgirot.se/ HTTP 301
https://totalin.plusgirot.se/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
totalin.plusgirot.se/
Redirect Chain

http://totalin.plusgirot.se/
https://totalin.plusgirot.se/

629 B
837 B

136ms
50ms

Document
text/html

158.233.250.79
NORDEA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://totalin.plusgirot.se/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.250.79 , Finland, ASN201271 (NORDEA-AS, FI),

Reverse DNS

Software

Resource Hash

b36f34eb6db516fa7426296d7e6be1ac5a4d7f618e101b5ce318687b1efc5484

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Allow: GET, HEAD, POST
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 357
Content-type: text/html
Date: Wed, 01 Feb 2023 07:17:39 GMT
Expires: Wed, 01 Feb 2023 07:17:39 GMT
MIME-Version: 1.0
Server
Strict-Transport-Security: max-age=157680000
X-Frame-Options: SAMEORIGIN
ntCoent-length: 629

Redirect headers

Location: https://totalin.plusgirot.se/

GET
H/1.1 200
OK tlfrascr.html Show response
totalin.plusgirot.se/tlimages/ Frame 4DC6 995 B
861 B 46ms
45ms Document
text/html 158.233.250.79
NORDEA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://totalin.plusgirot.se/tlimages/tlfrascr.html

Requested by

Host: totalin.plusgirot.se
URL: https://totalin.plusgirot.se/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.250.79 , Finland, ASN201271 (NORDEA-AS, FI),

Reverse DNS

Software

Resource Hash

00d2b3ccd6a2e4d9396e61a4f3f34eb0cc4bde5824f8f4935b3eded04b7021aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://totalin.plusgirot.se/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Allow: GET, HEAD, POST
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 509
Content-type: text/html
Date: Wed, 01 Feb 2023 07:17:39 GMT
Last-modified: Tue, 24 Mar 2009 15:31:51 GMT
MIME-Version: 1.0
Server
Strict-Transport-Security: max-age=157680000
X-Frame-Options: SAMEORIGIN
ntCoent-length: 995

GET
H/1.1 200
OK menu.htm Show response
totalin.plusgirot.se/totalin/ Frame 199C 486 B
671 B 91ms
45ms Document
text/html 158.233.250.79
NORDEA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://totalin.plusgirot.se/totalin/menu.htm?submitdata=&hiddendata=&SSO=&TEXT=

Requested by

Host: totalin.plusgirot.se
URL: https://totalin.plusgirot.se/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.250.79 , Finland, ASN201271 (NORDEA-AS, FI),

Reverse DNS

Software

Resource Hash

220af4958049626b29240b34d132e0d721eb01969e5e8a7772ddccb1adb121e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://totalin.plusgirot.se/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Allow: GET, HEAD, POST
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 307
Content-type: Text/HTML
Date: Wed, 01 Feb 2023 07:17:39 GMT
Expires: Mon, 01 Jan 1997 12:01:00 GMT
MIME-Version: 1.0
Pragma: no-cache
Server
Strict-Transport-Security: max-age=157680000
X-Frame-Options: SAMEORIGIN
ntCoent-length: 486

GET
H/1.1 200
OK tlpixel.gif
totalin.plusgirot.se/tlimages/ Frame 4DC6 43 B
337 B 67ms
45ms Image
image/gif 158.233.250.79
NORDEA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://totalin.plusgirot.se/tlimages/tlpixel.gif

Requested by

Host: totalin.plusgirot.se
URL: https://totalin.plusgirot.se/tlimages/tlfrascr.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.250.79 , Finland, ASN201271 (NORDEA-AS, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://totalin.plusgirot.se/tlimages/tlfrascr.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 07:17:39 GMT
Strict-Transport-Security: max-age=157680000
Last-modified: Tue, 24 Mar 2009 15:31:52 GMT
Server
Allow: GET, HEAD, POST
X-Frame-Options: SAMEORIGIN
Content-type: image/gif
nnCoection: Close
Content-length: 43
MIME-Version: 1.0

GET
H/1.1 200
OK toptotal.gif
totalin.plusgirot.se/tlimages/ Frame 4DC6 3 KB
3 KB 75ms
46ms Image
image/gif 158.233.250.79
NORDEA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://totalin.plusgirot.se/tlimages/toptotal.gif

Requested by

Host: totalin.plusgirot.se
URL: https://totalin.plusgirot.se/tlimages/tlfrascr.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.250.79 , Finland, ASN201271 (NORDEA-AS, FI),

Reverse DNS

Software

Resource Hash

a8d600f2a720a9ae2513865c9ea16fe5fa03ffded3a0e94c5ffcab420fb0f899

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://totalin.plusgirot.se/tlimages/tlfrascr.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 07:17:39 GMT
Strict-Transport-Security: max-age=157680000
Last-modified: Wed, 07 Dec 2011 13:03:36 GMT
Server
Allow: GET, HEAD, POST
X-Frame-Options: SAMEORIGIN
Content-type: image/gif
Connection: Keep-Alive
Content-length: 2680
MIME-Version: 1.0

GET
H/1.1 200
OK LOGINSIDA Show response
totalin.plusgirot.se/ Frame 199C 18 KB
5 KB 93ms
62ms Document
text/html 158.233.250.79
NORDEA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://totalin.plusgirot.se/LOGINSIDA?CERT_TYP=&sprak=&LOGMSG1=&TEXT=

Requested by

Host: totalin.plusgirot.se
URL: https://totalin.plusgirot.se/totalin/menu.htm?submitdata=&hiddendata=&SSO=&TEXT=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.250.79 , Finland, ASN201271 (NORDEA-AS, FI),

Reverse DNS

Software

Resource Hash

0aa9da8061d99e40bf92f54351c6b608a0e3818ac71c14c4bbca12ba3e33b59c

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://totalin.plusgirot.se/totalin/menu.htm?submitdata=&hiddendata=&SSO=&TEXT=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Allow: GET, HEAD, POST
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 5089
Content-type: TEXT/HTML
Date: Wed, 01 Feb 2023 07:17:39 GMT
Expires: Mon, 01 Jan 1997 12:01:00 GMT
MIME-Version: 1.0
Pragma: no-cache
Server
Strict-Transport-Security: max-age=157680000
X-Frame-Options: SAMEORIGIN
ntCoent-length: 18315

GET
H/1.1 200
OK totalcss.css
totalin.plusgirot.se/tlimages/ Frame 199C 16 KB
5 KB 49ms
48ms Stylesheet
text/css 158.233.250.79
NORDEA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://totalin.plusgirot.se/tlimages/totalcss.css

Requested by

Host: totalin.plusgirot.se
URL: https://totalin.plusgirot.se/LOGINSIDA?CERT_TYP=&sprak=&LOGMSG1=&TEXT=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.250.79 , Finland, ASN201271 (NORDEA-AS, FI),

Reverse DNS

Software

Resource Hash

91bca686e7df5775042fe469ec4831591fb1e673edae6f7ab1cd322a8a935b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://totalin.plusgirot.se/LOGINSIDA?CERT_TYP=&sprak=&LOGMSG1=&TEXT=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Cteonnt-length: 16456
Date: Wed, 01 Feb 2023 07:17:39 GMT
Strict-Transport-Security: max-age=157680000
Content-Encoding: gzip
Last-modified: Wed, 28 Nov 2018 08:35:23 GMT
Server
Allow: GET, HEAD, POST
X-Frame-Options: SAMEORIGIN
Content-type: text/css
Connection: Keep-Alive
MIME-Version: 1.0
Content-Length: 4279

GET
H/1.1 200
OK tljquery.js Show response
totalin.plusgirot.se/tlimages/ Frame 199C 262 KB
262 KB 50ms
49ms Script
application/x-javascript 158.233.250.79
NORDEA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://totalin.plusgirot.se/tlimages/tljquery.js

Requested by

Host: totalin.plusgirot.se
URL: https://totalin.plusgirot.se/LOGINSIDA?CERT_TYP=&sprak=&LOGMSG1=&TEXT=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.250.79 , Finland, ASN201271 (NORDEA-AS, FI),

Reverse DNS

Software

Resource Hash

0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://totalin.plusgirot.se/LOGINSIDA?CERT_TYP=&sprak=&LOGMSG1=&TEXT=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 07:17:39 GMT
Strict-Transport-Security: max-age=157680000
Last-modified: Thu, 05 Sep 2019 06:00:00 GMT
Server
Allow: GET, HEAD, POST
X-Frame-Options: SAMEORIGIN
Content-type: application/x-javascript
Connection: Keep-Alive
Content-length: 268039
MIME-Version: 1.0

GET
H/1.1 200
OK tlauthmb.js Show response
totalin.plusgirot.se/tlimages/ Frame 199C 6 KB
6 KB 48ms
47ms Script
application/x-javascript 158.233.250.79
NORDEA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://totalin.plusgirot.se/tlimages/tlauthmb.js

Requested by

Host: totalin.plusgirot.se
URL: https://totalin.plusgirot.se/LOGINSIDA?CERT_TYP=&sprak=&LOGMSG1=&TEXT=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.250.79 , Finland, ASN201271 (NORDEA-AS, FI),

Reverse DNS

Software

Resource Hash

25c6c9615a099f7f092fdbd55f38cc22d0e058d9957f938a1661b1cd3a19afda

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://totalin.plusgirot.se/LOGINSIDA?CERT_TYP=&sprak=&LOGMSG1=&TEXT=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 07:17:39 GMT
Strict-Transport-Security: max-age=157680000
Last-modified: Fri, 05 Feb 2016 06:12:34 GMT
Server
Allow: GET, HEAD, POST
X-Frame-Options: SAMEORIGIN
Content-type: application/x-javascript
Connection: Keep-Alive
Content-length: 5693
MIME-Version: 1.0

GET
H/1.1 200
OK tlloadla.gif
totalin.plusgirot.se/tlimages/ Frame 199C 3 KB
3 KB 46ms
45ms Image
image/gif 158.233.250.79
NORDEA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://totalin.plusgirot.se/tlimages/tlloadla.gif

Requested by

Host: totalin.plusgirot.se
URL: https://totalin.plusgirot.se/LOGINSIDA?CERT_TYP=&sprak=&LOGMSG1=&TEXT=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.250.79 , Finland, ASN201271 (NORDEA-AS, FI),

Reverse DNS

Software

Resource Hash

af7063e8a8e72af907ea897be216902a23090264c0607223f740f8af2825f32b

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://totalin.plusgirot.se/LOGINSIDA?CERT_TYP=&sprak=&LOGMSG1=&TEXT=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 07:17:39 GMT
Strict-Transport-Security: max-age=157680000
Last-modified: Fri, 05 Feb 2016 06:12:34 GMT
Server
Allow: GET, HEAD, POST
X-Frame-Options: SAMEORIGIN
Content-type: image/gif
Connection: Keep-Alive
Content-length: 2880
MIME-Version: 1.0

GET
H/1.1 200
OK pi17_Mobilt_BankID_step_1.png
internetbanken.privat.nordea.se/web_elements/images/web/local/se3/se/Picture/ Frame 199C 11 KB
12 KB 417ms
44ms Image
image/png 158.233.249.6
NORDEA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://internetbanken.privat.nordea.se/web_elements/images/web/local/se3/se/Picture/pi17_Mobilt_BankID_step_1.png

Requested by

Host: totalin.plusgirot.se
URL: https://totalin.plusgirot.se/LOGINSIDA?CERT_TYP=&sprak=&LOGMSG1=&TEXT=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.249.6 , Finland, ASN201271 (NORDEA-AS, FI),

Reverse DNS

Software

Resource Hash

bbe1b37368933c34e32f3c631e5d06f683e9fd8d0f37d9174c302a0ebf3b378b

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://totalin.plusgirot.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 07:17:38 GMT
Strict-Transport-Security: max-age=157680000
Last-Modified: Mon, 08 Jun 2020 22:11:29 GMT
Accept-Ranges: bytes
Content-Length: 11365

GET
H/1.1 200
OK pi17_Mobilt_BankID_step_2.png
internetbanken.privat.nordea.se/web_elements/images/web/local/se3/se/Picture/ Frame 199C 12 KB
13 KB 298ms
49ms Image
image/png 158.233.249.6
NORDEA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://internetbanken.privat.nordea.se/web_elements/images/web/local/se3/se/Picture/pi17_Mobilt_BankID_step_2.png

Requested by

Host: totalin.plusgirot.se
URL: https://totalin.plusgirot.se/LOGINSIDA?CERT_TYP=&sprak=&LOGMSG1=&TEXT=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.249.6 , Finland, ASN201271 (NORDEA-AS, FI),

Reverse DNS

Software

Resource Hash

50d72c4d500719faf76b3260d2cae8f984ec5b6fc5ef1cf69780d171d57b9968

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://totalin.plusgirot.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 07:17:39 GMT
Strict-Transport-Security: max-age=157680000
Last-Modified: Mon, 08 Jun 2020 22:14:44 GMT
Accept-Ranges: bytes
Content-Length: 12553

GET
H/1.1 200
OK tltransp.gif
totalin.plusgirot.se/tlimages/ Frame 199C 43 B
342 B 46ms
46ms Image
image/gif 158.233.250.79
NORDEA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://totalin.plusgirot.se/tlimages/tltransp.gif

Requested by

Host: totalin.plusgirot.se
URL: https://totalin.plusgirot.se/LOGINSIDA?CERT_TYP=&sprak=&LOGMSG1=&TEXT=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.250.79 , Finland, ASN201271 (NORDEA-AS, FI),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://totalin.plusgirot.se/LOGINSIDA?CERT_TYP=&sprak=&LOGMSG1=&TEXT=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 07:17:40 GMT
Strict-Transport-Security: max-age=157680000
Last-modified: Tue, 24 Mar 2009 15:31:53 GMT
Server
Allow: GET, HEAD, POST
X-Frame-Options: SAMEORIGIN
Content-type: image/gif
Connection: Keep-Alive
Content-length: 43
MIME-Version: 1.0

GET
H/1.1 200
OK tlpixel.gif
totalin.plusgirot.se/tlimages/ Frame 199C 43 B
342 B 45ms
45ms Image
image/gif 158.233.250.79
NORDEA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://totalin.plusgirot.se/tlimages/tlpixel.gif

Requested by

Host: totalin.plusgirot.se
URL: https://totalin.plusgirot.se/LOGINSIDA?CERT_TYP=&sprak=&LOGMSG1=&TEXT=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.250.79 , Finland, ASN201271 (NORDEA-AS, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://totalin.plusgirot.se/LOGINSIDA?CERT_TYP=&sprak=&LOGMSG1=&TEXT=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 07:17:40 GMT
Strict-Transport-Security: max-age=157680000
Last-modified: Tue, 24 Mar 2009 15:31:52 GMT
Server
Allow: GET, HEAD, POST
X-Frame-Options: SAMEORIGIN
Content-type: image/gif
Connection: Keep-Alive
Content-length: 43
MIME-Version: 1.0

GET
H/1.1 200
OK pi17_Mobilt_BankID_Login_instruktions.png
internetbanken.privat.nordea.se/web_elements/images/web/local/se3/se/Picture/ Frame 199C 15 KB
15 KB 289ms
48ms Image
image/png 158.233.249.6
NORDEA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://internetbanken.privat.nordea.se/web_elements/images/web/local/se3/se/Picture/pi17_Mobilt_BankID_Login_instruktions.png

Requested by

Host: totalin.plusgirot.se
URL: https://totalin.plusgirot.se/LOGINSIDA?CERT_TYP=&sprak=&LOGMSG1=&TEXT=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.249.6 , Finland, ASN201271 (NORDEA-AS, FI),

Reverse DNS

Software

Resource Hash

25defafefe598c81c03bce7e59a8a5aef8e487beddd309d66671aaad4f0cb37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://totalin.plusgirot.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 07:17:44 GMT
Strict-Transport-Security: max-age=157680000
Last-Modified: Mon, 08 Jun 2020 22:16:52 GMT
Accept-Ranges: bytes
Content-Length: 15198

GET
H/1.1 200
OK tibackgr.gif
totalin.plusgirot.se/tlimages/ Frame 199C 54 B
353 B 46ms
45ms Image
image/gif 158.233.250.79
NORDEA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://totalin.plusgirot.se/tlimages/tibackgr.gif

Requested by

Host: totalin.plusgirot.se
URL: https://totalin.plusgirot.se/tlimages/totalcss.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.250.79 , Finland, ASN201271 (NORDEA-AS, FI),

Reverse DNS

Software

Resource Hash

20b64bed9c688786e32515b5ae1d05692cce12fd8ce2c9313f84a3c0fedbadf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://totalin.plusgirot.se/tlimages/totalcss.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 07:17:40 GMT
Strict-Transport-Security: max-age=157680000
Last-modified: Fri, 04 Dec 2015 06:59:31 GMT
Server
Allow: GET, HEAD, POST
X-Frame-Options: SAMEORIGIN
Content-type: image/gif
Connection: Keep-Alive
Content-length: 54
MIME-Version: 1.0

GET
H/1.1 200
OK tinbleon.gif
totalin.plusgirot.se/tlimages/ Frame 199C 173 B
473 B 47ms
47ms Image
image/gif 158.233.250.79
NORDEA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://totalin.plusgirot.se/tlimages/tinbleon.gif

Requested by

Host: totalin.plusgirot.se
URL: https://totalin.plusgirot.se/tlimages/totalcss.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.250.79 , Finland, ASN201271 (NORDEA-AS, FI),

Reverse DNS

Software

Resource Hash

a6862835b321ceba2b9c159f9677d7b73b83f529aaaf7077d21c0324c0c84eee

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://totalin.plusgirot.se/tlimages/totalcss.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 07:17:40 GMT
Strict-Transport-Security: max-age=157680000
Last-modified: Fri, 04 Dec 2015 06:59:31 GMT
Server
Allow: GET, HEAD, POST
X-Frame-Options: SAMEORIGIN
Content-type: image/gif
Connection: Keep-Alive
Content-length: 173
MIME-Version: 1.0

GET
H/1.1 200
OK tinbrion.gif
totalin.plusgirot.se/tlimages/ Frame 199C 627 B
927 B 48ms
47ms Image
image/gif 158.233.250.79
NORDEA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://totalin.plusgirot.se/tlimages/tinbrion.gif

Requested by

Host: totalin.plusgirot.se
URL: https://totalin.plusgirot.se/tlimages/totalcss.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.250.79 , Finland, ASN201271 (NORDEA-AS, FI),

Reverse DNS

Software

Resource Hash

cd640ec6972da2912796f181f490b0e5ddf151a378ff448f9dd820f589951247

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://totalin.plusgirot.se/tlimages/totalcss.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 07:17:40 GMT
Strict-Transport-Security: max-age=157680000
Last-modified: Fri, 04 Dec 2015 06:59:31 GMT
Server
Allow: GET, HEAD, POST
X-Frame-Options: SAMEORIGIN
Content-type: image/gif
Connection: Keep-Alive
Content-length: 627
MIME-Version: 1.0

GET
H/1.1 200
OK tinbleft.gif
totalin.plusgirot.se/tlimages/ Frame 199C 231 B
531 B 89ms
44ms Image
image/gif 158.233.250.79
NORDEA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://totalin.plusgirot.se/tlimages/tinbleft.gif

Requested by

Host: totalin.plusgirot.se
URL: https://totalin.plusgirot.se/tlimages/totalcss.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.250.79 , Finland, ASN201271 (NORDEA-AS, FI),

Reverse DNS

Software

Resource Hash

0c890d3ab9c18caca77a012366dbf880a06eabd93fb066a12ded4dca005f3a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://totalin.plusgirot.se/tlimages/totalcss.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 07:17:40 GMT
Strict-Transport-Security: max-age=157680000
Last-modified: Fri, 04 Dec 2015 06:59:31 GMT
Server
Allow: GET, HEAD, POST
X-Frame-Options: SAMEORIGIN
Content-type: image/gif
Connection: Keep-Alive
Content-length: 231
MIME-Version: 1.0

GET
H/1.1 200
OK tinbrigh.gif
totalin.plusgirot.se/tlimages/ Frame 199C 2 KB
2 KB 80ms
45ms Image
image/gif 158.233.250.79
NORDEA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://totalin.plusgirot.se/tlimages/tinbrigh.gif

Requested by

Host: totalin.plusgirot.se
URL: https://totalin.plusgirot.se/tlimages/totalcss.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.250.79 , Finland, ASN201271 (NORDEA-AS, FI),

Reverse DNS

Software

Resource Hash

4313ac7ef8101848558c691f423fed35650f4420835460aa7fb5880ea9172de3

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://totalin.plusgirot.se/tlimages/totalcss.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 07:17:40 GMT
Strict-Transport-Security: max-age=157680000
Last-modified: Fri, 04 Dec 2015 06:59:31 GMT
Server
Allow: GET, HEAD, POST
X-Frame-Options: SAMEORIGIN
Content-type: image/gif
Connection: Keep-Alive
Content-length: 2004
MIME-Version: 1.0

GET
H/1.1 200
OK tlfotstr.gif
totalin.plusgirot.se/tlimages/ Frame 199C 120 B
420 B 67ms
44ms Image
image/gif 158.233.250.79
NORDEA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://totalin.plusgirot.se/tlimages/tlfotstr.gif

Requested by

Host: totalin.plusgirot.se
URL: https://totalin.plusgirot.se/LOGINSIDA?CERT_TYP=&sprak=&LOGMSG1=&TEXT=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.250.79 , Finland, ASN201271 (NORDEA-AS, FI),

Reverse DNS

Software

Resource Hash

bf4792f651f138151c3d2866fb1323d0a9025939591c15ac4b45727feb4eefb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://totalin.plusgirot.se/LOGINSIDA?CERT_TYP=&sprak=&LOGMSG1=&TEXT=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 07:17:40 GMT
Strict-Transport-Security: max-age=157680000
Last-modified: Tue, 24 Mar 2009 15:31:51 GMT
Server
Allow: GET, HEAD, POST
X-Frame-Options: SAMEORIGIN
Content-type: image/gif
Connection: Keep-Alive
Content-length: 120
MIME-Version: 1.0

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
totalin.plusgirot.se/	1969-12-31 23:59:59	Name: NSC_upubmjo.qmvthjspu.tf Value: 14b5a3d9b93042137dc8d1539cd86da7cd823903468bd23cbe65541614300b6788a0062c
.totalin.plusgirot.se/	1969-12-31 23:59:59	Name: SWSSTATE_CHALLENGE Value: GLVTOKEN(3515E228DCCAAF16005E8A27)
totalin.plusgirot.se/	1970-01-20 18:56:35	Name: sprak Value: sve

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=157680000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

internetbanken.privat.nordea.se
totalin.plusgirot.se
158.233.249.6
158.233.250.79
00d2b3ccd6a2e4d9396e61a4f3f34eb0cc4bde5824f8f4935b3eded04b7021aa
0aa9da8061d99e40bf92f54351c6b608a0e3818ac71c14c4bbca12ba3e33b59c
0c890d3ab9c18caca77a012366dbf880a06eabd93fb066a12ded4dca005f3a16
0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21
20b64bed9c688786e32515b5ae1d05692cce12fd8ce2c9313f84a3c0fedbadf7
220af4958049626b29240b34d132e0d721eb01969e5e8a7772ddccb1adb121e5
25c6c9615a099f7f092fdbd55f38cc22d0e058d9957f938a1661b1cd3a19afda
25defafefe598c81c03bce7e59a8a5aef8e487beddd309d66671aaad4f0cb37c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
4313ac7ef8101848558c691f423fed35650f4420835460aa7fb5880ea9172de3
50d72c4d500719faf76b3260d2cae8f984ec5b6fc5ef1cf69780d171d57b9968
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
91bca686e7df5775042fe469ec4831591fb1e673edae6f7ab1cd322a8a935b5b
a6862835b321ceba2b9c159f9677d7b73b83f529aaaf7077d21c0324c0c84eee
a8d600f2a720a9ae2513865c9ea16fe5fa03ffded3a0e94c5ffcab420fb0f899
af7063e8a8e72af907ea897be216902a23090264c0607223f740f8af2825f32b
b36f34eb6db516fa7426296d7e6be1ac5a4d7f618e101b5ce318687b1efc5484
bbe1b37368933c34e32f3c631e5d06f683e9fd8d0f37d9174c302a0ebf3b378b
bf4792f651f138151c3d2866fb1323d0a9025939591c15ac4b45727feb4eefb5
cd640ec6972da2912796f181f490b0e5ddf151a378ff448f9dd820f589951247

totalin.plusgirot.se Open in urlscan Pro 158.233.250.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

332 kBTransfer

350 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

totalin.plusgirot.se Open in urlscan Pro
158.233.250.79 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

332 kB
Transfer

350 kB
Size

3
Cookies

21 HTTP transactions
0 data transactions