www.sparechangeinc.com Open in urlscan Pro
2606:4700:3037::681c:d51 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.sparechangeinc.com/nordea-online-banking-login/
Submission: On March 03 via manual (March 3rd 2020, 7:18:18 am UTC) from DK

Summary HTTP 139 Redirects Links 95 Behaviour Indicators

Summary

This website contacted 55 IPs in 13 countries across 58 domains to perform 139 HTTP transactions. The main IP is 2606:4700:3037::681c:d51, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.sparechangeinc.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on July 7th 2019. Valid for: a year.

This is the only time www.sparechangeinc.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nordea (Banking)

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:303... 2606:4700:3037::681c:d51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
14	92.123.14.115 92.123.14.115	16625 (AKAMAI-AS) (AKAMAI-AS)
1	88.196.97.170 88.196.97.170	3249 (ESTPAK) (ESTPAK)
4	176.114.1.150 176.114.1.150	56485 (THEHOST-AS) (THEHOST-AS)
4	209.182.205.242 209.182.205.242	54641 (INMOTI-1) (INMOTI-1)
6	2a02:26f0:64:... 2a02:26f0:64:1af::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.101.104 143.204.101.104	16509 (AMAZON-02) (AMAZON-02)
2	151.101.114.109 151.101.114.109	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:806::2016	15169 (GOOGLE) (GOOGLE)
1	185.178.208.171 185.178.208.171	57724 (DDOS-GUARD) (DDOS-GUARD)
8	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
6	2a02:26f0:64:... 2a02:26f0:64:186::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	45.79.168.159 45.79.168.159	63949 (LINODE-AP...) (LINODE-AP Linode)
1	52.212.6.57 52.212.6.57	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:c98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:523	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	80.241.216.104 80.241.216.104	51167 (CONTABO) (CONTABO)
2	195.12.178.28 195.12.178.28	24984 (LUMINOR) (LUMINOR)
2	2600:9000:20e... 2600:9000:20eb:c400:0:5a51:64c9:c681	16509 (AMAZON-02) (AMAZON-02)
2	2001:4b98:dc2... 2001:4b98:dc2:41:216:3eff:fe12:e3e1	29169 (GANDI-AS ...) (GANDI-AS Domain name registrar - http://www.gandi.net)
1	158.233.249.6 158.233.249.6	201271 (NORDEA-AS) (NORDEA-AS)
1	2a00:1450:400... 2a00:1450:4001:816::2010	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::393 2a04:4e42:3::393	54113 (FASTLY) (FASTLY)
3	151.101.13.73 151.101.13.73	54113 (FASTLY) (FASTLY)
3	13.225.73.69 13.225.73.69	16509 (AMAZON-02) (AMAZON-02)
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
1	104.20.83.194 104.20.83.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.179.117.16 185.179.117.16	58003 (PLANEETTA-AS) (PLANEETTA-AS)
1	2606:4700:20:... 2606:4700:20::681a:4db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.101.67 143.204.101.67	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:3::444 2a04:4e42:3::444	54113 (FASTLY) (FASTLY)
1	52.58.171.3 52.58.171.3	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:73b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.16.187.66 2.16.187.66	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	69.16.175.42 69.16.175.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700:10:... 2606:4700:10::6814:3f58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	89.234.26.97 89.234.26.97	15395 (RACKSPACE...) (RACKSPACE-LON)
1	151.101.114.90 151.101.114.90	54113 (FASTLY) (FASTLY)
1	91.214.22.210 91.214.22.210	50783 (JPPOL) (JPPOL)
1	94.130.39.102 94.130.39.102	24940 (HETZNER-AS) (HETZNER-AS)
1	192.0.66.5 192.0.66.5	2635 (AUTOMATTIC) (AUTOMATTIC)
1	13.224.194.6 13.224.194.6	16509 (AMAZON-02) (AMAZON-02)
1	138.201.54.145 138.201.54.145	24940 (HETZNER-AS) (HETZNER-AS)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1 1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	198.27.80.143 198.27.80.143	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE)
139	55

16 2606:4700:3037::681c:d51 (United States)

ASN13335 (CLOUDFLARENET, US)

www.sparechangeinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 92.123.14.115 (France)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-14-115.deploy.static.akamaitechnologies.com

www.nordea.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.nordea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.nordea.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.196.97.170 (Tallinn, Estonia)

ASN3249 (ESTPAK, EE)
PTR: apache1.nordea.ee

koodid.nordea.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 176.114.1.150 (Ukraine)

ASN56485 (THEHOST-AS, UA)
PTR: s17.thehost.com.ua

banksonline24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.182.205.242 (Los Angeles, United States)

ASN54641 (INMOTI-1, US)
PTR: ded4171.inmotionhosting.com

ccbank.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:64:1af::2a1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

is1-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
is5-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
is3-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.104 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-104.fra50.r.cloudfront.net

pic.accessify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.178.208.171 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net

bankinghelp.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:64:186::2a1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

is2-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
is4-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.79.168.159 (Newark, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1267-159.members.linode.com

www.casinonewsdaily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.6.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-6-57.eu-west-1.compute.amazonaws.com

developer.signicat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:c98 (United States)

ASN13335 (CLOUDFLARENET, US)

genbin.genesys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:523 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.apkmonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.241.216.104 (Munich, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi110399.contaboserver.net

uidesigner.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.12.178.28 (Lithuania)

ASN24984 (LUMINOR, LT)

www.luminor.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:c400:0:5a51:64c9:c681 (United States)

ASN16509 (AMAZON-02, US)

live.staticflickr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4b98:dc2:41:216:3eff:fe12:e3e1 (France)

ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR)

hsivonen.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.233.249.6 (Finland)

ASN201271 (NORDEA-AS, SE)

internetbanken.privat.nordea.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::393 (Ascension Island)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.13.73 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

assets.bwbx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.73.69 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-69.fra2.r.cloudfront.net

image2.owler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.83.194 (United States)

ASN13335 (CLOUDFLARENET, US)

iphone-image.apkpure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.179.117.16 (Finland)

ASN58003 (PLANEETTA-AS, FI)
PTR: cpanel06.webhotellit.com

finlandtoday.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:4db (United States)

ASN13335 (CLOUDFLARENET, US)

handoff-cdn.appadvice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.67 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-67.fra50.r.cloudfront.net

s3.reutersmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::444 (Ascension Island)

ASN54113 (FASTLY, US)

dl1.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.171.3 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-171-3.eu-central-1.compute.amazonaws.com

nofluffjobs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:73b4 (United States)

ASN13335 (CLOUDFLARENET, US)

www.paytrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.187.66 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-187-66.deploy.static.akamaitechnologies.com

static-s.aa-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net

news-cdn.softpedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:3f58 (United States)

ASN13335 (CLOUDFLARENET, US)

imgs.aftonbladet-cdn.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.234.26.97 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)
PTR: finextra.com

www.finextra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.90 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.dribbble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.214.22.210 (Copenhagen, Denmark)

ASN50783 (JPPOL, DK)

finanswatch.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.39.102 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: colnect.net

i.colnect.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.66.5 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

docs.woocommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.6 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-6.fra2.r.cloudfront.net

media.thestar.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.54.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.54.201.138.clients.your-server.de

docplayer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

lookaside.fbsbx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.27.80.143 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns558056.ip-198-27-80.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	sparechangeinc.com www.sparechangeinc.com	208 KB
12	mzstatic.com is1-ssl.mzstatic.com is2-ssl.mzstatic.com is5-ssl.mzstatic.com is3-ssl.mzstatic.com is4-ssl.mzstatic.com	409 KB
9	nordea.fi www.nordea.fi	461 KB
8	doubleclick.net googleads.g.doubleclick.net
8	googleusercontent.com lh3.googleusercontent.com	171 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	131 KB
4	ytimg.com i.ytimg.com	205 KB
4	ccbank.us ccbank.us	381 KB
4	banksonline24.com banksonline24.com	394 KB
4	nordea.com www.nordea.com	67 KB
3	gstatic.com fonts.gstatic.com encrypted-tbn0.gstatic.com	30 KB
3	owler.com image2.owler.com	1 MB
3	bwbx.io assets.bwbx.io	263 KB
2	histats.com s10.histats.com s4.histats.com	5 KB
2	hsivonen.fi hsivonen.fi	104 KB
2	staticflickr.com live.staticflickr.com	102 KB
2	luminor.lv www.luminor.lv	342 KB
2	casinonewsdaily.com www.casinonewsdaily.com	249 KB
2	vimeocdn.com i.vimeocdn.com	84 KB
2	googleapis.com fonts.googleapis.com storage.googleapis.com	269 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	facebook.com www.facebook.com
1	fbsbx.com 1 redirects lookaside.fbsbx.com	756 B
1	wp.com i2.wp.com	36 KB
1	docplayer.net docplayer.net	206 KB
1	thestar.com.my media.thestar.com.my	16 KB
1	woocommerce.com docs.woocommerce.com	68 KB
1	colnect.net i.colnect.net	20 KB
1	finanswatch.dk finanswatch.dk	88 KB
1	dribbble.com cdn.dribbble.com	149 KB
1	finextra.com www.finextra.com	39 KB
1	aftonbladet-cdn.se imgs.aftonbladet-cdn.se	206 KB
1	softpedia.com news-cdn.softpedia.com	212 KB
1	aa-cdn.net static-s.aa-cdn.net	48 KB
1	paytrail.com www.paytrail.com	52 KB
1	nofluffjobs.com nofluffjobs.com	114 B
1	cbsistatic.com dl1.cbsistatic.com	52 KB
1	reutersmedia.net s3.reutersmedia.net	66 KB
1	appadvice.com handoff-cdn.appadvice.com	42 KB
1	finlandtoday.fi finlandtoday.fi	18 KB
1	apkpure.com iphone-image.apkpure.com	56 KB
1	twimg.com pbs.twimg.com	191 B
1	nordea.dk www.nordea.dk	220 KB
1	cloudinary.com res.cloudinary.com	357 B
1	nordea.se internetbanken.privat.nordea.se	15 KB
1	uidesigner.dk uidesigner.dk	231 KB
1	apkmonk.com cdn.apkmonk.com
1	genesys.com genbin.genesys.com	6 KB
1	signicat.com developer.signicat.com	113 KB
1	bankinghelp.us bankinghelp.us	41 KB
1	accessify.com pic.accessify.com	8 KB
1	nordea.ee koodid.nordea.ee
0	apk4ever.club Failed apk4ever.club Failed
0	1mobile.com Failed imgsdown.1mobile.com Failed
0	bank-online.com Failed bank-online.com Failed
0	Failed function sub() { [native code] }. Failed
139	58

	Domain	Requested by
16	www.sparechangeinc.com	www.sparechangeinc.com pagead2.googlesyndication.com
9	www.nordea.fi	www.sparechangeinc.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
8	lh3.googleusercontent.com	www.sparechangeinc.com
4	is4-ssl.mzstatic.com	www.sparechangeinc.com
4	i.ytimg.com	www.sparechangeinc.com
4	ccbank.us	www.sparechangeinc.com
4	banksonline24.com	www.sparechangeinc.com
4	www.nordea.com	www.sparechangeinc.com
4	pagead2.googlesyndication.com	www.sparechangeinc.com pagead2.googlesyndication.com
3	image2.owler.com	www.sparechangeinc.com
3	assets.bwbx.io	www.sparechangeinc.com
3	is1-ssl.mzstatic.com	www.sparechangeinc.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	fonts.gstatic.com	pagead2.googlesyndication.com
2	hsivonen.fi	www.sparechangeinc.com
2	live.staticflickr.com	www.sparechangeinc.com
2	www.luminor.lv	www.sparechangeinc.com
2	is5-ssl.mzstatic.com	www.sparechangeinc.com
2	www.casinonewsdaily.com	www.sparechangeinc.com
2	is2-ssl.mzstatic.com	www.sparechangeinc.com
2	i.vimeocdn.com	www.sparechangeinc.com
1	s4.histats.com	s10.histats.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	s10.histats.com	www.sparechangeinc.com
1	encrypted-tbn0.gstatic.com	www.sparechangeinc.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.facebook.com	www.sparechangeinc.com
1	lookaside.fbsbx.com	1 redirects
1	i2.wp.com	www.sparechangeinc.com
1	docplayer.net	www.sparechangeinc.com
1	media.thestar.com.my	www.sparechangeinc.com
1	docs.woocommerce.com	www.sparechangeinc.com
1	i.colnect.net	www.sparechangeinc.com
1	finanswatch.dk	www.sparechangeinc.com
1	cdn.dribbble.com	www.sparechangeinc.com
1	www.finextra.com	www.sparechangeinc.com
1	imgs.aftonbladet-cdn.se	www.sparechangeinc.com
1	news-cdn.softpedia.com	www.sparechangeinc.com
1	static-s.aa-cdn.net	www.sparechangeinc.com
1	www.paytrail.com	www.sparechangeinc.com
1	nofluffjobs.com	www.sparechangeinc.com
1	dl1.cbsistatic.com	www.sparechangeinc.com
1	s3.reutersmedia.net	www.sparechangeinc.com
1	handoff-cdn.appadvice.com	www.sparechangeinc.com
1	finlandtoday.fi	www.sparechangeinc.com
1	iphone-image.apkpure.com	www.sparechangeinc.com
1	pbs.twimg.com	www.sparechangeinc.com
1	www.nordea.dk	www.sparechangeinc.com
1	res.cloudinary.com	www.sparechangeinc.com
1	storage.googleapis.com	www.sparechangeinc.com
1	internetbanken.privat.nordea.se	www.sparechangeinc.com
1	uidesigner.dk	www.sparechangeinc.com
1	cdn.apkmonk.com	www.sparechangeinc.com
1	is3-ssl.mzstatic.com	www.sparechangeinc.com
1	genbin.genesys.com	www.sparechangeinc.com
1	developer.signicat.com	www.sparechangeinc.com
1	bankinghelp.us	www.sparechangeinc.com
1	pic.accessify.com	www.sparechangeinc.com
1	koodid.nordea.ee	www.sparechangeinc.com
1	fonts.googleapis.com	www.sparechangeinc.com
0	apk4ever.club Failed	www.sparechangeinc.com
0	imgsdown.1mobile.com Failed	www.sparechangeinc.com
0	bank-online.com Failed	www.sparechangeinc.com
0	Failed	www.sparechangeinc.com
139	66

This site contains links to these domains. Also see Links.

Domain
www.nordea.fi
www.nordea.com
koodid.nordea.ee
banksonline24.com
ccbank.us
is1-ssl.mzstatic.com
pic.accessify.com
i.vimeocdn.com
i.ytimg.com
bankinghelp.us
lh3.googleusercontent.com
is2-ssl.mzstatic.com
www.casinonewsdaily.com
bank-online.com
is5-ssl.mzstatic.com
developer.signicat.com
genbin.genesys.com
is3-ssl.mzstatic.com
cdn.apkmonk.com
uidesigner.dk
www.luminor.lv
live.staticflickr.com
hsivonen.fi
internetbanken.privat.nordea.se
storage.googleapis.com
res.cloudinary.com
is4-ssl.mzstatic.com
assets.bwbx.io
image2.owler.com
www.nordea.dk
pbs.twimg.com
iphone-image.apkpure.com
finlandtoday.fi
handoff-cdn.appadvice.com
s3.reutersmedia.net
dl1.cbsistatic.com
nofluffjobs.com
www.paytrail.com
imgsdown.1mobile.com
static-s.aa-cdn.net
news-cdn.softpedia.com
imgs.aftonbladet-cdn.se
www.finextra.com
cdn.dribbble.com
finanswatch.dk
i.colnect.net
docs.woocommerce.com
media.thestar.com.my
docplayer.net
apk4ever.club
i2.wp.com
lookaside.fbsbx.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-07-07` - `2020-07-06`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
nordea.com DigiCert SHA2 Extended Validation Server CA	`2020-01-10` - `2020-09-17`	8 months	crt.sh
card-info.nordea.ee DigiCert SHA2 Secure Server CA	`2018-12-18` - `2019-12-19`	a year	crt.sh
banksonline24.com Let's Encrypt Authority X3	`2019-12-05` - `2020-03-04`	3 months	crt.sh
ccbank.us Let's Encrypt Authority X3	`2020-01-03` - `2020-04-02`	3 months	crt.sh
itunes.apple.com DigiCert SHA2 Extended Validation Server CA-3	`2020-01-24` - `2021-01-24`	a year	crt.sh
accessify.com Amazon	`2019-11-01` - `2020-12-01`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-29` - `2020-04-23`	a year	crt.sh
edgestatic.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
bankinghelp.us Let's Encrypt Authority X3	`2020-02-27` - `2020-05-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
casinonewsdaily.com Let's Encrypt Authority X3	`2020-02-20` - `2020-05-20`	3 months	crt.sh
developer.signicat.com Buypass Class 2 CA 2	`2019-11-18` - `2021-11-18`	2 years	crt.sh
*.genesys.com DigiCert SHA2 Secure Server CA	`2020-01-27` - `2022-02-16`	2 years	crt.sh
uidesigner.dk Let's Encrypt Authority X3	`2019-12-12` - `2020-03-11`	3 months	crt.sh
luminorgroup.com Let's Encrypt Authority X3	`2020-01-07` - `2020-04-06`	3 months	crt.sh
static.flickr.com Amazon	`2019-04-09` - `2020-05-09`	a year	crt.sh
hsivonen.fi Let's Encrypt Authority X3	`2020-02-28` - `2020-05-28`	3 months	crt.sh
internetbanken.privat.nordea.se Entrust Certification Authority - L1M	`2020-01-10` - `2021-01-10`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2018-07-01` - `2020-06-22`	2 years	crt.sh
www.bloomberg.com DigiCert SHA2 Extended Validation Server CA	`2019-12-13` - `2021-04-07`	a year	crt.sh
*.owler.com DigiCert SHA2 Secure Server CA	`2018-05-29` - `2020-06-04`	2 years	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
ssl418634.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-07` - `2020-06-14`	6 months	crt.sh
finlandtoday.fi Let's Encrypt Authority X3	`2020-01-16` - `2020-04-15`	3 months	crt.sh
static.reuters.com Amazon	`2019-11-25` - `2020-12-25`	a year	crt.sh
*.cbsistatic.com DigiCert SHA2 High Assurance Server CA	`2019-02-22` - `2021-02-26`	2 years	crt.sh
*.nofluffjobs.com Certum Domain Validation CA SHA2	`2017-12-18` - `2020-12-17`	3 years	crt.sh
www.paytrail.com CloudFlare Inc ECC CA-2	`2019-09-17` - `2020-09-16`	a year	crt.sh
*.aa-cdn.net DigiCert SHA2 Secure Server CA	`2019-12-16` - `2020-12-15`	a year	crt.sh
*.softpedia.com DigiCert SHA2 Secure Server CA	`2019-02-19` - `2020-04-15`	a year	crt.sh
aftonbladet-cdn.se CloudFlare Inc ECC CA-2	`2019-12-24` - `2020-10-09`	10 months	crt.sh
*.finextra.com Starfield Secure Certificate Authority - G2	`2020-01-09` - `2022-01-26`	2 years	crt.sh
*.dribbble.com DigiCert SHA2 Secure Server CA	`2018-07-24` - `2020-03-13`	2 years	crt.sh
watchmedier.dk Sectigo RSA Domain Validation Secure Server CA	`2019-05-10` - `2021-05-09`	2 years	crt.sh
i.colnect.es Let's Encrypt Authority X3	`2020-01-31` - `2020-04-30`	3 months	crt.sh
example.woocommerce.com Let's Encrypt Authority X3	`2020-02-22` - `2020-05-22`	3 months	crt.sh
*.thestar.com.my Amazon	`2019-10-10` - `2020-11-10`	a year	crt.sh
docplayer.net Let's Encrypt Authority X3	`2020-01-04` - `2020-04-03`	3 months	crt.sh
*.wp.com Go Daddy Secure Certificate Authority - G2	`2018-04-10` - `2020-05-11`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
histats.com Let's Encrypt Authority X3	`2019-12-27` - `2020-03-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.sparechangeinc.com/nordea-online-banking-login/
Frame ID: 2D03980C56A4EC999CBC663BBB360625
Requests: 130 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200224/r20190131/zrt_lookup.html
Frame ID: B50091395B82FE23398E10AED806C6B9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8540846906976433&output=html&adk=1812271804&adf=3025194257&lmt=1583219869&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1583219866405&bpp=17&bdt=53&fdt=2980&idt=2980&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2335061237721&frm=20&pv=2&ga_vid=2077214493.1583219869&ga_sid=1583219869&ga_hid=543711854&ga_fc=0&iag=0&icsg=52401464324095&dssz=39&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2728554196875377&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=2994
Frame ID: B8744AA0CE03CBF842723F587159A6D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8540846906976433&output=html&h=280&slotname=9881242801&adk=1622227382&adf=3410240025&w=730&fwrn=4&fwrnh=100&lmt=1583219869&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=730x280&url=https%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1583219866422&bpp=14&bdt=71&fdt=3004&idt=3004&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2335061237721&frm=20&pv=1&ga_vid=2077214493.1583219869&ga_sid=1583219869&ga_hid=543711854&ga_fc=0&iag=0&icsg=193138952679423&dssz=40&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=543&ady=123&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2728554196875377&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tSjPb7D3fi&p=https%3A//www.sparechangeinc.com&dtd=3009
Frame ID: 3A05C30E7A2F143355B1746CE577606E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8540846906976433&output=html&h=250&slotname=1409169490&adk=3269784573&adf=2984306924&w=970&lmt=1583219869&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&flash=0&wgl=1&adsid=NT&dt=1583219866442&bpp=3&bdt=91&fdt=2995&idt=2995&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=2335061237721&frm=20&pv=1&ga_vid=2077214493.1583219869&ga_sid=1583219869&ga_hid=543711854&ga_fc=0&iag=0&icsg=193138952679423&dssz=40&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=493&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2728554196875377&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=2&uci=a!2&fsb=1&xpc=S3GP2QiUXV&p=https%3A//www.sparechangeinc.com&dtd=2997
Frame ID: B2D3B20E92FD3069B606F3E3EF13800E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8540846906976433&output=html&h=158&slotname=7683041605&adk=3184040825&adf=4213813201&w=630&fwrn=4&lmt=1583219869&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=630x158&url=https%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&flash=0&wgl=1&adsid=NT&dt=1583219866452&bpp=8&bdt=101&fdt=3011&idt=3011&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C970x250&nras=1&correlator=2335061237721&frm=20&pv=1&ga_vid=2077214493.1583219869&ga_sid=1583219869&ga_hid=543711854&ga_fc=0&iag=0&icsg=193138952679423&dssz=40&mdo=0&mso=0&rplot=4&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=919&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2728554196875377&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=a!3&fsb=1&xpc=APb63TFpKw&p=https%3A//www.sparechangeinc.com&dtd=3014
Frame ID: 3BDBAD3A10E1598A6B3030DD001E3800
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8540846906976433&output=html&h=158&slotname=7683041605&adk=3184040825&adf=1294102160&w=630&fwrn=4&lmt=1583219869&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=630x158&url=https%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&flash=0&wgl=1&adsid=NT&dt=1583219866461&bpp=4&bdt=110&fdt=3011&idt=3011&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C970x250%2C630x158&nras=1&correlator=2335061237721&frm=20&pv=1&ga_vid=2077214493.1583219869&ga_sid=1583219869&ga_hid=543711854&ga_fc=0&iag=0&icsg=193138952679423&dssz=40&mdo=0&mso=0&rplot=4&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=2633&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2728554196875377&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ZBshjT3mjF&p=https%3A//www.sparechangeinc.com&dtd=3014
Frame ID: 2CD0AD042F7A4FB5205C8AD2CFD37D76
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8540846906976433&output=html&h=600&slotname=4621763996&adk=1991775079&adf=252835166&w=300&lmt=1583219869&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&flash=0&wgl=1&adsid=NT&dt=1583219866507&bpp=4&bdt=155&fdt=2999&idt=2999&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C970x250%2C630x158%2C630x158&nras=1&correlator=2335061237721&frm=20&pv=1&ga_vid=2077214493.1583219869&ga_sid=1583219869&ga_hid=543711854&ga_fc=0&iag=0&icsg=772555810717692&dssz=41&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=973&ady=930&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2728554196875377&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FAkjqqxEuR&p=https%3A//www.sparechangeinc.com&dtd=3001
Frame ID: F7B798999C6C4F940888E861CCD1427B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8540846906976433&output=html&h=600&slotname=2789220848&adk=3316220365&adf=749892634&w=300&fwrn=4&fwrnh=100&lmt=1583219869&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1583219866518&bpp=5&bdt=167&fdt=2998&idt=2998&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C970x250%2C630x158%2C630x158%2C300x600&nras=1&correlator=2335061237721&frm=20&pv=1&ga_vid=2077214493.1583219869&ga_sid=1583219869&ga_hid=543711854&ga_fc=0&iag=0&icsg=772555810717692&dssz=41&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=973&ady=2185&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2728554196875377&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=HwN4rP94KQ&p=https%3A//www.sparechangeinc.com&dtd=3000
Frame ID: BCD691E572DD049355C5BEEE944E8091
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: E37B06A739F98D486B2B865BEE366857
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

139
Requests

94 %
HTTPS

45 %
IPv6

58
Domains

66
Subdomains

55
IPs

13
Countries

7016 kB
Transfer

7523 kB
Size

0
Cookies

95 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nordea.fi/Images/147-228827/tunnuslukusovellus-mobiilipankissa-kirj-2.PNG
Title:

Search URL Search Domain Scan URL

URL: https://www.nordea.com/static/dotcom/img/icons/sm_mail.svg?v=2.54.3
Title:

Search URL Search Domain Scan URL

URL: https://www.nordea.com/Images/33-146393/step2.jpg
Title:

Search URL Search Domain Scan URL

URL: http://koodid.nordea.ee/assets/images/eesti_en_offline_code_calc.png
Title:

Search URL Search Domain Scan URL

URL: https://banksonline24.com/wp-content/uploads/Nordea-Bank-002.png
Title:

Search URL Search Domain Scan URL

URL: https://www.nordea.com/static/dotcom/img/icons/sm_linkedIn.svg?v=2.54.3
Title:

Search URL Search Domain Scan URL

URL: https://www.nordea.fi/Images/147-228837/tunnuslukusovellus-verkkopankissa-kirj-1.png
Title:

Search URL Search Domain Scan URL

URL: https://www.nordea.fi/Images/147-145614/Nordea-Investor-login-android.gif
Title:

Search URL Search Domain Scan URL

URL: https://ccbank.us/wp-content/uploads/login2-568.png
Title:

Search URL Search Domain Scan URL

URL: https://ccbank.us/wp-content/uploads/login2-571.png
Title:

Search URL Search Domain Scan URL

URL: https://www.nordea.fi/Images/147-88417/tunnuslukusovellus-kayttoonotto-2-en.PNG
Title:

Search URL Search Domain Scan URL

URL: https://banksonline24.com/wp-content/uploads/Nordea-Bank-003.png
Title:

Search URL Search Domain Scan URL

URL: https://www.nordea.fi/Images/147-145506/NOI-ipad-login-1.jpg
Title:

Search URL Search Domain Scan URL

URL: https://www.nordea.fi/Images/147-94961/yritys-pankkitunnukset-en.png
Title:

Search URL Search Domain Scan URL

URL: https://www.nordea.fi/Images/147-228812/tunnuslukusovellus-asiakaspalvelu-kirj-off-4.png
Title:

Search URL Search Domain Scan URL

URL: https://ccbank.us/wp-content/uploads/login-787.png
Title:

Search URL Search Domain Scan URL

URL: https://banksonline24.com/wp-content/uploads/Nordea-Bank-004.png
Title:

Search URL Search Domain Scan URL

URL: https://is1-ssl.mzstatic.com/image/thumb/Purple123/v4/1d/54/47/1d54473a-78c2-ee17-597f-ae1ab16f004a/mzl.hylsfrjg.png/1024x768bb.png
Title:

Search URL Search Domain Scan URL

URL: https://www.nordea.fi/Images/147-94967/yritys-pankkitunnukset-kayttoonotto-en.png
Title:

Search URL Search Domain Scan URL

URL: https://banksonline24.com/wp-content/uploads/Nordea-Bank-001.png
Title:

Search URL Search Domain Scan URL

URL: https://pic.accessify.com/thumbnails/777x423/n/nordea.brandportal.de.png
Title:

Search URL Search Domain Scan URL

URL: https://ccbank.us/wp-content/uploads/login-773.png
Title:

Search URL Search Domain Scan URL

URL: https://www.nordea.com/Images/33-119107/Nordea-logo%20(cvi).svg
Title:

Search URL Search Domain Scan URL

URL: https://i.vimeocdn.com/video/665110693.webp?mw=900&mh=506
Title:

Search URL Search Domain Scan URL

URL: https://i.vimeocdn.com/filter/overlay?src0=https%3A%2F%2Fi.vimeocdn.com%2Fvideo%2F628155867_1280x720.jpg&src1=https%3A%2F%2Ff.vimeocdn.com%2Fimages_v6%2Fshare%2Fplay_icon_overlay.png
Title:

Search URL Search Domain Scan URL

URL: https://i.ytimg.com/vi/YBKK6n0UTAE/maxresdefault.jpg
Title:

Search URL Search Domain Scan URL

URL: https://bankinghelp.us/wp-content/uploads/login2-581.png
Title:

Search URL Search Domain Scan URL

URL: https://www.nordea.fi/Images/147-98500/tunnusluvut-kayttovalmis-ota-kayttoon-en.jpg
Title:

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/xs0eyZ7BnmnoU0j9hf3nG12edgiqVcX8aTTQ8QpSAdKAHb3xZGlzDM9wgBWv0QKUuvw=w412-h220-rw
Title:

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/xxYW-VBAOxwyT3iPBSpFg-M6SNCk2LDW1mjb7T7Z4V-FyY16P2Dsrgnngll8JXCXT5s
Title:

Search URL Search Domain Scan URL

URL: https://is2-ssl.mzstatic.com/image/thumb/Purple123/v4/da/00/f1/da00f194-5f5e-e503-1135-88c67922fdb5/pr_source.png/300x0w.jpg
Title:

Search URL Search Domain Scan URL

URL: https://www.casinonewsdaily.com/wp-content/uploads/guides/illustrations/deposit-methods/nordea/nordea-advantages.png
Title:

Search URL Search Domain Scan URL

URL: https://is2-ssl.mzstatic.com/image/thumb/Purple113/v4/63/8a/ce/638ace46-cf01-c03a-c953-c69e34429f85/mzl.mxulfiym.png/300x0w.jpg
Title:

Search URL Search Domain Scan URL

URL: http://bank-online.com/wp-content/uploads/Nordea-Bank-005.png
Title:

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/Bi6LA_TdoM-QaXJgJVRAavN6UgdAUGfZyJpnHPnSHMLa_iPCcgdtmP8gZqWZYhx_NrM=w412-h220-rw
Title:

Search URL Search Domain Scan URL

URL: https://is5-ssl.mzstatic.com/image/thumb/Purple113/v4/e4/14/37/e41437cf-2985-493d-4336-e983537f300f/pr_source.png/300x0w.jpg
Title:

Search URL Search Domain Scan URL

URL: https://i.ytimg.com/vi/biNpck-gx7A/hqdefault.jpg
Title:

Search URL Search Domain Scan URL

URL: https://developer.signicat.com/wp-content/uploads/2017/09/sc_Tupas_fi_new.png
Title:

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/Xlh4k7gCBxZlU3i3B8cgk_GiQ_W0Kxa46crM3IThZUHPHlgqgzDo_HXnHXSiiwac0s0=h750
Title:

Search URL Search Domain Scan URL

URL: https://genbin.genesys.com/media/5e98c535-meta-logo-nordea.png
Title:

Search URL Search Domain Scan URL

URL: https://is3-ssl.mzstatic.com/image/thumb/Purple123/v4/e9/4a/e2/e94ae267-2bf6-40b3-f1e0-e0abfc479b31/mzl.dmkizazb.png/696x696bb.png
Title:

Search URL Search Domain Scan URL

URL: https://cdn.apkmonk.com/images/se.nordea.mobilebank.png
Title:

Search URL Search Domain Scan URL

URL: http://uidesigner.dk/assets/images/pngfile-1110x833.png
Title:

Search URL Search Domain Scan URL

URL: https://i.ytimg.com/vi/OOGWdrC0mSQ/maxresdefault.jpg
Title:

Search URL Search Domain Scan URL

URL: https://www.luminor.lv/sites/default/files/img/cc_3_en.jpg
Title:

Search URL Search Domain Scan URL

URL: https://live.staticflickr.com/7285/8717681137_27e88bce9f_z.jpg
Title:

Search URL Search Domain Scan URL

URL: https://hsivonen.fi/bank-idp/nordea-idp.png
Title:

Search URL Search Domain Scan URL

URL: https://internetbanken.privat.nordea.se/web_elements/images/web/local/se3/se/Picture/pi17_Mobilt_BankID_Login_instruktions.png
Title:

Search URL Search Domain Scan URL

URL: https://storage.googleapis.com/qvik-wp-site-content-prod/2019/06/3fc06d26-vepa-tunnistus-nordea-device-en.png
Title:

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/demo/image/fetch/w_340,h_200,c_crop,g_face/https://finlandtoday.fi/wp-content/uploads/ft-nordea-problem-cover.png
Title:

Search URL Search Domain Scan URL

URL: https://is1-ssl.mzstatic.com/image/thumb/Purple113/v4/ad/41/3f/ad413fb9-f97a-adeb-2eb9-a0aabe5207c3/pr_source.png/300x0w.jpg
Title:

Search URL Search Domain Scan URL

URL: https://is4-ssl.mzstatic.com/image/thumb/Purple118/v4/14/90/a2/1490a211-76a6-a0b7-e411-6e7612a61ff6/pr_source.png/696x696bb.png
Title:

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/kgFZTYi8igcroHBaWBm5dcfWAxyi84o3HL8IjDm5zr4Z79VLGnMi65ZTpjpKijIbqsg=h750
Title:

Search URL Search Domain Scan URL

URL: https://www.casinonewsdaily.com/wp-content/uploads/guides/illustrations/deposit-methods/nordea/nordea-howitworks.png
Title:

Search URL Search Domain Scan URL

URL: https://assets.bwbx.io/images/users/iqjWHBFdfxIU/ix94jh4alBow/v2/pidjEfPlU1QWZop3vfGKsrX.ke8XuWirGYh1PKgEw44kE/1000x-1.png
Title:

Search URL Search Domain Scan URL

URL: https://image2.owler.com/183962-1428912223387.png
Title:

Search URL Search Domain Scan URL

URL: https://www.nordea.dk/Images/144-193038/Cards_Pay_dk_640x360.png
Title:

Search URL Search Domain Scan URL

URL: https://pbs.twimg.com/media/CjiAjhnUYAArZqC.jpg
Title:

Search URL Search Domain Scan URL

URL: https://iphone-image.apkpure.com/v2/app/3/7/c/37c3b8d4c63d3c2d2d1f828707e9d06e_639x1136.jpg
Title:

Search URL Search Domain Scan URL

URL: https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iuUwbAMfazQY/v1/1000x-1.jpg
Title:

Search URL Search Domain Scan URL

URL: https://finlandtoday.fi/wp-content/uploads/ft-nordea-problem-cover.png
Title:

Search URL Search Domain Scan URL

URL: https://handoff-cdn.appadvice.com/generated-app-plays/571238397/62080000-half-thumb/00001.jpg
Title:

Search URL Search Domain Scan URL

URL: https://image2.owler.com/183962-1461413207902.png
Title:

Search URL Search Domain Scan URL

URL: https://s3.reutersmedia.net/resources/r/?m=02&d=20190304&t=2&i=1362671837&r=LYNXNPEF230MO&w=1280
Title:

Search URL Search Domain Scan URL

URL: https://is4-ssl.mzstatic.com/image/thumb/Purple123/v4/de/f2/46/def24697-9a0c-6b31-e1d7-9a54b63e3b48/mzl.ujkhcbuo.png/1024x768bb.png
Title:

Search URL Search Domain Scan URL

URL: https://live.staticflickr.com/66/229205945_b0047c0bd8.jpg
Title:

Search URL Search Domain Scan URL

URL: https://dl1.cbsistatic.com/i/2018/01/25/2d5227b9-08a8-459f-ad7a-0bb0a97e255e/503a0c62eb8220f6da7160f668e60f51/imgingest-8144794786664442659.png
Title:

Search URL Search Domain Scan URL

URL: https://nofluffjobs.com/api/thumbnail/TXJM91N7
Title:

Search URL Search Domain Scan URL

URL: https://www.paytrail.com/hs-fs/hubfs/Nordea-Siirto-211543-edited.png?width=520&name=Nordea-Siirto-211543-edited.png
Title:

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/YpeXdksyXX-q3w-EtY6eu3vLRhwN0LAvdwigeCotjrddDRWQBMtO_5vHobYSvdoqDRHn=h750
Title:

Search URL Search Domain Scan URL

URL: http://imgsdown.1mobile.com/group2/M00/24/31/S36rZFpL_eWAHwqcAAPgdHjz6VE946.png
Title:

Search URL Search Domain Scan URL

URL: https://i.ytimg.com/vi/kEnxmVCgZPQ/maxresdefault.jpg
Title:

Search URL Search Domain Scan URL

URL: https://is5-ssl.mzstatic.com/image/thumb/Purple123/v4/2c/29/d1/2c29d19d-f952-a6b8-887e-232916a33ed6/pr_source.png/300x0w.jpg
Title:

Search URL Search Domain Scan URL

URL: https://www.luminor.lv/sites/default/files/img/code-calculator_en.jpg
Title:

Search URL Search Domain Scan URL

URL: https://static-s.aa-cdn.net/img/gp/20600004951235/dBQ6h8Xmlsud85AA-R6ujDMeXeCpEZUeaRezaJJOylkpFBi_1VsjNZ6altWRTeG9Sg=h900
Title:

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/jEJXnFELzEO79LzJcWuxj042-STX-YqS47SfkoPxiIX2N-oCWp8GsctEH999Pkzu_JQ=w412-h220-rw
Title:

Search URL Search Domain Scan URL

URL: https://image2.owler.com/183962-1407479543521.png
Title:

Search URL Search Domain Scan URL

URL: https://hsivonen.fi/bank-idp/s-pankki-bank.png
Title:

Search URL Search Domain Scan URL

URL: https://news-cdn.softpedia.com/images/news2/Phishing-Campaign-Aims-at-Finnish-Bank-Credentials-452654-2.jpg
Title:

Search URL Search Domain Scan URL

URL: https://imgs.aftonbladet-cdn.se/v2/images/1c78b514-6e04-4afa-9591-a7c13706315e?fit=crop&h=900&w=1600&s=033f8b79a0195e128e6f2d704324ea6fcf4a9e31
Title:

Search URL Search Domain Scan URL

URL: https://www.finextra.com/finextra-images/top_pics/xl/5080.jpg
Title:

Search URL Search Domain Scan URL

URL: https://cdn.dribbble.com/users/182274/screenshots/3001921/nordea-login.png
Title:

Search URL Search Domain Scan URL

URL: https://finanswatch.dk/incoming/article10780481.ece/ALTERNATES/native-app-960/EJW%20Blackstone%20d%C3%B8rskilt%20New%20York.jpg
Title:

Search URL Search Domain Scan URL

URL: https://is4-ssl.mzstatic.com/image/thumb/Purple113/v4/fa/de/96/fade9696-cbc1-1271-f2b2-676bf766cb19/mzl.zknjtoqu.png/750x750bb.jpeg
Title:

Search URL Search Domain Scan URL

URL: https://i.colnect.net/f/5514/401/Nordea.jpg
Title:

Search URL Search Domain Scan URL

URL: http://docs.woocommerce.com/wp-content/uploads/2015/05/nordea-gateway-settings.png
Title:

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/8u-FJ6tCbT7wS7gK4muGbrymF_juuy2VctDocP1umf_kvX_h9nDDq1Fs-v1Cp6XxwoA
Title:

Search URL Search Domain Scan URL

URL: https://is1-ssl.mzstatic.com/image/thumb/Purple125/v4/c5/28/78/c52878df-c58c-532d-677f-f15d1a3568c8/source/392x696bb.jpg
Title:

Search URL Search Domain Scan URL

URL: https://media.thestar.com.my/Prod/6F736BAF-8476-4877-9D03-059940A33304
Title:

Search URL Search Domain Scan URL

URL: https://docplayer.net/docs-images/49/18145005/images/page_2.jpg
Title:

Search URL Search Domain Scan URL

URL: https://apk4ever.club/pics/QqzWi2OA12_4WXpD5RmQ7E55k3VbHTDiA77hVlhAuFA/fill/512/288/no/1/aHR0cHM6Ly9saDMuZ29vZ2xldXNlcmNvbnRlbnQuY29tLzUwcE5oV2hSeXNQQW1Ed19MV0pjY0VFUUtRc0E1am5vd1l6VTE0bUZxVmg2eWd4aVl0Rk5sLWx2Q05CVmdaRVl2dw.jpg
Title:

Search URL Search Domain Scan URL

URL: https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iSFpK7Fws4fs/v0/-1x-1.png
Title:

Search URL Search Domain Scan URL

URL: https://i2.wp.com/www.migranttales.net/wp-content/uploads/2013/11/Kuvankaappaus-2013-11-17-kello-8.22.52.png?fit=1200%2C713
Title:

Search URL Search Domain Scan URL

URL: https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=213838061959603
Title:

Search URL Search Domain Scan URL

URL: https://is4-ssl.mzstatic.com/image/thumb/Purple123/v4/16/75/ac/1675acbd-3d6d-a22e-65ed-c8c57844609e/pr_source.png/300x0w.jpg
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 107

https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=213838061959603 HTTP 302
https://www.facebook.com/NordeaSverige/photos/a.215751038434972/2046010892075635/?type=3&is_lookaside=1

139 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.sparechangeinc.com/nordea-online-banking-login/ 96 KB
15 KB 525ms
473ms Document
text/html 2606:4700:3037::681c:d51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681c:d51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b227e234e1f9c5378732ecbc5ae2d4fb19dedabe09eec6310de4249e1eeeec64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.sparechangeinc.com
:scheme: https
:path: /nordea-online-banking-login/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Tue, 03 Mar 2020 07:17:46 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d36252d143312531c9c914e6b5e403bc71583219865; expires=Thu, 02-Apr-20 07:17:45 GMT; path=/; domain=.sparechangeinc.com; HttpOnly; SameSite=Lax; Secure PHPSESSID=701e41049817ce7bd4767bf85d49c5b3; path=/
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://www.sparechangeinc.com/wp-json/>; rel="https://api.w.org/" <https://www.sparechangeinc.com/?p=12879>; rel=shortlink
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56e19461bf1c2484-FRA
content-encoding: br

GET
H2 200 style.min.css
www.sparechangeinc.com/wp-includes/css/dist/block-library/ 40 KB
6 KB 14ms
12ms Stylesheet
text/css 2606:4700:3037::681c:d51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sparechangeinc.com/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681c:d51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 72066
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Nov 2019 04:00:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dcb7fec-a1fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 56e19464be682484-FRA
expires: Tue, 02 Mar 2021 11:16:40 GMT

GET
H2 200 styles.css
www.sparechangeinc.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
659 B 15ms
13ms Stylesheet
text/css 2606:4700:3037::681c:d51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sparechangeinc.com/wp-content/plugins/contact-form-7/includes/css/styles.css

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681c:d51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 72066
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 01 Dec 2019 04:35:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5de3431e-66d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 56e19464be6a2484-FRA
expires: Tue, 02 Mar 2021 11:16:40 GMT

GET
H2 200 front.min.css
www.sparechangeinc.com/wp-content/plugins/cookie-notice/css/ 6 KB
1 KB 27ms
25ms Stylesheet
text/css 2606:4700:3037::681c:d51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sparechangeinc.com/wp-content/plugins/cookie-notice/css/front.min.css

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681c:d51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2078dee7fc89aafc1feefc2f8d3bc3d2db24e580eb55aea12b1f6b06ef3198da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 72066
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Jan 2020 15:10:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e15f0f5-182f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 56e19464be6d2484-FRA
expires: Tue, 02 Mar 2021 11:16:40 GMT

GET
H2 200 idblog-core.css
www.sparechangeinc.com/wp-content/plugins/idblog-core/css/ 6 KB
2 KB 25ms
24ms Stylesheet
text/css 2606:4700:3037::681c:d51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sparechangeinc.com/wp-content/plugins/idblog-core/css/idblog-core.css

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681c:d51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2359a9d4b5fbee2aae884b9b6707c6c0c1ba13f529dfa1257978617ef59f000

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 72066
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 17 Feb 2020 10:17:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e4a682f-18b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 56e19464be702484-FRA
expires: Tue, 02 Mar 2021 11:16:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
765 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C300%26subset%3Dlatin%2C

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dceb98cad37ec33cb551cff401337fb518af41f3260ab83640de53ad001d66f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 07:17:46 GMT
server: ESF
date: Tue, 03 Mar 2020 07:17:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Mar 2020 07:17:46 GMT

GET
H2 200 style.css
www.sparechangeinc.com/wp-content/themes/superfast/ 67 KB
14 KB 21ms
19ms Stylesheet
text/css 2606:4700:3037::681c:d51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sparechangeinc.com/wp-content/themes/superfast/style.css

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681c:d51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bdf97b0b9f407b3db28d1e7540070425a68d18e65c6a480abaf7665cc03849e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 72066
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Aug 2019 13:44:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d4ad5ad-10ad8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
cf-ray: 56e19464be722484-FRA
expires: Tue, 02 Mar 2021 11:16:40 GMT

GET
H2 200 jquery.js Show response
www.sparechangeinc.com/wp-includes/js/jquery/ 95 KB
32 KB 18ms
16ms Script
application/javascript 2606:4700:3037::681c:d51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sparechangeinc.com/wp-includes/js/jquery/jquery.js

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681c:d51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 72066
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Jul 2019 03:50:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d216c22-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 56e19464be732484-FRA
expires: Tue, 02 Mar 2021 11:16:40 GMT

GET
H2 200 front.min.js Show response
www.sparechangeinc.com/wp-content/plugins/cookie-notice/js/ 8 KB
2 KB 24ms
23ms Script
application/javascript 2606:4700:3037::681c:d51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sparechangeinc.com/wp-content/plugins/cookie-notice/js/front.min.js

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681c:d51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

195f376b7afb672918e01d73e4ca94b581720160185397a93f677ec6eb8fdc06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 72066
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Jan 2020 15:10:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e15f0f5-1fe5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 56e19464be742484-FRA
expires: Tue, 02 Mar 2021 11:16:40 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 106 KB
38 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

336b551266d7b3191bc3c0405219cdc7851a2154f062be0adb6d0409610efcf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38582
x-xss-protection: 0
server: cafe
etag: 1894056443252110232
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Mar 2020 07:17:46 GMT

GET
H/1.1 200
OK tunnuslukusovellus-mobiilipankissa-kirj-2.PNG
www.nordea.fi/Images/147-228827/ 48 KB
48 KB 237ms
117ms Image
image/png 92.123.14.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordea.fi/Images/147-228827/tunnuslukusovellus-mobiilipankissa-kirj-2.PNG

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.14.115 , France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-14-115.deploy.static.akamaitechnologies.com

Software

Resource Hash

0d99d305a4ade4111d393ad4c63db10b51b369259bab96a6a6b17dae50eb53d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=157680000
Last-Modified: Fri, 20 Oct 2017 11:44:06 GMT
ETag: 1508499846000
Content-Type: image/png
Cache-Control: public, max-age=14400
Date: Tue, 03 Mar 2020 07:17:46 GMT
Connection: keep-alive
Content-Length: 49292

GET
H/1.1 200
OK yritys-pankkitunnukset-en.png
www.nordea.fi/Images/147-94961/ 50 KB
51 KB 315ms
231ms Image
image/png 92.123.14.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordea.fi/Images/147-94961/yritys-pankkitunnukset-en.png

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.14.115 , France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-14-115.deploy.static.akamaitechnologies.com

Software

Resource Hash

71c9936b04f4cc355af5d4f80ab769dc10fbb6e91459c5715765947acc39c539

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=157680000
Last-Modified: Wed, 25 Nov 2015 12:56:33 GMT
ETag: 1448456193000
Content-Type: image/png
Cache-Control: public, max-age=5326
Date: Tue, 03 Mar 2020 07:17:46 GMT
Connection: keep-alive
Content-Length: 51428

GET
H/1.1 200
OK sm_mail.svg
www.nordea.com/static/dotcom/img/icons/ 728 B
1 KB 227ms
99ms Image
image/svg+xml 92.123.14.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordea.com/static/dotcom/img/icons/sm_mail.svg?v=2.54.3

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.14.115 , France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-14-115.deploy.static.akamaitechnologies.com

Software

Resource Hash

2783f33ab9a646ca0b84f8cf0f20312b1726868eb96e95aa07dd7367039e3c2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=157680000
Last-Modified: Tue, 28 Jan 2020 13:52:42 GMT
Date: Tue, 03 Mar 2020 07:17:46 GMT
Content-Type: image/svg+xml
Cache-Control: max-age=43200000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 728

GET
H/1.1 200
OK step2.jpg
www.nordea.com/Images/33-146393/ 63 KB
63 KB 273ms
145ms Image
image/jpeg 92.123.14.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordea.com/Images/33-146393/step2.jpg

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.14.115 , France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-14-115.deploy.static.akamaitechnologies.com

Software

Resource Hash

e827d4b1815bd4320d4ec38076f1c11a6cc89b808803304dfce4f51e1a07c88c

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=157680000
Last-Modified: Tue, 28 Nov 2017 11:44:32 GMT
ETag: 1511869472000
Content-Type: image/jpeg
Cache-Control: public, max-age=14391
Date: Tue, 03 Mar 2020 07:17:46 GMT
Connection: keep-alive
Content-Length: 64124

GET
H/1.0 404
Not Found eesti_en_offline_code_calc.png
koodid.nordea.ee/assets/images/ 0
0 696ms
193ms Image
text/html 88.196.97.170
ESTPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koodid.nordea.ee/assets/images/eesti_en_offline_code_calc.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.196.97.170 Tallinn, Estonia, ASN3249 (ESTPAK, EE),
Reverse DNS: apache1.nordea.ee
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H/1.1 200
OK Nordea-Bank-002.png
banksonline24.com/wp-content/uploads/ 30 KB
30 KB 523ms
347ms Image
image/png 176.114.1.150
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banksonline24.com/wp-content/uploads/Nordea-Bank-002.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.114.1.150 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s17.thehost.com.ua
Software: nginx /
Resource Hash: 31e9de551bb7d6e8f497ea5d4c95160d53766e1c81981b98eab090623597b823

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 03 Mar 2020 07:17:46 GMT
Last-Modified: Wed, 22 Jan 2020 00:59:44 GMT
Server: nginx
ETag: "5e279e80-7891"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30865
Expires: Tue, 10 Mar 2020 07:17:46 GMT

GET
H/1.1 200
OK sm_linkedIn.svg
www.nordea.com/static/dotcom/img/icons/ 830 B
1 KB 290ms
163ms Image
image/svg+xml 92.123.14.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordea.com/static/dotcom/img/icons/sm_linkedIn.svg?v=2.54.3

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.14.115 , France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-14-115.deploy.static.akamaitechnologies.com

Software

Resource Hash

0b3331740d82e5edb51b3aa4cf3337456b7c69ebeb106693d7765d005bf96f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=157680000
Last-Modified: Tue, 28 Jan 2020 13:52:42 GMT
Date: Tue, 03 Mar 2020 07:17:46 GMT
Content-Type: image/svg+xml
Cache-Control: max-age=43199977
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 830

GET
H/1.1 200
OK tunnuslukusovellus-verkkopankissa-kirj-1.png
www.nordea.fi/Images/147-228837/ 19 KB
20 KB 199ms
116ms Image
image/png 92.123.14.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordea.fi/Images/147-228837/tunnuslukusovellus-verkkopankissa-kirj-1.png

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.14.115 , France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-14-115.deploy.static.akamaitechnologies.com

Software

Resource Hash

9aebc08920b8c64acdf98a43554d02b262c4fe9228c63853f7be46462d1fb612

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=157680000
Last-Modified: Wed, 18 Jul 2018 11:16:03 GMT
ETag: 1531912563000
Content-Type: image/png
Cache-Control: public, max-age=14397
Date: Tue, 03 Mar 2020 07:17:46 GMT
Connection: keep-alive
Content-Length: 19739

GET
H/1.1 200
OK Nordea-Investor-login-android.gif
www.nordea.fi/Images/147-145614/ 47 KB
48 KB 192ms
109ms Image
image/gif 92.123.14.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordea.fi/Images/147-145614/Nordea-Investor-login-android.gif

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.14.115 , France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-14-115.deploy.static.akamaitechnologies.com

Software

Resource Hash

2fb7fc46d5d30ee59bb14873cacf68be89683c658cec73d18e46d09665797969

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=157680000
Last-Modified: Thu, 06 Oct 2016 10:27:11 GMT
ETag: 1475749631000
Content-Type: image/gif
Cache-Control: public, max-age=14359
Date: Tue, 03 Mar 2020 07:17:46 GMT
Connection: keep-alive
Content-Length: 48346

GET
H/1.1 200
OK login2-568.png
ccbank.us/wp-content/uploads/ 26 KB
27 KB 328ms
114ms Image
image/png 209.182.205.242
INMOTI-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccbank.us/wp-content/uploads/login2-568.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.182.205.242 Los Angeles, United States, ASN54641 (INMOTI-1, US),
Reverse DNS: ded4171.inmotionhosting.com
Software: Apache /
Resource Hash: 501c9532f3bd88c62b80bd4e30a5cdb411b7007b524b73cf38deeeebfe1da672

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 03 Mar 2020 07:17:46 GMT
Last-Modified: Wed, 06 Sep 2017 09:24:01 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 27058
Expires: max-age=A10368000, public

GET
H/1.1 200
OK login2-571.png
ccbank.us/wp-content/uploads/ 42 KB
42 KB 327ms
109ms Image
image/png 209.182.205.242
INMOTI-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccbank.us/wp-content/uploads/login2-571.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.182.205.242 Los Angeles, United States, ASN54641 (INMOTI-1, US),
Reverse DNS: ded4171.inmotionhosting.com
Software: Apache /
Resource Hash: c13ec42ed0b6b268f9ea674376f9b6903cccf96167f8e6608ad086f09e994970

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 03 Mar 2020 07:17:46 GMT
Last-Modified: Wed, 06 Sep 2017 09:17:06 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 42645
Expires: max-age=A10368000, public

GET
H/1.1 200
OK tunnuslukusovellus-kayttoonotto-2-en.PNG
www.nordea.fi/Images/147-88417/ 79 KB
80 KB 188ms
113ms Image
image/png 92.123.14.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordea.fi/Images/147-88417/tunnuslukusovellus-kayttoonotto-2-en.PNG

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.14.115 , France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-14-115.deploy.static.akamaitechnologies.com

Software

Resource Hash

0e105c9b05bc3de322dd1b9583f8553aa3b05216cf2eb2f0d23b897aa718bd0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=157680000
Last-Modified: Wed, 25 Nov 2015 12:40:39 GMT
ETag: 1448455239000
Content-Type: image/png
Cache-Control: public, max-age=14389
Date: Tue, 03 Mar 2020 07:17:46 GMT
Connection: keep-alive
Content-Length: 81192

GET
H/1.1 200
OK Nordea-Bank-003.png
banksonline24.com/wp-content/uploads/ 22 KB
23 KB 322ms
178ms Image
image/png 176.114.1.150
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banksonline24.com/wp-content/uploads/Nordea-Bank-003.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.114.1.150 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s17.thehost.com.ua
Software: nginx /
Resource Hash: ba793afd543812dc8e1c7a0f2ad13afec731f9dc117a768aeec2b6b22a86692c

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 03 Mar 2020 07:17:46 GMT
Last-Modified: Wed, 22 Jan 2020 00:59:38 GMT
Server: nginx
ETag: "5e279e7a-5986"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22918
Expires: Tue, 10 Mar 2020 07:17:46 GMT

GET
H/1.1 200
OK NOI-ipad-login-1.jpg
www.nordea.fi/Images/147-145506/ 95 KB
95 KB 115ms
115ms Image
image/jpeg 92.123.14.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordea.fi/Images/147-145506/NOI-ipad-login-1.jpg

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.14.115 , France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-14-115.deploy.static.akamaitechnologies.com

Software

Resource Hash

f53d7852c7046f840031ccc165f5a065aa08a3de6c201c0dd9e3da61eb3916e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=157680000
Last-Modified: Wed, 05 Oct 2016 13:29:13 GMT
ETag: 1475674153000
Content-Type: image/jpeg
Cache-Control: public, max-age=14400
Date: Tue, 03 Mar 2020 07:17:46 GMT
Connection: keep-alive
Content-Length: 97400

GET
H/1.1 200
OK tunnuslukusovellus-asiakaspalvelu-kirj-off-4.png
www.nordea.fi/Images/147-228812/ 43 KB
44 KB 181ms
181ms Image
image/png 92.123.14.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordea.fi/Images/147-228812/tunnuslukusovellus-asiakaspalvelu-kirj-off-4.png

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.14.115 , France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-14-115.deploy.static.akamaitechnologies.com

Software

Resource Hash

324607072786540f82ae107ea7e5d53fb8f8beb06f705e2a56429e46d2614ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=157680000
Last-Modified: Fri, 20 Oct 2017 11:44:05 GMT
ETag: 1508499845000
Content-Type: image/png
Cache-Control: public, max-age=14348
Date: Tue, 03 Mar 2020 07:17:46 GMT
Connection: keep-alive
Content-Length: 44497

GET
H/1.1 200
OK login-787.png
ccbank.us/wp-content/uploads/ 224 KB
224 KB 237ms
105ms Image
image/png 209.182.205.242
INMOTI-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccbank.us/wp-content/uploads/login-787.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.182.205.242 Los Angeles, United States, ASN54641 (INMOTI-1, US),
Reverse DNS: ded4171.inmotionhosting.com
Software: Apache /
Resource Hash: 4123f79094b710222a5d1fc768404dee27401457bcd50251d65d065056bbd502

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 03 Mar 2020 07:17:46 GMT
Last-Modified: Wed, 06 Sep 2017 09:06:33 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 229160
Expires: max-age=A10368000, public

GET
H/1.1 200
OK Nordea-Bank-004.png
banksonline24.com/wp-content/uploads/ 36 KB
36 KB 259ms
141ms Image
image/png 176.114.1.150
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banksonline24.com/wp-content/uploads/Nordea-Bank-004.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.114.1.150 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s17.thehost.com.ua
Software: nginx /
Resource Hash: e226e86f2b25135a52f27f61e335a498351d0247f41c9dbca41a173ac67517fe

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 03 Mar 2020 07:17:46 GMT
Last-Modified: Wed, 22 Jan 2020 00:59:09 GMT
Server: nginx
ETag: "5e279e5d-8e65"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36453
Expires: Tue, 10 Mar 2020 07:17:46 GMT

GET
H2 200 1024x768bb.png
is1-ssl.mzstatic.com/image/thumb/Purple123/v4/1d/54/47/1d54473a-78c2-ee17-597f-ae1ab16f004a/mzl.hylsfrjg.png/ 31 KB
32 KB 345ms
261ms Image
image/png 2a02:26f0:64:1af::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is1-ssl.mzstatic.com/image/thumb/Purple123/v4/1d/54/47/1d54473a-78c2-ee17-597f-ae1ab16f004a/mzl.hylsfrjg.png/1024x768bb.png

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:1af::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

67ef4be9cb641909ccfd5d9da3b20c99408a03992451a818e51b568a528b139d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-apple-jingle-correlation-key: BOOUXEX2KCHLHT3NAERRZMAV
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-remote: TCP_MISS from a2-22-50-174.deploy.akamaitechnologies.com (AkamaiGHost/9.9.0.2.1-28735203) (-)
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:20B36
status: 200
date: Tue, 03 Mar 2020 07:17:47 GMT
last-modified: Sat, 29 Feb 2020 03:14:18 GMT
x-cache: TCP_MISS from a23-14-94-209.deploy.akamaitechnologies.com (AkamaiGHost/9.8.5.1.1-27758809) (-)
content-length: 31698
cache-control: no-transform, max-age=15947203
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "UsB11kmcFhIHV4V7vH28Gg=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 0b9d4b92-fa50-8eb3-cf6d-01231cb015

GET
H/1.1 200
OK yritys-pankkitunnukset-kayttoonotto-en.png
www.nordea.fi/Images/147-94967/ 49 KB
49 KB 111ms
110ms Image
image/png 92.123.14.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordea.fi/Images/147-94967/yritys-pankkitunnukset-kayttoonotto-en.png

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.14.115 , France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-14-115.deploy.static.akamaitechnologies.com

Software

Resource Hash

693f50b531bc230638e4d6c09da7e68c812028512b16b4e4ade09e7838c3199f

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=157680000
Last-Modified: Wed, 25 Nov 2015 12:56:51 GMT
ETag: 1448456211000
Content-Type: image/png
Cache-Control: public, max-age=14396
Date: Tue, 03 Mar 2020 07:17:46 GMT
Connection: keep-alive
Content-Length: 50135

GET
H/1.1 200
OK Nordea-Bank-001.png
banksonline24.com/wp-content/uploads/ 305 KB
305 KB 244ms
139ms Image
image/png 176.114.1.150
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banksonline24.com/wp-content/uploads/Nordea-Bank-001.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.114.1.150 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s17.thehost.com.ua
Software: nginx /
Resource Hash: 5fc7a804ee038feaef4506aae51f0107038c7fd5089debfac8cb0c77241aeceb

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 03 Mar 2020 07:17:46 GMT
Last-Modified: Wed, 22 Jan 2020 00:59:59 GMT
Server: nginx
ETag: "5e279e8f-4c378"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 312184
Expires: Tue, 10 Mar 2020 07:17:46 GMT

GET
H/1.1 200
OK nordea.brandportal.de.png
pic.accessify.com/thumbnails/777x423/n/ 8 KB
8 KB 255ms
168ms Image
image/png 143.204.101.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.accessify.com/thumbnails/777x423/n/nordea.brandportal.de.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-104.fra50.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: f5aae56b5a14cf37ed725a9c83db4bf527a543b74d625fbdc068c7b796a2fb72

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 03 Mar 2020 07:17:47 GMT
Via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
Last-Modified: Mon, 14 Aug 2017 07:56:22 GMT
Server: nginx/1.14.2
X-Amz-Cf-Pop: FRA50-C1
ETag: "02c3ff0facf0cc087ad579a0a281427c"
X-Cache: Miss from cloudfront
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7893
X-Amz-Cf-Id: bbbGmvHMhbNBSWX97zrYlsUs0eeBb_AFGOltP3qIb-MnLdg9rZfgUA==
Expires: Tue, 17 Mar 2020 07:17:47 GMT

GET
H/1.1 200
OK login-773.png
ccbank.us/wp-content/uploads/ 88 KB
89 KB 108ms
106ms Image
image/png 209.182.205.242
INMOTI-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccbank.us/wp-content/uploads/login-773.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.182.205.242 Los Angeles, United States, ASN54641 (INMOTI-1, US),
Reverse DNS: ded4171.inmotionhosting.com
Software: Apache /
Resource Hash: 430b34aa71e839c6cbb5c412082d97cea30baa5fd330107c0e3860ad3c4feb4f

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 03 Mar 2020 07:17:46 GMT
Last-Modified: Wed, 06 Sep 2017 09:24:37 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 90380
Expires: max-age=A10368000, public

GET
H/1.1 200
OK Nordea-logo%20(cvi).svg
www.nordea.com/Images/33-119107/ 2 KB
2 KB 39ms
38ms Image
image/svg+xml 92.123.14.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordea.com/Images/33-119107/Nordea-logo%20(cvi).svg

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.14.115 , France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-14-115.deploy.static.akamaitechnologies.com

Software

Resource Hash

4273df9fda1edea73177fc0f181a659e190e37e040f09640f67f7bfe822df3b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=157680000
Last-Modified: Thu, 24 Oct 2019 11:55:33 GMT
ETag: 1571918133000
Content-Type: image/svg+xml
Cache-Control: public, max-age=13333
Date: Tue, 03 Mar 2020 07:17:46 GMT
Connection: keep-alive
Content-Length: 1915

GET
H2 200 665110693.webp
i.vimeocdn.com/video/ 33 KB
33 KB 213ms
151ms Image
image/webp 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/665110693.webp?mw=900&mh=506
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2ccfb7896390b35196fe433978d848c80499a1a1c6ef81e26fec7cb2b3d7ff67

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:47 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 416640
x-cache: miss, HIT, MISS
status: 200
x-backend-server: varnish
content-length: 33664
viewmaster-server: viewmaster-us-central1-m7rn
x-served-by: cache-dfw18649-DFW, cache-hhn4037-HHN
x-timer: S1583219867.999455,VS0,VE131
etag: 7359233c4080a17e78f1d04169b94fac
x-viewmaster-webp-format: lossy
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 overlay
i.vimeocdn.com/filter/ 51 KB
51 KB 823ms
793ms Image
image/jpeg 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/filter/overlay?src0=https%3A%2F%2Fi.vimeocdn.com%2Fvideo%2F628155867_1280x720.jpg&src1=https%3A%2F%2Ff.vimeocdn.com%2Fimages_v6%2Fshare%2Fplay_icon_overlay.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: eea30935b33cc22b07194eacdb68daa51ebf71b3e7d14734189d3a62aa55e3b7

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: HIT, MISS
content-type: image/jpeg
status: 200
x-cache-hits: 1, 0
accept-ranges: bytes
x-timer: S1583219867.999530,VS0,VE772
access-control-allow-origin: *
content-length: 51816
viewmaster-server: viewmaster-us-central1-tj15
x-served-by: cache-dfw18627-DFW, cache-hhn4037-HHN

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/YBKK6n0UTAE/ 54 KB
54 KB 48ms
25ms Image
image/jpeg 2a00:1450:4001:806::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/YBKK6n0UTAE/maxresdefault.jpg

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd17dbf5eb6ca884e9ff0431e0d8f6fd1570e89fdd08ec2d11b685c966093635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:47 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55406
x-xss-protection: 0
expires: Tue, 03 Mar 2020 09:17:47 GMT

GET
H2 200 login2-581.png
bankinghelp.us/wp-content/uploads/ 40 KB
41 KB 214ms
148ms Image
image/png 185.178.208.171
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankinghelp.us/wp-content/uploads/login2-581.png

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.171 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

6f51e270e6c0fedfc9ce30af9bd7ba621a122ebe6c0c950688d951acd7d797f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=2628000
last-modified: Sat, 31 Aug 2019 15:14:28 GMT
server: ngjit
age: 0
etag: "5d6a8ed4-a0d4"
content-type: image/png
status: 200
cache-control: max-age=604800
date: Tue, 03 Mar 2020 07:17:47 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Tue, 10 Mar 2020 07:17:47 GMT

GET
H/1.1 200
OK tunnusluvut-kayttovalmis-ota-kayttoon-en.jpg
www.nordea.fi/Images/147-98500/ 27 KB
27 KB 219ms
218ms Image
image/jpeg 92.123.14.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordea.fi/Images/147-98500/tunnusluvut-kayttovalmis-ota-kayttoon-en.jpg

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.14.115 , France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-14-115.deploy.static.akamaitechnologies.com

Software

Resource Hash

a3d85aa02290718b33f82c7a8a9c265b653b69408b5b2c06dd9b9743f0ed6c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=157680000
Last-Modified: Fri, 15 Jan 2016 13:12:30 GMT
ETag: 1452863550000
Content-Type: image/jpeg
Cache-Control: public, max-age=14400
Date: Tue, 03 Mar 2020 07:17:47 GMT
Connection: keep-alive
Content-Length: 27871

GET
H2 200 xs0eyZ7BnmnoU0j9hf3nG12edgiqVcX8aTTQ8QpSAdKAHb3xZGlzDM9wgBWv0QKUuvw=w412-h220-rw
lh3.googleusercontent.com/ 16 KB
16 KB 299ms
280ms Image
image/webp 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/xs0eyZ7BnmnoU0j9hf3nG12edgiqVcX8aTTQ8QpSAdKAHb3xZGlzDM9wgBWv0QKUuvw=w412-h220-rw

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7ce3a7cad7b5f8c136dc32190d4721aeab76c95a862abd5aa513f6ebe0224ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:47 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="unnamed.webp"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16384
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 04 Mar 2020 07:17:47 GMT

GET
H2 200 xxYW-VBAOxwyT3iPBSpFg-M6SNCk2LDW1mjb7T7Z4V-FyY16P2Dsrgnngll8JXCXT5s
lh3.googleusercontent.com/ 27 KB
28 KB 95ms
91ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/xxYW-VBAOxwyT3iPBSpFg-M6SNCk2LDW1mjb7T7Z4V-FyY16P2Dsrgnngll8JXCXT5s

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cee01678dfb431810e26f48c08458a50210d52bf69db8f29fec0c2dcc744f27d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:47 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28083
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 04 Mar 2020 07:17:47 GMT

GET
H2 200 300x0w.jpg
is2-ssl.mzstatic.com/image/thumb/Purple123/v4/da/00/f1/da00f194-5f5e-e503-1135-88c67922fdb5/pr_source.png/ 41 KB
42 KB 232ms
202ms Image
image/jpeg 2a02:26f0:64:186::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is2-ssl.mzstatic.com/image/thumb/Purple123/v4/da/00/f1/da00f194-5f5e-e503-1135-88c67922fdb5/pr_source.png/300x0w.jpg

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:186::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

a8b3ec3862de97f2ab7dfe054ed90e97caec6c73bbe8017a5c058db2e32c6890

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-apple-jingle-correlation-key: D2KENMZRNLEPF3F7TUSVVBPS
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-remote: TCP_MISS from a2-22-50-196.deploy.akamaitechnologies.com (AkamaiGHost/9.9.0.2.1-28735203) (-)
x-daiquiri-instance: daiquiri:33624001:pv50p00it-hyhk10063801:7987:20B36
status: 200
date: Tue, 03 Mar 2020 07:17:47 GMT
last-modified: Sat, 29 Feb 2020 09:42:15 GMT
x-cache: TCP_MISS from a23-14-94-192.deploy.akamaitechnologies.com (AkamaiGHost/9.9.0.2.1-28735203) (-)
content-length: 41945
cache-control: no-transform, max-age=15722381
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "GhRhGmSmn1TwaK2VKeAlHA=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 1e9446b3-316a-c8f2-ecbf-9d255a85f2

GET
H2 200 nordea-advantages.png
www.casinonewsdaily.com/wp-content/uploads/guides/illustrations/deposit-methods/nordea/ 93 KB
94 KB 283ms
95ms Image
image/png 45.79.168.159
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.casinonewsdaily.com/wp-content/uploads/guides/illustrations/deposit-methods/nordea/nordea-advantages.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 45.79.168.159 Newark, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1267-159.members.linode.com
Software: Apache/2.4.29 (Ubuntu) / W3 Total Cache/0.10.1
Resource Hash: c116ae272d03002c862372543c3a2ed303b26156655d25b9156cf2fcbf3831b5

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: public
date: Tue, 03 Mar 2020 07:17:47 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Dec 2018 10:57:22 GMT
server: Apache/2.4.29 (Ubuntu)
x-powered-by: W3 Total Cache/0.10.1
vary: Accept-Encoding,User-Agent
content-type: image/png
status: 200
cache-control: max-age=31557600, public
accept-ranges: bytes
content-length: 95034
etag: "1733a-57d5de0f0b102"
expires: Wed, 03 Mar 2021 13:17:47 GMT

GET 56733fc42018b321b2327d934603fcafcd90bf0e7b1ea62831d57eed42de129c
/ 0
0

GET
H2 200 300x0w.jpg
is2-ssl.mzstatic.com/image/thumb/Purple113/v4/63/8a/ce/638ace46-cf01-c03a-c953-c69e34429f85/mzl.mxulfiym.png/ 40 KB
41 KB 184ms
183ms Image
image/jpeg 2a02:26f0:64:186::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is2-ssl.mzstatic.com/image/thumb/Purple113/v4/63/8a/ce/638ace46-cf01-c03a-c953-c69e34429f85/mzl.mxulfiym.png/300x0w.jpg

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:186::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

6daee5d7f274a1238290bf8ca2cc21a35e10b3945cd053c868b5b28eb2237a18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-apple-jingle-correlation-key: RHJJ556XRP4G4OY57IEKMG3J
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-remote: TCP_MISS from a2-22-50-150.deploy.akamaitechnologies.com (AkamaiGHost/9.9.0.2.1-28735203) (-)
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:20B36
status: 200
date: Tue, 03 Mar 2020 07:17:47 GMT
last-modified: Mon, 02 Mar 2020 00:37:28 GMT
x-cache: TCP_MISS from a23-14-94-192.deploy.akamaitechnologies.com (AkamaiGHost/9.9.0.2.1-28735203) (-)
content-length: 41124
cache-control: no-transform, max-age=14198806
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "uknk2J6ueb9ygfqluiqXxA=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 89d29ef7-d78b-f86e-3b1d-fa08a61b69

GET Nordea-Bank-005.png
bank-online.com/wp-content/uploads/ 0
0

GET
H2 200 Bi6LA_TdoM-QaXJgJVRAavN6UgdAUGfZyJpnHPnSHMLa_iPCcgdtmP8gZqWZYhx_NrM=w412-h220-rw
lh3.googleusercontent.com/ 8 KB
8 KB 227ms
226ms Image
image/webp 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Bi6LA_TdoM-QaXJgJVRAavN6UgdAUGfZyJpnHPnSHMLa_iPCcgdtmP8gZqWZYhx_NrM=w412-h220-rw

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

19cb6f4c73d49b2d5ac2229f1809b106aaf365b328571592552ce05e73b0692c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:47 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="unnamed.webp"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8042
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 04 Mar 2020 07:17:47 GMT

GET
H2 200 300x0w.jpg
is5-ssl.mzstatic.com/image/thumb/Purple113/v4/e4/14/37/e41437cf-2985-493d-4336-e983537f300f/pr_source.png/ 20 KB
21 KB 278ms
276ms Image
image/jpeg 2a02:26f0:64:1af::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is5-ssl.mzstatic.com/image/thumb/Purple113/v4/e4/14/37/e41437cf-2985-493d-4336-e983537f300f/pr_source.png/300x0w.jpg

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:1af::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

ec6bd1d6679086a92d948098e1ea484bdd521dfeb81cba0ba227d9e229c5fd08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-apple-jingle-correlation-key: BL2HJBVABNTMEPB5R4NL4LWF
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-remote: TCP_MISS from a2-22-50-157.deploy.akamaitechnologies.com (AkamaiGHost/9.9.0.2.1-28735203) (-)
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:20B36
status: 200
date: Tue, 03 Mar 2020 07:17:47 GMT
last-modified: Tue, 25 Feb 2020 03:35:45 GMT
x-cache: TCP_MISS from a23-14-94-209.deploy.akamaitechnologies.com (AkamaiGHost/9.8.5.1.1-27758809) (-)
content-length: 20675
cache-control: no-transform, max-age=15240314
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "usQkJkvMhGOqzyHXH4KLzQ=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 0af47486-a00b-66c2-3c3d-8f1abe2ec5

GET a564a3b33d6fea8c0e19d0c82989280023e78976fb54ca77098667b73e9ecb1c
/ 0
0

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/biNpck-gx7A/ 11 KB
11 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:806::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/biNpck-gx7A/hqdefault.jpg

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e225291e9364796dbbfc94217bfef21b6f89dd09a917abe42ec20c153b86540

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
x-content-type-options: nosniff
server: sffe
age: 1
etag: "1540798611"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11418
x-xss-protection: 0
expires: Tue, 03 Mar 2020 09:17:46 GMT

GET 90ba4ad93280fdfb73bb5b34b8403a914342cda2cc257bfb0e49ad1a47e90fb8
/ 0
0

GET
H/1.1 200
OK sc_Tupas_fi_new.png
developer.signicat.com/wp-content/uploads/2017/09/ 113 KB
113 KB 181ms
61ms Image
image/png 52.212.6.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://developer.signicat.com/wp-content/uploads/2017/09/sc_Tupas_fi_new.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.212.6.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-6-57.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4be0cbbf8c3fd83133a1aafadacf144da2ffc9f476345cb1db0ab34f10ff92ac

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 03 Mar 2020 07:17:47 GMT
Last-Modified: Mon, 07 Jan 2019 15:34:47 GMT
Server: nginx
ETag: "5c337197-1c428"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 115752

GET
H2 200 Xlh4k7gCBxZlU3i3B8cgk_GiQ_W0Kxa46crM3IThZUHPHlgqgzDo_HXnHXSiiwac0s0=h750
lh3.googleusercontent.com/ 33 KB
33 KB 179ms
179ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Xlh4k7gCBxZlU3i3B8cgk_GiQ_W0Kxa46crM3IThZUHPHlgqgzDo_HXnHXSiiwac0s0=h750

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

effbe4ab1e0e27a0228ebaa43925a8d32cde0b8d543c1b106bad4f4a85ea98af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:47 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 34209
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 04 Mar 2020 07:17:47 GMT

GET
H2 200 5e98c535-meta-logo-nordea.png
genbin.genesys.com/media/ 5 KB
6 KB 797ms
599ms Image
image/png 2606:4700:10::6816:c98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://genbin.genesys.com/media/5e98c535-meta-logo-nordea.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14725be2241b4ca6d6174c104458dfb6d93e04a91c263b020a7e1dea44ab9863

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:47 GMT
cf-cache-status: HIT
age: 0
x-guploader-uploadid: AEnB2UoZOR7PSPZ3gEl7oMpQT7fHObQOZm65U9ZiYM_V2TTg1OJr9uW6-yfC_Ki_Mr0a_kHN7GDxC0Fy6PIkk84titmNZVr23BPrSppw_5uSa_t_RJ6IRZ0
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 5
x-goog-meta-object-id: 111200
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 5107
x-goog-meta-height: 446
x-goog-meta-file-hash: fcb3045e0d663f88bae23cd919ca17d6
last-modified: Wed, 16 Jan 2019 02:26:08 GMT
server: cloudflare
etag: "db1143c0d4ef7bf15c294ec1662bd570"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
x-goog-hash: crc32c=V2tK+A==, md5=2xFDwNTve/FcKU7BZivVcA==
x-goog-generation: 1547605568917021
content-type: image/png
x-goog-meta-width: 850
cache-control: public, max-age=15778476
x-goog-meta-source-id: 79323b59b6dd273b09ec546e09549038
x-goog-stored-content-length: 5107
accept-ranges: bytes
cf-ray: 56e1946b4da863ef-FRA
expires: Tue, 01 Sep 2020 22:12:23 GMT

GET
H2 200 696x696bb.png
is3-ssl.mzstatic.com/image/thumb/Purple123/v4/e9/4a/e2/e94ae267-2bf6-40b3-f1e0-e0abfc479b31/mzl.dmkizazb.png/ 27 KB
28 KB 534ms
532ms Image
image/png 2a02:26f0:64:1af::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is3-ssl.mzstatic.com/image/thumb/Purple123/v4/e9/4a/e2/e94ae267-2bf6-40b3-f1e0-e0abfc479b31/mzl.dmkizazb.png/696x696bb.png

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:1af::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

f89e4d836b8f70bf439acb7ec61dc9a58d6b9432eaffbe1714c9dcfc04b99af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-apple-jingle-correlation-key: B72ZPKGRGQUUP3HFELWXYY7EEQ
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-remote: TCP_MISS from a2-22-50-191.deploy.akamaitechnologies.com (AkamaiGHost/9.9.0.2.1-28735203) (-)
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:20C72
status: 200
date: Tue, 03 Mar 2020 07:17:47 GMT
last-modified: Tue, 03 Mar 2020 07:17:47 GMT
x-cache: TCP_MISS from a23-14-94-209.deploy.akamaitechnologies.com (AkamaiGHost/9.8.5.1.1-27758809) (-)
content-length: 27678
cache-control: no-transform, max-age=15378078
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "4WpflXCugpcnAbzLMnnUQQ=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 0ff597a8-d134-2947-ece5-22ed7c63e424

GET
H2 403 se.nordea.mobilebank.png
cdn.apkmonk.com/images/ 0
0 55ms
23ms Image
text/html 2606:4700:20::681a:523
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.apkmonk.com/images/se.nordea.mobilebank.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:523 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H/1.1 200
OK pngfile-1110x833.png
uidesigner.dk/assets/images/ 231 KB
231 KB 208ms
45ms Image
image/png 80.241.216.104
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uidesigner.dk/assets/images/pngfile-1110x833.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.241.216.104 Munich, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi110399.contaboserver.net
Software: Apache/2.4.10 /
Resource Hash: 21dddcf5165b4ec262aa0131e64d1802a7ef1a7f76894e9603810db6e2307d31

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 03 Mar 2020 07:19:01 GMT
Last-Modified: Thu, 22 Nov 2018 14:34:23 GMT
Server: Apache/2.4.10
ETag: "39cd6-57b41c357bf47"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 236758

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/OOGWdrC0mSQ/ 99 KB
99 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:806::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/OOGWdrC0mSQ/maxresdefault.jpg

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d75296e4a9859b6715adb16b84bcd68739332f0a1a4983c83f1738d81b5bdce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:47 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1422633400"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 101117
x-xss-protection: 0
expires: Tue, 03 Mar 2020 09:17:47 GMT

GET
H/1.1 200
OK cc_3_en.jpg
www.luminor.lv/sites/default/files/img/ 42 KB
42 KB 969ms
417ms Image
image/jpeg 195.12.178.28
LUMINOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.luminor.lv/sites/default/files/img/cc_3_en.jpg
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.12.178.28 , Lithuania, ASN24984 (LUMINOR, LT),
Reverse DNS
Software: /
Resource Hash: 48ec9a7dbf0a7da1d98165c66df0de8ece80fb4f798850977cbd632c6da4ac36

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 03 Mar 2020 07:17:48 GMT
Last-Modified: Mon, 18 Jun 2018 10:53:03 GMT
ETag: "a7b8-56ee85ea6a1c0"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 42936
Expires: Tue, 17 Mar 2020 07:17:48 GMT

GET
H2 200 8717681137_27e88bce9f_z.jpg
live.staticflickr.com/7285/ 69 KB
70 KB 218ms
202ms Image
image/jpeg 2600:9000:20eb:c400:0:5a51:64c9:c681
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://live.staticflickr.com/7285/8717681137_27e88bce9f_z.jpg

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:c400:0:5a51:64c9:c681 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Jubilee /

Resource Hash

8684fa5fa2ff2242f58620d947834f19c11e11dffb5bd059cc9c7273c826c39e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-ttfb: 0.1038
surrogate-control: public, max-age=31536000
status: 200
edge-control: public, max-age=31536000
imageheight: 640
imagewidth: 360
x-ttdb-l: 70264
ourvalues: Dare (#4 of 5)
etag: "c11b73fd7c6eadbd9fdffa9381d677f6.1"
x-frame-options: DENY
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
expires: Wed, 03 Mar 2021 07:17:47 GMT
date: Tue, 03 Mar 2020 07:17:47 GMT
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
mib: 4
x-amz-cf-pop: FRA2-C1
x-env: a=live, b=jubilee, c=21738c41, e=4045191, f=e303dae
x-cache: Miss from cloudfront
p3p: CP="This is not a P3P policy. We respect your privacy."
streaming: false
powered-by: Mutation/1.0
x-request-id: a5d3f49a
x-ua-compatible: IE=edge
last-modified: Fri, 15 Feb 2019 15:42:00 GMT
server: Jubilee
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
origintype: D
x-amz-cf-id: -IwEz9myrk7KIf-Hgc-GlweFyq0-p2PMz3ve2ZXk3hTcGlQifceKxA==

GET
H2 200 nordea-idp.png
hsivonen.fi/bank-idp/ 45 KB
46 KB 489ms
23ms Image
image/png 2001:4b98:dc2:41:216:3eff:fe12:e3e1
http://www.gandi.net

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hsivonen.fi/bank-idp/nordea-idp.png

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:4b98:dc2:41:216:3eff:fe12:e3e1 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),

Reverse DNS

Software

nginx/1.17.8 /

Resource Hash

dbd1a781286f56bae92600dbc728812ddb001172427cefa5642577b7c1428503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:47 GMT
last-modified: Tue, 14 Jul 2015 12:04:57 GMT
server: nginx/1.17.8
etag: "55a4fae9-b52e"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 46382

GET
H/1.1 200
OK pi17_Mobilt_BankID_Login_instruktions.png
internetbanken.privat.nordea.se/web_elements/images/web/local/se3/se/Picture/ 15 KB
15 KB 713ms
50ms Image
image/png 158.233.249.6
NORDEA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://internetbanken.privat.nordea.se/web_elements/images/web/local/se3/se/Picture/pi17_Mobilt_BankID_Login_instruktions.png

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.233.249.6 , Finland, ASN201271 (NORDEA-AS, SE),

Reverse DNS

Software

Resource Hash

25defafefe598c81c03bce7e59a8a5aef8e487beddd309d66671aaad4f0cb37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 03 Mar 2020 07:17:48 GMT
Last-Modified: Sun, 06 May 2018 00:43:47 GMT
Accept-Ranges: bytes
Content-Length: 15198
Strict-Transport-Security: max-age=157680000

GET 0a3f0c4c98631f3cd59aad624d2710cae683f3206089ee49c3ae9e928bc40e25
/ 0
0

GET
H2 200 3fc06d26-vepa-tunnistus-nordea-device-en.png
storage.googleapis.com/qvik-wp-site-content-prod/2019/06/ 268 KB
269 KB 142ms
130ms Image
image/png 2a00:1450:4001:816::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/qvik-wp-site-content-prod/2019/06/3fc06d26-vepa-tunnistus-nordea-device-en.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: caea3a72fb17e6a84e4949ccd4fea13d51eb157c687fe64d6f1506efaf4f97b0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:47 GMT
x-guploader-uploadid: AEnB2UqwON_CgIn0MpfedobNrC0fua7LJCJlCRBsLIYF8vTx4GoxYK2Cofy7eNvSZozQ7l2FbKO23y_j9YQSBkbk65fyXL1RsQ
x-goog-storage-class: REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-meta-object-id: 8666
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 274127
x-goog-meta-height: 662
x-goog-meta-file-hash: 77aa17143ce705ee1c4ef3367bceea26
last-modified: Tue, 04 Jun 2019 09:36:46 GMT
server: UploadServer
etag: "dff41a5324daf0a249a91c2de2423e3e"
x-goog-hash: crc32c=bLTZGQ==, md5=3/QaUyTa8KJJqRwt4kI+Pg==
x-goog-generation: 1559641006295730
x-goog-meta-width: 1251
cache-control: public, max-age=36000, must-revalidate
x-goog-meta-source-id: c0f4b585a01e5fd9410b9a52c82c56bc
x-goog-stored-content-length: 274127
accept-ranges: bytes
content-type: image/png
expires: Tue, 03 Mar 2020 17:17:47 GMT

GET
H2 401 ft-nordea-problem-cover.png
res.cloudinary.com/demo/image/fetch/w_340,h_200,c_crop,g_face/https://finlandtoday.fi/wp-content/uploads/ 0
357 B 301ms
287ms Image
text/plain 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/demo/image/fetch/w_340,h_200,c_crop,g_face/https://finlandtoday.fi/wp-content/uploads/ft-nordea-problem-cover.png

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::393 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 03 Mar 2020 07:17:47 GMT
server: Cloudinary
access-control-allow-origin: *
x-cld-error: URL https://finlandtoday.fi/wp-content/uploads/ft-nordea-problem-cover.png is not allowed
strict-transport-security: max-age=604800
status: 401
access-control-expose-headers: Content-Length,Content-Disposition,Server-Timing,X-Cld-Error
cache-control: private, no-transform, max-age=0, no-cache
server-timing: fastly;dur=0;total=281;start=2020-03-03T07:17:47.645Z;desc=HIT,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 0

GET
H2 200 300x0w.jpg
is1-ssl.mzstatic.com/image/thumb/Purple113/v4/ad/41/3f/ad413fb9-f97a-adeb-2eb9-a0aabe5207c3/pr_source.png/ 32 KB
32 KB 126ms
126ms Image
image/jpeg 2a02:26f0:64:1af::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is1-ssl.mzstatic.com/image/thumb/Purple113/v4/ad/41/3f/ad413fb9-f97a-adeb-2eb9-a0aabe5207c3/pr_source.png/300x0w.jpg

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:1af::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

293928c803e8d61fbfe1a3931c3beec8fd932d4a49067c2f52741602d6e97e5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-apple-jingle-correlation-key: NZRIBDLABZOBL445J5BX4OU6
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-remote: TCP_MISS from a2-22-50-174.deploy.akamaitechnologies.com (AkamaiGHost/9.9.0.2.1-28735203) (-)
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:20B36
status: 200
date: Tue, 03 Mar 2020 07:17:47 GMT
last-modified: Sat, 29 Feb 2020 03:14:19 GMT
x-cache: TCP_MISS from a23-14-94-209.deploy.akamaitechnologies.com (AkamaiGHost/9.8.5.1.1-27758809) (-)
content-length: 32467
cache-control: no-transform, max-age=16347462
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "At39ojreDLRMMt4P7yqeGg=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 6e62808d-600e-5c15-f39d-4f437e3a9e

GET
H2 200 696x696bb.png
is4-ssl.mzstatic.com/image/thumb/Purple118/v4/14/90/a2/1490a211-76a6-a0b7-e411-6e7612a61ff6/pr_source.png/ 24 KB
25 KB 203ms
201ms Image
image/png 2a02:26f0:64:186::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is4-ssl.mzstatic.com/image/thumb/Purple118/v4/14/90/a2/1490a211-76a6-a0b7-e411-6e7612a61ff6/pr_source.png/696x696bb.png

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:186::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

6564b08df6f24291d659a2d3bbeebf229d2bb07982bbe5e77ad5856ed2627950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-apple-jingle-correlation-key: QQ674XQLCQVOSSS3SZB4HZ5W
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-remote: TCP_MISS from a2-21-77-101.deploy.akamaitechnologies.com (AkamaiGHost/9.9.0.2.1-28735203) (-)
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:20B36
status: 200
date: Tue, 03 Mar 2020 07:17:47 GMT
last-modified: Sat, 29 Feb 2020 03:14:18 GMT
x-cache: TCP_MISS from a23-14-94-192.deploy.akamaitechnologies.com (AkamaiGHost/9.9.0.2.1-28735203) (-)
content-length: 24840
cache-control: no-transform, max-age=15110114
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "hfkc4WlZ/faOXsJY+bFeIg=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 843dfe5e-0b14-2ae9-4a5b-9643c3e7b6

GET
H2 200 kgFZTYi8igcroHBaWBm5dcfWAxyi84o3HL8IjDm5zr4Z79VLGnMi65ZTpjpKijIbqsg=h750
lh3.googleusercontent.com/ 27 KB
27 KB 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/kgFZTYi8igcroHBaWBm5dcfWAxyi84o3HL8IjDm5zr4Z79VLGnMi65ZTpjpKijIbqsg=h750

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0991fd7a0516c269ab8c9a93a65c6eb0060169d411be122b51f38fab447f301f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:47 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28035
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 04 Mar 2020 07:17:47 GMT

GET
H2 200 nordea-howitworks.png
www.casinonewsdaily.com/wp-content/uploads/guides/illustrations/deposit-methods/nordea/ 154 KB
155 KB 96ms
95ms Image
image/png 45.79.168.159
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.casinonewsdaily.com/wp-content/uploads/guides/illustrations/deposit-methods/nordea/nordea-howitworks.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 45.79.168.159 Newark, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1267-159.members.linode.com
Software: Apache/2.4.29 (Ubuntu) / W3 Total Cache/0.10.1
Resource Hash: f82108e79230a5f5f7d9eede67c7b1991f40a47757419a6ffa47e974660e383b

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: public
date: Tue, 03 Mar 2020 07:17:47 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Dec 2018 10:57:22 GMT
server: Apache/2.4.29 (Ubuntu)
x-powered-by: W3 Total Cache/0.10.1
vary: Accept-Encoding,User-Agent
content-type: image/png
status: 200
cache-control: max-age=31557600, public
accept-ranges: bytes
content-length: 157697
etag: "26801-57d5de0f0b102"
expires: Wed, 03 Mar 2021 13:17:47 GMT

GET
H2 200 1000x-1.png
assets.bwbx.io/images/users/iqjWHBFdfxIU/ix94jh4alBow/v2/pidjEfPlU1QWZop3vfGKsrX.ke8XuWirGYh1PKgEw44kE/ 47 KB
47 KB 127ms
26ms Image
image/jpeg 151.101.13.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/ix94jh4alBow/v2/pidjEfPlU1QWZop3vfGKsrX.ke8XuWirGYh1PKgEw44kE/1000x-1.png

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.73 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.13.12 /

Resource Hash

bbb7fcc7644080f4ca3f12bec6fe97744cb4693985c56dd762242c8676e556be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 480748
x-cache-status: MISS
x-cache: HIT, HIT
status: 200
edge-control: !no-store,max-age=365d
content-length: 47832
x-served-by: cache-jfk8132-JFK, cache-fra19141-FRA
server: nginx/1.13.12
x-timer: S1583219868.889624,VS0,VE1
etag: "0300eee32c96bc8040f433e08e3e787d1"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 183962-1428912223387.png
image2.owler.com/ 468 KB
469 KB 545ms
446ms Image
image/png 13.225.73.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.owler.com/183962-1428912223387.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.69 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-69.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12d72db00bb220225c86d6ce98c5a7dc896c431b18557da61f53689c4ed48f0e

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:49 GMT
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
last-modified: Mon, 13 Apr 2015 08:04:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "8648855e536602f7ee498d44e7946b2d"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 479136
x-amz-cf-id: ZxMd_dIPMKQulrP3RPjO4RkyG6uOuqA38wB6kE-q3RHqFcF8uRMrBw==

GET
H/1.1 200
OK Cards_Pay_dk_640x360.png
www.nordea.dk/Images/144-193038/ 220 KB
220 KB 165ms
50ms Image
image/png 92.123.14.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordea.dk/Images/144-193038/Cards_Pay_dk_640x360.png

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.14.115 , France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-14-115.deploy.static.akamaitechnologies.com

Software

Resource Hash

eba8a83a50cc7158e5b7d183e4f73c826a0d277e2764c0bfa31c17fea0723cda

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=157680000
Last-Modified: Mon, 12 Jun 2017 08:07:48 GMT
ETag: 1497254868000
Content-Type: image/png
Cache-Control: public, max-age=13987
Date: Tue, 03 Mar 2020 07:17:47 GMT
Connection: keep-alive
Content-Length: 224792

GET
H2 404 CjiAjhnUYAArZqC.jpg
pbs.twimg.com/media/ 0
191 B 152ms
151ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/CjiAjhnUYAArZqC.jpg

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4196) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:47 GMT
x-content-type-options: nosniff
age: 0
x-cache: 404-HIT
status: 404
content-length: 0
x-response-time: 122
last-modified: Tue, 03 Mar 2020 07:17:47 GMT
server: ECS (fcn/4196)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=86400, must-revalidate
x-connection-hash: 084002b6fd4e0fbedab2dfe7e3410c72
accept-ranges: bytes

GET
H2 200 37c3b8d4c63d3c2d2d1f828707e9d06e_639x1136.jpg
iphone-image.apkpure.com/v2/app/3/7/c/ 56 KB
56 KB 656ms
594ms Image
image/png 104.20.83.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iphone-image.apkpure.com/v2/app/3/7/c/37c3b8d4c63d3c2d2d1f828707e9d06e_639x1136.jpg
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.83.194 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c04f2146ffbdf796f3f4beb3f01f4aaa19efb02b2e2e054e6ebf2c43be9b7f09

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:48 GMT
cf-cache-status: MISS
server: cloudflare
etag: e68da012
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cf-ray: 56e1946f0e26d8b1-AMS

GET
H2 200 1000x-1.jpg
assets.bwbx.io/images/users/iqjWHBFdfxIU/iuUwbAMfazQY/v1/ 147 KB
147 KB 36ms
35ms Image
image/jpeg 151.101.13.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iuUwbAMfazQY/v1/1000x-1.jpg

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.73 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.13.12 /

Resource Hash

2253b371f1ecc1febf8057e48014d25dfd06686c25ba62fef60104fea2d09bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 323115
x-cache-status: MISS
x-cache: HIT, HIT
status: 200
edge-control: !no-store,max-age=365d
content-length: 150414
x-served-by: cache-jfk8120-JFK, cache-fra19141-FRA
server: nginx/1.13.12
x-timer: S1583219868.942824,VS0,VE1
etag: "01c07897ec3a0978d114dd9c0cb56c8fa"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 ft-nordea-problem-cover.png
finlandtoday.fi/wp-content/uploads/ 17 KB
18 KB 195ms
47ms Image
image/png 185.179.117.16
PLANEETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finlandtoday.fi/wp-content/uploads/ft-nordea-problem-cover.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.179.117.16 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS: cpanel06.webhotellit.com
Software: LiteSpeed /
Resource Hash: 7b18be4acc457a9a175a75afc3d52b5239d7876644e6138b26ec70cad5464ed6

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:48 GMT
last-modified: Thu, 10 Jan 2019 06:15:12 GMT
server: LiteSpeed
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-24=":443"; ma=2592000, h3-25=":443"; ma=2592000
content-length: 17906
expires: Tue, 10 Mar 2020 07:17:48 GMT

GET
H2 200 00001.jpg
handoff-cdn.appadvice.com/generated-app-plays/571238397/62080000-half-thumb/ 41 KB
42 KB 271ms
234ms Image
image/jpg 2606:4700:20::681a:4db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://handoff-cdn.appadvice.com/generated-app-plays/571238397/62080000-half-thumb/00001.jpg
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32bb9a5e7557455b6afdaff1e65588c2911a555b5e5b89fc8f4520c6fb94b197

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:48 GMT
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 0
x-cache: Miss from cloudfront
status: 200
content-length: 42404
last-modified: Thu, 26 Oct 2017 16:12:37 GMT
server: cloudflare
etag: "646c8d60aa0c0056094d0a586dd5d833"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpg
cache-control: public, max-age=2678400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
cf-ray: 56e1946efd2bd6bd-FRA
x-amz-cf-id: Fu1W6KYvYBOedYmGZedRnmbzN7uMH15WTuG6Ux1yyjF2NQE2u7ORHg==

GET 4bfbe4a869dc8addb542d72effc20193f559dcef9900860823c45e7090c68b34
/ 0
0

GET
H2 200 183962-1461413207902.png
image2.owler.com/ 469 KB
470 KB 384ms
383ms Image
image/png 13.225.73.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.owler.com/183962-1461413207902.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.69 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-69.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29f080cb0157a18cb57bd0eaf72db301d3ed7c08c8706dc66c7fa71d15ea2257

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:49 GMT
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
last-modified: Sat, 23 Apr 2016 12:06:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "828effe66525ec0482a04006f4a30700"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 480299
x-amz-cf-id: no8qnotCazdpOWeMoc737WH24tZji_4KwJxs067eAWf4hZezI9mPUw==

GET
H2 200 /
s3.reutersmedia.net/resources/r/ 66 KB
66 KB 153ms
101ms Image
image/jpeg 143.204.101.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.reutersmedia.net/resources/r/?m=02&d=20190304&t=2&i=1362671837&r=LYNXNPEF230MO&w=1280
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.67 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-67.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 2f2b38555367cd6218810fd9a016dcce9f16f81b4b009b4b1cb835a8ba991510

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:48 GMT
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sun, 15 Mar 2020 00:00:00 GMT", rule-id="ExpiraIn30Days"
last-modified: Thu, 13 Feb 2020 09:17:18 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "b46e2f2159e2eef5c16bfd5b7b95589c"
x-cache: Hit from cloudfront
x-amz-version-id: 8QiiwnWJuy4UBl3LoVAeUvcKqkluSwyV
status: 200
content-type: image/jpeg
content-length: 67186
x-amz-cf-id: J_GUhT6ObnDyce3iaKZOcq1yCbA44DeRoJDZIEzphaXsDCVhMQmE8g==

GET
H2 200 1024x768bb.png
is4-ssl.mzstatic.com/image/thumb/Purple123/v4/de/f2/46/def24697-9a0c-6b31-e1d7-9a54b63e3b48/mzl.ujkhcbuo.png/ 25 KB
25 KB 139ms
139ms Image
image/png 2a02:26f0:64:186::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is4-ssl.mzstatic.com/image/thumb/Purple123/v4/de/f2/46/def24697-9a0c-6b31-e1d7-9a54b63e3b48/mzl.ujkhcbuo.png/1024x768bb.png

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:186::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

128b77ea820e4f44695b9fd41422c4db5eb5c45a5d3dd45d709acb5f0dec7d21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-apple-jingle-correlation-key: LJTMSYNKZMNBMVPZLRUCCBVH
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-remote: TCP_MISS from a2-21-77-116.deploy.akamaitechnologies.com (AkamaiGHost/9.9.0.2.1-28735203) (-)
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:20B36
status: 200
date: Tue, 03 Mar 2020 07:17:48 GMT
last-modified: Sat, 29 Feb 2020 03:14:18 GMT
x-cache: TCP_MISS from a23-14-94-192.deploy.akamaitechnologies.com (AkamaiGHost/9.9.0.2.1-28735203) (-)
content-length: 25402
cache-control: no-transform, max-age=14393786
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "ZQZsC6jfpvnauGUKqU0w2Q=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 5a66c961-aacb-1a16-55f9-5c682106a7

GET
H2 200 229205945_b0047c0bd8.jpg
live.staticflickr.com/66/ 31 KB
32 KB 146ms
146ms Image
image/jpeg 2600:9000:20eb:c400:0:5a51:64c9:c681
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://live.staticflickr.com/66/229205945_b0047c0bd8.jpg

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:c400:0:5a51:64c9:c681 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Jubilee /

Resource Hash

3fbbf24de9ee08ea0ab9fe1f2e63658c5378d8a2adead4e588d05babdb87ea06

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-ttfb: 0.0913
surrogate-control: public, max-age=31536000
status: 200
edge-control: public, max-age=31536000
imageheight: 317
imagewidth: 500
x-ttdb-l: 31947
ourvalues: Thrill Our Customers (#2 of 5)
etag: "7f235c259f8a29982df0fb4260c72bdf.1"
x-frame-options: DENY
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
expires: Wed, 03 Mar 2021 07:17:48 GMT
date: Tue, 03 Mar 2020 07:17:48 GMT
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
mib: 2
x-amz-cf-pop: FRA2-C1
x-env: a=live, b=jubilee, c=0088f9d9, e=4045191, f=e303dae
x-cache: Hit from cloudfront
p3p: CP="This is not a P3P policy. We respect your privacy."
streaming: false
powered-by: Mutation/1.0
x-request-id: 118dd99f
x-ua-compatible: IE=edge
last-modified: Sat, 23 Mar 2019 22:24:29 GMT
server: Jubilee
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
origintype: X
x-amz-cf-id: 2GFzcfFAma-FDpEUKaft76PtlNnF13bSH1UsXITjYqsuv_UIQQmfEQ==

GET
H2 200 imgingest-8144794786664442659.png
dl1.cbsistatic.com/i/2018/01/25/2d5227b9-08a8-459f-ad7a-0bb0a97e255e/503a0c62eb8220f6da7160f668e60f51/ 55 KB
52 KB 553ms
528ms Image
image/png 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dl1.cbsistatic.com/i/2018/01/25/2d5227b9-08a8-459f-ad7a-0bb0a97e255e/503a0c62eb8220f6da7160f668e60f51/imgingest-8144794786664442659.png

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

fe68b4878f0abc86e4ab1b241df5aa020892c9879023f923551934db76803ae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:48 GMT
content-encoding: gzip
server: nginx
age: 0
etag: W/"a5eb02f2e24db13fe5e4826cfd515b84"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, s-maxage=21600
content-transfer-encoding: binary
strict-transport-security: max-age=300
accept-ranges: bytes
content-length: 52802

GET
H/1.1 400 TXJM91N7
nofluffjobs.com/api/thumbnail/ 0
114 B 223ms
161ms Image
text/html 52.58.171.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nofluffjobs.com/api/thumbnail/TXJM91N7
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.58.171.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-171-3.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:48 GMT
server: Apache
content-length: 0
content-type: text/html

GET
H2 200 Nordea-Siirto-211543-edited.png
www.paytrail.com/hs-fs/hubfs/ 51 KB
52 KB 1215ms
1165ms Image
image/png 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paytrail.com/hs-fs/hubfs/Nordea-Siirto-211543-edited.png?width=520&name=Nordea-Siirto-211543-edited.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ccf0a39c98ae7ef16a80842f73576c3490852e04f0b7638282d0fb6eabc4f6

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:49 GMT
via: 1.1 a4cae74c829bc214e4183c38164a2c0a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 0
edge-cache-tag: F-6221427636,P-335946,FLS-ALL
status: 200
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 53
content-length: 52672
last-modified: Wed, 26 Feb 2020 08:48:59 GMT
server: cloudflare
etag: "367609bddc1d5ed6f6745444dada3b3b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C3
accept-ranges: bytes
cf-ray: 56e194706d76befb-FRA
x-amz-cf-id: WffOmfNlxtnyzbrAdOzVNM6W0_WB0HSPSJGYjKoOSCRgXAbJIpaMMw==

GET
H2 200 YpeXdksyXX-q3w-EtY6eu3vLRhwN0LAvdwigeCotjrddDRWQBMtO_5vHobYSvdoqDRHn=h750
lh3.googleusercontent.com/ 30 KB
30 KB 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/YpeXdksyXX-q3w-EtY6eu3vLRhwN0LAvdwigeCotjrddDRWQBMtO_5vHobYSvdoqDRHn=h750

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b5f3600f8087ae7b12a01c4b8b6c06ab9f47bfdb7876c058a5b69f511be99e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:47 GMT
x-content-type-options: nosniff
age: 1
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30477
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 04 Mar 2020 07:17:47 GMT

GET S36rZFpL_eWAHwqcAAPgdHjz6VE946.png
imgsdown.1mobile.com/group2/M00/24/31/ 0
0

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/kEnxmVCgZPQ/ 40 KB
40 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:806::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/kEnxmVCgZPQ/maxresdefault.jpg

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5fc1b0df1bd8e51ca0aba4464a7ddda79df1634d3054bc62c914476c8e93a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
x-content-type-options: nosniff
server: sffe
age: 2
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41184
x-xss-protection: 0
expires: Tue, 03 Mar 2020 09:17:46 GMT

GET
H2 200 300x0w.jpg
is5-ssl.mzstatic.com/image/thumb/Purple123/v4/2c/29/d1/2c29d19d-f952-a6b8-887e-232916a33ed6/pr_source.png/ 34 KB
35 KB 273ms
273ms Image
image/jpeg 2a02:26f0:64:1af::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is5-ssl.mzstatic.com/image/thumb/Purple123/v4/2c/29/d1/2c29d19d-f952-a6b8-887e-232916a33ed6/pr_source.png/300x0w.jpg

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:1af::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

caa466dc11c3b07acd8a7414b9ce98ab146cbb290bbd90e41bddb1d480cc6038

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-apple-jingle-correlation-key: OVBBVCPW72HGXYOTNKUGDU34
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-remote: TCP_MISS from a2-22-50-157.deploy.akamaitechnologies.com (AkamaiGHost/9.9.0.2.1-28735203) (-)
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:20B36
status: 200
date: Tue, 03 Mar 2020 07:17:48 GMT
last-modified: Sat, 29 Feb 2020 03:14:19 GMT
x-cache: TCP_MISS from a23-14-94-209.deploy.akamaitechnologies.com (AkamaiGHost/9.8.5.1.1-27758809) (-)
content-length: 34839
cache-control: no-transform, max-age=17026341
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "YDXBVVSsvtLkaxqir8WmpA=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 75421a89-f6fe-8e6b-e1d3-6aa861d37c

GET
H/1.1 200
OK code-calculator_en.jpg
www.luminor.lv/sites/default/files/img/ 299 KB
299 KB 527ms
190ms Image
image/jpeg 195.12.178.28
LUMINOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.luminor.lv/sites/default/files/img/code-calculator_en.jpg
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.12.178.28 , Lithuania, ASN24984 (LUMINOR, LT),
Reverse DNS
Software: /
Resource Hash: ae237240a73f78c715e232a50e01fafc22862fb748986a86cfa27934ace3f83e

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 03 Mar 2020 07:17:48 GMT
Last-Modified: Mon, 18 Jun 2018 10:47:42 GMT
ETag: "4ab26-56ee84b848f80"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 305958
Expires: Tue, 17 Mar 2020 07:17:48 GMT

GET
H2 200 dBQ6h8Xmlsud85AA-R6ujDMeXeCpEZUeaRezaJJOylkpFBi_1VsjNZ6altWRTeG9Sg=h900
static-s.aa-cdn.net/img/gp/20600004951235/ 48 KB
48 KB 355ms
239ms Image
image/png 2.16.187.66
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-s.aa-cdn.net/img/gp/20600004951235/dBQ6h8Xmlsud85AA-R6ujDMeXeCpEZUeaRezaJJOylkpFBi_1VsjNZ6altWRTeG9Sg=h900

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.66 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-187-66.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

2a4a9a880af32b795c65bee7e218df037ab6ee08d9a40ac3ab33c05e396817c7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: ;script-src * 'self' 'unsafe-inline' 'unsafe-eval' ;worker-src * blob: ;style-src * 'unsafe-inline' data: ;frame-ancestors 'self' static-s.aa-cdn.net www.appannie.com ;img-src * data: blob: ;font-src * data: ;media-src * data: blob: ;base-uri 'self' d6tizftlrpuof.cloudfront.net manifest.prod.boltdns.net secure.brightcove.com ;report-uri https://sentry.smart-sense.org/api/96/csp-report/?sentry_key=28d56c139d1542a19730a3eb84757027;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 29 Jan 2018 22:59:36 GMT
server: nginx
date: Tue, 03 Mar 2020 07:17:48 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
z_edgeip: 2.16.187.66
cache-control: max-age=2591956
content-security-policy: default-src * data: blob: ;script-src * 'self' 'unsafe-inline' 'unsafe-eval' ;worker-src * blob: ;style-src * 'unsafe-inline' data: ;frame-ancestors 'self' static-s.aa-cdn.net www.appannie.com ;img-src * data: blob: ;font-src * data: ;media-src * data: blob: ;base-uri 'self' d6tizftlrpuof.cloudfront.net manifest.prod.boltdns.net secure.brightcove.com ;report-uri https://sentry.smart-sense.org/api/96/csp-report/?sentry_key=28d56c139d1542a19730a3eb84757027;
content-length: 48831
x-xss-protection: 1; mode=block
expires: Thu, 02 Apr 2020 07:17:04 GMT

GET
H2 200 jEJXnFELzEO79LzJcWuxj042-STX-YqS47SfkoPxiIX2N-oCWp8GsctEH999Pkzu_JQ=w412-h220-rw
lh3.googleusercontent.com/ 8 KB
8 KB 6ms
6ms Image
image/webp 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/jEJXnFELzEO79LzJcWuxj042-STX-YqS47SfkoPxiIX2N-oCWp8GsctEH999Pkzu_JQ=w412-h220-rw

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dcd88f62674c6abe7bf38d6935519dcfadf8ef9e591e2c8ea21321e73e37baf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:47 GMT
x-content-type-options: nosniff
age: 1
status: 200
content-disposition: inline;filename="unnamed.webp"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7926
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 04 Mar 2020 07:17:47 GMT

GET
H2 200 183962-1407479543521.png
image2.owler.com/ 163 KB
164 KB 513ms
513ms Image
image/png 13.225.73.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.owler.com/183962-1407479543521.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.69 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-69.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f66c0e589ea87e985aa78d36a627dc16581501a564ffe81c5d549d0b701f70c4

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:49 GMT
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
last-modified: Fri, 08 Aug 2014 06:32:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "ccda5c8d4366c231fe96b7a30f81f4fd"
x-cache: Miss from cloudfront
content-type: image/png
status: 200
accept-ranges: bytes
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 166935
x-amz-cf-id: emRxliHsqkQFTzpQovu29dTV9Og5nJzaGSx9doFwzL0meXgPAliQEg==

GET
H2 200 s-pankki-bank.png
hsivonen.fi/bank-idp/ 58 KB
58 KB 24ms
24ms Image
image/png 2001:4b98:dc2:41:216:3eff:fe12:e3e1
http://www.gandi.net

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hsivonen.fi/bank-idp/s-pankki-bank.png

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:4b98:dc2:41:216:3eff:fe12:e3e1 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR),

Reverse DNS

Software

nginx/1.17.8 /

Resource Hash

05e0593f26ffc409bebe4764d372f5f488261620abd5d02dd93e2014ac60d52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:48 GMT
last-modified: Tue, 14 Jul 2015 12:09:11 GMT
server: nginx/1.17.8
etag: "55a4fbe7-e8ea"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 59626

GET
H/1.1 200
OK Phishing-Campaign-Aims-at-Finnish-Bank-Credentials-452654-2.jpg
news-cdn.softpedia.com/images/news2/ 212 KB
212 KB 1771ms
1624ms Image
image/jpeg 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-cdn.softpedia.com/images/news2/Phishing-Campaign-Aims-at-Finnish-Bank-Credentials-452654-2.jpg
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 46fc609b241327cc6882b56c14ef62981c808c274925b821876f76f9c069b486

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 03 Mar 2020 07:17:50 GMT
Last-Modified: Tue, 29 Jul 2014 15:30:48 GMT
ETag: "1406647848"
X-HW: 1583219868.dop002.wa1.t,1583219868.cds008.wa1.shn,1583219868.dop002.wa1.t,1583219870.cds011.wa1.p
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 216845

GET
H2 200 1c78b514-6e04-4afa-9591-a7c13706315e
imgs.aftonbladet-cdn.se/v2/images/ 205 KB
206 KB 573ms
555ms Image
image/jpeg 2606:4700:10::6814:3f58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.aftonbladet-cdn.se/v2/images/1c78b514-6e04-4afa-9591-a7c13706315e?fit=crop&h=900&w=1600&s=033f8b79a0195e128e6f2d704324ea6fcf4a9e31

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3f58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb2ffe5eb3781e7419088d35cf86331e236334f522d267521b24bd6dc8a80e94

Security Headers

Name	Value
Strict-Transport-Security	max-age=14400; includeSubDomains

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:49 GMT
cf-cache-status: HIT
server: cloudflare
age: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=315360000
strict-transport-security: max-age=14400; includeSubDomains
cf-ray: 56e19472addbc272-FRA

GET
H/1.1 200
OK 5080.jpg
www.finextra.com/finextra-images/top_pics/xl/ 38 KB
39 KB 322ms
39ms Image
image/jpeg 89.234.26.97
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.finextra.com/finextra-images/top_pics/xl/5080.jpg

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

89.234.26.97 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

finextra.com

Software

Microsoft-IIS/8.5 /

Resource Hash

62b9b12578b5ed82f79a6e38d4dcc9cccd4cdf8e2e058b3e3680e8bd689b7412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=31536000
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 22 Aug 2013 14:48:55 GMT
Server: Microsoft-IIS/8.5
ETag: "80e58eb9469fce1:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=86400
Date: Tue, 03 Mar 2020 07:17:44 GMT
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 39341
X-XSS-Protection: 1; mode=block

GET
H2 200 nordea-login.png
cdn.dribbble.com/users/182274/screenshots/3001921/ 149 KB
149 KB 237ms
183ms Image
image/webp 151.101.114.90
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.dribbble.com/users/182274/screenshots/3001921/nordea-login.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.90 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Thumbor/6.7.0 /
Resource Hash: 815817dcf3fe2eee6fc722740b0d175973b1d93d8f9abb62191337f8126a77e7

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:48 GMT
via: 1.1 varnish, 1.1 varnish
age: 273810
x-cache: HIT, MISS
status: 200
content-length: 152088
x-served-by: cache-jfk8120-JFK, cache-hhn4041-HHN
server: Thumbor/6.7.0
x-timer: S1583219869.685620,VS0,VE162
etag: "9da12bf4855afada1fe49323208b039e235ae019"
vary: Accept, Cookie
content-type: image/webp
expires: Thu, 28 Feb 2030 15:14:19 GMT
cache-control: max-age=315576000,public
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 EJW%20Blackstone%20d%C3%B8rskilt%20New%20York.jpg
finanswatch.dk/incoming/article10780481.ece/ALTERNATES/native-app-960/ 88 KB
88 KB 205ms
100ms Image
image/jpeg 91.214.22.210
JPPOL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finanswatch.dk/incoming/article10780481.ece/ALTERNATES/native-app-960/EJW%20Blackstone%20d%C3%B8rskilt%20New%20York.jpg
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.214.22.210 Copenhagen, Denmark, ASN50783 (JPPOL, DK),
Reverse DNS
Software: /
Resource Hash: 53777717e2026fecf07b17dfba76564a39584a5e776954e224fde4b379f76854

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:48 GMT
via: 1.1 varnish-v4
last-modified: Thu, 02 Aug 2018 12:00:06 GMT
age: 0
x-cache: HIT - cronus035.jp-prod.jppol.net
x-varnish: 45910572 45750254
status: 200
cache-control: max-age=691200, public
accept-ranges: bytes
content-type: image/jpeg
content-length: 89702

GET
H2 200 750x750bb.jpeg
is4-ssl.mzstatic.com/image/thumb/Purple113/v4/fa/de/96/fade9696-cbc1-1271-f2b2-676bf766cb19/mzl.zknjtoqu.png/ 50 KB
51 KB 138ms
138ms Image
image/jpeg 2a02:26f0:64:186::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is4-ssl.mzstatic.com/image/thumb/Purple113/v4/fa/de/96/fade9696-cbc1-1271-f2b2-676bf766cb19/mzl.zknjtoqu.png/750x750bb.jpeg

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:186::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

057177facca3187ad10eeae783f7061a89ad4f4e968173c8c624fe0aaf06b609

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-apple-jingle-correlation-key: CSFC6CGTJY5VIJA2LNWACRHQ
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-remote: TCP_MISS from a2-21-77-116.deploy.akamaitechnologies.com (AkamaiGHost/9.9.0.2.1-28735203) (-)
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:20B36
status: 200
date: Tue, 03 Mar 2020 07:17:48 GMT
last-modified: Sat, 29 Feb 2020 03:14:19 GMT
x-cache: TCP_MISS from a23-14-94-192.deploy.akamaitechnologies.com (AkamaiGHost/9.9.0.2.1-28735203) (-)
content-length: 51368
cache-control: no-transform, max-age=15602206
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "jxyd6m4nwXKA+8BuxL+Mow=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 148a2f08-d34e-3b54-241a-5b6c0144f0

GET
H/1.1 200
OK Nordea.jpg
i.colnect.net/f/5514/401/ 20 KB
20 KB 101ms
42ms Image
image/jpeg 94.130.39.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.colnect.net/f/5514/401/Nordea.jpg
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 94.130.39.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: colnect.net
Software: nginx /
Resource Hash: c41927ef3bc6e4751ea3d69cd2fa4948b0b0c586014bac9a4b278ad4b389cc52

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: public
Date: Tue, 03 Mar 2020 07:17:48 GMT
Last-Modified: Wed, 16 Jan 2019 20:54:03 GMT
Server: nginx
ETag: "5c3f99eb-4fd1"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 20433
Expires: Thu, 02 Apr 2020 07:17:48 GMT

GET
H2 200 nordea-gateway-settings.png
docs.woocommerce.com/wp-content/uploads/2015/05/ 68 KB
68 KB 86ms
34ms Image
image/png 192.0.66.5
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://docs.woocommerce.com/wp-content/uploads/2015/05/nordea-gateway-settings.png
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.5 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 17b9f18220af7f83cba47162e48fe59436cea38728b4103fca0a04d0df4b2931

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:48 GMT
x-rq: ams2 109 84 443
last-modified: Wed, 30 Sep 2015 22:14:20 GMT
server: nginx
etag: "c4592c3f238cbf88"
x-cache: MISS
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 69819
expires: Wed, 03 Mar 2021 07:17:48 GMT

GET
H2 200 8u-FJ6tCbT7wS7gK4muGbrymF_juuy2VctDocP1umf_kvX_h9nDDq1Fs-v1Cp6XxwoA
lh3.googleusercontent.com/ 21 KB
21 KB 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/8u-FJ6tCbT7wS7gK4muGbrymF_juuy2VctDocP1umf_kvX_h9nDDq1Fs-v1Cp6XxwoA

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09bdac035011fafb7a31b16d9091386d8be8f8cd6cf77ce1ca6bd1b932e5eeeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:47 GMT
x-content-type-options: nosniff
age: 1
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 21126
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 04 Mar 2020 07:17:47 GMT

GET
H2 200 392x696bb.jpg
is1-ssl.mzstatic.com/image/thumb/Purple125/v4/c5/28/78/c52878df-c58c-532d-677f-f15d1a3568c8/source/ 58 KB
59 KB 1132ms
1131ms Image
image/jpeg 2a02:26f0:64:1af::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is1-ssl.mzstatic.com/image/thumb/Purple125/v4/c5/28/78/c52878df-c58c-532d-677f-f15d1a3568c8/source/392x696bb.jpg

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:1af::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

1854221a9da2d975964975646b83c865bc501c99ea664a5b9b57db5df963d409

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-apple-jingle-correlation-key: O4FEYD3U4HUS2DOXZBR37ZTLJY
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-remote: TCP_MISS from a2-22-50-180.deploy.akamaitechnologies.com (AkamaiGHost/9.9.0.2.1-28735203) (-)
x-daiquiri-instance: daiquiri:33624001:pv50p00it-hyhk10063801:7987:20C72
status: 200
date: Tue, 03 Mar 2020 07:17:50 GMT
last-modified: Tue, 03 Mar 2020 07:17:49 GMT
x-cache: TCP_MISS from a23-14-94-209.deploy.akamaitechnologies.com (AkamaiGHost/9.8.5.1.1-27758809) (-)
content-length: 59423
cache-control: no-transform, max-age=16191269
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "5xpSL6R4sHyWlmIarKQUAg=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 770a4c0f-74e1-e92d-0dd7-c863bfe66b4e

GET
H2 200 6F736BAF-8476-4877-9D03-059940A33304
media.thestar.com.my/Prod/ 15 KB
16 KB 740ms
675ms Image
image/jpeg 13.224.194.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thestar.com.my/Prod/6F736BAF-8476-4877-9D03-059940A33304
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.6 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-6.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7299c4d6a5f1a440fc91f7f0b81439593aeeb865f04e6d4394e7f5e7acd20d27

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:50 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Wed, 26 Sep 2018 23:14:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "0e3d8b56457292f1da6e9970f093c77f"
x-cache: Hit from cloudfront
x-amz-version-id: oPFdJ0KnDgtdpeCjy.PXX3AQFCEmzn6o
status: 200
accept-ranges: bytes
content-type: image/jpeg
content-length: 15599
x-amz-cf-id: gqg7wll0EQ-sqZfVsUVGY2cyVQ5ez7iHEoIKi3_itYWrzWapIiOrdw==

GET
H/1.1 200
OK page_2.jpg
docplayer.net/docs-images/49/18145005/images/ 205 KB
206 KB 157ms
72ms Image
image/jpeg 138.201.54.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://docplayer.net/docs-images/49/18145005/images/page_2.jpg
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.54.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.54.201.138.clients.your-server.de
Software: nginx /
Resource Hash: be48272a097be71338bfb6d4c738c00612023669ddcbde1088c0ebfdb29bb30e

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 03 Mar 2020 07:17:49 GMT
Last-Modified: Fri, 09 Dec 2016 06:49:51 GMT
Server: nginx
Cache-Backend-Server: slideplayer-98
ETag: "584a540f-334ad"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Link: <https://docplayer.net/docs-images/49/18145005/images/page_2.jpg>; rel="canonical"
Content-Length: 210093

GET aHR0cHM6Ly9saDMuZ29vZ2xldXNlcmNvbnRlbnQuY29tLzUwcE5oV2hSeXNQQW1Ed19MV0pjY0VFUUtRc0E1am5vd1l6VTE0bUZxVmg2eWd4aVl0Rk5sLWx2Q05CVmdaRVl2dw.jpg
apk4ever.club/pics/QqzWi2OA12_4WXpD5RmQ7E55k3VbHTDiA77hVlhAuFA/fill/512/288/no/1/ 0
0

GET
H2 200 -1x-1.png
assets.bwbx.io/images/users/iqjWHBFdfxIU/iSFpK7Fws4fs/v0/ 69 KB
69 KB 77ms
73ms Image
image/png 151.101.13.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iSFpK7Fws4fs/v0/-1x-1.png

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.73 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.13.12 /

Resource Hash

52e184b75cb175f615c364174cff36239187e7c89e56c2e0d708383121ce701a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:49 GMT
via: 1.1 varnish, 1.1 varnish
age: 625539
x-cache-status: MISS
x-cache: HIT, HIT
status: 200
edge-control: !no-store,max-age=365d
content-length: 70779
x-served-by: cache-jfk8149-JFK, cache-fra19141-FRA
server: nginx/1.13.12
x-timer: S1583219869.022967,VS0,VE47
etag: "00056a7e9906e673cdb8cd1523c30619b"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 Kuvankaappaus-2013-11-17-kello-8.22.52.png
i2.wp.com/www.migranttales.net/wp-content/uploads/2013/11/ 36 KB
36 KB 1236ms
1189ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.migranttales.net/wp-content/uploads/2013/11/Kuvankaappaus-2013-11-17-kello-8.22.52.png?fit=1200%2C713

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

98887092c2b946dfe5c505f7bdcbecb1ef83bcfb00265c11a7fa6bad75cb3a80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-nc: MISS ams 6
date: Tue, 03 Mar 2020 07:17:50 GMT
x-content-type-options: nosniff
x-bytes-saved: 337364
last-modified: Tue, 03 Mar 2020 07:17:50 GMT
server: nginx
etag: "bfc75a6d9de34460"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <http://www.migranttales.net/wp-content/uploads/2013/11/Kuvankaappaus-2013-11-17-kello-8.22.52.png>; rel="canonical"
content-length: 36374
expires: Thu, 03 Mar 2022 19:17:50 GMT

GET
H2

200

/
www.facebook.com/NordeaSverige/photos/a.215751038434972/2046010892075635/
Redirect Chain

https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=213838061959603
https://www.facebook.com/NordeaSverige/photos/a.215751038434972/2046010892075635/?type=3&is_lookaside=1

0
0

140ms
140ms

Image
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/NordeaSverige/photos/a.215751038434972/2046010892075635/?type=3&is_lookaside=1
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
x-fb-debug: u4gqJ904sMiKXD/V8dyIoP9e9UCo26tAqti63gu5Xf/OOVsXP+qo5UCwiAL3t3Fs1UWOH84swf7giQOGsNGNTg==
x-fb-trip-id: 1850256238
x-content-type-options: nosniff
location: https://www.facebook.com/NordeaSverige/photos/a.215751038434972/2046010892075635/?type=3&is_lookaside=1
date: Tue, 03 Mar 2020 07:17:49 GMT, Tue, 03 Mar 2020 07:17:49 GMT
x-frame-options: DENY
content-type: text/html; charset="utf-8"
status: 302
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-length: 0
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 300x0w.jpg
is4-ssl.mzstatic.com/image/thumb/Purple123/v4/16/75/ac/1675acbd-3d6d-a22e-65ed-c8c57844609e/pr_source.png/ 18 KB
19 KB 65ms
64ms Image
image/jpeg 2a02:26f0:64:186::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is4-ssl.mzstatic.com/image/thumb/Purple123/v4/16/75/ac/1675acbd-3d6d-a22e-65ed-c8c57844609e/pr_source.png/300x0w.jpg

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:186::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

6cb6b5af7865021b6571c1497d50857f557f128427b95262fc735388f14490c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-apple-jingle-correlation-key: RXZ2XQBTX2DHBOUCXNHVPJ7A
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-remote: TCP_MISS from a2-22-50-150.deploy.akamaitechnologies.com (AkamaiGHost/9.9.0.2.1-28735203) (-)
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:20B36
status: 200
date: Tue, 03 Mar 2020 07:17:49 GMT
last-modified: Mon, 02 Mar 2020 00:37:27 GMT
x-cache: TCP_MISS from a23-14-94-192.deploy.akamaitechnologies.com (AkamaiGHost/9.9.0.2.1-28735203) (-)
content-length: 18826
cache-control: no-transform, max-age=14160831
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "pVRLaY6R6UdfOUh6DizSWQ=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 8df3abc0-33be-8670-ba82-bb4f57a7e0

GET
H2 200 scripts.js Show response
www.sparechangeinc.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 14ms
14ms Script
application/javascript 2606:4700:3037::681c:d51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sparechangeinc.com/wp-content/plugins/contact-form-7/includes/js/scripts.js

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681c:d51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 72066
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 01 Dec 2019 04:35:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5de3431e-3868"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 56e19464eeda2484-FRA
expires: Tue, 02 Mar 2021 11:16:40 GMT

GET
H2 200 jquery.sidr.min.js Show response
www.sparechangeinc.com/wp-content/themes/superfast/js/ 7 KB
2 KB 26ms
20ms Script
application/javascript 2606:4700:3037::681c:d51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sparechangeinc.com/wp-content/themes/superfast/js/jquery.sidr.min.js

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681c:d51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a65a90d45e96a839c51c415245fdd88b0bebcdf8b4dc7faafd4d914b82cde215

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 72066
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Aug 2019 13:44:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d4ad5ad-1b36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 56e19464ff192484-FRA
expires: Tue, 02 Mar 2021 11:16:40 GMT

GET
H2 200 customscript.js Show response
www.sparechangeinc.com/wp-content/themes/superfast/js/ 3 KB
973 B 23ms
17ms Script
application/javascript 2606:4700:3037::681c:d51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sparechangeinc.com/wp-content/themes/superfast/js/customscript.js

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681c:d51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be06ffb2cd06a02216ca9a5e16cecf8009507b74105774aedd0617ddaa8b8cbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 72066
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Aug 2019 13:44:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d4ad5ad-a22"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 56e19464ff1d2484-FRA
expires: Tue, 02 Mar 2021 11:16:40 GMT

GET
H2 200 comment-reply.min.js Show response
www.sparechangeinc.com/wp-includes/js/ 2 KB
1 KB 18ms
12ms Script
application/javascript 2606:4700:3037::681c:d51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sparechangeinc.com/wp-includes/js/comment-reply.min.js

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681c:d51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 72066
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Nov 2019 04:00:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dcb7fec-951"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 56e19464ff212484-FRA
expires: Tue, 02 Mar 2021 11:16:40 GMT

GET
H2 200 q2w3-fixed-widget.min.js Show response
www.sparechangeinc.com/wp-content/plugins/q2w3-fixed-widget/js/ 4 KB
1 KB 22ms
16ms Script
application/javascript 2606:4700:3037::681c:d51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sparechangeinc.com/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681c:d51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 72066
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Aug 2019 13:43:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d4ad59e-1108"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 56e19464ff232484-FRA
expires: Tue, 02 Mar 2021 11:16:40 GMT

GET
H2 200 form.js Show response
www.sparechangeinc.com/wp-content/plugins/akismet/_inc/ 700 B
350 B 14ms
12ms Script
application/javascript 2606:4700:3037::681c:d51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sparechangeinc.com/wp-content/plugins/akismet/_inc/form.js

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681c:d51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 72066
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Nov 2019 06:36:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dbbd25b-2bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 56e19464ff242484-FRA
expires: Tue, 02 Mar 2021 11:16:40 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sparechangeinc.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sparechangeinc.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/ 221 KB
83 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8c08be12e015648be6e4b0040898dd78a7b950926792cd750ee70a12930b89c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 07:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84611
x-xss-protection: 0
server: cafe
etag: 8867122644226960194
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Mar 2020 07:17:49 GMT

GET
H2 200 /
www.sparechangeinc.com/nordea-online-banking-login/ 64 KB
64 KB 572ms
571ms Image
text/html 2606:4700:3037::681c:d51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sparechangeinc.com/nordea-online-banking-login/

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681c:d51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 56e194651f4c2484-FRA
link: <https://www.sparechangeinc.com/wp-json/>; rel="https://api.w.org/", <https://www.sparechangeinc.com/?p=12879>; rel=shortlink
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ElegantIcons.woff
www.sparechangeinc.com/wp-content/themes/superfast/fonts/ 62 KB
62 KB 16ms
14ms Font
application/font-woff 2606:4700:3037::681c:d51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sparechangeinc.com/wp-content/themes/superfast/fonts/ElegantIcons.woff

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681c:d51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sparechangeinc.com/wp-content/themes/superfast/style.css
Origin: https://www.sparechangeinc.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36028
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Aug 2019 13:44:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d4ad5ad-f8b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/font-woff
cache-control: max-age=31536000
cf-ray: 56e194651f4f2484-FRA
expires: Tue, 02 Mar 2021 21:17:18 GMT

GET
H2 200 XRXV3I6Li01BKofINeaBTMnFcQ.woff2
fonts.gstatic.com/s/nunito/v12/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v12/XRXV3I6Li01BKofINeaBTMnFcQ.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c2d02ad946969c6fc9ed583bdb76b3bf0bd2328575a93c42ff87ece9498504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C300%26subset%3Dlatin%2C
Origin: https://www.sparechangeinc.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 05:07:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Nov 2019 17:37:30 GMT
server: sffe
age: 2427019
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13992
x-xss-protection: 0
expires: Wed, 03 Feb 2021 05:07:27 GMT

GET
H2 200 XRXW3I6Li01BKofAjsOUYevIWzgPDA.woff2
fonts.gstatic.com/s/nunito/v12/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v12/XRXW3I6Li01BKofAjsOUYevIWzgPDA.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e02b534e9efe5d016da40b254370942d95661deae11696af372549c3f6dd877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C300%26subset%3Dlatin%2C
Origin: https://www.sparechangeinc.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 17:30:11 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Nov 2019 17:37:40 GMT
server: sffe
age: 2382455
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14096
x-xss-protection: 0
expires: Wed, 03 Feb 2021 17:30:11 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200224/r20190131/ Frame B500 0
0 6ms
5ms Document
text/html 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200224/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200224/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.sparechangeinc.com/nordea-online-banking-login/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.sparechangeinc.com/nordea-online-banking-login/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 27 Feb 2020 11:28:14 GMT
expires: Thu, 12 Mar 2020 11:28:14 GMT
content-type: text/html; charset=UTF-8
etag: 3560819023258359450
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4495
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 416972
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 2 KB
3 KB 40ms
14ms Image
image/jpeg 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQh_l3eQ5xwiPy07kGEXjmjgmBKBRB7H2mRxCGhv1tFWg5c_mWT

Requested by

Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcf9fdd5ab81da78cbca3ca589d8ff4c608a00f3d90665f2dc1aa8b9636998d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Dec 2015 19:19:47 GMT
server: sffe
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2347
x-xss-protection: 0
expires: Wed, 03 Mar 2021 07:17:46 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 103ms
32ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: www.sparechangeinc.com
URL: https://www.sparechangeinc.com/nordea-online-banking-login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 07:17:46 GMT
content-encoding: br
last-modified: Thu, 06 Dec 2018 14:12:12 GMT
x-cdn-pop-ip: 51.254.41.128/26
etag: "-139234964"
x-cacheable: Matched cache
content-type: text/javascript
status: 200
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 4333
x-request-id: 828736357

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame B874 0
0 69ms
69ms Document
text/html 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8540846906976433&output=html&adk=1812271804&adf=3025194257&lmt=1583219869&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1583219866405&bpp=17&bdt=53&fdt=2980&idt=2980&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2335061237721&frm=20&pv=2&ga_vid=2077214493.1583219869&ga_sid=1583219869&ga_hid=543711854&ga_fc=0&iag=0&icsg=52401464324095&dssz=39&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2728554196875377&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=2994

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8540846906976433&output=html&adk=1812271804&adf=3025194257&lmt=1583219869&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1583219866405&bpp=17&bdt=53&fdt=2980&idt=2980&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2335061237721&frm=20&pv=2&ga_vid=2077214493.1583219869&ga_sid=1583219869&ga_hid=543711854&ga_fc=0&iag=0&icsg=52401464324095&dssz=39&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2728554196875377&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=2994
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.sparechangeinc.com/nordea-online-banking-login/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.sparechangeinc.com/nordea-online-banking-login/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 03 Mar 2020 07:17:49 GMT
server: cafe
content-length: 547
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 03-Mar-2020 07:32:49 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Tue, 03 Mar 2020 07:17:49 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a5bdf67d362c322582135748215c4533bc194ffbd946519785964f1b7088bf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 07:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1583152538719053"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27714
x-xss-protection: 0
expires: Tue, 03 Mar 2020 07:17:49 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3A05 0
0 73ms
73ms Document
text/html 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8540846906976433&output=html&h=280&slotname=9881242801&adk=1622227382&adf=3410240025&w=730&fwrn=4&fwrnh=100&lmt=1583219869&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=730x280&url=https%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1583219866422&bpp=14&bdt=71&fdt=3004&idt=3004&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2335061237721&frm=20&pv=1&ga_vid=2077214493.1583219869&ga_sid=1583219869&ga_hid=543711854&ga_fc=0&iag=0&icsg=193138952679423&dssz=40&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=543&ady=123&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2728554196875377&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tSjPb7D3fi&p=https%3A//www.sparechangeinc.com&dtd=3009

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8540846906976433&output=html&h=280&slotname=9881242801&adk=1622227382&adf=3410240025&w=730&fwrn=4&fwrnh=100&lmt=1583219869&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=730x280&url=https%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1583219866422&bpp=14&bdt=71&fdt=3004&idt=3004&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2335061237721&frm=20&pv=1&ga_vid=2077214493.1583219869&ga_sid=1583219869&ga_hid=543711854&ga_fc=0&iag=0&icsg=193138952679423&dssz=40&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=543&ady=123&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2728554196875377&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tSjPb7D3fi&p=https%3A//www.sparechangeinc.com&dtd=3009
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.sparechangeinc.com/nordea-online-banking-login/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.sparechangeinc.com/nordea-online-banking-login/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 03 Mar 2020 07:17:49 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 03-Mar-2020 07:32:49 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Tue, 03 Mar 2020 07:17:49 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame B2D3 0
0 109ms
109ms Document
text/html 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8540846906976433&output=html&h=250&slotname=1409169490&adk=3269784573&adf=2984306924&w=970&lmt=1583219869&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&flash=0&wgl=1&adsid=NT&dt=1583219866442&bpp=3&bdt=91&fdt=2995&idt=2995&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=2335061237721&frm=20&pv=1&ga_vid=2077214493.1583219869&ga_sid=1583219869&ga_hid=543711854&ga_fc=0&iag=0&icsg=193138952679423&dssz=40&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=493&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2728554196875377&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=2&uci=a!2&fsb=1&xpc=S3GP2QiUXV&p=https%3A//www.sparechangeinc.com&dtd=2997

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8540846906976433&output=html&h=250&slotname=1409169490&adk=3269784573&adf=2984306924&w=970&lmt=1583219869&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&flash=0&wgl=1&adsid=NT&dt=1583219866442&bpp=3&bdt=91&fdt=2995&idt=2995&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=2335061237721&frm=20&pv=1&ga_vid=2077214493.1583219869&ga_sid=1583219869&ga_hid=543711854&ga_fc=0&iag=0&icsg=193138952679423&dssz=40&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=493&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2728554196875377&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=2&uci=a!2&fsb=1&xpc=S3GP2QiUXV&p=https%3A//www.sparechangeinc.com&dtd=2997
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.sparechangeinc.com/nordea-online-banking-login/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.sparechangeinc.com/nordea-online-banking-login/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 03 Mar 2020 07:17:49 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 03-Mar-2020 07:32:49 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Tue, 03 Mar 2020 07:17:49 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3BDB 0
0 59ms
59ms Document
text/html 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8540846906976433&output=html&h=158&slotname=7683041605&adk=3184040825&adf=4213813201&w=630&fwrn=4&lmt=1583219869&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=630x158&url=https%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&flash=0&wgl=1&adsid=NT&dt=1583219866452&bpp=8&bdt=101&fdt=3011&idt=3011&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C970x250&nras=1&correlator=2335061237721&frm=20&pv=1&ga_vid=2077214493.1583219869&ga_sid=1583219869&ga_hid=543711854&ga_fc=0&iag=0&icsg=193138952679423&dssz=40&mdo=0&mso=0&rplot=4&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=919&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2728554196875377&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=a!3&fsb=1&xpc=APb63TFpKw&p=https%3A//www.sparechangeinc.com&dtd=3014

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8540846906976433&output=html&h=158&slotname=7683041605&adk=3184040825&adf=4213813201&w=630&fwrn=4&lmt=1583219869&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=630x158&url=https%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&flash=0&wgl=1&adsid=NT&dt=1583219866452&bpp=8&bdt=101&fdt=3011&idt=3011&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C970x250&nras=1&correlator=2335061237721&frm=20&pv=1&ga_vid=2077214493.1583219869&ga_sid=1583219869&ga_hid=543711854&ga_fc=0&iag=0&icsg=193138952679423&dssz=40&mdo=0&mso=0&rplot=4&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=919&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2728554196875377&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=a!3&fsb=1&xpc=APb63TFpKw&p=https%3A//www.sparechangeinc.com&dtd=3014
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.sparechangeinc.com/nordea-online-banking-login/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.sparechangeinc.com/nordea-online-banking-login/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 03 Mar 2020 07:17:49 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 03-Mar-2020 07:32:49 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Tue, 03 Mar 2020 07:17:49 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2CD0 0
0 54ms
54ms Document
text/html 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8540846906976433&output=html&h=158&slotname=7683041605&adk=3184040825&adf=1294102160&w=630&fwrn=4&lmt=1583219869&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=630x158&url=https%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&flash=0&wgl=1&adsid=NT&dt=1583219866461&bpp=4&bdt=110&fdt=3011&idt=3011&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C970x250%2C630x158&nras=1&correlator=2335061237721&frm=20&pv=1&ga_vid=2077214493.1583219869&ga_sid=1583219869&ga_hid=543711854&ga_fc=0&iag=0&icsg=193138952679423&dssz=40&mdo=0&mso=0&rplot=4&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=2633&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2728554196875377&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ZBshjT3mjF&p=https%3A//www.sparechangeinc.com&dtd=3014

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8540846906976433&output=html&h=158&slotname=7683041605&adk=3184040825&adf=1294102160&w=630&fwrn=4&lmt=1583219869&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=630x158&url=https%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&flash=0&wgl=1&adsid=NT&dt=1583219866461&bpp=4&bdt=110&fdt=3011&idt=3011&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C970x250%2C630x158&nras=1&correlator=2335061237721&frm=20&pv=1&ga_vid=2077214493.1583219869&ga_sid=1583219869&ga_hid=543711854&ga_fc=0&iag=0&icsg=193138952679423&dssz=40&mdo=0&mso=0&rplot=4&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=2633&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2728554196875377&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ZBshjT3mjF&p=https%3A//www.sparechangeinc.com&dtd=3014
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.sparechangeinc.com/nordea-online-banking-login/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.sparechangeinc.com/nordea-online-banking-login/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 03 Mar 2020 07:17:49 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 03-Mar-2020 07:32:49 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Tue, 03 Mar 2020 07:17:49 GMT
cache-control: private

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 47 B
318 B 359ms
116ms Script
text/html 198.27.80.143
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4294915&@f16&@g1&@h1&@i1&@j1583219869479&@k0&@l1&@mNordea%20Online%20Banking%20Login&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:97713283&@b3:1583219869&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.27.80.143 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns558056.ip-198-27-80.net
Software: /
Resource Hash: a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 03 Mar 2020 07:17:49 GMT
Connection: close
Content-Length: 47
Content-Type: text/html;charset=UTF-8

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame F7B7 0
0 181ms
181ms Document
text/html 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8540846906976433&output=html&h=600&slotname=4621763996&adk=1991775079&adf=252835166&w=300&lmt=1583219869&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&flash=0&wgl=1&adsid=NT&dt=1583219866507&bpp=4&bdt=155&fdt=2999&idt=2999&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C970x250%2C630x158%2C630x158&nras=1&correlator=2335061237721&frm=20&pv=1&ga_vid=2077214493.1583219869&ga_sid=1583219869&ga_hid=543711854&ga_fc=0&iag=0&icsg=772555810717692&dssz=41&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=973&ady=930&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2728554196875377&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FAkjqqxEuR&p=https%3A//www.sparechangeinc.com&dtd=3001

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8540846906976433&output=html&h=600&slotname=4621763996&adk=1991775079&adf=252835166&w=300&lmt=1583219869&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&flash=0&wgl=1&adsid=NT&dt=1583219866507&bpp=4&bdt=155&fdt=2999&idt=2999&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C970x250%2C630x158%2C630x158&nras=1&correlator=2335061237721&frm=20&pv=1&ga_vid=2077214493.1583219869&ga_sid=1583219869&ga_hid=543711854&ga_fc=0&iag=0&icsg=772555810717692&dssz=41&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=973&ady=930&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2728554196875377&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=7&uci=a!7&fsb=1&xpc=FAkjqqxEuR&p=https%3A//www.sparechangeinc.com&dtd=3001
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.sparechangeinc.com/nordea-online-banking-login/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.sparechangeinc.com/nordea-online-banking-login/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 03 Mar 2020 07:17:49 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUnOWMp9i9fw5mJp_Gfbe8heDaPwd_XMyVSW6QSXuD8z_6X1WeZza9lD9076; expires=Sun, 28-Mar-2021 07:17:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Tue, 03 Mar 2020 07:17:49 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame BCD6 0
0 162ms
162ms Document
text/html 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8540846906976433&output=html&h=600&slotname=2789220848&adk=3316220365&adf=749892634&w=300&fwrn=4&fwrnh=100&lmt=1583219869&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1583219866518&bpp=5&bdt=167&fdt=2998&idt=2998&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C970x250%2C630x158%2C630x158%2C300x600&nras=1&correlator=2335061237721&frm=20&pv=1&ga_vid=2077214493.1583219869&ga_sid=1583219869&ga_hid=543711854&ga_fc=0&iag=0&icsg=772555810717692&dssz=41&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=973&ady=2185&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2728554196875377&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=HwN4rP94KQ&p=https%3A//www.sparechangeinc.com&dtd=3000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8540846906976433&output=html&h=600&slotname=2789220848&adk=3316220365&adf=749892634&w=300&fwrn=4&fwrnh=100&lmt=1583219869&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fwww.sparechangeinc.com%2Fnordea-online-banking-login%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1583219866518&bpp=5&bdt=167&fdt=2998&idt=2998&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C970x250%2C630x158%2C630x158%2C300x600&nras=1&correlator=2335061237721&frm=20&pv=1&ga_vid=2077214493.1583219869&ga_sid=1583219869&ga_hid=543711854&ga_fc=0&iag=0&icsg=772555810717692&dssz=41&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=973&ady=2185&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2728554196875377&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=HwN4rP94KQ&p=https%3A//www.sparechangeinc.com&dtd=3000
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.sparechangeinc.com/nordea-online-banking-login/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.sparechangeinc.com/nordea-online-banking-login/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 03 Mar 2020 07:17:49 GMT
server: cafe
content-length: 5569
x-xss-protection: 0
set-cookie: IDE=AHWqTUlwNP3kfcM6YHG0QdDgHxrHkw7lQAqLvSJDekoJUbbZq8ELlozGi2-0Pdpn; expires=Sun, 28-Mar-2021 07:17:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Tue, 03 Mar 2020 07:17:49 GMT
cache-control: private

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 21ms
21ms XHR
application/json 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200224&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdc553ca841c83231cf80b9a6fdee996dde526dfd243bc8c8edb24de2df9e4d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
Origin: https://www.sparechangeinc.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Mar 2020 07:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5171
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 03 Mar 2020 07:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Tue, 03 Mar 2020 07:18:02 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame E37B 0
0 8ms
7ms Document
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.sparechangeinc.com/nordea-online-banking-login/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.sparechangeinc.com/nordea-online-banking-login/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Tue, 03 Mar 2020 06:51:36 GMT
expires: Wed, 03 Mar 2021 06:51:36 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1586
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
66 B 15ms
15ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200224&jk=2728554196875377&bg=!YGOlY3tYMGg8KqGQIVACAAAATlIAAAAOmQFiRGoVV2xVRUSGAgK1l46aM-QX5zhBR2IKfu5p9dELYvrs_KAr_8lbcVgSJF5WL8NInEqJnCgNFW8HuxrjGJN_zDkHj66HtzRT_WGPMYa0f5OXLbd3hdaYtKeVzlJKnHIEZlRumZJufA_6iGgb4Jw2ERw9N8PKYIn-sPve9RHHq9TAeqPdl-azfq6fShzQtWtp5qXVTuigF_X6Y5Oaq_K7yTw65g2i9yxtSxaVAO_TWgjKdRwJg7ck7r1qgZe74sLbG_6r4SVcPVLlVzkwBz29OFA-PDOBzaHVU5j7z3jy5G4ZFqH06sq5XtL46x57LNbUsqWejBJ_Bmp3AdJMv_4aEYBeDi8kkAqqmHP0UYZ9dwLzxijNr7r3WsM5s805WXCkYlAvpbnPbP_qXi8o-OSX5XuAg_jNlg1aL38hCHc6L8_6e-jPXUgjHG7TxPLHR1W4krIdw3rr9gdRRSeb_B5x2pws

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sparechangeinc.com/nordea-online-banking-login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 03 Mar 2020 07:18:02 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
URL: x-raw-image:///56733fc42018b321b2327d934603fcafcd90bf0e7b1ea62831d57eed42de129c

Domain: bank-online.com
URL: https://bank-online.com/wp-content/uploads/Nordea-Bank-005.png

Domain
URL: x-raw-image:///a564a3b33d6fea8c0e19d0c82989280023e78976fb54ca77098667b73e9ecb1c

Domain
URL: x-raw-image:///90ba4ad93280fdfb73bb5b34b8403a914342cda2cc257bfb0e49ad1a47e90fb8

Domain
URL: x-raw-image:///0a3f0c4c98631f3cd59aad624d2710cae683f3206089ee49c3ae9e928bc40e25

Domain
URL: x-raw-image:///4bfbe4a869dc8addb542d72effc20193f559dcef9900860823c45e7090c68b34

Domain: imgsdown.1mobile.com
URL: https://imgsdown.1mobile.com/group2/M00/24/31/S36rZFpL_eWAHwqcAAPgdHjz6VE946.png

Domain: apk4ever.club
URL: https://apk4ever.club/pics/QqzWi2OA12_4WXpD5RmQ7E55k3VbHTDiA77hVlhAuFA/fill/512/288/no/1/aHR0cHM6Ly9saDMuZ29vZ2xldXNlcmNvbnRlbnQuY29tLzUwcE5oV2hSeXNQQW1Ed19MV0pjY0VFUUtRc0E1am5vd1l6VTE0bUZxVmg2eWd4aVl0Rk5sLWx2Q05CVmdaRVl2dw.jpg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nordea (Banking)

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.sparechangeinc.com/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js(Line 1) Message: q2w3_sidebar_options not found!

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.


adservice.google.com
adservice.google.de
apk4ever.club
assets.bwbx.io
bank-online.com
bankinghelp.us
banksonline24.com
ccbank.us
cdn.apkmonk.com
cdn.dribbble.com
developer.signicat.com
dl1.cbsistatic.com
docplayer.net
docs.woocommerce.com
encrypted-tbn0.gstatic.com
finanswatch.dk
finlandtoday.fi
fonts.googleapis.com
fonts.gstatic.com
genbin.genesys.com
googleads.g.doubleclick.net
handoff-cdn.appadvice.com
hsivonen.fi
i.colnect.net
i.vimeocdn.com
i.ytimg.com
i2.wp.com
image2.owler.com
imgs.aftonbladet-cdn.se
imgsdown.1mobile.com
internetbanken.privat.nordea.se
iphone-image.apkpure.com
is1-ssl.mzstatic.com
is2-ssl.mzstatic.com
is3-ssl.mzstatic.com
is4-ssl.mzstatic.com
is5-ssl.mzstatic.com
koodid.nordea.ee
lh3.googleusercontent.com
live.staticflickr.com
lookaside.fbsbx.com
media.thestar.com.my
news-cdn.softpedia.com
nofluffjobs.com
pagead2.googlesyndication.com
pbs.twimg.com
pic.accessify.com
res.cloudinary.com
s10.histats.com
s3.reutersmedia.net
s4.histats.com
static-s.aa-cdn.net
storage.googleapis.com
tpc.googlesyndication.com
uidesigner.dk
www.casinonewsdaily.com
www.facebook.com
www.finextra.com
www.googletagservices.com
www.luminor.lv
www.nordea.com
www.nordea.dk
www.nordea.fi
www.paytrail.com
www.sparechangeinc.com

apk4ever.club
bank-online.com
imgsdown.1mobile.com
104.20.83.194
13.224.194.6
13.225.73.69
138.201.54.145
143.204.101.104
143.204.101.67
151.101.114.109
151.101.114.90
151.101.13.73
158.233.249.6
176.114.1.150
185.178.208.171
185.179.117.16
192.0.66.5
192.0.77.2
195.12.178.28
198.27.80.143
2.16.187.66
2001:4b98:dc2:41:216:3eff:fe12:e3e1
209.182.205.242
2600:9000:20eb:c400:0:5a51:64c9:c681
2606:2800:134:fa2:1627:1fe:edb:1665
2606:4700:10::6814:3f58
2606:4700:10::6816:c98
2606:4700:20::681a:4db
2606:4700:20::681a:523
2606:4700:3037::681c:d51
2606:4700::6811:73b4
2a00:1450:4001:806::2016
2a00:1450:4001:808::2001
2a00:1450:4001:815::2002
2a00:1450:4001:816::2010
2a00:1450:4001:819::2001
2a00:1450:4001:819::200a
2a00:1450:4001:81b::200e
2a00:1450:4001:820::2002
2a00:1450:4001:821::2002
2a00:1450:4001:825::2003
2a02:26f0:64:186::2a1
2a02:26f0:64:1af::2a1
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:3::393
2a04:4e42:3::444
45.79.168.159
46.105.201.240
52.212.6.57
52.58.171.3
69.16.175.42
80.241.216.104
88.196.97.170
89.234.26.97
91.214.22.210
92.123.14.115
94.130.39.102
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
057177facca3187ad10eeae783f7061a89ad4f4e968173c8c624fe0aaf06b609
05e0593f26ffc409bebe4764d372f5f488261620abd5d02dd93e2014ac60d52b
0991fd7a0516c269ab8c9a93a65c6eb0060169d411be122b51f38fab447f301f
09bdac035011fafb7a31b16d9091386d8be8f8cd6cf77ce1ca6bd1b932e5eeeb
0b3331740d82e5edb51b3aa4cf3337456b7c69ebeb106693d7765d005bf96f92
0d99d305a4ade4111d393ad4c63db10b51b369259bab96a6a6b17dae50eb53d7
0e02b534e9efe5d016da40b254370942d95661deae11696af372549c3f6dd877
0e105c9b05bc3de322dd1b9583f8553aa3b05216cf2eb2f0d23b897aa718bd0f
128b77ea820e4f44695b9fd41422c4db5eb5c45a5d3dd45d709acb5f0dec7d21
12d72db00bb220225c86d6ce98c5a7dc896c431b18557da61f53689c4ed48f0e
14725be2241b4ca6d6174c104458dfb6d93e04a91c263b020a7e1dea44ab9863
17b9f18220af7f83cba47162e48fe59436cea38728b4103fca0a04d0df4b2931
1854221a9da2d975964975646b83c865bc501c99ea664a5b9b57db5df963d409
195f376b7afb672918e01d73e4ca94b581720160185397a93f677ec6eb8fdc06
19cb6f4c73d49b2d5ac2229f1809b106aaf365b328571592552ce05e73b0692c
1a5bdf67d362c322582135748215c4533bc194ffbd946519785964f1b7088bf7
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668
2078dee7fc89aafc1feefc2f8d3bc3d2db24e580eb55aea12b1f6b06ef3198da
21dddcf5165b4ec262aa0131e64d1802a7ef1a7f76894e9603810db6e2307d31
2253b371f1ecc1febf8057e48014d25dfd06686c25ba62fef60104fea2d09bc7
25defafefe598c81c03bce7e59a8a5aef8e487beddd309d66671aaad4f0cb37c
2783f33ab9a646ca0b84f8cf0f20312b1726868eb96e95aa07dd7367039e3c2d
293928c803e8d61fbfe1a3931c3beec8fd932d4a49067c2f52741602d6e97e5e
29f080cb0157a18cb57bd0eaf72db301d3ed7c08c8706dc66c7fa71d15ea2257
2a4a9a880af32b795c65bee7e218df037ab6ee08d9a40ac3ab33c05e396817c7
2ccfb7896390b35196fe433978d848c80499a1a1c6ef81e26fec7cb2b3d7ff67
2e225291e9364796dbbfc94217bfef21b6f89dd09a917abe42ec20c153b86540
2f2b38555367cd6218810fd9a016dcce9f16f81b4b009b4b1cb835a8ba991510
2fb7fc46d5d30ee59bb14873cacf68be89683c658cec73d18e46d09665797969
31e9de551bb7d6e8f497ea5d4c95160d53766e1c81981b98eab090623597b823
324607072786540f82ae107ea7e5d53fb8f8beb06f705e2a56429e46d2614ac1
32bb9a5e7557455b6afdaff1e65588c2911a555b5e5b89fc8f4520c6fb94b197
336b551266d7b3191bc3c0405219cdc7851a2154f062be0adb6d0409610efcf1
3fbbf24de9ee08ea0ab9fe1f2e63658c5378d8a2adead4e588d05babdb87ea06
4123f79094b710222a5d1fc768404dee27401457bcd50251d65d065056bbd502
4273df9fda1edea73177fc0f181a659e190e37e040f09640f67f7bfe822df3b9
430b34aa71e839c6cbb5c412082d97cea30baa5fd330107c0e3860ad3c4feb4f
46fc609b241327cc6882b56c14ef62981c808c274925b821876f76f9c069b486
48ec9a7dbf0a7da1d98165c66df0de8ece80fb4f798850977cbd632c6da4ac36
4be0cbbf8c3fd83133a1aafadacf144da2ffc9f476345cb1db0ab34f10ff92ac
501c9532f3bd88c62b80bd4e30a5cdb411b7007b524b73cf38deeeebfe1da672
52e184b75cb175f615c364174cff36239187e7c89e56c2e0d708383121ce701a
53777717e2026fecf07b17dfba76564a39584a5e776954e224fde4b379f76854
5fc7a804ee038feaef4506aae51f0107038c7fd5089debfac8cb0c77241aeceb
62b9b12578b5ed82f79a6e38d4dcc9cccd4cdf8e2e058b3e3680e8bd689b7412
6564b08df6f24291d659a2d3bbeebf229d2bb07982bbe5e77ad5856ed2627950
67ef4be9cb641909ccfd5d9da3b20c99408a03992451a818e51b568a528b139d
693f50b531bc230638e4d6c09da7e68c812028512b16b4e4ade09e7838c3199f
6cb6b5af7865021b6571c1497d50857f557f128427b95262fc735388f14490c3
6daee5d7f274a1238290bf8ca2cc21a35e10b3945cd053c868b5b28eb2237a18
6f51e270e6c0fedfc9ce30af9bd7ba621a122ebe6c0c950688d951acd7d797f7
71c9936b04f4cc355af5d4f80ab769dc10fbb6e91459c5715765947acc39c539
7299c4d6a5f1a440fc91f7f0b81439593aeeb865f04e6d4394e7f5e7acd20d27
73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068
7b18be4acc457a9a175a75afc3d52b5239d7876644e6138b26ec70cad5464ed6
7ce3a7cad7b5f8c136dc32190d4721aeab76c95a862abd5aa513f6ebe0224ed9
815817dcf3fe2eee6fc722740b0d175973b1d93d8f9abb62191337f8126a77e7
8684fa5fa2ff2242f58620d947834f19c11e11dffb5bd059cc9c7273c826c39e
98887092c2b946dfe5c505f7bdcbecb1ef83bcfb00265c11a7fa6bad75cb3a80
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
9aebc08920b8c64acdf98a43554d02b262c4fe9228c63853f7be46462d1fb612
9bdf97b0b9f407b3db28d1e7540070425a68d18e65c6a480abaf7665cc03849e
a3d85aa02290718b33f82c7a8a9c265b653b69408b5b2c06dd9b9743f0ed6c6d
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a4ccf0a39c98ae7ef16a80842f73576c3490852e04f0b7638282d0fb6eabc4f6
a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2
a65a90d45e96a839c51c415245fdd88b0bebcdf8b4dc7faafd4d914b82cde215
a8b3ec3862de97f2ab7dfe054ed90e97caec6c73bbe8017a5c058db2e32c6890
ae237240a73f78c715e232a50e01fafc22862fb748986a86cfa27934ace3f83e
b227e234e1f9c5378732ecbc5ae2d4fb19dedabe09eec6310de4249e1eeeec64
b5f3600f8087ae7b12a01c4b8b6c06ab9f47bfdb7876c058a5b69f511be99e36
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
ba793afd543812dc8e1c7a0f2ad13afec731f9dc117a768aeec2b6b22a86692c
bb2ffe5eb3781e7419088d35cf86331e236334f522d267521b24bd6dc8a80e94
bbb7fcc7644080f4ca3f12bec6fe97744cb4693985c56dd762242c8676e556be
be06ffb2cd06a02216ca9a5e16cecf8009507b74105774aedd0617ddaa8b8cbf
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
be48272a097be71338bfb6d4c738c00612023669ddcbde1088c0ebfdb29bb30e
c04f2146ffbdf796f3f4beb3f01f4aaa19efb02b2e2e054e6ebf2c43be9b7f09
c116ae272d03002c862372543c3a2ed303b26156655d25b9156cf2fcbf3831b5
c13ec42ed0b6b268f9ea674376f9b6903cccf96167f8e6608ad086f09e994970
c2359a9d4b5fbee2aae884b9b6707c6c0c1ba13f529dfa1257978617ef59f000
c41927ef3bc6e4751ea3d69cd2fa4948b0b0c586014bac9a4b278ad4b389cc52
caa466dc11c3b07acd8a7414b9ce98ab146cbb290bbd90e41bddb1d480cc6038
caea3a72fb17e6a84e4949ccd4fea13d51eb157c687fe64d6f1506efaf4f97b0
cee01678dfb431810e26f48c08458a50210d52bf69db8f29fec0c2dcc744f27d
d3c2d02ad946969c6fc9ed583bdb76b3bf0bd2328575a93c42ff87ece9498504
d75296e4a9859b6715adb16b84bcd68739332f0a1a4983c83f1738d81b5bdce4
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
dbd1a781286f56bae92600dbc728812ddb001172427cefa5642577b7c1428503
dcd88f62674c6abe7bf38d6935519dcfadf8ef9e591e2c8ea21321e73e37baf8
dceb98cad37ec33cb551cff401337fb518af41f3260ab83640de53ad001d66f4
dd17dbf5eb6ca884e9ff0431e0d8f6fd1570e89fdd08ec2d11b685c966093635
e226e86f2b25135a52f27f61e335a498351d0247f41c9dbca41a173ac67517fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e827d4b1815bd4320d4ec38076f1c11a6cc89b808803304dfce4f51e1a07c88c
eba8a83a50cc7158e5b7d183e4f73c826a0d277e2764c0bfa31c17fea0723cda
ec6bd1d6679086a92d948098e1ea484bdd521dfeb81cba0ba227d9e229c5fd08
eea30935b33cc22b07194eacdb68daa51ebf71b3e7d14734189d3a62aa55e3b7
effbe4ab1e0e27a0228ebaa43925a8d32cde0b8d543c1b106bad4f4a85ea98af
f53d7852c7046f840031ccc165f5a065aa08a3de6c201c0dd9e3da61eb3916e9
f5aae56b5a14cf37ed725a9c83db4bf527a543b74d625fbdc068c7b796a2fb72
f5fc1b0df1bd8e51ca0aba4464a7ddda79df1634d3054bc62c914476c8e93a3d
f66c0e589ea87e985aa78d36a627dc16581501a564ffe81c5d549d0b701f70c4
f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586
f82108e79230a5f5f7d9eede67c7b1991f40a47757419a6ffa47e974660e383b
f89e4d836b8f70bf439acb7ec61dc9a58d6b9432eaffbe1714c9dcfc04b99af0
f8c08be12e015648be6e4b0040898dd78a7b950926792cd750ee70a12930b89c
fcf9fdd5ab81da78cbca3ca589d8ff4c608a00f3d90665f2dc1aa8b9636998d9
fdc553ca841c83231cf80b9a6fdee996dde526dfd243bc8c8edb24de2df9e4d3
fe68b4878f0abc86e4ab1b241df5aa020892c9879023f923551934db76803ae4

www.sparechangeinc.com Open in urlscan Pro 2606:4700:3037::681c:d51 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

139 Requests

94 %HTTPS

45 %IPv6

58 Domains

66 Subdomains

55 IPs

13 Countries

7016 kBTransfer

7523 kBSize

0 Cookies

95 Outgoing links

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sparechangeinc.com Open in urlscan Pro
2606:4700:3037::681c:d51 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

94 %
HTTPS

45 %
IPv6

58
Domains

66
Subdomains

55
IPs

13
Countries

7016 kB
Transfer

7523 kB
Size

0
Cookies

139 HTTP transactions
0 data transactions