URL: https://aktia-2.xyz/Akti/
Submission: On October 27 via manual from NL — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 104.21.7.247, located in United States and belongs to CLOUDFLARENET, US. The main domain is aktia-2.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 27th 2021. Valid for: a year.
This is the only time aktia-2.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Aktia Bank (Financial)

Domain & IP information

IP Address AS Autonomous System
2 3 104.21.7.247 13335 (CLOUDFLAR...)
13 131.207.49.11 375 (TIETOTIE-...)
14 2
Apex Domain
Subdomains
Transfer
13 aktia.fi
auth.aktia.fi
100 KB
3 aktia-2.xyz
aktia-2.xyz
4 KB
14 2
Domain Requested by
13 auth.aktia.fi aktia-2.xyz
auth.aktia.fi
3 aktia-2.xyz 2 redirects
14 2

This site contains links to these domains. Also see Links.

Domain
www.aktia.fi
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-10-27 -
2022-10-26
a year crt.sh
auth.aktia.fi
DigiCert SHA2 Extended Validation Server CA
2020-12-22 -
2022-01-04
a year crt.sh

This page contains 1 frames:

Primary Page: https://aktia-2.xyz/Akti/
Frame ID: 9EC3ED7E2BBC77E9BDB0F4B51814E568
Requests: 14 HTTP requests in this frame

Screenshot

Page Title

Aktia - tunnistautuminen

Page URL History Show full URLs

  1. https://aktia-2.xyz/Akti HTTP 301
    http://aktia-2.xyz/Akti/ HTTP 301
    https://aktia-2.xyz/Akti/ Page URL

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

104 kB
Transfer

222 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aktia-2.xyz/Akti HTTP 301
    http://aktia-2.xyz/Akti/ HTTP 301
    https://aktia-2.xyz/Akti/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
aktia-2.xyz/Akti/
Redirect Chain
  • https://aktia-2.xyz/Akti
  • http://aktia-2.xyz/Akti/
  • https://aktia-2.xyz/Akti/
12 KB
3 KB
Document
General
Full URL
https://aktia-2.xyz/Akti/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.7.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
009934086aa59da1f66a46c8adb5ad7e434a421c7c43e4a71bfcd7b51e2863c4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 27 Oct 2021 11:25:21 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJlIyCbHkeTlY7Fl%2Bow1uHNAplxk8C3NVeJKhqWDl%2FNv1QKZUUw7ph1bMZ8xvr5Fb1Urgta6OuBoLC68fF0fh4w0ICfX59iidC40vEGeAcGw6FR1AH7tXTbL6Da42A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a4b9033a91b68c4-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Wed, 27 Oct 2021 11:25:21 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Wed, 27 Oct 2021 12:25:21 GMT
Location
https://aktia-2.xyz/Akti/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pLnqQTk8lnIRpfpNqZSPfGZyx%2F0wLflMoKizBmgKYvSXhAKbn31wpUvKjJakGFBwMONy5jrsMF8h9Bm005t9ghCvC9va%2Bc9zI1JAVaaP5DOA4cvtMR3fnOLbgropg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6a4b90337b4b4049-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.css
auth.aktia.fi/tunnistus/css/
58 KB
14 KB
Stylesheet
General
Full URL
https://auth.aktia.fi/tunnistus/css/style.css?v=1.58
Requested by
Host: aktia-2.xyz
URL: https://aktia-2.xyz/Akti/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
131.207.49.11 , Finland, ASN375 (TIETOTIE-AS P.O.Box 38. FI-00441 Helsinki Finland., FI),
Reverse DNS
auth.aktia.fi
Software
Aktia /
Resource Hash
b305df9c1e57e2d89e66185303ac49d2728fc588f98a44d98813a9730a4c129d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aktia-2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 11:25:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
14116
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Mon, 15 Feb 2021 11:21:02 GMT
Server
Aktia
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Cache-control
no-store
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
jquery.min.js
auth.aktia.fi/tunnistus/js/
95 KB
45 KB
Script
General
Full URL
https://auth.aktia.fi/tunnistus/js/jquery.min.js?v=1.12.0
Requested by
Host: aktia-2.xyz
URL: https://aktia-2.xyz/Akti/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
131.207.49.11 , Finland, ASN375 (TIETOTIE-AS P.O.Box 38. FI-00441 Helsinki Finland., FI),
Reverse DNS
auth.aktia.fi
Software
Aktia /
Resource Hash
c26cfce9caf7b965861956c1f173821f45f1e1f61aa4bd19ddd4b26723411c9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aktia-2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 11:25:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
45796
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Mon, 15 Feb 2021 11:21:02 GMT
Server
Aktia
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Cache-control
no-store
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
auth.js
auth.aktia.fi/tunnistus/js/
5 KB
3 KB
Script
General
Full URL
https://auth.aktia.fi/tunnistus/js/auth.js
Requested by
Host: aktia-2.xyz
URL: https://aktia-2.xyz/Akti/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
131.207.49.11 , Finland, ASN375 (TIETOTIE-AS P.O.Box 38. FI-00441 Helsinki Finland., FI),
Reverse DNS
auth.aktia.fi
Software
Aktia /
Resource Hash
0e31b94ec680113ca1ecd06f37f9fcda649ca3200653f40f3f0792dc2e4979b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aktia-2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 11:25:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
2111
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Mon, 02 Mar 2015 13:51:00 GMT
Server
Aktia
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Cache-control
no-store
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
jquery.blockUI.js
auth.aktia.fi/tunnistus/js/
19 KB
9 KB
Script
General
Full URL
https://auth.aktia.fi/tunnistus/js/jquery.blockUI.js?v=2.70.0
Requested by
Host: aktia-2.xyz
URL: https://aktia-2.xyz/Akti/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
131.207.49.11 , Finland, ASN375 (TIETOTIE-AS P.O.Box 38. FI-00441 Helsinki Finland., FI),
Reverse DNS
auth.aktia.fi
Software
Aktia /
Resource Hash
dc321504bc49ea656de64b8090ddb589394906a9a4551128774ef9d144be229a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aktia-2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 11:25:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
8716
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Mon, 15 Feb 2021 11:21:02 GMT
Server
Aktia
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Cache-control
no-store
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
modernizr-2.5.3-min.js
auth.aktia.fi/tunnistus/js/
11 KB
6 KB
Script
General
Full URL
https://auth.aktia.fi/tunnistus/js/modernizr-2.5.3-min.js
Requested by
Host: aktia-2.xyz
URL: https://aktia-2.xyz/Akti/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
131.207.49.11 , Finland, ASN375 (TIETOTIE-AS P.O.Box 38. FI-00441 Helsinki Finland., FI),
Reverse DNS
auth.aktia.fi
Software
Aktia /
Resource Hash
9f8eedcab7036245f8a71562623f26d3f84928ab703e5f7a7c29f86e15cb47ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aktia-2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 11:25:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
5428
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Mon, 15 Feb 2021 11:21:02 GMT
Server
Aktia
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Cache-control
no-store
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
loading.png
auth.aktia.fi/tunnistus/images/
4 KB
4 KB
Image
General
Full URL
https://auth.aktia.fi/tunnistus/images/loading.png
Requested by
Host: aktia-2.xyz
URL: https://aktia-2.xyz/Akti/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
131.207.49.11 , Finland, ASN375 (TIETOTIE-AS P.O.Box 38. FI-00441 Helsinki Finland., FI),
Reverse DNS
auth.aktia.fi
Software
Aktia /
Resource Hash
5f241e671e05ef160ce9c9d73ae80e5a6c8dc3de0a878bc3b7ae9a5203628607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aktia-2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Oct 2021 11:25:22 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 15 Feb 2021 11:21:02 GMT
Server
Aktia
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Cache-control
no-store
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4114
X-XSS-Protection
1; mode=block
1x1.png
auth.aktia.fi/tunnistus/images/
95 B
559 B
Image
General
Full URL
https://auth.aktia.fi/tunnistus/images/1x1.png
Requested by
Host: aktia-2.xyz
URL: https://aktia-2.xyz/Akti/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
131.207.49.11 , Finland, ASN375 (TIETOTIE-AS P.O.Box 38. FI-00441 Helsinki Finland., FI),
Reverse DNS
auth.aktia.fi
Software
Aktia /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aktia-2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Oct 2021 11:25:22 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 15 Feb 2021 11:21:02 GMT
Server
Aktia
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Cache-control
no-store
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
95
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=99
verkkopankki_logo_fi.png
auth.aktia.fi/tunnistus/images/
2 KB
3 KB
Image
General
Full URL
https://auth.aktia.fi/tunnistus/images/verkkopankki_logo_fi.png
Requested by
Host: auth.aktia.fi
URL: https://auth.aktia.fi/tunnistus/css/style.css?v=1.58
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
131.207.49.11 , Finland, ASN375 (TIETOTIE-AS P.O.Box 38. FI-00441 Helsinki Finland., FI),
Reverse DNS
auth.aktia.fi
Software
Aktia /
Resource Hash
ff05cc85a54aa616611e34315f079de33309b3b5b9c0ab571e5eeff36b9a1d08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.aktia.fi/tunnistus/css/style.css?v=1.58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Oct 2021 11:25:22 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 15 Feb 2021 11:21:02 GMT
Server
Aktia
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Cache-control
no-store
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2234
X-XSS-Protection
1; mode=block
portlet-title-middle.png
auth.aktia.fi/tunnistus/images/
245 B
710 B
Image
General
Full URL
https://auth.aktia.fi/tunnistus/images/portlet-title-middle.png
Requested by
Host: auth.aktia.fi
URL: https://auth.aktia.fi/tunnistus/css/style.css?v=1.58
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
131.207.49.11 , Finland, ASN375 (TIETOTIE-AS P.O.Box 38. FI-00441 Helsinki Finland., FI),
Reverse DNS
auth.aktia.fi
Software
Aktia /
Resource Hash
4023964dce0aaf692c30928571252ac9419dfe899ffaea60363696565c1cb548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.aktia.fi/tunnistus/css/style.css?v=1.58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Oct 2021 11:25:22 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 15 Feb 2021 11:21:02 GMT
Server
Aktia
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Cache-control
no-store
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
245
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=99
menu-item_bg.png
auth.aktia.fi/tunnistus/images/
2 KB
2 KB
Image
General
Full URL
https://auth.aktia.fi/tunnistus/images/menu-item_bg.png
Requested by
Host: auth.aktia.fi
URL: https://auth.aktia.fi/tunnistus/css/style.css?v=1.58
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
131.207.49.11 , Finland, ASN375 (TIETOTIE-AS P.O.Box 38. FI-00441 Helsinki Finland., FI),
Reverse DNS
auth.aktia.fi
Software
Aktia /
Resource Hash
a7bf07390624fd80f1cb05a0bcbc20535f518476bf89df74b218b5dd7b8a2a04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.aktia.fi/tunnistus/css/style.css?v=1.58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Oct 2021 11:25:22 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 15 Feb 2021 11:21:02 GMT
Server
Aktia
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Cache-control
no-store
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1764
X-XSS-Protection
1; mode=block
footer_bg.gif
auth.aktia.fi/tunnistus/images/
1 KB
2 KB
Image
General
Full URL
https://auth.aktia.fi/tunnistus/images/footer_bg.gif
Requested by
Host: auth.aktia.fi
URL: https://auth.aktia.fi/tunnistus/css/style.css?v=1.58
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
131.207.49.11 , Finland, ASN375 (TIETOTIE-AS P.O.Box 38. FI-00441 Helsinki Finland., FI),
Reverse DNS
auth.aktia.fi
Software
Aktia /
Resource Hash
55eff1c72dc5d18c0091c90aa0814514f7cc6c2a30e643d07afa971ac56f2b92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.aktia.fi/tunnistus/css/style.css?v=1.58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Oct 2021 11:25:22 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 15 Feb 2021 11:21:02 GMT
Server
Aktia
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif
Cache-control
no-store
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1440
X-XSS-Protection
1; mode=block
nuoli.gif
auth.aktia.fi/tunnistus/images/
51 B
515 B
Image
General
Full URL
https://auth.aktia.fi/tunnistus/images/nuoli.gif
Requested by
Host: auth.aktia.fi
URL: https://auth.aktia.fi/tunnistus/css/style.css?v=1.58
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
131.207.49.11 , Finland, ASN375 (TIETOTIE-AS P.O.Box 38. FI-00441 Helsinki Finland., FI),
Reverse DNS
auth.aktia.fi
Software
Aktia /
Resource Hash
d7b2f4d394d1dbdc0d1625daed5d0fb932d5429645ae1db8fd12eecf6d90e238
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.aktia.fi/tunnistus/css/style.css?v=1.58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Oct 2021 11:25:22 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 15 Feb 2021 11:21:02 GMT
Server
Aktia
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif
Cache-control
no-store
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
51
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=98
muut.png
auth.aktia.fi/tunnistus/images/
10 KB
11 KB
Image
General
Full URL
https://auth.aktia.fi/tunnistus/images/muut.png
Requested by
Host: auth.aktia.fi
URL: https://auth.aktia.fi/tunnistus/css/style.css?v=1.58
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
131.207.49.11 , Finland, ASN375 (TIETOTIE-AS P.O.Box 38. FI-00441 Helsinki Finland., FI),
Reverse DNS
auth.aktia.fi
Software
Aktia /
Resource Hash
6b9aa2b7a68762af47bc69ae630c3a5bb1fde31821994b3d48cfbef3e9d82652
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.aktia.fi/tunnistus/css/style.css?v=1.58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Oct 2021 11:25:22 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 15 Feb 2021 11:21:02 GMT
Server
Aktia
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Cache-control
no-store
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
10539
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Aktia Bank (Financial)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler undefined| $ function| jQuery function| occupyFullBrowser function| placeCursorOnFirstElm function| writeCSS function| markupButton function| aggSubmit function| getSelectedRadioValue function| getSelectedCheckBoxValues function| strTrim function| clearFormElms object| html5 object| Modernizr boolean| cookieEnabled function| jb boolean| submitting function| blockLogin

1 Cookies

Domain/Path Name / Value
aktia-2.xyz/ Name: PHPSESSID
Value: 2q8klhr9db6c3p6p5aj0r49c62