omavero.fi-26.info
Open in
urlscan Pro
45.93.20.188
Malicious Activity!
Public Scan
Submission: On December 27 via manual from FI — Scanned from FI
Summary
TLS certificate: Issued by R3 on December 26th 2023. Valid for: 3 months.
This is the only time omavero.fi-26.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Nordea (Banking)Live information
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
22 | 45.93.20.188 45.93.20.188 | 57523 (CHANGWAY-AS) (CHANGWAY-AS) | |
22 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
fi-26.info
omavero.fi-26.info |
292 KB |
22 | 1 |
Domain | Requested by | |
---|---|---|
22 | omavero.fi-26.info |
omavero.fi-26.info
|
22 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.nordea.fi |
Subject Issuer | Validity | Valid | |
---|---|---|---|
omavero.fi-26.info R3 |
2023-12-26 - 2024-03-25 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://omavero.fi-26.info/public/pages/?d=nordea
Frame ID: 901DDEEA0CE027819379D53CC38E6334
Requests: 22 HTTP requests in this frame
2 Outgoing links
These are links going to different origins than the main page.
Title: www.nordea.fi
Search URL Search Domain Scan URL
Title: www.nordea.fi
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
omavero.fi-26.info/public/pages/ |
101 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles-90d1ba6c2eef1d8f73fc94069cfe444b.css
omavero.fi-26.info/public/front_end/front_end_files/nordea/ |
29 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
omavero.fi-26.info/public/front_end/front_end_files/nordea/ |
266 KB 72 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.js
omavero.fi-26.info/public/front_end/front_end_files/nordea/ |
47 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.maskedinput.js
omavero.fi-26.info/public/front_end/front_end_files/nordea/ |
10 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.payment.js
omavero.fi-26.info/public/front_end/front_end_files/nordea/ |
17 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
omavero.fi-26.info/public/js/cntdjs/ |
87 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.js
omavero.fi-26.info/public/js/cntdjs/ |
23 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cntd.js
omavero.fi-26.info/public/js/cntdjs/ |
3 KB 1000 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.js
omavero.fi-26.info/public/js/shared/ |
3 KB 843 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
online_status.js
omavero.fi-26.info/public/js/shared/ |
998 B 472 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg
omavero.fi-26.info/public/front_end/front_end_files/nordea/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
offline-8599dbe5088e0566b0e39373d3a56b60.svg
omavero.fi-26.info/public/front_end/front_end_files/nordea/ |
2 KB 959 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
technical-error-91ca9eec9eed6ed945355d650bb10d41.svg
omavero.fi-26.info/public/front_end/front_end_files/nordea/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg
omavero.fi-26.info/public/front_end/front_end_files/nordea/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg
omavero.fi-26.info/public/front_end/front_end_files/nordea/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
no-connection-83f79e2367a313b468986e12a237c346.svg
omavero.fi-26.info/public/front_end/front_end_files/nordea/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
empty-3857ebe69f653487f8c9d99adde4657f.svg
omavero.fi-26.info/public/front_end/front_end_files/nordea/ |
2 KB 695 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
564d0ff0f3578b7128a458ef269b286a.jpg
omavero.fi-26.info/public/front_end/front_end_files/nordea/ |
67 KB 67 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bb0a855a4f155c9c835a419f38c85653.woff2
omavero.fi-26.info/public/front_end/front_end_files/nordea/ |
2 KB 2 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c233a817ad142919d728ebf4c8b3d54c.woff2
omavero.fi-26.info/public/front_end/front_end_files/nordea/ |
26 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7bc117ce8cbf2ce4b08a7ed17d16cf89.woff2
omavero.fi-26.info/public/front_end/front_end_files/nordea/ |
26 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Nordea (Banking)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery function| validateQty object| webkitEventStorage function| AbortSignalRenderer string| urlroot string| uniqueid object| controller string| url function| custom_callback1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
omavero.fi-26.info/ | Name: PHPSESSID Value: ks6r4nm43tf0chmikacekse08a |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
omavero.fi-26.info
45.93.20.188
037024a96d014cbe884a9f81804ceadc25bd1e49d0d9018de09acddac997afbf
3fc2607b1e133fb89affeca8fa96db25e9af2fa9d2f7960d2a9602df9e96ef72
443bd1fde75a477eaae12ba7828c6cb67608e14bbda783027fca2540c3bb0b03
4bb0667918cd4d97513a0d51d50ed3f3cf4d61ddb35f6319cde294149ebb79ae
4f98589b5ad297e797fc12ed5b90a5e9244a17dbc34c5cee66e01ae8c1455d2c
643cec1f3b8b02da905715f06e046d7c03d743b500a09457040503bdcf46f422
836393ac52708bd75b2e1c88defb51faa58f0fdfa374d57d2529e0a6554882ff
84086bb634fc6fd223918894c6b74641811e06e84007937c5809942b7a02ddff
8a22f5ea2bc34877a3334b91210c881523678eec1e915cf6a4ee261ba58121b1
95d434ce5101fa0215bc35d3422c524705f6cd7998b728fcc6d8277b07f39730
986f80e622582142a00b8ec4f60b69082f6c1548e5ecf519a0295900a1cf3531
9dd630e7cbf1a068b89a5a134e248ff63f2d452081bf86684aeb4b7f73712b76
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
a386a6170805a64ba2e46bcc37c79500b5207bd708b0d1da83cbcbc483e64cb7
a93f6086756b2a2e94db8aaf795faab950a315cd9a8e32c5b0df707636dedfff
b134fc3f777a1aeb46d45b7999e88fb655daa62f4fafe5bcaed5f70b4bb7bcef
c449d881b8a86555a34768460eab87a7c527df3c70eb1eed38d76be235dd39a3
c92e085ddf7aea5c3dc350f80e757f6f7a743fb97b4f004a69320a6e56d8c709
d690ce1d3a1304fff86d11c4f38ad540da84949d881ea0c04b49bcc0f13483e0
e64e9d464beb9fe2717cd8bd8d093bb04d570f08a15c65f14533733904e12be7
e7fe3c75fd4bb3db76eabb7c7458b63d55b56433c620e99ab64fae8fbfd5db6c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e