urlscan.io logo urlscan.io
SecurityTrails logo

nordea-fi.edeawq.shop Open in urlscan Pro
103.214.4.45  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://nordea-fi.edeawq.shop/start/
Submission: On September 16 via manual from FI — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 5 countries across 5 domains to perform 26 HTTP transactions. The main IP is 103.214.4.45, located in Lelystad, Netherlands and belongs to HOSTSLIM-GLOBAL-NETWORK, NL. The main domain is nordea-fi.edeawq.shop.
TLS certificate: Issued by R3 on September 16th 2021. Valid for: 3 months.
This is the only time nordea-fi.edeawq.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nordea (Banking)

Domain & IP information

IP Address AS Autonomous System
23 103.214.4.45 207083 (HOSTSLIM-...)
1 52.214.44.171 16509 (AMAZON-02)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2.16.186.154 20940 (AKAMAI-ASN1)
1 13.36.218.177 16509 (AMAZON-02)
26 4
23    103.214.4.45 (Lelystad, Netherlands)

ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL)
PTR: hostingserver11.hostslim.nl
nordea-fi.edeawq.shop
1    52.214.44.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-44-171.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    2606:4700::6812:15e4 (United States)

ASN13335 (CLOUDFLARENET, US)
www.nordea.com
1    2.16.186.154 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-154.deploy.static.akamaitechnologies.com
www.nordea.dk
1    13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
nordea.d3.sc.omtrdc.net
Apex Domain
Subdomains		 Transfer
23 edeawq.shop
nordea-fi.edeawq.shop
158 KB
1 omtrdc.net
nordea.d3.sc.omtrdc.net
320 B
1 nordea.dk
www.nordea.dk
229 B
1 nordea.com
www.nordea.com
280 B
1 demdex.net
dpm.demdex.net
1 KB
26 5
Domain Requested by
23 nordea-fi.edeawq.shop nordea-fi.edeawq.shop
1 nordea.d3.sc.omtrdc.net nordea-fi.edeawq.shop
1 www.nordea.dk nordea-fi.edeawq.shop
1 www.nordea.com 1 redirects
1 dpm.demdex.net nordea-fi.edeawq.shop
26 5

This site contains links to these domains. Also see Links.

Domain
www.nordea.fi
Subject Issuer Validity Valid
edeawq.shop
R3		 2021-09-16 -
2021-12-15		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
nordea.fi
Entrust Certification Authority - L1M		 2021-04-15 -
2022-04-15		 a year crt.sh
*.d3.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2020-02-28 -
2022-03-04		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://nordea-fi.edeawq.shop/start/
Frame ID: 32E064276C261167CBBEADF7F5C6AB36
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nordean verkkopankki

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

4
IPs

5
Countries

159 kB
Transfer

405 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://www.nordea.com/wemapp/api/getMessage?id=32&callback=pnCallback HTTP 301
  • https://www.nordea.dk/wemapp/api/getMessage?id=32&callback=pnCallback

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nordea-fi.edeawq.shop/start/ 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nordea-fi.edeawq.shop/start/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
3e0d68ab4a4111877ad938071b674b7e67d97c145c47db3efd01359e068fdbf3

Request headers

:method
GET
:authority
nordea-fi.edeawq.shop
:scheme
https
:path
/start/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 16 Sep 2021 12:57:39 GMT
content-type
text/html; charset=UTF-8
content-length
5541
vary
Accept-Encoding,User-Agent
content-encoding
gzip
nordeapn4134.css
nordea-fi.edeawq.shop/start/index_bestanden/ 		64 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nordea-fi.edeawq.shop/start/index_bestanden/nordeapn4134.css
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
4ea8c5d1cfe47987cbcef1d45925812c57bfe450f148fb5f97d6771ae8befeaa

Request headers

:path
/start/index_bestanden/nordeapn4134.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 09:36:49 GMT
server
nginx
etag
W/"613732b1-10081"
vary
Accept-Encoding
content-type
text/css
utag_002.js
nordea-fi.edeawq.shop/start/index_bestanden/ 		100 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordea-fi.edeawq.shop/start/index_bestanden/utag_002.js
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
3d427215207a4e388b4eada0c4db3f98d78502bc33d25b61bf57d5c90865ebcc

Request headers

:path
/start/index_bestanden/utag_002.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 09:36:48 GMT
server
nginx
etag
W/"613732b0-18fdf"
vary
Accept-Encoding
content-type
application/javascript
utag.js
nordea-fi.edeawq.shop/start/index_bestanden/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordea-fi.edeawq.shop/start/index_bestanden/utag.js
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
6a25a89d467bba422852e394c57c7195a6c5081a362bd0b8cc620255d1b16b10

Request headers

:path
/start/index_bestanden/utag.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 09:36:48 GMT
server
nginx
etag
W/"613732b0-d905"
vary
Accept-Encoding
content-type
application/javascript
logoprint.gif
nordea-fi.edeawq.shop/start/index_bestanden/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordea-fi.edeawq.shop/start/index_bestanden/logoprint.gif
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
a6b789736f8f93aebc3db1aa825fb281d11fd3901bfb37f58d3b0b1f29451031

Request headers

:path
/start/index_bestanden/logoprint.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
last-modified
Tue, 07 Sep 2021 09:36:49 GMT
server
nginx
accept-ranges
bytes
etag
"613732b1-6e8"
content-length
1768
content-type
image/gif
new_nordea_logo.gif
nordea-fi.edeawq.shop/start/index_bestanden/ 		987 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordea-fi.edeawq.shop/start/index_bestanden/new_nordea_logo.gif
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
416c43c7789970ffa77271a78cb9ea02eebf7191fdcc4d15d13501c9cdb30c0d

Request headers

:path
/start/index_bestanden/new_nordea_logo.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
last-modified
Tue, 07 Sep 2021 09:36:49 GMT
server
nginx
etag
"3db-5cb64814624fd"
content-type
image/gif
x-accel-version
0.01
accept-ranges
bytes
content-length
987
headline_netbank.gif
nordea-fi.edeawq.shop/start/index_bestanden/ 		827 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordea-fi.edeawq.shop/start/index_bestanden/headline_netbank.gif
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
f22d3649d56bf8c49dee3bbf8a167d3ac450016273d8fcccdb6772fc4f062c12

Request headers

:path
/start/index_bestanden/headline_netbank.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
last-modified
Tue, 07 Sep 2021 09:36:50 GMT
server
nginx
etag
"33b-5cb6481534083"
content-type
image/gif
x-accel-version
0.01
accept-ranges
bytes
content-length
827
jquery-1.js
nordea-fi.edeawq.shop/start/index_bestanden/ 		95 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordea-fi.edeawq.shop/start/index_bestanden/jquery-1.js
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

:path
/start/index_bestanden/jquery-1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 09:36:50 GMT
server
nginx
etag
W/"613732b2-17b8b"
vary
Accept-Encoding
content-type
application/javascript
IncorrectInput.gif
nordea-fi.edeawq.shop/start/index_bestanden/ 		567 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordea-fi.edeawq.shop/start/index_bestanden/IncorrectInput.gif
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
8495a990ef85e5f77da719faa5cc5228085e94905a7761052c5ccbe60ca40023

Request headers

:path
/start/index_bestanden/IncorrectInput.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
last-modified
Tue, 07 Sep 2021 09:36:51 GMT
server
nginx
etag
"237-5cb648160b1f9"
content-type
image/gif
x-accel-version
0.01
accept-ranges
bytes
content-length
567
cookies.js
nordea-fi.edeawq.shop/start/index_bestanden/ 		699 B
586 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nordea-fi.edeawq.shop/start/index_bestanden/cookies.js
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
d4ecb442a60b55e9130aa6d128464cbaea336c0c3e41508dbee94b411d3aca45

Request headers

:path
/start/index_bestanden/cookies.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 09:36:50 GMT
server
nginx
etag
"2bb-5cb64815bcff4-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
x-accel-version
0.01
accept-ranges
bytes
content-length
370
textFieldMasker.js
nordea-fi.edeawq.shop/start/index_bestanden/ 		3 KB
769 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nordea-fi.edeawq.shop/start/index_bestanden/textFieldMasker.js
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
02f7ee02c95dfc0c2eebc820171500af1c75def544dbf2e6fa0ca8392be1ef9f

Request headers

:path
/start/index_bestanden/textFieldMasker.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 09:36:48 GMT
server
nginx
etag
W/"613732b0-cec"
vary
Accept-Encoding
content-type
application/javascript
formatter.js
nordea-fi.edeawq.shop/start/index_bestanden/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordea-fi.edeawq.shop/start/index_bestanden/formatter.js
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
44a6a07537f4df8cb30cc34c13db457d696635c5c94549ac8099c2eb6b985cfc

Request headers

:path
/start/index_bestanden/formatter.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 09:36:50 GMT
server
nginx
etag
W/"613732b2-1f07"
vary
Accept-Encoding
content-type
application/javascript
pi4_Nordea_Codes_100x100.png
nordea-fi.edeawq.shop/start/index_bestanden/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordea-fi.edeawq.shop/start/index_bestanden/pi4_Nordea_Codes_100x100.png
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
e662d0811eebc71fc86fc44edeb36e3ca4d2df21147bf15fbcd8ac1577d79168

Request headers

:path
/start/index_bestanden/pi4_Nordea_Codes_100x100.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
last-modified
Tue, 07 Sep 2021 09:36:49 GMT
server
nginx
accept-ranges
bytes
etag
"613732b1-44f4"
content-length
17652
content-type
image/png
bt.gif
nordea-fi.edeawq.shop/start/index_bestanden/ 		48 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordea-fi.edeawq.shop/start/index_bestanden/bt.gif
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
197c66732c12372f083910f0d557ef57d0318c1360c8f268c13dad2328e468f1

Request headers

:path
/start/index_bestanden/bt.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
last-modified
Tue, 07 Sep 2021 09:36:51 GMT
server
nginx
etag
"30-5cb64815d5695"
content-type
image/gif
x-accel-version
0.01
accept-ranges
bytes
content-length
48
tealium_FI.js
nordea-fi.edeawq.shop/start/index_bestanden/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordea-fi.edeawq.shop/start/index_bestanden/tealium_FI.js
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
d5637fb2894b295d4b730f5ff222afbc6d95573999a5a565037d7ed250653834

Request headers

:path
/start/index_bestanden/tealium_FI.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 09:36:48 GMT
server
nginx
etag
W/"613732b0-6b44"
vary
Accept-Encoding
content-type
application/javascript
createPageTitleAndContentGroup_WT.js
nordea-fi.edeawq.shop/start/index_bestanden/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordea-fi.edeawq.shop/start/index_bestanden/createPageTitleAndContentGroup_WT.js
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
b11383779ed89ed298e8931f9654782d8a62c7280f353c5f22fcae98262ee0d8

Request headers

:path
/start/index_bestanden/createPageTitleAndContentGroup_WT.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 09:36:50 GMT
server
nginx
etag
W/"613732b2-16ed"
vary
Accept-Encoding
content-type
application/javascript
print380.css
nordea-fi.edeawq.shop/start/index_bestanden/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nordea-fi.edeawq.shop/start/index_bestanden/print380.css
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
bb8a49f27d2355d8dba06620ab3fbf35944d8399d5c6159e0acc6c30e3c76661

Request headers

:path
/start/index_bestanden/print380.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 09:36:49 GMT
server
nginx
etag
W/"613732b1-1a25"
vary
Accept-Encoding
content-type
text/css
tab_left_on.gif
nordea-fi.edeawq.shop/start/general/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordea-fi.edeawq.shop/start/general/images/tab_left_on.gif
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/index_bestanden/nordeapn4134.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

:path
/start/general/images/tab_left_on.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/index_bestanden/nordeapn4134.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/index_bestanden/nordeapn4134.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
tab_right_on.gif
nordea-fi.edeawq.shop/start/general/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordea-fi.edeawq.shop/start/general/images/tab_right_on.gif
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/index_bestanden/nordeapn4134.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

:path
/start/general/images/tab_right_on.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/index_bestanden/nordeapn4134.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/index_bestanden/nordeapn4134.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
tab_left.gif
nordea-fi.edeawq.shop/start/general/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordea-fi.edeawq.shop/start/general/images/tab_left.gif
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/index_bestanden/nordeapn4134.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

:path
/start/general/images/tab_left.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/index_bestanden/nordeapn4134.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/index_bestanden/nordeapn4134.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
tab_right.gif
nordea-fi.edeawq.shop/start/general/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordea-fi.edeawq.shop/start/general/images/tab_right.gif
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/index_bestanden/nordeapn4134.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

:path
/start/general/images/tab_right.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/index_bestanden/nordeapn4134.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/index_bestanden/nordeapn4134.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
id
dpm.demdex.net/ 		215 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=9D193D565A0AFF460A495E66%40AdobeOrg&d_nsid=0&ts=1631797059796
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/index_bestanden/utag_002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.44.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-44-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ceab58b8d153aaf591b5a164320ff2b46b963b9554ac76f21a195d89190d391b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://nordea-fi.edeawq.shop/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v016-0a32585df.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
Nv2uirnsRrw=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://nordea-fi.edeawq.shop
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
209
Expires
Thu, 01 Jan 1970 00:00:00 UTC
tabC_background.gif
nordea-fi.edeawq.shop/start/general/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordea-fi.edeawq.shop/start/general/images/tabC_background.gif
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/index_bestanden/nordeapn4134.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

:path
/start/general/images/tabC_background.gif
pragma
no-cache
cookie
utag_main=v_id:017beeaf20c40014dec0e04e88bf03073002406b00b08$_sn:1$_ss:1$_st:1631798859781$ses_id:1631797059781%3Bexp-session$_pn:1%3Bexp-session$_screen_uri_referring:undefined%3Bexp-session$lv:1$sv:1%3Bexp-session$le:1$se:1%3Bexp-session$pn:false$vapi_domain:edeawq.shop; AMCV_9D193D565A0AFF460A495E66%40AdobeOrg=281789898%7CMCIDTS%7C18887%7CvVersion%7C4.1.0
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/index_bestanden/nordeapn4134.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/index_bestanden/nordeapn4134.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
bar1_bg.gif
nordea-fi.edeawq.shop/start/general/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordea-fi.edeawq.shop/start/general/images/bar1_bg.gif
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/index_bestanden/nordeapn4134.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.4.45 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS
hostingserver11.hostslim.nl
Software
nginx /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

:path
/start/general/images/bar1_bg.gif
pragma
no-cache
cookie
utag_main=v_id:017beeaf20c40014dec0e04e88bf03073002406b00b08$_sn:1$_ss:1$_st:1631798859781$ses_id:1631797059781%3Bexp-session$_pn:1%3Bexp-session$_screen_uri_referring:undefined%3Bexp-session$lv:1$sv:1%3Bexp-session$le:1$se:1%3Bexp-session$pn:false$vapi_domain:edeawq.shop; AMCV_9D193D565A0AFF460A495E66%40AdobeOrg=281789898%7CMCIDTS%7C18887%7CvVersion%7C4.1.0
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nordea-fi.edeawq.shop
referer
https://nordea-fi.edeawq.shop/start/index_bestanden/nordeapn4134.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/start/index_bestanden/nordeapn4134.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:57:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
getMessage
www.nordea.dk/wemapp/api/
Redirect Chain
  • https://www.nordea.com/wemapp/api/getMessage?id=32&callback=pnCallback
  • https://www.nordea.dk/wemapp/api/getMessage?id=32&callback=pnCallback
24 B
229 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nordea.dk/wemapp/api/getMessage?id=32&callback=pnCallback
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-154.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ff471a375f9b839b8e519e13f0eb6fb6e5b36d4bf32674dab2a5f6a55ff5722b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=157680000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nordea-fi.edeawq.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000, max-age=157680000
date
Thu, 16 Sep 2021 12:57:40 GMT
p3p
CP="This is not a P3P policy!!!"
access-control-allow-origin
*
cache-control
public, max-age=60
content-type
application/javascript;charset=UTF-8
content-length
24

Redirect headers

date
Thu, 16 Sep 2021 12:57:40 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
x-varnish
28421038
location
https://www.nordea.dk/wemapp/api/getMessage?id=32&callback=pnCallback
cf-ray
68fa430939706983-FRA
content-length
0
id
nordea.d3.sc.omtrdc.net/ 		2 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nordea.d3.sc.omtrdc.net/id?d_visid_ver=4.1.0&d_fieldgroup=A&mcorgid=9D193D565A0AFF460A495E66%40AdobeOrg&mid=16933421092109842431068297631947672812&ts=1631797059975
Requested by
Host: nordea-fi.edeawq.shop
URL: https://nordea-fi.edeawq.shop/start/index_bestanden/utag_002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordea-fi.edeawq.shop/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 16 Sep 2021 12:57:40 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-cdcd75487-rhmtp
vary
Origin
x-c
main-1507.I8824ac.M0-513
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://nordea-fi.edeawq.shop
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nordea (Banking)

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| framePrint function| showContentAreaPrintLinkTop function| showContentAreaPrintLinkBottom function| sfHover boolean| utag_condload object| utag function| e object| adobe function| Visitor object| s_c_il number| s_c_in object| s function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_ActivityMap number| s_objectID number| s_giq function| $ function| jQuery function| GetMessageByChannelID function| GetSystemStatusUrl function| GetQueryStringParams function| success function| error function| parseSystemStatusToolResponse function| createCookie function| readCookie function| deleteCookie number| responseLength_prev function| setPrev function| red_input function| red_inputE function| Formatter function| setFocus object| todosElem function| WebTrends function| dcsMultiTrack function| dcsDebug function| getURI function| create_breadcrumbs function| get_previoussibling function| get_lastanchor function| removeSpecialChar string| currDate string| currTime string| invoiceNumber string| pageId object| utag_data string| tealium_url object| _tag function| call_webtrends function| addLoadEvent function| create_Tealium_tags function| justdoit function| create_WT_tags

4 Cookies

Domain/Path Name / Value
.edeawq.shop/ Name: utag_main
Value: v_id:017beeaf20c40014dec0e04e88bf03073002406b00b08$_sn:1$_ss:1$_st:1631798859781$ses_id:1631797059781%3Bexp-session$_pn:1%3Bexp-session$_screen_uri_referring:undefined%3Bexp-session$lv:1$sv:1%3Bexp-session$le:1$se:1%3Bexp-session$pn:false$vapi_domain:edeawq.shop
.demdex.net/ Name: demdex
Value: 17050731046018935421010227229684447609
.edeawq.shop/ Name: AMCVS_9D193D565A0AFF460A495E66%40AdobeOrg
Value: 1
.edeawq.shop/ Name: AMCV_9D193D565A0AFF460A495E66%40AdobeOrg
Value: 281789898%7CMCIDTS%7C18887%7CMCMID%7C16933421092109842431068297631947672812%7CMCAAMLH-1632401859%7C6%7CMCAAMB-1632401859%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1631804260s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.1.0

6 Console Messages

Source Level URL
Text
network error URL: https://nordea-fi.edeawq.shop/start/general/images/tab_left_on.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://nordea-fi.edeawq.shop/start/general/images/tab_right_on.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://nordea-fi.edeawq.shop/start/general/images/tab_left.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://nordea-fi.edeawq.shop/start/general/images/tab_right.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://nordea-fi.edeawq.shop/start/general/images/tabC_background.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://nordea-fi.edeawq.shop/start/general/images/bar1_bg.gif
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dpm.demdex.net
nordea-fi.edeawq.shop
nordea.d3.sc.omtrdc.net
www.nordea.com
www.nordea.dk
103.214.4.45
13.36.218.177
2.16.186.154
2606:4700::6812:15e4
52.214.44.171
02f7ee02c95dfc0c2eebc820171500af1c75def544dbf2e6fa0ca8392be1ef9f
197c66732c12372f083910f0d557ef57d0318c1360c8f268c13dad2328e468f1
3d427215207a4e388b4eada0c4db3f98d78502bc33d25b61bf57d5c90865ebcc
3e0d68ab4a4111877ad938071b674b7e67d97c145c47db3efd01359e068fdbf3
416c43c7789970ffa77271a78cb9ea02eebf7191fdcc4d15d13501c9cdb30c0d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a6a07537f4df8cb30cc34c13db457d696635c5c94549ac8099c2eb6b985cfc
4ea8c5d1cfe47987cbcef1d45925812c57bfe450f148fb5f97d6771ae8befeaa
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a25a89d467bba422852e394c57c7195a6c5081a362bd0b8cc620255d1b16b10
8495a990ef85e5f77da719faa5cc5228085e94905a7761052c5ccbe60ca40023
a6b789736f8f93aebc3db1aa825fb281d11fd3901bfb37f58d3b0b1f29451031
b11383779ed89ed298e8931f9654782d8a62c7280f353c5f22fcae98262ee0d8
bb8a49f27d2355d8dba06620ab3fbf35944d8399d5c6159e0acc6c30e3c76661
ceab58b8d153aaf591b5a164320ff2b46b963b9554ac76f21a195d89190d391b
d4ecb442a60b55e9130aa6d128464cbaea336c0c3e41508dbee94b411d3aca45
d5637fb2894b295d4b730f5ff222afbc6d95573999a5a565037d7ed250653834
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e662d0811eebc71fc86fc44edeb36e3ca4d2df21147bf15fbcd8ac1577d79168
f22d3649d56bf8c49dee3bbf8a167d3ac450016273d8fcccdb6772fc4f062c12
ff471a375f9b839b8e519e13f0eb6fb6e5b36d4bf32674dab2a5f6a55ff5722b