urlscan.io logo urlscan.io
SecurityTrails logo

demo-netbank-hybrid.nordea.se Open in urlscan Pro
158.233.249.231  Public Scan

Go To Rescan Add Verdict Report
URL: https://demo-netbank-hybrid.nordea.se/
Submission: On December 06 via automatic, source certstream-suspicious — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 17 HTTP transactions. The main IP is 158.233.249.231, located in Finland and belongs to NORDEA-AS, FI. The main domain is demo-netbank-hybrid.nordea.se.
TLS certificate: Issued by Entrust Certification Authority - L1K on December 6th 2023. Valid for: a year.
This is the only time demo-netbank-hybrid.nordea.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 158.233.249.231 201271 (NORDEA-AS)
3 18.66.147.21 16509 (AMAZON-02)
17 2
Apex Domain
Subdomains		 Transfer
14 nordea.se
demo-netbank-hybrid.nordea.se
2 MB
3 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1001
78 KB
17 2
Domain Requested by
14 demo-netbank-hybrid.nordea.se demo-netbank-hybrid.nordea.se
3 tags.tiqcdn.com demo-netbank-hybrid.nordea.se
tags.tiqcdn.com
17 2

This site contains no links.

Subject Issuer Validity Valid
demo-netbank-hybrid.nordea.dk
Entrust Certification Authority - L1K		 2023-12-06 -
2024-12-05		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://demo-netbank-hybrid.nordea.se/
Frame ID: 47D99246435B835DE4DD1842FAF6C76A
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nordea

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

2516 kB
Transfer

10555 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
demo-netbank-hybrid.nordea.se/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://demo-netbank-hybrid.nordea.se/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.233.249.231 , Finland, ASN201271 (NORDEA-AS, FI),
Reverse DNS
Software
- /
Resource Hash
df1c2f2de89f62cae4b7535bf6430af651323b4e109a3a8949b0042b9f3ff1eb
Security Headers
Name Value
Strict-Transport-Security max-age=157680000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache
Content-Encoding
gzip
Content-Language
se-SE
Content-Length
1269
Content-Security-Policy-Report-Only
default-src 'none'; block-all-mixed-content ; script-src 'self' 'nonce-DCeeV9AwbJMdq007V9lDvw==' 'unsafe-eval' identify.nordea.com *.danid.dk tags.tiqcdn.com policy.cookiereports.com signal-collector.gemaltodigitalbankingidcloud.com; img-src 'self' data: analytics.nordea.dk analytics.nordea.fi analytics.nordea.se analytics.nordea.no meet.nordea.com meet.nordea.fi meet.nordea.se meet.nordea.dk meet.nordea.no *.omtrdc.net *.demdex.net www.nordea.se www.nordea.dk www.nordea.fi www.nordea.no; style-src 'self' 'unsafe-inline' *.danid.dk; frame-src 'self' data: identify.nordea.com *.danid.dk e-boks.nordea.dk e-boks.nordea.fi e-boks.nordea.se e-boks.nordea.no *.demdex.net; font-src 'self'; connect-src 'self' https://foundation.nordea.com/nccp/firstcard/ https://open.nordea.com/nccp/firstcard/ blob: https://*.danid.dk meet.nordea.com meet.nordea.fi meet.nordea.se meet.nordea.dk meet.nordea.no *.demdex.net analytics.nordea.dk analytics.nordea.fi analytics.nordea.se analytics.nordea.no *.omtrdc.net signal-collector.gemaltodigitalbankingidcloud.com investor.nordea.dk investor.nordea.fi investor.nordea.no investor.nordea.se https://manual.ebridge.prod.nordea.com; manifest-src 'self'
Content-Type
text/html
Date
Wed, 06 Dec 2023 16:17:00 GMT
ETag
"07981b6eda0716a62e356a11758687301--gzip"
Expires
Last-Modified
Tue, 07 Nov 2023 05:26:25 GMT
Pragma
Referrer-policy
strict-origin-when-cross-origin
Server
-
Strict-Transport-Security
max-age=157680000; includeSubDomains
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-UA-Compatible
IE=edge,chrome=1
X-XSS-Protection
1; mode=block
not-supported-redirect.js
demo-netbank-hybrid.nordea.se/login/not-supported-page/ 		107 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://demo-netbank-hybrid.nordea.se/login/not-supported-page/not-supported-redirect.js
Requested by
Host: demo-netbank-hybrid.nordea.se
URL: https://demo-netbank-hybrid.nordea.se/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.233.249.231 , Finland, ASN201271 (NORDEA-AS, FI),
Reverse DNS
Software
- /
Resource Hash
c6a7ae2798a2dbf9f823f61cf18daf90ba71b97b59e46b1044722fd33cf4a3ad
Security Headers
Name Value
Strict-Transport-Security max-age=157680000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://demo-netbank-hybrid.nordea.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 16:17:00 GMT
Strict-Transport-Security
max-age=157680000; includeSubDomains
Last-Modified
Tue, 07 Nov 2023 05:24:47 GMT
Server
-
ETag
"0eaccbe70cb3b4bc04c6eaf3571ae20c3"
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
Content-Type
application/javascript
Cache-Control
max-age=31536000, must-revalidate
Accept-Ranges
bytes
Content-Length
107
vendor-efd49516.css
demo-netbank-hybrid.nordea.se/ 		232 B
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://demo-netbank-hybrid.nordea.se/vendor-efd49516.css
Requested by
Host: demo-netbank-hybrid.nordea.se
URL: https://demo-netbank-hybrid.nordea.se/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.233.249.231 , Finland, ASN201271 (NORDEA-AS, FI),
Reverse DNS
Software
- /
Resource Hash
9e73adc1b7f1cbe917f64a062c8b7a188d7d4a2178215007fb48fe55d0957452
Security Headers
Name Value
Strict-Transport-Security max-age=157680000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://demo-netbank-hybrid.nordea.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 16:17:00 GMT
Strict-Transport-Security
max-age=157680000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Tue, 07 Nov 2023 05:26:25 GMT
Server
-
ETag
"04ec8a500e207c84daa404c4421d8aef8"
ntCoent-Length
232
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
Content-Type
text/css
Cache-Control
max-age=31536000, must-revalidate
Accept-Ranges
bytes
Content-Length
170
common-184d385c.css
demo-netbank-hybrid.nordea.se/ 		407 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://demo-netbank-hybrid.nordea.se/common-184d385c.css
Requested by
Host: demo-netbank-hybrid.nordea.se
URL: https://demo-netbank-hybrid.nordea.se/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.233.249.231 , Finland, ASN201271 (NORDEA-AS, FI),
Reverse DNS
Software
- /
Resource Hash
de64f97b7b8ac0fb2966889c37c436af9202867399b48b07226c0e2b17dff851
Security Headers
Name Value
Strict-Transport-Security max-age=157680000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://demo-netbank-hybrid.nordea.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 16:17:00 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=157680000; includeSubDomains
Last-Modified
Tue, 07 Nov 2023 05:26:25 GMT
Server
-
ETag
"05eb422781009f1d3bb29e192a9016249--gzip"
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=31536000, must-revalidate
Accept-Ranges
bytes
modules-33267a08.css
demo-netbank-hybrid.nordea.se/ 		471 KB
72 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://demo-netbank-hybrid.nordea.se/modules-33267a08.css
Requested by
Host: demo-netbank-hybrid.nordea.se
URL: https://demo-netbank-hybrid.nordea.se/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.233.249.231 , Finland, ASN201271 (NORDEA-AS, FI),
Reverse DNS
Software
- /
Resource Hash
4b3e16fb4285408fed8a0f71b79d79b2f59f7ff2771adcdb5a190af9ee0d0f18
Security Headers
Name Value
Strict-Transport-Security max-age=157680000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://demo-netbank-hybrid.nordea.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 16:17:00 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=157680000; includeSubDomains
Last-Modified
Tue, 07 Nov 2023 05:24:47 GMT
Server
-
ETag
"065ae477dbc0189e975b35e2b8bf4515e--gzip"
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=31536000, must-revalidate
Accept-Ranges
bytes
env.js
demo-netbank-hybrid.nordea.se/ 		306 B
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://demo-netbank-hybrid.nordea.se/env.js
Requested by
Host: demo-netbank-hybrid.nordea.se
URL: https://demo-netbank-hybrid.nordea.se/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.233.249.231 , Finland, ASN201271 (NORDEA-AS, FI),
Reverse DNS
Software
- /
Resource Hash
bc949969aaefa91ef89d71098469c71b419ae9f502dd9247ee4812c9b26252cb
Security Headers
Name Value
Strict-Transport-Security max-age=157680000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://demo-netbank-hybrid.nordea.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 16:17:00 GMT
Strict-Transport-Security
max-age=157680000; includeSubDomains
Server
-
ETag
"05586e835b0f475fc48a5868278d49fce"
Content-Length
306
Vary
Accept-Encoding, User-Agent
Content-Type
application/javascript;charset=ISO-8859-1
vendor-8a20151b.js
demo-netbank-hybrid.nordea.se/ 		2 MB
591 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo-netbank-hybrid.nordea.se/vendor-8a20151b.js
Requested by
Host: demo-netbank-hybrid.nordea.se
URL: https://demo-netbank-hybrid.nordea.se/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.233.249.231 , Finland, ASN201271 (NORDEA-AS, FI),
Reverse DNS
Software
- /
Resource Hash
e470e476cb2a8e0faa802190ea7638e3e8476bde34befe8d4967fb597fe6760e
Security Headers
Name Value
Strict-Transport-Security max-age=157680000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://demo-netbank-hybrid.nordea.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 16:17:00 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=157680000; includeSubDomains
Last-Modified
Tue, 07 Nov 2023 05:26:25 GMT
Server
-
ETag
"02b09e89ee4ea9b43257fe711c700699d--gzip"
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=31536000, must-revalidate
Accept-Ranges
bytes
common-e7a5ec14.js
demo-netbank-hybrid.nordea.se/ 		1 MB
366 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo-netbank-hybrid.nordea.se/common-e7a5ec14.js
Requested by
Host: demo-netbank-hybrid.nordea.se
URL: https://demo-netbank-hybrid.nordea.se/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.233.249.231 , Finland, ASN201271 (NORDEA-AS, FI),
Reverse DNS
Software
- /
Resource Hash
30300c7d1adc24d7784ff1f114ed41e0f28f8f1303085f33c922dfa9a51de722
Security Headers
Name Value
Strict-Transport-Security max-age=157680000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://demo-netbank-hybrid.nordea.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 16:17:00 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=157680000; includeSubDomains
Last-Modified
Tue, 07 Nov 2023 05:24:47 GMT
Server
-
ETag
"038988776bba91c24dd17d95ef4c1fba9--gzip"
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=31536000, must-revalidate
Accept-Ranges
bytes
se-labels-59e6d16e.js
demo-netbank-hybrid.nordea.se/ 		803 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo-netbank-hybrid.nordea.se/se-labels-59e6d16e.js
Requested by
Host: demo-netbank-hybrid.nordea.se
URL: https://demo-netbank-hybrid.nordea.se/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.233.249.231 , Finland, ASN201271 (NORDEA-AS, FI),
Reverse DNS
Software
- /
Resource Hash
8f6f9eed1d93889aa61611cc104d64241445a745e392a7a568b1dd89fd68a0bb
Security Headers
Name Value
Strict-Transport-Security max-age=157680000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://demo-netbank-hybrid.nordea.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 16:17:00 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=157680000; includeSubDomains
Last-Modified
Tue, 07 Nov 2023 05:26:25 GMT
Server
-
ETag
"0a6da4c1613fdd89d897894f1722598db--gzip"
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=31536000, must-revalidate
Accept-Ranges
bytes
modulesndw-680b7710.js
demo-netbank-hybrid.nordea.se/ 		4 MB
821 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo-netbank-hybrid.nordea.se/modulesndw-680b7710.js
Requested by
Host: demo-netbank-hybrid.nordea.se
URL: https://demo-netbank-hybrid.nordea.se/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.233.249.231 , Finland, ASN201271 (NORDEA-AS, FI),
Reverse DNS
Software
- /
Resource Hash
38bbae412c762f54aac06c8fff239d24aca64aee3882d9429bfbd3569469f3d6
Security Headers
Name Value
Strict-Transport-Security max-age=157680000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://demo-netbank-hybrid.nordea.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 16:17:00 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=157680000; includeSubDomains
Last-Modified
Tue, 07 Nov 2023 05:24:47 GMT
Server
-
ETag
"06c57dd45b57ad645aa853ae8f3ce7e7d--gzip"
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=31536000, must-revalidate
Accept-Ranges
bytes
prod-0f1e89b4.js
demo-netbank-hybrid.nordea.se/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo-netbank-hybrid.nordea.se/prod-0f1e89b4.js
Requested by
Host: demo-netbank-hybrid.nordea.se
URL: https://demo-netbank-hybrid.nordea.se/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.233.249.231 , Finland, ASN201271 (NORDEA-AS, FI),
Reverse DNS
Software
- /
Resource Hash
5015211cb667c57a2a7af9c8b99c471105910497a148655faee315768becc98d
Security Headers
Name Value
Strict-Transport-Security max-age=157680000; includeSubDomains

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://demo-netbank-hybrid.nordea.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 16:17:00 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=157680000; includeSubDomains
Last-Modified
Tue, 07 Nov 2023 05:26:25 GMT
Server
-
ETag
"07a598158788dabd010b5a347eb3b175c--gzip"
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
Content-Type
application/javascript
Cache-Control
max-age=31536000, must-revalidate
Accept-Ranges
bytes
Content-Length
3776
ndw-netbank-menu.esm.js
demo-netbank-hybrid.nordea.se/navigation-v2/ndw-netbank-menu/ 		1 MB
275 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo-netbank-hybrid.nordea.se/navigation-v2/ndw-netbank-menu/ndw-netbank-menu.esm.js
Requested by
Host: demo-netbank-hybrid.nordea.se
URL: https://demo-netbank-hybrid.nordea.se/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.233.249.231 , Finland, ASN201271 (NORDEA-AS, FI),
Reverse DNS
Software
- /
Resource Hash
502ce83eee977c7cf40a6e6547e2a41b42effb9c89421da5ae1bef5b2ff28101
Security Headers
Name Value
Strict-Transport-Security max-age=157680000; includeSubDomains

Request headers

Referer
https://demo-netbank-hybrid.nordea.se/
Origin
https://demo-netbank-hybrid.nordea.se
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 16:17:01 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=157680000; includeSubDomains
Last-Modified
Tue, 07 Nov 2023 05:24:47 GMT
Server
-
ETag
"0dcbf17d6f1aa5e108a63f45c18839297--gzip"
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=600, must-revalidate
Accept-Ranges
bytes
NordeaSansSmallWeb-Regular.woff
demo-netbank-hybrid.nordea.se/fonts/nordea_sans_small_web/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://demo-netbank-hybrid.nordea.se/fonts/nordea_sans_small_web/NordeaSansSmallWeb-Regular.woff
Requested by
Host: demo-netbank-hybrid.nordea.se
URL: https://demo-netbank-hybrid.nordea.se/common-184d385c.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.233.249.231 , Finland, ASN201271 (NORDEA-AS, FI),
Reverse DNS
Software
- /
Resource Hash
21a2a17b532837aeafeb95de9f252bfec714028517f79fb4143845ca4d23353c
Security Headers
Name Value
Strict-Transport-Security max-age=157680000; includeSubDomains

Request headers

Referer
https://demo-netbank-hybrid.nordea.se/common-184d385c.css
Origin
https://demo-netbank-hybrid.nordea.se
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 16:17:01 GMT
Strict-Transport-Security
max-age=157680000; includeSubDomains
Last-Modified
Tue, 07 Nov 2023 05:26:25 GMT
Server
-
ETag
"03a4d9a8b6adf39716f28af71fc9b030a"
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/font-woff
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
31152
NordeaSansSmallWeb-Bold.woff
demo-netbank-hybrid.nordea.se/fonts/nordea_sans_small_web/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://demo-netbank-hybrid.nordea.se/fonts/nordea_sans_small_web/NordeaSansSmallWeb-Bold.woff
Requested by
Host: demo-netbank-hybrid.nordea.se
URL: https://demo-netbank-hybrid.nordea.se/common-184d385c.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.233.249.231 , Finland, ASN201271 (NORDEA-AS, FI),
Reverse DNS
Software
- /
Resource Hash
b0aa8e0983817ebd285fb1020b551e1c750b26bff4631eb4ec99a0822047724d
Security Headers
Name Value
Strict-Transport-Security max-age=157680000; includeSubDomains

Request headers

Referer
https://demo-netbank-hybrid.nordea.se/common-184d385c.css
Origin
https://demo-netbank-hybrid.nordea.se
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 16:17:01 GMT
Strict-Transport-Security
max-age=157680000; includeSubDomains
Last-Modified
Tue, 07 Nov 2023 05:26:25 GMT
Server
-
ETag
"0cbd5b5b03e7925240b238e5804bc25b4"
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/font-woff
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
31856
utag.js
tags.tiqcdn.com/utag/nordea/mwa-hybrid-spa/prod/ 		209 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/nordea/mwa-hybrid-spa/prod/utag.js?_=1701879421221
Requested by
Host: demo-netbank-hybrid.nordea.se
URL: https://demo-netbank-hybrid.nordea.se/vendor-8a20151b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
787d16b94aad94a684b0d16fee673fbd57855b3e7b94fe76a3e6ec0f71e24821

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://demo-netbank-hybrid.nordea.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
dhaTfXedcwH0NF7z5EvqALPVVWdSm5ra
content-encoding
br
via
1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
date
Wed, 06 Dec 2023 16:16:46 GMT
last-modified
Wed, 25 Oct 2023 12:38:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
17
x-amz-server-side-encryption
AES256
etag
W/"ddc4ba57453e9ec7b562009aca6d0e5b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
qZgy6OCFb-RYD45uZXPpNlYgIA4akwEZXU03mve4968eU2hh3zhLuw==
utag.32.js
tags.tiqcdn.com/utag/nordea/mwa-hybrid-spa/prod/ 		96 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/nordea/mwa-hybrid-spa/prod/utag.32.js?utv=ut4.47.202310251237
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/nordea/mwa-hybrid-spa/prod/utag.js?_=1701879421221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04b0015ac5bda7883094b47fcf570f8de5ccf4616a7ce3fd82e0345c6501e6c5

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://demo-netbank-hybrid.nordea.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
slZDiBHNBR65bEAJsWSQFy2L15Pz21Zd
content-encoding
br
via
1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
date
Wed, 06 Dec 2023 16:15:15 GMT
last-modified
Wed, 25 Oct 2023 12:38:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
110
x-amz-server-side-encryption
AES256
etag
W/"acb6d021a22d4175cfc9137f626792f9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
laMgavs2_nHFcvSV9LTYaWuAXrFn07l5tSz-k-BXlbaZbYZwJMqQXw==
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=nordea/mwa-hybrid-spa/202310251237&cb=1701879423508
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/nordea/mwa-hybrid-spa/prod/utag.js?_=1701879421221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://demo-netbank-hybrid.nordea.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Wed, 06 Dec 2023 16:07:37 GMT
via
1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
567
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
tBJ8UPUr56XnOA3O2YHW2IStn2cX1azDcJVn2tqij8tpMcJezTGI0w==

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| COUNTRY string| SEGMENT string| CHANNEL string| PROFILE string| ENV object| TRACKING string| APP_VERSION string| CLIENT_ID string| IS_PILOT boolean| IS_DEMO object| utag_data undefined| NDBRIDGE_IOS_CALLBACK object| GET_PARAMETERS object| params object| splitParam string| ifp_visitId string| revisitid function| ifp_finalizeUseCaseAndView function| ifp_initUseCaseAndView function| ifp_finalizeView function| ifp_initView function| $ function| jQuery object| base64js function| sha256 function| sha224 function| _ object| angular function| moment object| d3 object| topojson object| whatInput function| Mousetrap function| Mark boolean| _pdfjsCompatibilityChecked object| __core-js_shared__ object| core object| regeneratorRuntime object| pdfjsLib object| pdfjs-dist/build/pdf object| pdfjsWorker object| pdfjs-dist/build/pdf.worker object| Foundation object| dbwFeedback object| dbwAppMenu object| contactUsLoader function| saveAs function| flash_is_ready object| EINVOICE_FI function| startSigning function| setLanguage function| setPlatform function| setSupported function| setTealiumParameters function| setThemeMode function| setToken function| setLoginHint function| setSafeAreaInsets function| navigateBack boolean| utag_condload object| utag function| loadLibrary function| AppMeasurement_Module_AudienceManagement boolean| __tealium_twc_switch object| utag_cfg_ovrd function| DIL object| s function| AppMeasurement function| s_gi function| s_pgicq object| s_c_il number| s_c_in number| s_objectID number| s_giq

3 Cookies

Domain/Path Name / Value
demo-netbank-hybrid.nordea.se/ Name: web
Value: 20231206171700-3516757377
demo-netbank-hybrid.nordea.se/ Name: dbw.locale
Value: sv-SE
.nordea.se/ Name: utag_main
Value: v_id:018c3feb208d0027681377bea27203074002606c00b08$_sn:1$_se:1$_ss:1$_st:1701881223118$ses_id:1701879423118%3Bexp-session$_pn:1%3Bexp-session$lv:1$sv:1%3Bexp-session$le:1$se:1%3Bexp-session

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=157680000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block