urlscan.io logo urlscan.io
SecurityTrails logo

nordea-no.staging.tipsportalen.no Open in urlscan Pro
13.49.84.18  Public Scan

Go To Rescan Add Verdict Report
URL: https://nordea-no.staging.tipsportalen.no/
Submission: On March 22 via automatic, source certstream-suspicious — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 13.49.84.18, located in Stockholm, Sweden and belongs to AMAZON-02, US. The main domain is nordea-no.staging.tipsportalen.no.
TLS certificate: Issued by R3 on March 22nd 2023. Valid for: 3 months.
This is the only time nordea-no.staging.tipsportalen.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 13.49.84.18 16509 (AMAZON-02)
1 142.250.184.202 15169 (GOOGLE)
1 142.250.185.195 15169 (GOOGLE)
19 4
Domain Requested by
14 nordea-no.staging.tipsportalen.no nordea-no.staging.tipsportalen.no
3 ten.nordea-no.staging.proximacode.no nordea-no.staging.tipsportalen.no
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com nordea-no.staging.tipsportalen.no
19 4

This site contains no links.

Subject Issuer Validity Valid
nordea-no.staging.tipsportalen.no
R3		 2023-03-22 -
2023-06-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
ten.nordea-no.staging.proximacode.no
R3		 2023-02-03 -
2023-05-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://nordea-no.staging.tipsportalen.no/
Frame ID: CE7EBCB90762AF336F78286B3E666B05
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tipsportalen

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

989 kB
Transfer

6087 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nordea-no.staging.tipsportalen.no/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nordea-no.staging.tipsportalen.no/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.49.84.18 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-84-18.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
789d42255e62d8618c0bdf75afc6ff2174515be0c2c36a9f4388399cb1fc32ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 22 Mar 2023 01:57:59 GMT
etag
W/"64170625-1675"
expect-ct
max-age=0, report-uri="https://nordea-no.staging.tipsportalen.no"
feature-policy
accelerometer 'none'; autoplay 'none'; geolocation 'none'; midi 'none'; sync-xhr 'self' https://nordea-no.staging.tipsportalen.no https://ten.nordea-no.staging.proximacode.no; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'; usb 'none'
last-modified
Sun, 19 Mar 2023 12:55:01 GMT
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		2 KB
985 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro&display=swap
Requested by
Host: nordea-no.staging.tipsportalen.no
URL: https://nordea-no.staging.tipsportalen.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
8bc3192e7e3add5994afa668aef8bb024a247b361c1f9e3cddd0791b34db77b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Mar 2023 01:57:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 01:14:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Mar 2023 01:57:59 GMT
a1c9fa5.modern.js
nordea-no.staging.tipsportalen.no/_nuxt/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordea-no.staging.tipsportalen.no/_nuxt/a1c9fa5.modern.js
Requested by
Host: nordea-no.staging.tipsportalen.no
URL: https://nordea-no.staging.tipsportalen.no/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.49.84.18 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-84-18.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aaac11adb8b7544ff3d31576643fa6a5bbb6220421074fc35cdf6843540a31d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://nordea-no.staging.tipsportalen.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 01:57:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Sun, 19 Mar 2023 12:54:59 GMT
server
nginx
content-encoding
gzip
etag
W/"64170623-e7c"
expect-ct
max-age=0, report-uri="https://nordea-no.staging.tipsportalen.no"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
accelerometer 'none'; autoplay 'none'; geolocation 'none'; midi 'none'; sync-xhr 'self' https://nordea-no.staging.tipsportalen.no https://ten.nordea-no.staging.proximacode.no; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'; usb 'none'
x-xss-protection
1; mode=block
b50833a.modern.js
nordea-no.staging.tipsportalen.no/_nuxt/ 		190 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordea-no.staging.tipsportalen.no/_nuxt/b50833a.modern.js
Requested by
Host: nordea-no.staging.tipsportalen.no
URL: https://nordea-no.staging.tipsportalen.no/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.49.84.18 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-84-18.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d7555e3a31b87e716d1773b528d9d53510a88a1413fde32288c92fac717293f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://nordea-no.staging.tipsportalen.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 01:57:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Sun, 19 Mar 2023 12:54:59 GMT
server
nginx
content-encoding
gzip
etag
W/"64170623-2f64c"
expect-ct
max-age=0, report-uri="https://nordea-no.staging.tipsportalen.no"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
accelerometer 'none'; autoplay 'none'; geolocation 'none'; midi 'none'; sync-xhr 'self' https://nordea-no.staging.tipsportalen.no https://ten.nordea-no.staging.proximacode.no; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'; usb 'none'
x-xss-protection
1; mode=block
b898c16.modern.js
nordea-no.staging.tipsportalen.no/_nuxt/ 		2 MB
483 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordea-no.staging.tipsportalen.no/_nuxt/b898c16.modern.js
Requested by
Host: nordea-no.staging.tipsportalen.no
URL: https://nordea-no.staging.tipsportalen.no/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.49.84.18 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-84-18.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2642d47355d92bf67a6c35b64f837912cc1416ee036578c7bcdcf025f111cd66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://nordea-no.staging.tipsportalen.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 01:57:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Sun, 19 Mar 2023 12:54:59 GMT
server
nginx
content-encoding
gzip
etag
W/"64170623-1a6046"
expect-ct
max-age=0, report-uri="https://nordea-no.staging.tipsportalen.no"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
accelerometer 'none'; autoplay 'none'; geolocation 'none'; midi 'none'; sync-xhr 'self' https://nordea-no.staging.tipsportalen.no https://ten.nordea-no.staging.proximacode.no; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'; usb 'none'
x-xss-protection
1; mode=block
d2fe208.modern.js
nordea-no.staging.tipsportalen.no/_nuxt/ 		4 MB
362 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordea-no.staging.tipsportalen.no/_nuxt/d2fe208.modern.js
Requested by
Host: nordea-no.staging.tipsportalen.no
URL: https://nordea-no.staging.tipsportalen.no/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.49.84.18 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-84-18.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1eb3f66304528069cfe1719cf252883124c2d89d2c8608f4634e2a925fa45477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://nordea-no.staging.tipsportalen.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 01:57:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Sun, 19 Mar 2023 12:54:59 GMT
server
nginx
content-encoding
gzip
etag
W/"64170623-3eb2eb"
expect-ct
max-age=0, report-uri="https://nordea-no.staging.tipsportalen.no"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
accelerometer 'none'; autoplay 'none'; geolocation 'none'; midi 'none'; sync-xhr 'self' https://nordea-no.staging.tipsportalen.no https://ten.nordea-no.staging.proximacode.no; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'; usb 'none'
x-xss-protection
1; mode=block
2857bfc.modern.js
nordea-no.staging.tipsportalen.no/_nuxt/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordea-no.staging.tipsportalen.no/_nuxt/2857bfc.modern.js
Requested by
Host: nordea-no.staging.tipsportalen.no
URL: https://nordea-no.staging.tipsportalen.no/_nuxt/a1c9fa5.modern.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.49.84.18 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-84-18.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8a60bb6f4ad1901b0620505f7ccdedacf15a17101ed6a90cf2ebef758da23707
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 01:58:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Sun, 19 Mar 2023 12:54:59 GMT
server
nginx
content-encoding
gzip
etag
W/"64170623-11be"
expect-ct
max-age=0, report-uri="https://nordea-no.staging.tipsportalen.no"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
accelerometer 'none'; autoplay 'none'; geolocation 'none'; midi 'none'; sync-xhr 'self' https://nordea-no.staging.tipsportalen.no https://ten.nordea-no.staging.proximacode.no; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'; usb 'none'
x-xss-protection
1; mode=block
2a5aeb3.modern.js
nordea-no.staging.tipsportalen.no/_nuxt/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordea-no.staging.tipsportalen.no/_nuxt/2a5aeb3.modern.js
Requested by
Host: nordea-no.staging.tipsportalen.no
URL: https://nordea-no.staging.tipsportalen.no/_nuxt/a1c9fa5.modern.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.49.84.18 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-84-18.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d66d7a3ca41e1f689b6ce1b8aded63a645cb5638664fafcef1a33e16f82b9a11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 01:58:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Sun, 19 Mar 2023 12:54:59 GMT
server
nginx
content-encoding
gzip
etag
W/"64170623-5725"
expect-ct
max-age=0, report-uri="https://nordea-no.staging.tipsportalen.no"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
accelerometer 'none'; autoplay 'none'; geolocation 'none'; midi 'none'; sync-xhr 'self' https://nordea-no.staging.tipsportalen.no https://ten.nordea-no.staging.proximacode.no; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'; usb 'none'
x-xss-protection
1; mode=block
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nordea-no.staging.tipsportalen.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:37:41 GMT
x-content-type-options
nosniff
age
62419
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:37:41 GMT
4229bf4.modern.js
nordea-no.staging.tipsportalen.no/_nuxt/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordea-no.staging.tipsportalen.no/_nuxt/4229bf4.modern.js
Requested by
Host: nordea-no.staging.tipsportalen.no
URL: https://nordea-no.staging.tipsportalen.no/_nuxt/a1c9fa5.modern.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.49.84.18 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-84-18.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3a97c963ee0655328ee7bac406b7d422a0b49400d67650ea600770619cd838b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 01:58:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Sun, 19 Mar 2023 12:54:59 GMT
server
nginx
content-encoding
gzip
etag
W/"64170623-15a44"
expect-ct
max-age=0, report-uri="https://nordea-no.staging.tipsportalen.no"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
accelerometer 'none'; autoplay 'none'; geolocation 'none'; midi 'none'; sync-xhr 'self' https://nordea-no.staging.tipsportalen.no https://ten.nordea-no.staging.proximacode.no; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'; usb 'none'
x-xss-protection
1; mode=block
app-settings
ten.nordea-no.staging.proximacode.no/api/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ten.nordea-no.staging.proximacode.no/api/v1/app-settings
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.49.84.18 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-84-18.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,control-allow-origin
Access-Control-Request-Method
GET
Origin
https://nordea-no.staging.tipsportalen.no
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
authorization,control-allow-origin
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
0
cache-control
no-cache, private
date
Wed, 22 Mar 2023 01:58:00 GMT
server
nginx
vary
Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
ec5a4a7.modern.js
nordea-no.staging.tipsportalen.no/_nuxt/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordea-no.staging.tipsportalen.no/_nuxt/ec5a4a7.modern.js
Requested by
Host: nordea-no.staging.tipsportalen.no
URL: https://nordea-no.staging.tipsportalen.no/_nuxt/a1c9fa5.modern.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.49.84.18 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-84-18.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
03463bcb8775c0297a6a10963977ceb54260775198728b914ac3994b265bc23f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 01:58:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Sun, 19 Mar 2023 12:54:59 GMT
server
nginx
content-encoding
gzip
etag
W/"64170623-198f"
expect-ct
max-age=0, report-uri="https://nordea-no.staging.tipsportalen.no"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
accelerometer 'none'; autoplay 'none'; geolocation 'none'; midi 'none'; sync-xhr 'self' https://nordea-no.staging.tipsportalen.no https://ten.nordea-no.staging.proximacode.no; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'; usb 'none'
x-xss-protection
1; mode=block
fdffbd5.modern.js
nordea-no.staging.tipsportalen.no/_nuxt/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordea-no.staging.tipsportalen.no/_nuxt/fdffbd5.modern.js
Requested by
Host: nordea-no.staging.tipsportalen.no
URL: https://nordea-no.staging.tipsportalen.no/_nuxt/a1c9fa5.modern.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.49.84.18 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-84-18.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b5b286bd7162a2f986aa468ba4163229604b308cf4def131d3429c9086e4d119
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 01:58:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Sun, 19 Mar 2023 12:54:59 GMT
server
nginx
content-encoding
gzip
etag
W/"64170623-612"
expect-ct
max-age=0, report-uri="https://nordea-no.staging.tipsportalen.no"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
accelerometer 'none'; autoplay 'none'; geolocation 'none'; midi 'none'; sync-xhr 'self' https://nordea-no.staging.tipsportalen.no https://ten.nordea-no.staging.proximacode.no; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'; usb 'none'
x-xss-protection
1; mode=block
app-settings
ten.nordea-no.staging.proximacode.no/api/v1/ 		53 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ten.nordea-no.staging.proximacode.no/api/v1/app-settings
Requested by
Host: nordea-no.staging.tipsportalen.no
URL: https://nordea-no.staging.tipsportalen.no/_nuxt/b898c16.modern.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.49.84.18 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-84-18.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0752a84f8b8b11fdd7391eb0a9113a14ae48f8a568937226dabaecc7e852d698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
accept-language
no-NO,no;q=0.9
Authorization
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Control-Allow-Origin
*

Response headers

date
Wed, 22 Mar 2023 01:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
x-ratelimit-remaining
4998
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-ratelimit-limit
5000
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
health
ten.nordea-no.staging.proximacode.no/api/v1/ 		75 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ten.nordea-no.staging.proximacode.no/api/v1/health
Requested by
Host: nordea-no.staging.tipsportalen.no
URL: https://nordea-no.staging.tipsportalen.no/_nuxt/b898c16.modern.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.49.84.18 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-84-18.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d44b8293a5adc6dfe5d1e9dff24de64f1c3a598de79c16b605f48f579c75081
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 01:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
x-ratelimit-remaining
4999
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-ratelimit-limit
5000
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
29a2bad.modern.js
nordea-no.staging.tipsportalen.no/_nuxt/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordea-no.staging.tipsportalen.no/_nuxt/29a2bad.modern.js
Requested by
Host: nordea-no.staging.tipsportalen.no
URL: https://nordea-no.staging.tipsportalen.no/_nuxt/a1c9fa5.modern.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.49.84.18 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-84-18.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
043956b545c13c07c7cc2e0c1bfb6a696e1e33e71c9236c7e1c45761dd078a1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 01:58:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Sun, 19 Mar 2023 12:54:59 GMT
server
nginx
content-encoding
gzip
etag
W/"64170623-23a0"
expect-ct
max-age=0, report-uri="https://nordea-no.staging.tipsportalen.no"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
accelerometer 'none'; autoplay 'none'; geolocation 'none'; midi 'none'; sync-xhr 'self' https://nordea-no.staging.tipsportalen.no https://ten.nordea-no.staging.proximacode.no; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'; usb 'none'
x-xss-protection
1; mode=block
truncated
/ 		624 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5798127aa3865f40ead738a9b6a17bf5f41667fb0abf2c81e59508746502c758

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
6df48b4.modern.js
nordea-no.staging.tipsportalen.no/_nuxt/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordea-no.staging.tipsportalen.no/_nuxt/6df48b4.modern.js
Requested by
Host: nordea-no.staging.tipsportalen.no
URL: https://nordea-no.staging.tipsportalen.no/_nuxt/a1c9fa5.modern.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.49.84.18 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-84-18.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
78ba117ec73530559bb62b8e8ab58a3a699682b9fec0757870046e6e1148e2ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 01:58:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Sun, 19 Mar 2023 12:54:59 GMT
server
nginx
content-encoding
gzip
etag
W/"64170623-14b8"
expect-ct
max-age=0, report-uri="https://nordea-no.staging.tipsportalen.no"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
accelerometer 'none'; autoplay 'none'; geolocation 'none'; midi 'none'; sync-xhr 'self' https://nordea-no.staging.tipsportalen.no https://ten.nordea-no.staging.proximacode.no; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'; usb 'none'
x-xss-protection
1; mode=block
45757b0.modern.js
nordea-no.staging.tipsportalen.no/_nuxt/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordea-no.staging.tipsportalen.no/_nuxt/45757b0.modern.js
Requested by
Host: nordea-no.staging.tipsportalen.no
URL: https://nordea-no.staging.tipsportalen.no/_nuxt/a1c9fa5.modern.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.49.84.18 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-84-18.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d839f9e7b3a524e85b95371d9ebb933d21cc07828a3aba9b265dd1b138f97c7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 01:58:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Sun, 19 Mar 2023 12:54:59 GMT
server
nginx
content-encoding
gzip
etag
W/"64170623-5a64"
expect-ct
max-age=0, report-uri="https://nordea-no.staging.tipsportalen.no"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
accelerometer 'none'; autoplay 'none'; geolocation 'none'; midi 'none'; sync-xhr 'self' https://nordea-no.staging.tipsportalen.no https://ten.nordea-no.staging.proximacode.no; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'; usb 'none'
x-xss-protection
1; mode=block
c9dbba6.modern.js
nordea-no.staging.tipsportalen.no/_nuxt/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordea-no.staging.tipsportalen.no/_nuxt/c9dbba6.modern.js
Requested by
Host: nordea-no.staging.tipsportalen.no
URL: https://nordea-no.staging.tipsportalen.no/_nuxt/a1c9fa5.modern.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.49.84.18 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-84-18.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8cfbaa8f579d2b9b4400ed549020368edfc6fe8defe7674c049f744e45bb0cbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 01:58:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Sun, 19 Mar 2023 12:54:59 GMT
server
nginx
content-encoding
gzip
etag
W/"64170623-37dc"
expect-ct
max-age=0, report-uri="https://nordea-no.staging.tipsportalen.no"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
feature-policy
accelerometer 'none'; autoplay 'none'; geolocation 'none'; midi 'none'; sync-xhr 'self' https://nordea-no.staging.tipsportalen.no https://ten.nordea-no.staging.proximacode.no; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'self'; fullscreen 'self'; payment 'none'; usb 'none'
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| __NUXT__ object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| $workbox object| FontAwesomeConfig object| ___FONT_AWESOME___ function| rangeBetween object| __SENTRY__ function| _ object| $nuxt

1 Cookies

Domain/Path Name / Value
nordea-no.staging.tipsportalen.no/ Name: auth.strategy
Value: local

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
nordea-no.staging.tipsportalen.no
ten.nordea-no.staging.proximacode.no
13.49.84.18
142.250.184.202
142.250.185.195
03463bcb8775c0297a6a10963977ceb54260775198728b914ac3994b265bc23f
043956b545c13c07c7cc2e0c1bfb6a696e1e33e71c9236c7e1c45761dd078a1e
0752a84f8b8b11fdd7391eb0a9113a14ae48f8a568937226dabaecc7e852d698
1d44b8293a5adc6dfe5d1e9dff24de64f1c3a598de79c16b605f48f579c75081
1d7555e3a31b87e716d1773b528d9d53510a88a1413fde32288c92fac717293f
1eb3f66304528069cfe1719cf252883124c2d89d2c8608f4634e2a925fa45477
2642d47355d92bf67a6c35b64f837912cc1416ee036578c7bcdcf025f111cd66
3a97c963ee0655328ee7bac406b7d422a0b49400d67650ea600770619cd838b2
5798127aa3865f40ead738a9b6a17bf5f41667fb0abf2c81e59508746502c758
789d42255e62d8618c0bdf75afc6ff2174515be0c2c36a9f4388399cb1fc32ce
78ba117ec73530559bb62b8e8ab58a3a699682b9fec0757870046e6e1148e2ca
8a60bb6f4ad1901b0620505f7ccdedacf15a17101ed6a90cf2ebef758da23707
8bc3192e7e3add5994afa668aef8bb024a247b361c1f9e3cddd0791b34db77b6
8cfbaa8f579d2b9b4400ed549020368edfc6fe8defe7674c049f744e45bb0cbc
aaac11adb8b7544ff3d31576643fa6a5bbb6220421074fc35cdf6843540a31d1
b5b286bd7162a2f986aa468ba4163229604b308cf4def131d3429c9086e4d119
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
d66d7a3ca41e1f689b6ce1b8aded63a645cb5638664fafcef1a33e16f82b9a11
d839f9e7b3a524e85b95371d9ebb933d21cc07828a3aba9b265dd1b138f97c7d