directaccess.nordstrom.mnsus.com Open in urlscan Pro
195.54.163.133  Malicious Activity! Public Scan

URL: https://directaccess.nordstrom.mnsus.com/
Submission: On February 11 via manual from US

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 18 HTTP transactions. The main IP is 195.54.163.133, located in Ukraine and belongs to ITLAS, UA. The main domain is directaccess.nordstrom.mnsus.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 10th 2019. Valid for: 3 months.
This is the only time directaccess.nordstrom.mnsus.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nordstrom (Fashion)

Domain & IP information

IP Address AS Autonomous System
18 195.54.163.133 15626 (ITLAS)
18 1
Apex Domain
Subdomains
Transfer
18 mnsus.com
directaccess.nordstrom.mnsus.com
252 KB
18 1
Domain Requested by
18 directaccess.nordstrom.mnsus.com directaccess.nordstrom.mnsus.com
18 1

This site contains links to these domains. Also see Links.

Domain
directaccess.nordstrom.com
nordstrom.taleo.net
about.nordstrom.com
shop.nordstrom.com
Subject Issuer Validity Valid
directaccess.nordstrom.mnsus.com
Let's Encrypt Authority X3
2019-02-10 -
2019-05-11
3 months crt.sh

This page contains 3 frames:

Primary Page: https://directaccess.nordstrom.mnsus.com/
Frame ID: 5D98F2754645696DFCFA73B93DFE19EE
Requests: 16 HTTP requests in this frame

Frame: https://directaccess.nordstrom.mnsus.com/t.html
Frame ID: 207419EE958C718F533741B1840C2F00
Requests: 1 HTTP requests in this frame

Frame: https://directaccess.nordstrom.mnsus.com/blank.html
Frame ID: 64928C197B3EF1063F33411E1927B910
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

252 kB
Transfer

422 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
directaccess.nordstrom.mnsus.com/
12 KB
4 KB
Document
General
Full URL
https://directaccess.nordstrom.mnsus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.54.163.133 , Ukraine, ASN15626 (ITLAS, UA),
Reverse DNS
cp5ua.hyperhost.ua
Software
nginx /
Resource Hash
fd16eb7d0ed55912016e59e3d436ada90882c7de9111885a94cfec5a0809bfb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
directaccess.nordstrom.mnsus.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
nginx
date
Mon, 11 Feb 2019 17:07:56 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Sun, 10 Feb 2019 09:59:41 GMT
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
MISS
x-server-powered-by
Engintron
content-encoding
gzip
swanEXTN-custom-2_3_6_9-en-gecko.css
directaccess.nordstrom.mnsus.com/
50 KB
8 KB
Stylesheet
General
Full URL
https://directaccess.nordstrom.mnsus.com/swanEXTN-custom-2_3_6_9-en-gecko.css
Requested by
Host: directaccess.nordstrom.mnsus.com
URL: https://directaccess.nordstrom.mnsus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.54.163.133 , Ukraine, ASN15626 (ITLAS, UA),
Reverse DNS
cp5ua.hyperhost.ua
Software
nginx /
Resource Hash
62b580b1b716d448349698f0e0833390518a40d54fd28689e9b72e401e083025

Request headers

:path
/swanEXTN-custom-2_3_6_9-en-gecko.css
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
directaccess.nordstrom.mnsus.com
referer
https://directaccess.nordstrom.mnsus.com/
:scheme
https
:method
GET
Referer
https://directaccess.nordstrom.mnsus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Mon, 11 Feb 2019 17:07:56 GMT
content-encoding
gzip
last-modified
Thu, 25 May 2017 06:49:38 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2592000
expires
Wed, 13 Mar 2019 17:07:56 GMT
Common2_3_6_9.js
directaccess.nordstrom.mnsus.com/
117 KB
31 KB
Script
General
Full URL
https://directaccess.nordstrom.mnsus.com/Common2_3_6_9.js
Requested by
Host: directaccess.nordstrom.mnsus.com
URL: https://directaccess.nordstrom.mnsus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.54.163.133 , Ukraine, ASN15626 (ITLAS, UA),
Reverse DNS
cp5ua.hyperhost.ua
Software
nginx /
Resource Hash
6cacdecd5b589127b1e484579d419685a66c9feb19b128d62c599da2066ab6f1

Request headers

:path
/Common2_3_6_9.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
directaccess.nordstrom.mnsus.com
referer
https://directaccess.nordstrom.mnsus.com/
:scheme
https
:method
GET
Referer
https://directaccess.nordstrom.mnsus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Mon, 11 Feb 2019 17:07:56 GMT
content-encoding
gzip
last-modified
Thu, 25 May 2017 06:49:38 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Wed, 13 Mar 2019 17:07:56 GMT
oafcoreR121.js
directaccess.nordstrom.mnsus.com/
47 KB
11 KB
Script
General
Full URL
https://directaccess.nordstrom.mnsus.com/oafcoreR121.js
Requested by
Host: directaccess.nordstrom.mnsus.com
URL: https://directaccess.nordstrom.mnsus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.54.163.133 , Ukraine, ASN15626 (ITLAS, UA),
Reverse DNS
cp5ua.hyperhost.ua
Software
nginx /
Resource Hash
103ccffee8a0efbb52d936efc2a9e2e20891df5ff002d669d9d95c4c72867ab0

Request headers

:path
/oafcoreR121.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
directaccess.nordstrom.mnsus.com
referer
https://directaccess.nordstrom.mnsus.com/
:scheme
https
:method
GET
Referer
https://directaccess.nordstrom.mnsus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Mon, 11 Feb 2019 17:07:56 GMT
content-encoding
gzip
last-modified
Thu, 25 May 2017 06:49:38 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Wed, 13 Mar 2019 17:07:56 GMT
oafb.js
directaccess.nordstrom.mnsus.com/
1 KB
650 B
Script
General
Full URL
https://directaccess.nordstrom.mnsus.com/oafb.js
Requested by
Host: directaccess.nordstrom.mnsus.com
URL: https://directaccess.nordstrom.mnsus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.54.163.133 , Ukraine, ASN15626 (ITLAS, UA),
Reverse DNS
cp5ua.hyperhost.ua
Software
nginx /
Resource Hash
caed8690a9c847c80475e450e5f6c4465b3623d1390e492a20b99b87b41178e0

Request headers

:path
/oafb.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
directaccess.nordstrom.mnsus.com
referer
https://directaccess.nordstrom.mnsus.com/
:scheme
https
:method
GET
Referer
https://directaccess.nordstrom.mnsus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Mon, 11 Feb 2019 17:07:56 GMT
content-encoding
gzip
last-modified
Thu, 25 May 2017 06:49:38 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Wed, 13 Mar 2019 17:07:56 GMT
t.gif
directaccess.nordstrom.mnsus.com/
85 B
273 B
Image
General
Full URL
https://directaccess.nordstrom.mnsus.com/t.gif
Requested by
Host: directaccess.nordstrom.mnsus.com
URL: https://directaccess.nordstrom.mnsus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.54.163.133 , Ukraine, ASN15626 (ITLAS, UA),
Reverse DNS
cp5ua.hyperhost.ua
Software
nginx /
Resource Hash
bb785afba706a06bac6123d21e898c5cf11ad2d1626ec3429c2e9af95427ea95

Request headers

:path
/t.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
directaccess.nordstrom.mnsus.com
referer
https://directaccess.nordstrom.mnsus.com/
:scheme
https
:method
GET
Referer
https://directaccess.nordstrom.mnsus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Mon, 11 Feb 2019 17:07:56 GMT
last-modified
Thu, 25 May 2017 06:49:38 GMT
server
nginx
content-type
image/gif
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
85
expires
Fri, 12 Apr 2019 17:07:56 GMT
mynordstrom_logo.png
directaccess.nordstrom.mnsus.com/
7 KB
8 KB
Image
General
Full URL
https://directaccess.nordstrom.mnsus.com/mynordstrom_logo.png
Requested by
Host: directaccess.nordstrom.mnsus.com
URL: https://directaccess.nordstrom.mnsus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.54.163.133 , Ukraine, ASN15626 (ITLAS, UA),
Reverse DNS
cp5ua.hyperhost.ua
Software
nginx /
Resource Hash
260e4ade7ec4926e7aa54f6989e14d1910cdef88ef1097c7fc146e99e0e9f5ae

Request headers

:path
/mynordstrom_logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
directaccess.nordstrom.mnsus.com
referer
https://directaccess.nordstrom.mnsus.com/
:scheme
https
:method
GET
Referer
https://directaccess.nordstrom.mnsus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Mon, 11 Feb 2019 17:07:56 GMT
last-modified
Thu, 25 May 2017 06:49:38 GMT
server
nginx
content-type
image/png
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
7636
expires
Fri, 12 Apr 2019 17:07:56 GMT
nohr_topLines.jpg
directaccess.nordstrom.mnsus.com/
5 KB
5 KB
Image
General
Full URL
https://directaccess.nordstrom.mnsus.com/nohr_topLines.jpg
Requested by
Host: directaccess.nordstrom.mnsus.com
URL: https://directaccess.nordstrom.mnsus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.54.163.133 , Ukraine, ASN15626 (ITLAS, UA),
Reverse DNS
cp5ua.hyperhost.ua
Software
nginx /
Resource Hash
db11a1f58f9c27a1d21738c88d8baf7c9f93154f4b9b55f183e4c7ff5d4919c7

Request headers

:path
/nohr_topLines.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
directaccess.nordstrom.mnsus.com
referer
https://directaccess.nordstrom.mnsus.com/
:scheme
https
:method
GET
Referer
https://directaccess.nordstrom.mnsus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Mon, 11 Feb 2019 17:07:56 GMT
last-modified
Thu, 25 May 2017 06:49:38 GMT
server
nginx
content-type
image/jpeg
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
4691
expires
Fri, 12 Apr 2019 17:07:56 GMT
nohr_people.jpg
directaccess.nordstrom.mnsus.com/
43 KB
43 KB
Image
General
Full URL
https://directaccess.nordstrom.mnsus.com/nohr_people.jpg
Requested by
Host: directaccess.nordstrom.mnsus.com
URL: https://directaccess.nordstrom.mnsus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.54.163.133 , Ukraine, ASN15626 (ITLAS, UA),
Reverse DNS
cp5ua.hyperhost.ua
Software
nginx /
Resource Hash
66e3f9b8cd92c64eb59bbce44d133d75414a5be10b3c3a9b352a57b564f0c253

Request headers

:path
/nohr_people.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
directaccess.nordstrom.mnsus.com
referer
https://directaccess.nordstrom.mnsus.com/
:scheme
https
:method
GET
Referer
https://directaccess.nordstrom.mnsus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Mon, 11 Feb 2019 17:07:56 GMT
last-modified
Thu, 25 May 2017 06:49:38 GMT
server
nginx
content-type
image/jpeg
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
43661
expires
Fri, 12 Apr 2019 17:07:56 GMT
nohr_globalTop.jpg
directaccess.nordstrom.mnsus.com/
41 KB
41 KB
Image
General
Full URL
https://directaccess.nordstrom.mnsus.com/nohr_globalTop.jpg
Requested by
Host: directaccess.nordstrom.mnsus.com
URL: https://directaccess.nordstrom.mnsus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.54.163.133 , Ukraine, ASN15626 (ITLAS, UA),
Reverse DNS
cp5ua.hyperhost.ua
Software
nginx /
Resource Hash
c38cb156448ef3d11d4bb88443ce19d0a381c0c7d5881ec7fbfda8151ef083b7

Request headers

:path
/nohr_globalTop.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
directaccess.nordstrom.mnsus.com
referer
https://directaccess.nordstrom.mnsus.com/
:scheme
https
:method
GET
Referer
https://directaccess.nordstrom.mnsus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Mon, 11 Feb 2019 17:07:56 GMT
last-modified
Thu, 25 May 2017 06:49:38 GMT
server
nginx
content-type
image/jpeg
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
41831
expires
Fri, 12 Apr 2019 17:07:56 GMT
t.html
directaccess.nordstrom.mnsus.com/ Frame 2074
231 B
437 B
Document
General
Full URL
https://directaccess.nordstrom.mnsus.com/t.html
Requested by
Host: directaccess.nordstrom.mnsus.com
URL: https://directaccess.nordstrom.mnsus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.54.163.133 , Ukraine, ASN15626 (ITLAS, UA),
Reverse DNS
cp5ua.hyperhost.ua
Software
nginx /
Resource Hash
0104f1d03a2541d75d05bb57ba744dfbed0569204ff5b09ffae586d36ef407bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
directaccess.nordstrom.mnsus.com
:scheme
https
:path
/t.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://directaccess.nordstrom.mnsus.com/
accept-encoding
gzip, deflate, br
cookie
oracle.uix=0^^GMT-0:00^p
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://directaccess.nordstrom.mnsus.com/

Response headers

status
200
server
nginx
date
Mon, 11 Feb 2019 17:07:56 GMT
content-type
text/html
content-length
231
last-modified
Sat, 27 May 2017 13:06:32 GMT
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
HIT
x-server-powered-by
Engintron
accept-ranges
bytes
white_headerBg.jpg
directaccess.nordstrom.mnsus.com/
4 KB
5 KB
Image
General
Full URL
https://directaccess.nordstrom.mnsus.com/white_headerBg.jpg
Requested by
Host: directaccess.nordstrom.mnsus.com
URL: https://directaccess.nordstrom.mnsus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.54.163.133 , Ukraine, ASN15626 (ITLAS, UA),
Reverse DNS
cp5ua.hyperhost.ua
Software
nginx /
Resource Hash
79fc79a0460244b9fb40e84c83f23d684b4ac3c8b60a5f448144be78187ea88e

Request headers

:path
/white_headerBg.jpg
pragma
no-cache
cookie
oracle.uix=0^^GMT-0:00^p
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
directaccess.nordstrom.mnsus.com
referer
https://directaccess.nordstrom.mnsus.com/swanEXTN-custom-2_3_6_9-en-gecko.css
:scheme
https
:method
GET
Referer
https://directaccess.nordstrom.mnsus.com/swanEXTN-custom-2_3_6_9-en-gecko.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Mon, 11 Feb 2019 17:07:56 GMT
last-modified
Thu, 25 May 2017 06:49:38 GMT
server
nginx
content-type
image/jpeg
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
4469
expires
Fri, 12 Apr 2019 17:07:56 GMT
navBarUnderTopTabsBg.html
directaccess.nordstrom.mnsus.com/OA_HTML/cabo/images/swan/
6 KB
6 KB
Image
General
Full URL
https://directaccess.nordstrom.mnsus.com/OA_HTML/cabo/images/swan/navBarUnderTopTabsBg.html
Requested by
Host: directaccess.nordstrom.mnsus.com
URL: https://directaccess.nordstrom.mnsus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.54.163.133 , Ukraine, ASN15626 (ITLAS, UA),
Reverse DNS
cp5ua.hyperhost.ua
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/OA_HTML/cabo/images/swan/navBarUnderTopTabsBg.html
pragma
no-cache
cookie
oracle.uix=0^^GMT-0:00^p
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
directaccess.nordstrom.mnsus.com
referer
https://directaccess.nordstrom.mnsus.com/
:scheme
https
:method
GET
Referer
https://directaccess.nordstrom.mnsus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 11 Feb 2019 17:07:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 27 May 2017 13:01:18 GMT
server
nginx
vary
Accept-Encoding
x-nginx-cache-status
HIT
status
200
x-server-powered-by
Engintron
content-type
text/html
x-xss-protection
1; mode=block
rightbottom_background.jpg
directaccess.nordstrom.mnsus.com/
79 KB
79 KB
Image
General
Full URL
https://directaccess.nordstrom.mnsus.com/rightbottom_background.jpg
Requested by
Host: directaccess.nordstrom.mnsus.com
URL: https://directaccess.nordstrom.mnsus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.54.163.133 , Ukraine, ASN15626 (ITLAS, UA),
Reverse DNS
cp5ua.hyperhost.ua
Software
nginx /
Resource Hash
4e9f037dac5d82164202c8e9bcadefcdc5b37d3d75c985fa53006dd3d5f6b2d4

Request headers

:path
/rightbottom_background.jpg
pragma
no-cache
cookie
oracle.uix=0^^GMT-0:00^p
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
directaccess.nordstrom.mnsus.com
referer
https://directaccess.nordstrom.mnsus.com/swanEXTN-custom-2_3_6_9-en-gecko.css
:scheme
https
:method
GET
Referer
https://directaccess.nordstrom.mnsus.com/swanEXTN-custom-2_3_6_9-en-gecko.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Mon, 11 Feb 2019 17:07:56 GMT
last-modified
Thu, 25 May 2017 06:49:38 GMT
server
nginx
content-type
image/jpeg
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
80531
expires
Fri, 12 Apr 2019 17:07:56 GMT
btn-bg1.gif
directaccess.nordstrom.mnsus.com/OA_HTML/cabo/images/swan/
6 KB
6 KB
Image
General
Full URL
https://directaccess.nordstrom.mnsus.com/OA_HTML/cabo/images/swan/btn-bg1.gif
Requested by
Host: directaccess.nordstrom.mnsus.com
URL: https://directaccess.nordstrom.mnsus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.54.163.133 , Ukraine, ASN15626 (ITLAS, UA),
Reverse DNS
cp5ua.hyperhost.ua
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/OA_HTML/cabo/images/swan/btn-bg1.gif
pragma
no-cache
cookie
oracle.uix=0^^GMT-0:00^p
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
directaccess.nordstrom.mnsus.com
referer
https://directaccess.nordstrom.mnsus.com/
:scheme
https
:method
GET
Referer
https://directaccess.nordstrom.mnsus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Mon, 11 Feb 2019 17:07:56 GMT
last-modified
Sat, 27 May 2017 13:01:20 GMT
server
nginx
content-type
image/gif
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
6453
expires
Fri, 12 Apr 2019 17:07:56 GMT
rightbottom_bottome_background.jpg
directaccess.nordstrom.mnsus.com/
2 KB
2 KB
Image
General
Full URL
https://directaccess.nordstrom.mnsus.com/rightbottom_bottome_background.jpg
Requested by
Host: directaccess.nordstrom.mnsus.com
URL: https://directaccess.nordstrom.mnsus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.54.163.133 , Ukraine, ASN15626 (ITLAS, UA),
Reverse DNS
cp5ua.hyperhost.ua
Software
nginx /
Resource Hash
5e5fd2303307a1f9bee4951982429b989e3276c6ff49fd1cfbbde639ad94e1c4

Request headers

:path
/rightbottom_bottome_background.jpg
pragma
no-cache
cookie
oracle.uix=0^^GMT-0:00^p
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
directaccess.nordstrom.mnsus.com
referer
https://directaccess.nordstrom.mnsus.com/swanEXTN-custom-2_3_6_9-en-gecko.css
:scheme
https
:method
GET
Referer
https://directaccess.nordstrom.mnsus.com/swanEXTN-custom-2_3_6_9-en-gecko.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Mon, 11 Feb 2019 17:07:56 GMT
last-modified
Thu, 25 May 2017 06:49:38 GMT
server
nginx
content-type
image/jpeg
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
2139
expires
Fri, 12 Apr 2019 17:07:56 GMT
white_footerBg.gif
directaccess.nordstrom.mnsus.com/
817 B
997 B
Image
General
Full URL
https://directaccess.nordstrom.mnsus.com/white_footerBg.gif
Requested by
Host: directaccess.nordstrom.mnsus.com
URL: https://directaccess.nordstrom.mnsus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.54.163.133 , Ukraine, ASN15626 (ITLAS, UA),
Reverse DNS
cp5ua.hyperhost.ua
Software
nginx /
Resource Hash
ff322e61aa53961002707be2ba692a3b5b52ba4c6ef69fc623aeb420111f51d4

Request headers

:path
/white_footerBg.gif
pragma
no-cache
cookie
oracle.uix=0^^GMT-0:00^p
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
directaccess.nordstrom.mnsus.com
referer
https://directaccess.nordstrom.mnsus.com/swanEXTN-custom-2_3_6_9-en-gecko.css
:scheme
https
:method
GET
Referer
https://directaccess.nordstrom.mnsus.com/swanEXTN-custom-2_3_6_9-en-gecko.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Mon, 11 Feb 2019 17:07:56 GMT
last-modified
Thu, 25 May 2017 06:49:38 GMT
server
nginx
content-type
image/gif
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
817
expires
Fri, 12 Apr 2019 17:07:56 GMT
blank.html
directaccess.nordstrom.mnsus.com/ Frame 6492
308 B
416 B
Document
General
Full URL
https://directaccess.nordstrom.mnsus.com/blank.html
Requested by
Host: directaccess.nordstrom.mnsus.com
URL: https://directaccess.nordstrom.mnsus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.54.163.133 , Ukraine, ASN15626 (ITLAS, UA),
Reverse DNS
cp5ua.hyperhost.ua
Software
nginx /
Resource Hash
95905df1c963ae38b7178197c406381a713b54e063b34171614695b5ed8d7a24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
directaccess.nordstrom.mnsus.com
:scheme
https
:path
/blank.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://directaccess.nordstrom.mnsus.com/
accept-encoding
gzip, deflate, br
cookie
oracle.uix=0^^GMT-0:00^p
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://directaccess.nordstrom.mnsus.com/

Response headers

status
200
server
nginx
date
Mon, 11 Feb 2019 17:07:56 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Sat, 27 May 2017 13:06:40 GMT
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
HIT
x-server-powered-by
Engintron
content-encoding
gzip

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nordstrom (Fashion)

510 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask string| _UixWindowOpenError string| _LovDA string| _LovDP string| _LovEN string| _LovEV string| _LovFI string| _LovFL string| _LovFR undefined| _LovHR object| _LovIV number| _LovLD object| _LovNM string| _LovPT object| _LovSF string| _LovSR string| _LovST string| _LovWN function| _LovInputVTF function| _lovInputSFE function| _lovInputEEN function| _LovInputOLW function| _LovInputUUP function| _LovInputGPF function| _LovInputMPC function| _LovInputOMW function| _LovInputPWP function| _LovInputWCB function| _LovInputDDP function| _LovInputUAA function| _LovInputSTC function| _LovInputCBF function| _LovInputSBF function| _LovInputENC function| _LovInputQSF function| _LovInputUSF function| _LovInputSFS function| _LovInputSOE undefined| _AD_ERA undefined| _dfLenient undefined| _AH_ERA undefined| _BE_ERA function| _getADEra function| _simpleDateFormat function| _simpleDateParse function| _simpleDateParseImpl function| _getStartTimeOfDay function| _isSkippedTime function| _isStrict function| _isHijrahCal function| _isValidHijrahDate function| _doClumping function| _subformat function| _getLocaleTimeZoneDifferenceInHours function| _subparse function| _fix2DYear function| _matchArray function| _matchText function| _accumulateNumber function| _isPM function| _getPaddedNumber function| SimpleDateFormat function| _getDateFieldFormat function| _fixDFF function| BuddhistDate function| _BuddhistDate_getTime function| _BuddhistDate_getFullYear function| _BuddhistDate_getMonth function| _BuddhistDate_getDate function| _BuddhistDate_getDay function| _BuddhistDate_getHours function| _BuddhistDate_getMinutes function| _BuddhistDate_getSeconds function| _BuddhistDate_getMilliseconds function| _BuddhistDate_getTimezoneOffset function| _BuddhistDate_setTime function| _BuddhistDate_setFullYear function| _BuddhistDate_setMonth function| _BuddhistDate_setDate function| _BuddhistDate_setHours function| _BuddhistDate_setMinutes function| _BuddhistDate_setSeconds function| _BuddhistDate_setMilliseconds function| _noopFormat function| _cjkParse function| CjkFormat function| _utf8Format function| _utf8Parse function| Utf8Format function| _sbParse function| SBFormat function| _setFailedPos function| getTableName function| getTableRow function| getTableElementName function| tableSelectAll function| tableSelectNone function| TableProxy function| _hasSelection function| _getTableValue function| _getSelectedRow function| _getSelectedRows function| _getTableLength function| _getFormElement function| _isMulti function| _selectAll function| _getSelectAll function| _selectNone function| _getSelectNone function| _multiSelect function| _tableProxyToString function| _setSelectedRow number| _THAI_BUDDHA number| _ENGLISH_HIJRAH number| _ARABIC_HIJRAH function| _dfsv function| _returnCalendarValue function| _ldp function| _dfgv function| _getTimePortion function| _getTimePortionInLocaleContextTimeZone function| _getLocaleTimeZoneDifference function| _dfb function| _dff function| _dfa function| _calsd function| _updateCal function| _changeView function| _doCancel function| _selectDate undefined| _savedField1879034 object| _agent undefined| _lastDateSubmitted number| _lastDateReset number| _lastDateValidated number| _lastValidationFailure number| _pprSubmitCount boolean| _pprSomeAction number| _pprRequestCount boolean| _pprUnloaded boolean| _pprBackRestoreInlineScripts boolean| _pprBlocking boolean| _pprBlockLock boolean| _blockOnEverySubmit number| _pprBlockStartTime string| _pprIframeName boolean| _pprFirstClickPass boolean| _alreadyQueuedFirstClick string| _pprdivElementName object| _pprStoredMouseOver object| _pprBlockingTimeout object| _pprEventElement boolean| _pprChoiceChanged undefined| _initialFormState object| _initialFormExclude undefined| _initialFormStateName undefined| _navDirty string| _initialFocusID object| _UixFocusRequestDoc object| _UixFocusRequestID boolean| _UixFocusRequestNext boolean| _blockCheckUnloadFromDialog object| _saveForm object| _saveDoValidate object| _saveParameters boolean| _submitRejected boolean| _inPartialSubmit boolean| _useDynamicFocusSaving undefined| _isSessionCookie function| _atLeast function| _atMost function| _supportsDOM function| _agentInit object| _ieFeatures object| _nnFeatures object| _modelessFeatureOverrides object| _modalFeatureOverrides object| _featureDefaults object| _signedFeatures object| _booleanFeatures function| _getContentWidth function| _getTop function| _sizeWin function| _onModalClickNN object| _mozClickEH function| _onModalClickMoz object| _IE_MOUSE_CAPTURE_EVENTS object| _MODAL_CAP_EVTS function| _captureEventIE function| _addModalCaptureIE function| _removeModalCaptureIE function| _onModalFocus function| _onModalLoseCapture function| t function| openWindow function| _handleResize function| _eatEventCallback function| _getDependents function| _getDependent function| _setDependent function| _getModalDependent function| _getValidModalDependent function| _isModalDependent function| _clearBodyModalEffects function| _unloadUIXDialog function| _checkUnload function| _isModalAbandoned function| _setModalAbandoned function| _focusChanging function| _getKeyValueString function| _dump function| dump function| _validateForm function| _getNextNonCommentSibling function| _valField function| _validationAlert function| _recordValidation function| _recentValidation function| _validateField function| _unvalidateField function| submitForm function| _saveFormForLaterSubmit function| _submitFormCheck function| resetForm function| _resetHiddenValues function| _getValue function| _setSelectIndexById function| _multiValidate function| _isShowing function| _getID function| _getForm function| _getName function| _instanceof function| _getErrorString function| _getValidations function| _getValidationError function| _formatErrorString function| _chain function| _callChained function| _checkLength function| _getElementById function| _findElementById function| _getQuerySeparator function| _addParameter function| _addFormParameter function| _firePCUpdateMaster function| _updateDetailIcon function| _firePartialChange function| _submitPartialChange function| _getPartialParameter function| _setOuterHTML function| _encloseBackQuotes function| _partialUnload function| _partialRedirect function| _pprLibraryStore undefined| _pprLibStore function| _pprExecScript function| _createToLoadArray function| _addLibraryToCache function| _loadScriptLibrariesIE function| _loadScriptLibrariesGecko function| _loadScriptLibraries function| _pprCopyObjectElement function| _partialChange function| _setRequestedFocusNode function| _getRequestedFocusNode function| _getPreviousFocusable function| _getNextFocusable function| _isFocusableOrLink function| _fullChange function| _updateFormActions function| _getParentActiveElement function| _saveActiveElement function| _getNewActiveElement function| _getFirstFocusable function| _restoreFocus function| _getAncestorByName function| _isDescendent function| _isFocusable function| _getCommentedScript function| _eval function| _getDocumentContent function| _fixAllLinks function| _isInExclude function| _getFormState function| isNavDirty function| _addNavExclude function| _submitNav function| _getInputField function| _enterField function| _mouseDown function| _resetOnEscape function| onFocusHandlersInit function| _checkLoad function| _noReload function| _monitorNoReload function| _handleClientEvent function| _getCookie function| _setCookie function| _setUIXCookie function| _getUIXCookie function| _defaultTZ function| _getTimeZoneID function| _monitor function| _getNodeWithAccessKey function| _findAccessKey function| _trimString function| _isEmpty function| _isLTR function| _pprConsumeFirstClick function| _pprControlCapture function| _pprConsumeBlockedEvent function| _waitCursorControl function| _isSubmittingElement function| _mouseHandlerControl function| _mouseOverRestoreBlocking function| _pprConsumeClick function| _pprInstallBlockingHandlers function| _pprStartBlocking function| _pprStopBlocking function| _pprChoiceAction function| _pprChoiceChangeEvent function| _getKC function| _isRecent function| _recentSubmit function| _recentReset function| _pprFocus function| _savePageStateIE function| _saveScripts function| restorePartialPageState function| _setNavDirty function| _radio_uixSpuOnClickHandler function| _storePasswordFields function| _setPasswordFields function| _decimalFormat function| _parseGroupSeparator function| _decimalParse function| DecimalFormat function| _regExpFormat function| _regExpParse function| RegExpFormat function| HijrahDate function| hijdate_getTime function| _getFullYear function| _getMonth function| _getDate function| _getDay function| _getHours function| _getMinutes function| _getSeconds function| _getMilliseconds function| _getTimezoneOffset function| hijdate_setTime function| _setFullYear function| _setMonth function| _setDate function| _setHours function| _setMinutes function| _setSeconds function| _setMilliseconds function| Calendar function| _getTime function| _getTimeInMillis function| _setTime function| _setTimeInMillis function| _get function| _internalGet function| _internalSet function| _set function| _computeTime function| _computeFieldsImpl function| _computeJulianDay function| _timeToFields function| _millisToJulianDay function| _julianDayToMillis function| inherit function| copy_undef_properties function| HijrahCalendar function| hij_isLeapYear function| _setDeviation function| hij_monthDays function| hij_fieldInfo function| hij_yearToJulianDay function| hij_getCurrentEra function| _getCycleNumber function| _getDayOfCycle function| _getYearInCycle function| _getAdjustedCycle function| _getAdjustedMonthDays function| _getDayOfYear function| _getMonthOfYear function| _getDayOfMonth function| Deviation function| _addDeviationAsHijrah undefined| _digits undefined| _decimalSep undefined| _groupingSep function| isDigit function| _getDigits function| parseDigit function| isNotLowerCase function| isLowerCase function| _isLowerCaseStrict function| isUpperCase function| isNotUpperCase function| _isUpperCaseStrict function| isLetter function| getUserLanguage function| getJavaLanguage function| getLocaleSymbols function| _getEras function| _getMonths function| _getShortMonths function| _getWeekdays function| _getShortWeekdays function| _getAmPmStrings function| _getZoneStrings function| _getLocalPatternChars function| _getDecimalSeparator function| _getGroupingSeparator function| _getPatternSeparator function| _getPercent function| _getZeroDigit function| _getDigit function| _getMinusSign function| _getExponential function| _getPerMill function| _getInfinity function| _getNaN function| _getCurrencySymbol function| _getInternationalCurrencySymbol function| _getMonetaryDecimalSeparator function| _getLocaleElements function| _getFullTimePatternString function| _getLongTimePatternString function| _getMediumTimePatternString function| _getShortTimePatternString function| _getFullDatePatternString function| _getLongDatePatternString function| _getMediumDatePatternString function| _getShortDatePatternString function| _getDateTimeFormatString function| LocaleSymbols function| _formatValidate function| Format function| ParseException object| _delayedEventParams object| _radioActionScript object| _radioUserDefScript object| _lastEventTime function| checkSubmit function| ignoreWarnAboutChanges function| oaOpenWin function| oaOpenIMWin function| lov function| kff function| putResult function| getCriteria function| lovClearValue function| aSOnChange function| getValue function| stateCheckCallBack function| checkForPlus function| OnLovChoiceInit function| OnLovInit function| OnLovValidate function| OnLovSelect function| getRowNum function| _LovSelectReturn function| lovAutoClear function| _escapeCarriageReturn function| currval function| RichTextEditorProxy function| _onMouseOver function| _onMouseOut function| _onMouseDown function| _onMouseUp function| getReal function| makeFlat function| makeRaised function| makePressed function| _createHyperlink function| getNode function| _execHTMLCommand function| _setFontBarDropdown function| _insertHTMLTag function| _insertText function| _getField function| _setContentOnBlur function| _insertImageTag function| _setValue function| _setHref function| _viewHtmlSource function| _disableFontDropDowns function| _checkRTEDataLength function| _setMaxLengthAlert function| _getMaxLengthAlert function| launchForm function| _syncIndex function| isBiDi function| onLovValidateCallback undefined| topLoc undefined| _cachedLibs object| _resetDefaultFormNameNames function| _DefaultFormNameValidater function| _submitOnEnter object| doc object| currElement

1 Cookies

Domain/Path Name / Value
.directaccess.nordstrom.mnsus.com/ Name: oracle.uix
Value: 0^^GMT-0:00^p

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block