nordeabrand.com Open in urlscan Pro
185.101.35.66 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nordeabrand.com/
Effective URL:
https://nordeabrand.com/login/
Submission: On June 24 via manual (June 24th 2019, 9:20:11 am UTC) from NO

Summary HTTP 21 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 21 HTTP transactions. The main IP is 185.101.35.66, located in Bodø, Norway and belongs to SERVETHEWORLD-AS, NO. The main domain is nordeabrand.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 22nd 2019. Valid for: 3 months.

This is the only time nordeabrand.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 20	185.101.35.66 185.101.35.66		34989 (SERVETHEW...) (SERVETHEWORLD-AS)
1	23.111.9.35 23.111.9.35		33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
2	2a00:1450:400... 2a00:1450:4001:821::200a		15169 (GOOGLE) (GOOGLE - Google LLC)
21	3

20 185.101.35.66 (Bodø, Norway) 2 redirects

ASN34989 (SERVETHEWORLD-AS, NO)
PTR: vps-66.35.101.185.stwvps.net

nordeabrand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	nordeabrand.com 2 redirects nordeabrand.com	2 MB
2	googleapis.com fonts.googleapis.com	1 KB
1	fontawesome.com use.fontawesome.com	12 KB
21	3

	Domain	Requested by
20	nordeabrand.com	2 redirects nordeabrand.com
2	fonts.googleapis.com	nordeabrand.com
1	use.fontawesome.com	nordeabrand.com
21	3

This site contains links to these domains. Also see Links.

Domain
brand.nordea.com

Subject Issuer	Validity	Valid
nordeabrand.com Let's Encrypt Authority X3	`2019-06-22` - `2019-09-20`	3 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2018-09-17` - `2019-11-21`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nordeabrand.com/login/
Frame ID: DF5DC0B18F2ACE424C83EE802B445DC8
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://nordeabrand.com/ HTTP 301
https://nordeabrand.com/ HTTP 301
https://nordeabrand.com/login/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
html /<!--[^>]+WP Rocket/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
html /<!--[^>]+WP Rocket/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
html /<!--[^>]+WP Rocket/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

WP Rocket (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

html /<!--[^>]+WP Rocket/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

21
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

1705 kB
Transfer

1740 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://brand.nordea.com/login/
Title: https://brand.nordea.com/login/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nordeabrand.com/ HTTP 301
https://nordeabrand.com/ HTTP 301
https://nordeabrand.com/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
nordeabrand.com/login/
Redirect Chain

http://nordeabrand.com/
https://nordeabrand.com/
https://nordeabrand.com/login/

10 KB
10 KB

56ms
55ms

Document
text/html

185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 Bodø, Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx / PHP/7.0.33 PleskLin
Resource Hash: 85fe6e6db40dd1e0a91159ed43989b9f01613e59f97c1f1ec8ffd9d93aeb11fe

Request headers

:method: GET
:authority: nordeabrand.com
:scheme: https
:path: /login/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx
date: Mon, 24 Jun 2019 09:19:34 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.0.33 PleskLin
last-modified: Mon, 24 Jun 2019 08:44:25 GMT

Redirect headers

status: 301
server: nginx
date: Mon, 24 Jun 2019 09:19:34 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.0.33 PleskLin
link: <https://nordeabrand.com/wp-json/>; rel="https://api.w.org/" <https://nordeabrand.com/>; rel=shortlink
x-redirect-by: WordPress
location: /login/

GET
H2 200 5dc39638de63c499b8566117c38b43c9.css
nordeabrand.com/wp-content/cache/min/1/ 959 KB
960 KB 42ms
38ms Stylesheet
text/css 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/cache/min/1/5dc39638de63c499b8566117c38b43c9.css
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 Bodø, Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx / PleskLin
Resource Hash: d5a66580c071ab7e2e138391388ff2b5c0b545ba02805e5c40cb07a77cdc5a35

Request headers

Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 09:19:34 GMT
etag: "5c0a8a5b-efd13"
last-modified: Fri, 07 Dec 2018 14:57:31 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 982291

GET
H2 200 all.css
use.fontawesome.com/releases/v5.2.0/css/ 46 KB
12 KB 11ms
8ms Stylesheet
text/css 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 09:19:54 GMT
content-encoding: gzip
last-modified: Mon, 23 Jul 2018 17:06:58 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"20a9ce516eaea76da29a23adc43e8998"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 jquery.min.js Show response
nordeabrand.com/wp-content/themes/mediasparx/js/ 95 KB
95 KB 114ms
111ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/themes/mediasparx/js/jquery.min.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 Bodø, Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx / PleskLin
Resource Hash: 4574aea110cdaa1cf0c27bc5d0d9364a3c18e7a33a185c87d581c6b159703e01

Request headers

Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 09:19:34 GMT
etag: "59c2c277-17b93"
last-modified: Wed, 20 Sep 2017 19:33:11 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 97171

GET
H2 200 bootstrap.min.js Show response
nordeabrand.com/wp-content/plugins/download-manager/assets/bootstrap/js/ 35 KB
35 KB 114ms
112ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 Bodø, Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx / PleskLin
Resource Hash: 4b9329f540f2a0a583e6b0dff71f0f68d819ca3920c752fdb4e6bb1f88659cab

Request headers

Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 09:19:34 GMT
etag: "5d0a010a-8c73"
last-modified: Wed, 19 Jun 2019 09:31:54 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 35955

GET
H2 200 front-4fc9151512df209c1a370702f89a259d.js Show response
nordeabrand.com/wp-content/cache/min/1/wp-content/plugins/download-manager/assets/js/ 4 KB
4 KB 114ms
112ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/cache/min/1/wp-content/plugins/download-manager/assets/js/front-4fc9151512df209c1a370702f89a259d.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 Bodø, Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx / PleskLin
Resource Hash: 9c4217f3b3ca8f8b65b31329e80a1ec8470a8e693c26185996d087236dc60a36

Request headers

Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 09:19:34 GMT
etag: "5b8bc0b8-e2d"
last-modified: Sun, 02 Sep 2018 10:51:36 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 3629

GET
H2 200 chosen.jquery.min.js Show response
nordeabrand.com/wp-content/plugins/download-manager/assets/js/ 51 KB
51 KB 114ms
112ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/plugins/download-manager/assets/js/chosen.jquery.min.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 Bodø, Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx / PleskLin
Resource Hash: 7373ca9ed2c272959213699ab6c34d53f342a2d01d996ebc543743312911a6dc

Request headers

Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 09:19:34 GMT
etag: "5d0a010a-cbc3"
last-modified: Wed, 19 Jun 2019 09:31:54 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 52163

GET
H2 200 settings.min.js Show response
nordeabrand.com/wp-content/plugins/miniorange-saml-20-single-sign-on/includes/js/ 4 KB
4 KB 114ms
112ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/plugins/miniorange-saml-20-single-sign-on/includes/js/settings.min.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 Bodø, Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx / PleskLin
Resource Hash: 08c7529703404345633f9aa60bf56880c8ba77fce54b75ee289553f011b8dcba

Request headers

Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 09:19:34 GMT
etag: "59c2c271-e33"
last-modified: Wed, 20 Sep 2017 19:33:05 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 3635

GET
H2 200 css
fonts.googleapis.com/ 3 KB
574 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:821::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:400,500

Requested by

Host: nordeabrand.com
URL: https://nordeabrand.com/login/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

207f226fbf688f1046489294fe91a979ada6d2b3ee0a3855e2aba280c0b73263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 24 Jun 2019 09:19:54 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 24 Jun 2019 09:19:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 24 Jun 2019 09:19:54 GMT

GET
H2 200 nordea-logo.png
nordeabrand.com/wp-content/themes/nordea2/assets/ 3 KB
3 KB 114ms
113ms Image
image/png 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nordeabrand.com/wp-content/themes/nordea2/assets/nordea-logo.png
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 Bodø, Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx / PleskLin
Resource Hash: fc9108714b1c723cf60472dbf17dde24a8be0b539983b8741eb1a8b3b0274860

Request headers

Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 09:19:34 GMT
etag: "59c2c277-a69"
last-modified: Wed, 20 Sep 2017 19:33:11 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 2665

GET
H2 200 search-c92452224390d21105c5d4bd3a5d39c1.js Show response
nordeabrand.com/wp-content/cache/min/1/wp-content/themes/mediasparx/js/ 905 B
1 KB 114ms
113ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/cache/min/1/wp-content/themes/mediasparx/js/search-c92452224390d21105c5d4bd3a5d39c1.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 Bodø, Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx / PleskLin
Resource Hash: 732714830fc4da497bc78f48733e9950dd2aaaf7c6f105b88afae2c48c0e2c4f

Request headers

Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 09:19:34 GMT
etag: "5b8bc0b8-389"
last-modified: Sun, 02 Sep 2018 10:51:36 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 905

GET
H2 200 comment-collapse-4859f6c3c127b0071b64ce9921c9fe49.js Show response
nordeabrand.com/wp-content/cache/min/1/wp-content/themes/nordea2/js/ 440 B
588 B 84ms
84ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/cache/min/1/wp-content/themes/nordea2/js/comment-collapse-4859f6c3c127b0071b64ce9921c9fe49.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 Bodø, Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx / PleskLin
Resource Hash: 88148fde4004bd4c77e3ffabc80c965ac8360f87cacce1e176a4de29978822ff

Request headers

Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 09:19:34 GMT
etag: "5b8bc0b8-1b8"
last-modified: Sun, 02 Sep 2018 10:51:36 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 440

GET
H2 200 gravity-forms-plugin-8cd7d3981a0bb13fe39dd19896b9937c.js Show response
nordeabrand.com/wp-content/cache/min/1/wp-content/themes/mediasparx/js/ 2 KB
2 KB 58ms
58ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/cache/min/1/wp-content/themes/mediasparx/js/gravity-forms-plugin-8cd7d3981a0bb13fe39dd19896b9937c.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 Bodø, Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx / PleskLin
Resource Hash: 851adad68aef0f23b15ef7009e978eaac1e00044c88b939eea09748f5c0921a8

Request headers

Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 09:19:34 GMT
etag: "5b8bc0b8-868"
last-modified: Sun, 02 Sep 2018 10:51:36 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 2152

GET
H2 200 jquery.form.min.js Show response
nordeabrand.com/wp-includes/js/jquery/ 16 KB
16 KB 40ms
39ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-includes/js/jquery/jquery.form.min.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 Bodø, Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx / PleskLin
Resource Hash: ee1a97f49961f87c6aa495dca24759a1ca097b3c8612401e45c09248fae2fffa

Request headers

Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 09:19:34 GMT
etag: "5c6f2d7b-4028"
last-modified: Thu, 21 Feb 2019 23:00:11 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 16424

GET
H2 200 bootstrap.min.js Show response
nordeabrand.com/wp-content/themes/mediasparx/js/ 36 KB
36 KB 42ms
41ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/themes/mediasparx/js/bootstrap.min.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 Bodø, Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx / PleskLin
Resource Hash: dbbc745f0d154d595f1f83beaf73ea90834b89e84decce565db64b0ba634dbbc

Request headers

Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 09:19:34 GMT
etag: "59c2c277-90bf"
last-modified: Wed, 20 Sep 2017 19:33:11 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 37055

GET
H2 200 responsive-menu-pro-1-e4565036b5f794f1bb0ce4958f2d48e1.js Show response
nordeabrand.com/wp-content/cache/min/1/wp-content/uploads/responsive-menu-pro/js/ 3 KB
3 KB 38ms
37ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/cache/min/1/wp-content/uploads/responsive-menu-pro/js/responsive-menu-pro-1-e4565036b5f794f1bb0ce4958f2d48e1.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 Bodø, Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx / PleskLin
Resource Hash: 529c374e449a2c6d7254add219913c3ed99e21cde81eeea330c3e52feaeff304

Request headers

Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 09:19:34 GMT
etag: "5b8bc0b8-b93"
last-modified: Sun, 02 Sep 2018 10:51:36 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 2963

GET
H2 200 js_composer_front.min.js Show response
nordeabrand.com/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
20 KB 40ms
39ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 Bodø, Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx / PleskLin
Resource Hash: 43cdf46f331fec5ba92e402e3d5cad473099892cbdafca02e607cd03705104bf

Request headers

Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 09:19:34 GMT
etag: "5d0aa9bd-5079"
last-modified: Wed, 19 Jun 2019 21:31:41 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 20601

GET
H2 200 css
fonts.googleapis.com/ 4 KB
590 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:821::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans:400,600,700

Requested by

Host: nordeabrand.com
URL: https://nordeabrand.com/login/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

6a1002684e69477160f15c0d29e1de13169293921907b0ef56421cb87c8d189c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 24 Jun 2019 09:19:55 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 24 Jun 2019 09:19:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 24 Jun 2019 09:19:55 GMT

GET
H2 200 login-cover-2.jpg
nordeabrand.com/wp-content/themes/nordea2/assets/ 397 KB
397 KB 44ms
41ms Image
image/jpeg 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nordeabrand.com/wp-content/themes/nordea2/assets/login-cover-2.jpg
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 Bodø, Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx / PleskLin
Resource Hash: b81d53d7bb1d1d05d82955c9e958ded00f48eebbc72aa64bd9ca37933c8cc882

Request headers

Referer: https://nordeabrand.com/wp-content/cache/min/1/5dc39638de63c499b8566117c38b43c9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 09:19:34 GMT
etag: "59c2c277-63374"
last-modified: Wed, 20 Sep 2017 19:33:11 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 406388

GET
H2 200 NordeaSansLarge-Medium.woff2
nordeabrand.com/wp-content/themes/nordea2/assets/fonts/ 27 KB
27 KB 40ms
39ms Font
application/octet-stream 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/themes/nordea2/assets/fonts/NordeaSansLarge-Medium.woff2
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 Bodø, Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx / PleskLin
Resource Hash: 1084fee790a347896f8f0d5fa521211d9789f6ab250940b5bd402aa052d5e245

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://nordeabrand.com/wp-content/cache/min/1/5dc39638de63c499b8566117c38b43c9.css
Origin: https://nordeabrand.com

Response headers

date: Mon, 24 Jun 2019 09:19:34 GMT
etag: "59c2c277-6b38"
last-modified: Wed, 20 Sep 2017 19:33:11 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/octet-stream
status: 200
accept-ranges: bytes
content-length: 27448

GET
H2 200 NordeaSansSmall-Regular.woff2
nordeabrand.com/wp-content/themes/nordea2/assets/fonts/ 26 KB
26 KB 41ms
40ms Font
application/octet-stream 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/themes/nordea2/assets/fonts/NordeaSansSmall-Regular.woff2
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 Bodø, Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx / PleskLin
Resource Hash: a93f6086756b2a2e94db8aaf795faab950a315cd9a8e32c5b0df707636dedfff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://nordeabrand.com/wp-content/cache/min/1/5dc39638de63c499b8566117c38b43c9.css
Origin: https://nordeabrand.com

Response headers

date: Mon, 24 Jun 2019 09:19:34 GMT
etag: "59c2c277-6734"
last-modified: Wed, 20 Sep 2017 19:33:11 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/octet-stream
status: 200
accept-ranges: bytes
content-length: 26420

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| jQuery112408521060568804948 function| hideLockFrame function| getlicensekeysform string| wpdm_site_url string| wpdm_home_url string| ajax_url string| wpdm_ajax_url string| wpdm_ajax_popup function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
nordeabrand.com
use.fontawesome.com
185.101.35.66
23.111.9.35
2a00:1450:4001:821::200a
08c7529703404345633f9aa60bf56880c8ba77fce54b75ee289553f011b8dcba
1084fee790a347896f8f0d5fa521211d9789f6ab250940b5bd402aa052d5e245
207f226fbf688f1046489294fe91a979ada6d2b3ee0a3855e2aba280c0b73263
43cdf46f331fec5ba92e402e3d5cad473099892cbdafca02e607cd03705104bf
4574aea110cdaa1cf0c27bc5d0d9364a3c18e7a33a185c87d581c6b159703e01
4b9329f540f2a0a583e6b0dff71f0f68d819ca3920c752fdb4e6bb1f88659cab
529c374e449a2c6d7254add219913c3ed99e21cde81eeea330c3e52feaeff304
6a1002684e69477160f15c0d29e1de13169293921907b0ef56421cb87c8d189c
732714830fc4da497bc78f48733e9950dd2aaaf7c6f105b88afae2c48c0e2c4f
7373ca9ed2c272959213699ab6c34d53f342a2d01d996ebc543743312911a6dc
851adad68aef0f23b15ef7009e978eaac1e00044c88b939eea09748f5c0921a8
85fe6e6db40dd1e0a91159ed43989b9f01613e59f97c1f1ec8ffd9d93aeb11fe
88148fde4004bd4c77e3ffabc80c965ac8360f87cacce1e176a4de29978822ff
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
9c4217f3b3ca8f8b65b31329e80a1ec8470a8e693c26185996d087236dc60a36
a93f6086756b2a2e94db8aaf795faab950a315cd9a8e32c5b0df707636dedfff
b81d53d7bb1d1d05d82955c9e958ded00f48eebbc72aa64bd9ca37933c8cc882
d5a66580c071ab7e2e138391388ff2b5c0b545ba02805e5c40cb07a77cdc5a35
dbbc745f0d154d595f1f83beaf73ea90834b89e84decce565db64b0ba634dbbc
ee1a97f49961f87c6aa495dca24759a1ca097b3c8612401e45c09248fae2fffa
fc9108714b1c723cf60472dbf17dde24a8be0b539983b8741eb1a8b3b0274860