onlyvan.no Open in urlscan Pro
94.231.109.8 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onlyvan.no/
Submission: On June 10 via api (June 10th 2024, 6:37:32 am UTC) from US — Scanned from NO

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 13 HTTP transactions. The main IP is 94.231.109.8, located in Denmark and belongs to TEAM-BLUE-DENMARK, DK. The main domain is onlyvan.no.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 9th 2024. Valid for: a year.

This is the only time onlyvan.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	94.231.109.8 94.231.109.8	48854 (TEAM-BLUE...) (TEAM-BLUE-DENMARK)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f27... 2a03:2880:f277:1e8:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
13	8

6 94.231.109.8 (Denmark)

ASN48854 (TEAM-BLUE-DENMARK, DK)
PTR: nt5.unoeuro.com

onlyvan.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f277:1e8:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	onlyvan.no onlyvan.no	7 MB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 461 fonts.googleapis.com — Cisco Umbrella Rank: 70	31 KB
1	gstatic.com fonts.gstatic.com	21 KB
1	instagram.com www.instagram.com — Cisco Umbrella Rank: 1694
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 824	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 260	16 KB
0	paypalobjects.com Failed www.paypalobjects.com Failed
13	7

	Domain	Requested by
6	onlyvan.no	onlyvan.no
1	fonts.gstatic.com	fonts.googleapis.com
1	www.instagram.com	onlyvan.no
1	fonts.googleapis.com	onlyvan.no
1	code.jquery.com	onlyvan.no
1	ajax.googleapis.com	onlyvan.no
1	cdnjs.cloudflare.com	onlyvan.no
0	www.paypalobjects.com Failed	onlyvan.no
13	8

This site contains no links.

Subject Issuer	Validity	Valid
*.onlyvan.no Sectigo RSA Domain Validation Secure Server CA	`2024-06-09` - `2025-06-10`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2024-03-19` - `2024-06-17`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://onlyvan.no/
Frame ID: 76BBC5BF7E4E16EA59B72598E2FF5AF7
Requests: 12 HTTP requests in this frame

Frame: https://www.instagram.com/onlyvan.no/embed/
Frame ID: 51BFCE8BA9BE05C39D99EC5C49E04169
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OnlyVan

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

92 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

8
IPs

4
Countries

6905 kB
Transfer

7079 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://www.paypal.com/no_NO/i/scr/pixel.gif HTTP 301
https://www.paypalobjects.com/no_NO/i/scr/pixel.gif

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
onlyvan.no/ 6 KB
2 KB 558ms
359ms Document
text/html 94.231.109.8
TEAM-BLUE-DENMARK

General

Check archive.org

Show headers Download Go to

Full URL: https://onlyvan.no/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 94.231.109.8 , Denmark, ASN48854 (TEAM-BLUE-DENMARK, DK),
Reverse DNS: nt5.unoeuro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 85ccb9b8f0a05bc98d59d8ced8c48c5c3e797c8748e9793091a72e13dc308b40

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private
content-encoding: gzip
content-length: 2172
content-type: text/html
date: Mon, 10 Jun 2024 06:37:27 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-powered-by: ASP.NET

GET
H3 200 mqttws31.js Show response
cdnjs.cloudflare.com/ajax/libs/paho-mqtt/1.0.1/ 79 KB
16 KB 119ms
62ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/paho-mqtt/1.0.1/mqttws31.js

Requested by

Host: onlyvan.no
URL: https://onlyvan.no/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8195c2b1a3fc8c72f84e71bc9c76c25aaf745466b2fa29878e2e7cf32d705bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlyvan.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 295749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16180
last-modified: Mon, 04 May 2020 16:13:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f40-13b60"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZyTaUtXmDv2FiFt560M7sw%2FVFZ1nsLfyzk%2F%2FYgvSjE6IsahScGW8AMo8z87VpxSZ9SxxPtAEfauRQwRATDAzgZWJz4B0Gnb4LcF4TdYGZjr%2BrHxcx7VrgTnF6xC5Vb2dE3iDAWoY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89175a598c470a2b-ARN
expires: Sat, 31 May 2025 06:37:27 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
30 KB 232ms
71ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: onlyvan.no
URL: https://onlyvan.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlyvan.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 04:17:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Jun 2025 04:17:06 GMT

GET
H2 200 jquery-3.0.0.min.js Show response
code.jquery.com/ 84 KB
30 KB 146ms
45ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.0.0.min.js
Requested by: Host: onlyvan.no
URL: https://onlyvan.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlyvan.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:37:27 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 23199250
x-cache: HIT, HIT
content-length: 29995
x-served-by: cache-lga13625-LGA, cache-bma1628-BMA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1718001448.967342,VS0,VE0
etag: W/"28feccc0-15145"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 52, 11525

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 230ms
81ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Codystar&MonteCarlo:wght@300&family=Roboto+Condensed&family=Margarine&family=Caveat&family=Allison&display=swap

Requested by

Host: onlyvan.no
URL: https://onlyvan.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

09712444baaf3c3aee710ea5d0dc576cb7c574552edc6d61c931c6f8d77f7152

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlyvan.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Jun 2024 06:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Jun 2024 06:37:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jun 2024 06:37:28 GMT

GET
H2 200 ll_plate.png
onlyvan.no/img/ 220 KB
220 KB 269ms
267ms Image
image/png 94.231.109.8
TEAM-BLUE-DENMARK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlyvan.no/img/ll_plate.png
Requested by: Host: onlyvan.no
URL: https://onlyvan.no/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 94.231.109.8 , Denmark, ASN48854 (TEAM-BLUE-DENMARK, DK),
Reverse DNS: nt5.unoeuro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 754fcb6096789a3ab6ead02e973fefd2e2089c5dd163da43707f8e6d0d296443

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlyvan.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:37:27 GMT
last-modified: Sun, 09 Jun 2024 12:53:50 GMT
server: Microsoft-IIS/10.0
etag: "ac92f136cbada1:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 225462

GET

pixel.gif
www.paypalobjects.com/no_NO/i/scr/
Redirect Chain

https://www.paypal.com/no_NO/i/scr/pixel.gif
https://www.paypalobjects.com/no_NO/i/scr/pixel.gif

0
0

GET
H2 200 img6.png
onlyvan.no/img/ 6 MB
6 MB 78ms
77ms Image
image/png 94.231.109.8
TEAM-BLUE-DENMARK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlyvan.no/img/img6.png
Requested by: Host: onlyvan.no
URL: https://onlyvan.no/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 94.231.109.8 , Denmark, ASN48854 (TEAM-BLUE-DENMARK, DK),
Reverse DNS: nt5.unoeuro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bbe0127d083dae80ca384fe31d8ae18d350c0c62c0153f64feefbb0ef719b3f3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlyvan.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:37:27 GMT
last-modified: Sun, 09 Jun 2024 12:53:50 GMT
server: Microsoft-IIS/10.0
etag: "95347136cbada1:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 6335010

GET
H3 200 donate.png
onlyvan.no/img/ 74 KB
74 KB 68ms
66ms Image
image/png 94.231.109.8
TEAM-BLUE-DENMARK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlyvan.no/img/donate.png
Requested by: Host: onlyvan.no
URL: https://onlyvan.no/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 94.231.109.8 , Denmark, ASN48854 (TEAM-BLUE-DENMARK, DK),
Reverse DNS: nt5.unoeuro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9a604cd0d95466c538dc262d42623f55a1e20f359c84eb20a5504c0f420b13b4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlyvan.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:37:27 GMT
last-modified: Sun, 09 Jun 2024 12:53:46 GMT
server: Microsoft-IIS/10.0
etag: "9971ed106cbada1:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 76080

GET
H3 200 lille.png
onlyvan.no/img/ 111 KB
111 KB 218ms
217ms Image
image/png 94.231.109.8
TEAM-BLUE-DENMARK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlyvan.no/img/lille.png
Requested by: Host: onlyvan.no
URL: https://onlyvan.no/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 94.231.109.8 , Denmark, ASN48854 (TEAM-BLUE-DENMARK, DK),
Reverse DNS: nt5.unoeuro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e4f8b5604a8e855aab13f3fb2973037015e4e480a10e158fc2c905843823ca10

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlyvan.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:37:27 GMT
last-modified: Sun, 09 Jun 2024 12:53:50 GMT
server: Microsoft-IIS/10.0
etag: "c12825136cbada1:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 113521

GET
H2 200 /
www.instagram.com/onlyvan.no/embed/ Frame 51BF 0
0 912ms
771ms Document
text/html 2a03:2880:f277:1e8:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/onlyvan.no/embed/

Requested by

Host: onlyvan.no
URL: https://onlyvan.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f277:1e8:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src .facebook.com .fbcdn.net .instagram.com data: blob:;script-src .instagram.com static.cdninstagram.com .facebook.com .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .instagram.com static.cdninstagram.com data: blob: 'unsafe-inline' .fbcdn.net .facebook.com;connect-src .instagram.com wss://edge-chat.instagram.com connect.facebook.net .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: blob: .cdninstagram.com wss://.instagram.com:* 'self';font-src .instagram.com static.cdninstagram.com data: .fbcdn.net .intern.facebook.com .facebook.com;img-src .instagram.com .facebook.com .fbcdn.net data: .cdninstagram.com .whatsapp.net blob: .fbsbx.com android-webview-video-poster: .oculuscdn.com;media-src .facebook.com .fbcdn.net .instagram.com .cdninstagram.com cdn.fbsbx.com data: blob:;frame-src .instagram.com .facebook.com .fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer: https://onlyvan.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.instagram.com static.cdninstagram.com *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.instagram.com static.cdninstagram.com data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com;connect-src *.instagram.com wss://edge-chat.instagram.com connect.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.cdninstagram.com wss://*.instagram.com:* 'self';font-src *.instagram.com static.cdninstagram.com data: *.fbcdn.net *.intern.facebook.com *.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: *.cdninstagram.com *.whatsapp.net blob: *.fbsbx.com android-webview-video-poster: *.oculuscdn.com;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.instagram.com static.cdninstagram.com *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.instagram.com static.cdninstagram.com data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com;connect-src *.instagram.com wss://edge-chat.instagram.com connect.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.cdninstagram.com wss://*.instagram.com:* 'self';font-src *.instagram.com static.cdninstagram.com data: *.fbcdn.net *.intern.facebook.com *.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: *.cdninstagram.com blob: *.fbsbx.com android-webview-video-poster:;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;worker-src *.instagram.com/static_resources/webworker_v1/init_script/ *.instagram.com/static_resources/webworker/init_script/ *.instagram.com/static_resources/sharedworker/init_script/ *.instagram.com/www-service-worker.js;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: same-origin
date: Mon, 10 Jun 2024 06:37:28 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(self), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(self), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
strict-transport-security: max-age=31536000; preload; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: zMMwvxAP1S6+oswNFJmOc7Ggm3iBBjhUzE700BYMAEnmrajQQn08vegcB/tEsFcqxQ4YAiJB71CDRZXjRg838w==
x-stack: www
x-xss-protection: 0

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 20 KB
21 KB 217ms
68ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Codystar&MonteCarlo:wght@300&family=Roboto+Condensed&family=Margarine&family=Caveat&family=Allison&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://onlyvan.no
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:06:48 GMT
x-content-type-options: nosniff
age: 271840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20824
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 03:06:48 GMT

GET
H3 200 img6.ico
onlyvan.no/ico/ 208 KB
208 KB 117ms
117ms Other
image/x-icon 94.231.109.8
TEAM-BLUE-DENMARK

General

Check archive.org

Show headers Download Go to

Full URL: https://onlyvan.no/ico/img6.ico
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 94.231.109.8 , Denmark, ASN48854 (TEAM-BLUE-DENMARK, DK),
Reverse DNS: nt5.unoeuro.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fafba1c1a2a884f4ed99b5f9ff67e4702a611665a0f937ed2a5978b411cff79a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlyvan.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:37:29 GMT
last-modified: Sun, 09 Jun 2024 12:53:50 GMT
server: Microsoft-IIS/10.0
etag: "e8f285136cbada1:0"
x-powered-by: ASP.NET
content-type: image/x-icon
accept-ranges: bytes
content-length: 213374

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.paypalobjects.com
URL: https://www.paypalobjects.com/no_NO/i/scr/pixel.gif

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| Paho function| $ function| jQuery

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
onlyvan.no/	1969-12-31 23:59:59	Name: ASPSESSIONIDCEBSTBST Value: DENDJPEDAMLOOGJKMGPNEFCI
.paypal.com/	1970-01-21 06:49:21	Name: ts Value: vreXpYrS%3D1812609448%26vteXpYrS%3D1718003248%26vr%3D00ddb5f61900a555f852cd4cfb48ba8a%26vt%3D00ddb5f61900a555f852cd4cfb48ba89%26vtyp%3Dnew
.paypal.com/	1970-01-21 06:49:21	Name: ts_c Value: vr%3D00ddb5f61900a555f852cd4cfb48ba8a%26vt%3D00ddb5f61900a555f852cd4cfb48ba89

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://onlyvan.no/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://onlyvan.no/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
onlyvan.no
www.instagram.com
www.paypalobjects.com
www.paypalobjects.com
104.17.25.14
2a00:1450:4001:806::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:830::200a
2a03:2880:f277:1e8:face:b00c:0:4420
2a04:4e42:600::649
94.231.109.8
09712444baaf3c3aee710ea5d0dc576cb7c574552edc6d61c931c6f8d77f7152
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
754fcb6096789a3ab6ead02e973fefd2e2089c5dd163da43707f8e6d0d296443
85ccb9b8f0a05bc98d59d8ced8c48c5c3e797c8748e9793091a72e13dc308b40
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
9a604cd0d95466c538dc262d42623f55a1e20f359c84eb20a5504c0f420b13b4
bbe0127d083dae80ca384fe31d8ae18d350c0c62c0153f64feefbb0ef719b3f3
e4f8b5604a8e855aab13f3fb2973037015e4e480a10e158fc2c905843823ca10
e8195c2b1a3fc8c72f84e71bc9c76c25aaf745466b2fa29878e2e7cf32d705bb
fafba1c1a2a884f4ed99b5f9ff67e4702a611665a0f937ed2a5978b411cff79a

onlyvan.no Open in urlscan Pro 94.231.109.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

92 %HTTPS

71 %IPv6

7 Domains

8 Subdomains

8 IPs

4 Countries

6905 kBTransfer

7079 kBSize

3 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

3 Cookies

2 Console Messages

Indicators

onlyvan.no Open in urlscan Pro
94.231.109.8 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

8
IPs

4
Countries

6905 kB
Transfer

7079 kB
Size

3
Cookies

13 HTTP transactions
0 data transactions