urlscan.io logo urlscan.io
SecurityTrails logo

skatteetateennoo.firebaseapp.com Open in urlscan Pro
2620:0:890::100  Public Scan

Go To Rescan Add Verdict Report
URL: https://skatteetateennoo.firebaseapp.com/
Submission: On November 01 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 2620:0:890::100, located in United States and belongs to FASTLY, US. The main domain is skatteetateennoo.firebaseapp.com.
TLS certificate: Issued by GTS CA 1D4 on September 11th 2023. Valid for: 3 months.
This is the only time skatteetateennoo.firebaseapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2620:0:890::100 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 213.239.209.195 24940 (HETZNER-AS)
8 3
Domain Requested by
6 skatteetateennoo.firebaseapp.com skatteetateennoo.firebaseapp.com
1 grythm.com skatteetateennoo.firebaseapp.com
1 www.skatteetaten.no skatteetateennoo.firebaseapp.com
8 3

This site contains no links.

Subject Issuer Validity Valid
firebaseapp.com
GTS CA 1D4		 2023-09-11 -
2023-12-10		 3 months crt.sh
www.skatteetaten.no
DigiCert EV RSA CA G2		 2023-05-10 -
2024-05-09		 a year crt.sh
grythm.com
R3		 2023-10-01 -
2023-12-30		 3 months crt.sh

This page contains 1 frames:

Frame: https://grythm.com/.red/
Frame ID: CDE5FCA25CD4912CF2FB64607B0FAE67
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

8
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

31 kB
Transfer

203 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
skatteetateennoo.firebaseapp.com/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://skatteetateennoo.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aba3ae3c457d0c90ae60b4a86af9b1dccce76c0d3aae5911c12a270c25f79352
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
687
content-type
text/html; charset=utf-8
date
Wed, 01 Nov 2023 05:32:08 GMT
etag
"263a6cbfadd76a12aeba7f62d8142780f7bbb5dfa6707a97ec6e03f90eb19e4f-br"
last-modified
Fri, 27 Oct 2023 15:15:42 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
1
x-served-by
cache-fra-eddf8230127-FRA
x-timer
S1698816728.362503,VS0,VE1
loading.css
skatteetateennoo.firebaseapp.com/oo_files/ 		198 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skatteetateennoo.firebaseapp.com/oo_files/loading.css
Requested by
Host: skatteetateennoo.firebaseapp.com
URL: https://skatteetateennoo.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eee0de974dc453065f99ef24913aad33ed87c19841d8b1269786e27378fcb53b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skatteetateennoo.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230127-FRA
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Wed, 01 Nov 2023 05:32:08 GMT
last-modified
Fri, 27 Oct 2023 15:15:42 GMT
x-timer
S1698816728.374285,VS0,VE1
etag
"794448b6aca586349ed0c9e12fe3337a1b30f771a4c760709315194568205e3c-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
27153
x-cache-hits
1
favicon144x144.png
www.skatteetaten.no/static/img/skatteetatenlogo/fav-icon/144x144/png/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.skatteetaten.no/static/img/skatteetatenlogo/fav-icon/144x144/png/favicon144x144.png
Requested by
Host: skatteetateennoo.firebaseapp.com
URL: https://skatteetateennoo.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d17b1c9cb68bb12ae45e71756a5b1399a476ba223863bf07b63fd4342d05f92
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://uxsignals-frontend.uxsignals.app.iterate.no *.hereapi.com *.api.here.com *.adobe.com *.boost.ai *.episerver.net *.sits.no https://*.vergic.com https://*.psplugin.com blob: https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://region1.google-analytics.com https://ajax.cloudflare.com https://chat.puzzel.com https://siteimproveanalytics.com 'unsafe-inline' 'unsafe-eval'; media-src https://chat.puzzel.com 'self'; style-src 'self' *.api.here.com https://tagmanager.google.com https://dl.episerver.net https://chat.puzzel.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.vergic.com https://*.psplugin.com 'unsafe-inline'; connect-src 'self' blob: *.hereapi.com *.api.here.com *.skatteetaten.no *.sits.no https://*.boost.ai https://api.uxsignals.com https://chat.puzzel.com https://www.google-analytics.com https://region1.google-analytics.com https://*.psplugin.com https://*.vergic.com wss://*.psplugin.com wss://*.vergic.com wss:;form-action 'self';font-src https://*.psplugin.com *.api.here.com https://fonts.googleapis.com https://fonts.gstatic.com https://chat.puzzel.com https://static2.sharepointonline.com 'self'; img-src 'self' blob: data: www.google-analytics.com *.adobe.com *.api.here.com *.gstatic.com https://purecatamphetamine.github.io https://www.googletagmanager.com https://mts.googleapis.com https://dl.episerver.net *.global.siteimproveanalytics.io *.sits.no https://*.psplugin.com https://img.freepik.com/free-vector/businessman-character-avatar-isolated_24877-60111.jpg https://*.vergic.com data:; object-src 'self'; frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https: kompensasjonsordning.no *.kompensasjonsordning.no
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skatteetateennoo.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 05:32:08 GMT
strict-transport-security
max-age=31536000; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://uxsignals-frontend.uxsignals.app.iterate.no *.hereapi.com *.api.here.com *.adobe.com *.boost.ai *.episerver.net *.sits.no https://*.vergic.com https://*.psplugin.com blob: https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://region1.google-analytics.com https://ajax.cloudflare.com https://chat.puzzel.com https://siteimproveanalytics.com 'unsafe-inline' 'unsafe-eval'; media-src https://chat.puzzel.com 'self'; style-src 'self' *.api.here.com https://tagmanager.google.com https://dl.episerver.net https://chat.puzzel.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.vergic.com https://*.psplugin.com 'unsafe-inline'; connect-src 'self' blob: *.hereapi.com *.api.here.com *.skatteetaten.no *.sits.no https://*.boost.ai https://api.uxsignals.com https://chat.puzzel.com https://www.google-analytics.com https://region1.google-analytics.com https://*.psplugin.com https://*.vergic.com wss://*.psplugin.com wss://*.vergic.com wss:;form-action 'self';font-src https://*.psplugin.com *.api.here.com https://fonts.googleapis.com https://fonts.gstatic.com https://chat.puzzel.com https://static2.sharepointonline.com 'self'; img-src 'self' blob: data: www.google-analytics.com *.adobe.com *.api.here.com *.gstatic.com https://purecatamphetamine.github.io https://www.googletagmanager.com https://mts.googleapis.com https://dl.episerver.net *.global.siteimproveanalytics.io *.sits.no https://*.psplugin.com https://img.freepik.com/free-vector/businessman-character-avatar-isolated_24877-60111.jpg https://*.vergic.com data:; object-src 'self'; frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https: kompensasjonsordning.no *.kompensasjonsordning.no
cf-cache-status
HIT
age
576474
alt-svc
h3=":443"; ma=86400
content-length
1661
x-xss-protection
1; mode=block
request-context
appId=cid-v1:a5c522df-3967-46be-a865-b6ba3972561f
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 27 Feb 2018 09:05:20 GMT
server
cloudflare
etag
"08a717aaafd31:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://skatteetaten.psplugin.com
access-control-expose-headers
Request-Context
cache-control
public,max-age=2592000
accept-ranges
bytes
x-robots-tag
all
cf-ray
81f1c168aaf7915e-FRA
PFDinDisplayPro-Light.23cdddacd0d56977093551f2faea9a13.woff2
skatteetateennoo.firebaseapp.com/oo_files/images/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://skatteetateennoo.firebaseapp.com/oo_files/images/PFDinDisplayPro-Light.23cdddacd0d56977093551f2faea9a13.woff2
Requested by
Host: skatteetateennoo.firebaseapp.com
URL: https://skatteetateennoo.firebaseapp.com/oo_files/loading.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://skatteetateennoo.firebaseapp.com/oo_files/loading.css
Origin
https://skatteetateennoo.firebaseapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230051-FRA
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Wed, 01 Nov 2023 05:32:08 GMT
last-modified
Fri, 27 Oct 2023 15:15:42 GMT
x-timer
S1698816728.394937,VS0,VE1
etag
"05cbc6f94d7a69ce2e29646eab13be2c884e61ba93e3094df5028866876d18b3"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
853
x-cache-hits
1
PFDinDisplayPro-Regular.840952ed9468a2c7444f89b6f748e734.woff2
skatteetateennoo.firebaseapp.com/oo_files/images/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://skatteetateennoo.firebaseapp.com/oo_files/images/PFDinDisplayPro-Regular.840952ed9468a2c7444f89b6f748e734.woff2
Requested by
Host: skatteetateennoo.firebaseapp.com
URL: https://skatteetateennoo.firebaseapp.com/oo_files/loading.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://skatteetateennoo.firebaseapp.com/oo_files/loading.css
Origin
https://skatteetateennoo.firebaseapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230051-FRA
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Wed, 01 Nov 2023 05:32:08 GMT
last-modified
Fri, 27 Oct 2023 15:15:42 GMT
x-timer
S1698816728.395728,VS0,VE1
etag
"05cbc6f94d7a69ce2e29646eab13be2c884e61ba93e3094df5028866876d18b3"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
853
x-cache-hits
1
PFDinDisplayPro-Light.9a5171a196de11651813859c360f195f.woff
skatteetateennoo.firebaseapp.com/oo_files/images/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://skatteetateennoo.firebaseapp.com/oo_files/images/PFDinDisplayPro-Light.9a5171a196de11651813859c360f195f.woff
Requested by
Host: skatteetateennoo.firebaseapp.com
URL: https://skatteetateennoo.firebaseapp.com/oo_files/loading.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://skatteetateennoo.firebaseapp.com/oo_files/loading.css
Origin
https://skatteetateennoo.firebaseapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230051-FRA
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Wed, 01 Nov 2023 05:32:08 GMT
last-modified
Fri, 27 Oct 2023 15:15:42 GMT
x-timer
S1698816728.403750,VS0,VE1
etag
"05cbc6f94d7a69ce2e29646eab13be2c884e61ba93e3094df5028866876d18b3"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
853
x-cache-hits
1
PFDinDisplayPro-Regular.21be48ba435316c8a4cd39438cd89083.woff
skatteetateennoo.firebaseapp.com/oo_files/images/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://skatteetateennoo.firebaseapp.com/oo_files/images/PFDinDisplayPro-Regular.21be48ba435316c8a4cd39438cd89083.woff
Requested by
Host: skatteetateennoo.firebaseapp.com
URL: https://skatteetateennoo.firebaseapp.com/oo_files/loading.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://skatteetateennoo.firebaseapp.com/oo_files/loading.css
Origin
https://skatteetateennoo.firebaseapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230051-FRA
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Wed, 01 Nov 2023 05:32:08 GMT
last-modified
Fri, 27 Oct 2023 15:15:42 GMT
x-timer
S1698816728.403886,VS0,VE1
etag
"05cbc6f94d7a69ce2e29646eab13be2c884e61ba93e3094df5028866876d18b3"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
853
x-cache-hits
1
/
grythm.com/.red/ 		0
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://grythm.com/.red/
Requested by
Host: skatteetateennoo.firebaseapp.com
URL: https://skatteetateennoo.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.239.209.195 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ig.navicosoft.com
Software
LiteSpeed /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skatteetateennoo.firebaseapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 05:32:09 GMT
server
LiteSpeed

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

4 Console Messages

Source Level URL
Text
network error URL: https://skatteetateennoo.firebaseapp.com/oo_files/images/PFDinDisplayPro-Light.23cdddacd0d56977093551f2faea9a13.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://skatteetateennoo.firebaseapp.com/oo_files/images/PFDinDisplayPro-Regular.840952ed9468a2c7444f89b6f748e734.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://skatteetateennoo.firebaseapp.com/oo_files/images/PFDinDisplayPro-Light.9a5171a196de11651813859c360f195f.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://skatteetateennoo.firebaseapp.com/oo_files/images/PFDinDisplayPro-Regular.21be48ba435316c8a4cd39438cd89083.woff
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload