tveitaregnskap.advantum.no Open in urlscan Pro
178.21.130.17 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tveitaregnskap.advantum.no/
Submission: On July 01 via api (July 1st 2024, 1:35:31 pm UTC) from US — Scanned from NO

Summary HTTP 11 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 11 HTTP transactions. The main IP is 178.21.130.17, located in Norway and belongs to WEBHUSET-AS, NO. The main domain is tveitaregnskap.advantum.no.
TLS certificate: Issued by R10 on June 29th 2024. Valid for: 3 months.

This is the only time tveitaregnskap.advantum.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	178.21.130.17 178.21.130.17	29486 (WEBHUSET-AS) (WEBHUSET-AS)
1 2	2606:4700:10:... 2606:4700:10::6816:1590	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.78.33.231 35.78.33.231	16509 (AMAZON-02) (AMAZON-02)
1	18.245.78.194 18.245.78.194	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:29:1... 2620:1ec:29:1::72	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
3	52.92.131.25 52.92.131.25	16509 (AMAZON-02) (AMAZON-02)
11	7

2 178.21.130.17 (Norway)

ASN29486 (WEBHUSET-AS, NO)

tveitaregnskap.advantum.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1590 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.tailwindcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.78.33.231 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-78-33-231.ap-northeast-1.compute.amazonaws.com

gaishishukatsu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.78.194 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-78-194.fra60.r.cloudfront.net

dy1ar1zj7xlg8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:29:1::72 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

media-eur.gwt.bdo.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.92.131.25 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

applesocial.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	amazonaws.com applesocial.s3.amazonaws.com — Cisco Umbrella Rank: 639299	97 KB
2	gstatic.com encrypted-tbn0.gstatic.com	10 KB
2	tailwindcss.com 1 redirects cdn.tailwindcss.com — Cisco Umbrella Rank: 32531	110 KB
2	advantum.no tveitaregnskap.advantum.no	10 KB
1	bdo.global media-eur.gwt.bdo.global	27 KB
1	cloudfront.net dy1ar1zj7xlg8.cloudfront.net	100 KB
1	gaishishukatsu.com 1 redirects gaishishukatsu.com	136 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	1 KB
11	8

	Domain	Requested by
3	applesocial.s3.amazonaws.com	cdn.jsdelivr.net
2	encrypted-tbn0.gstatic.com	tveitaregnskap.advantum.no
2	cdn.tailwindcss.com	1 redirects tveitaregnskap.advantum.no
2	tveitaregnskap.advantum.no
1	media-eur.gwt.bdo.global	tveitaregnskap.advantum.no
1	dy1ar1zj7xlg8.cloudfront.net	tveitaregnskap.advantum.no
1	gaishishukatsu.com	1 redirects
1	cdn.jsdelivr.net	tveitaregnskap.advantum.no
11	8

This site contains links to these domains. Also see Links.

Domain
advantum.no

Subject Issuer	Validity	Valid
advantum.no R10	`2024-06-29` - `2024-09-27`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
media-eur.gwt.bdo.global GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-03-21` - `2024-09-21`	6 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://tveitaregnskap.advantum.no/
Frame ID: 69B045C4AFDF4B541052441C5D12BEE3
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tveita Regnskap

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

11
Requests

82 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

355 kB
Transfer

599 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://advantum.no/
Title: advantum.no

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cdn.tailwindcss.com/ HTTP 302
https://cdn.tailwindcss.com/3.4.4

Request Chain 2

https://gaishishukatsu.com/wp-content/uploads/5000/07/obnCEkFml9JzZEn1689660272.jpg HTTP 302
https://dy1ar1zj7xlg8.cloudfront.net/wp-content/uploads/5000/07/obnCEkFml9JzZEn1689660272.jpg

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
tveitaregnskap.advantum.no/ 10 KB
10 KB 535ms
46ms Document
text/html 178.21.130.17
WEBHUSET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tveitaregnskap.advantum.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.21.130.17 , Norway, ASN29486 (WEBHUSET-AS, NO),
Reverse DNS
Software: Apache/2.4.6 (CloudLinux) OpenSSL/1.0.2k-fips /
Resource Hash: a3c821dc03aef609d388f02d9bf8c345aedb630cbace4b32f8a014dc01a0b9b0

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 9937
Content-Type: text/html; charset=UTF-8
Date: Mon, 01 Jul 2024 13:35:24 GMT
ETag: "26d1-61c078194608b"
Keep-Alive: timeout=5, max=100
Last-Modified: Sat, 29 Jun 2024 13:40:24 GMT
Server: Apache/2.4.6 (CloudLinux) OpenSSL/1.0.2k-fips

GET
H2

200

3.4.4 Show response
cdn.tailwindcss.com/
Redirect Chain

https://cdn.tailwindcss.com/
https://cdn.tailwindcss.com/3.4.4

357 KB
110 KB

66ms
66ms

Script
text/javascript

2606:4700:10::6816:1590
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tailwindcss.com/3.4.4

Requested by

Host: tveitaregnskap.advantum.no
URL: https://tveitaregnskap.advantum.no/

Protocol

Server

2606:4700:10::6816:1590 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75d96c0d79b25aa220aa2af3a4c65a7833b0c3258512b7f69f2492a0dce50522

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer: https://tveitaregnskap.advantum.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Jul 2024 13:35:24 GMT
content-encoding: br
strict-transport-security: max-age=63072000
last-modified: Wed, 05 Jun 2024 17:22:17 GMT
x-vercel-id: cle1::iad1::6nxnc-1717608142397-53c7ff60a8be
cf-cache-status: HIT
age: 2232782
server: cloudflare
x-vercel-cache: MISS
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 89c6c770bc1aa866-RIX

Redirect headers

date: Mon, 01 Jul 2024 13:35:24 GMT
strict-transport-security: max-age=63072000
cf-cache-status: HIT
x-vercel-id: cle1::iad1::75hp2-1719839748199-770430bdcf15
server: cloudflare
age: 556
x-vercel-cache: MISS
vary: Accept-Encoding
location: /3.4.4
cache-control: max-age=14400
cf-ray: 89c6c7704b9ca866-RIX

GET
H2 200 sanfrancisco.css
cdn.jsdelivr.net/gh/mailtoharshit/San-Francisco-Font-/ 1 KB
1 KB 171ms
62ms Stylesheet
text/css 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/mailtoharshit/San-Francisco-Font-/sanfrancisco.css

Requested by

Host: tveitaregnskap.advantum.no
URL: https://tveitaregnskap.advantum.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8e0072b1596fb02dd764546cc4162722f73e8e4db959990f10ceecb6fabd1e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tveitaregnskap.advantum.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 13:35:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3715
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 333
x-served-by: cache-fra-eddf8230155-FRA, cache-lga21946-LGA
x-jsd-version-type: branch
server: cloudflare
etag: W/"5db-9X6l9Bw8gis6pjZ8IxjkUbzj1XE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1aVw56VW3niirygmkZvcXTDYxrEESLRJF9ZEZJ%2Fb9i42xZLJUFr3RgJRgiyM6CJP0X26M4nc9T0A94%2Fntu6RPSv0vXVzM%2B4mgEaXzlkuEjozQZs1UT9kDZBmyQIb3oaX4F7eUhEBv5pAysMORH4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89c6c7701c5209a9-ARN

GET
H/1.1

200
OK

obnCEkFml9JzZEn1689660272.jpg
dy1ar1zj7xlg8.cloudfront.net/wp-content/uploads/5000/07/
Redirect Chain

https://gaishishukatsu.com/wp-content/uploads/5000/07/obnCEkFml9JzZEn1689660272.jpg
https://dy1ar1zj7xlg8.cloudfront.net/wp-content/uploads/5000/07/obnCEkFml9JzZEn1689660272.jpg

99 KB
100 KB

220ms
81ms

Image
image/jpeg

18.245.78.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dy1ar1zj7xlg8.cloudfront.net/wp-content/uploads/5000/07/obnCEkFml9JzZEn1689660272.jpg
Requested by: Host: tveitaregnskap.advantum.no
URL: https://tveitaregnskap.advantum.no/
Protocol: HTTP/1.1
Server: 18.245.78.194 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-78-194.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f880390ecd65963b808725804a00eea27e42a76543efbce70ff9f5d3d2eda5b3

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer: https://tveitaregnskap.advantum.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 01 Jul 2024 13:35:25 GMT
Via: 1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
Last-Modified: Tue, 18 Jul 2023 06:04:49 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P6
Age: 50334
x-amz-server-side-encryption: AES256
ETag: "25f19bd7c899080707302011173fd76c"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101648
X-Amz-Cf-Id: b0MrM8QQx-mS0Igd15wDtvYRQKtrmDAdV2LojTBZ8sNOdsKY1g5D_w==

Redirect headers

location: https://dy1ar1zj7xlg8.cloudfront.net:443/wp-content/uploads/5000/07/obnCEkFml9JzZEn1689660272.jpg
date: Mon, 01 Jul 2024 13:35:24 GMT
server: awselb/2.0
content-length: 110
content-type: text/html

GET
H2 200 100071.jpg
media-eur.gwt.bdo.global/cmslibrary/Norway/media/bdo/Ansatte/Employees/ 27 KB
27 KB 327ms
115ms Image
image/jpeg 2620:1ec:29:1::72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-eur.gwt.bdo.global/cmslibrary/Norway/media/bdo/Ansatte/Employees/100071.jpg
Requested by: Host: tveitaregnskap.advantum.no
URL: https://tveitaregnskap.advantum.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 23907530bb545cc3e575e56534b272d545b7a4005314508de8c91e0fb6d15294

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tveitaregnskap.advantum.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Jul 2024 13:35:24 GMT
x-ms-meta-datecreated: 09/30/2022 16:39:29
x-ms-server-encrypted: true
x-cache: TCP_HIT
x-ms-copy-progress: 27302/27302
x-ms-copy-source: https://bdosagwtprdeurwe.blob.core.windows.net/cmsstorage/BDO_NO/media/bdo/Ansatte/Employees/100071.jpg?sv=2019-07-07&sr=b&se=2023-08-01T06%3A03%3A09Z&sp=r
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 61558191
x-ms-copy-status: success
content-length: 27302
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Tue, 25 Jul 2023 06:03:09 GMT
last-modified: Tue, 25 Jul 2023 06:03:09 GMT
etag: "0x8DB8CD4D2B6CF07"
x-azure-ref: 20240701T133524Z-17cf586494d8v7pbczdezzcy7s00000008yg000000001kky
x-ms-blob-content-md5: odE7ltfau3RGXRSiOcH11g==
content-type: image/jpeg
x-ms-request-id: c8ebd315-201e-0067-5fab-cb8306000000
x-ms-version: 2022-11-02
x-ms-copy-id: b3023705-2d9a-4dfc-88cd-6c11098decad
x-ms-copy-completion-time: Tue, 25 Jul 2023 06:03:09 GMT
accept-ranges: bytes

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 5 KB
5 KB 334ms
178ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcScVYaJnLhj21V3yV-zCU-Vr6MKY2Qqip9KpQ&s

Requested by

Host: tveitaregnskap.advantum.no
URL: https://tveitaregnskap.advantum.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceaa109e09db4c5ef567f54ba34e3212a6353da507fec162370ca67b4338d9e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tveitaregnskap.advantum.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 13:35:24 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4627
x-xss-protection: 0
last-modified: Thu, 23 May 2024 19:41:08 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 01 Jul 2025 13:35:24 GMT

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 5 KB
5 KB 259ms
153ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRAZ6PZZdafs13ea8yGcbX-3UFB-Mc-Eh0LIw&s

Requested by

Host: tveitaregnskap.advantum.no
URL: https://tveitaregnskap.advantum.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e89db053774480ec16e49689e5c36b36cbdabedf327169a2d7d4de9a36aa794b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tveitaregnskap.advantum.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 13:35:24 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4774
x-xss-protection: 0
last-modified: Thu, 16 Jan 2025 07:33:54 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 01 Jul 2025 13:35:24 GMT

GET
H/1.1 200
OK sanfranciscodisplay-semibold-webfont.woff
applesocial.s3.amazonaws.com/assets/styles/fonts/sanfrancisco/ 32 KB
33 KB 681ms
225ms Font
application/font-woff 52.92.131.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://applesocial.s3.amazonaws.com/assets/styles/fonts/sanfrancisco/sanfranciscodisplay-semibold-webfont.woff
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/mailtoharshit/San-Francisco-Font-/sanfrancisco.css
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.92.131.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 25afcdc87b29ac289b0064d60a228d987d6e98d88eac57997574202d252b30c9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.jsdelivr.net/
Origin: https://tveitaregnskap.advantum.no
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 13:35:26 GMT
Last-Modified: Tue, 19 Dec 2017 18:28:38 GMT
Server: AmazonS3
x-amz-request-id: TGXXET2M0VKWS80D
ETag: "2edc73e0f9a45b9b1347060013eb39df"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: application/font-woff
Accept-Ranges: bytes
Content-Length: 32832
x-amz-id-2: 6HuEJ9iKuh4u3G8oIjaNAnPLNNB3bIjMtTHK50RrFwJbXTFF22Il6+U6B9orL5QKyaD2gv3V1VI=

GET
H/1.1 200
OK sanfranciscodisplay-medium-webfont.woff
applesocial.s3.amazonaws.com/assets/styles/fonts/sanfrancisco/ 32 KB
33 KB 674ms
223ms Font
application/font-woff 52.92.131.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://applesocial.s3.amazonaws.com/assets/styles/fonts/sanfrancisco/sanfranciscodisplay-medium-webfont.woff
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/mailtoharshit/San-Francisco-Font-/sanfrancisco.css
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.92.131.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2117319f461f5e7b5ceb04f6df88404d48b94be7436ebcbc729413163e14a1bb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.jsdelivr.net/
Origin: https://tveitaregnskap.advantum.no
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 13:35:26 GMT
Last-Modified: Tue, 19 Dec 2017 18:28:34 GMT
Server: AmazonS3
x-amz-request-id: TGXXQB0ETPV986FV
ETag: "81f0b3d5cf86c72391ff1bd061a41977"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: application/font-woff
Accept-Ranges: bytes
Content-Length: 32976
x-amz-id-2: +o4ZC2Ai/jUUhyfaYH6OuWqnvUsaoiDeLblNecWiG6jp/RKN6rqRYWkiHwJbMUW+0XGyMRdQy38=

GET
H/1.1 200
OK sanfranciscodisplay-regular-webfont.woff
applesocial.s3.amazonaws.com/assets/styles/fonts/sanfrancisco/ 31 KB
32 KB 685ms
226ms Font
application/font-woff 52.92.131.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://applesocial.s3.amazonaws.com/assets/styles/fonts/sanfrancisco/sanfranciscodisplay-regular-webfont.woff
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/mailtoharshit/San-Francisco-Font-/sanfrancisco.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.131.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 58ef5a8216eda46e1951a7980f58d4acda08c97a5b41911778f5cc06678dba15

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.jsdelivr.net/
Origin: https://tveitaregnskap.advantum.no
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 13:35:26 GMT
Last-Modified: Tue, 19 Dec 2017 18:28:36 GMT
Server: AmazonS3
x-amz-request-id: TGXRCRKD6V7400H2
ETag: "578fb8973c77ca5f3cd54f4a44390d37"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: application/font-woff
Accept-Ranges: bytes
Content-Length: 31784
x-amz-id-2: NPXhlD1MZ0MOqAjHfWqac4MDzcQzYohoS/9cwvpa0VB6Z1vjGSO+RabB8vfvB6+EvtOp0fyBblc=

GET
H/1.1 404
Not Found favicon.ico
tveitaregnskap.advantum.no/ 209 B
448 B 49ms
49ms Other
text/html 178.21.130.17
WEBHUSET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tveitaregnskap.advantum.no/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.21.130.17 , Norway, ASN29486 (WEBHUSET-AS, NO),
Reverse DNS
Software: Apache/2.4.6 (CloudLinux) OpenSSL/1.0.2k-fips /
Resource Hash: b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tveitaregnskap.advantum.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 13:35:25 GMT
Server: Apache/2.4.6 (CloudLinux) OpenSSL/1.0.2k-fips
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 209
Content-Type: text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tveitaregnskap.advantum.no/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

applesocial.s3.amazonaws.com
cdn.jsdelivr.net
cdn.tailwindcss.com
dy1ar1zj7xlg8.cloudfront.net
encrypted-tbn0.gstatic.com
gaishishukatsu.com
media-eur.gwt.bdo.global
tveitaregnskap.advantum.no
178.21.130.17
18.245.78.194
2606:4700:10::6816:1590
2606:4700::6812:ba1f
2620:1ec:29:1::72
2a00:1450:4001:806::200e
35.78.33.231
52.92.131.25
2117319f461f5e7b5ceb04f6df88404d48b94be7436ebcbc729413163e14a1bb
23907530bb545cc3e575e56534b272d545b7a4005314508de8c91e0fb6d15294
25afcdc87b29ac289b0064d60a228d987d6e98d88eac57997574202d252b30c9
58ef5a8216eda46e1951a7980f58d4acda08c97a5b41911778f5cc06678dba15
75d96c0d79b25aa220aa2af3a4c65a7833b0c3258512b7f69f2492a0dce50522
a3c821dc03aef609d388f02d9bf8c345aedb630cbace4b32f8a014dc01a0b9b0
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
b8e0072b1596fb02dd764546cc4162722f73e8e4db959990f10ceecb6fabd1e2
ceaa109e09db4c5ef567f54ba34e3212a6353da507fec162370ca67b4338d9e6
e89db053774480ec16e49689e5c36b36cbdabedf327169a2d7d4de9a36aa794b
f880390ecd65963b808725804a00eea27e42a76543efbce70ff9f5d3d2eda5b3

tveitaregnskap.advantum.no Open in urlscan Pro 178.21.130.17 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

82 %HTTPS

50 %IPv6

8 Domains

8 Subdomains

7 IPs

4 Countries

355 kBTransfer

599 kBSize

0 Cookies

1 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

tveitaregnskap.advantum.no Open in urlscan Pro
178.21.130.17 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

82 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

355 kB
Transfer

599 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions