www.us.no Open in urlscan Pro
104.236.44.118 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1uu.us.no/greeting23742232-client.exe.
Effective URL:
http://www.us.no/
Submission: On June 25 via manual (June 25th 2022, 11:37:53 am UTC) from IN — Scanned from NO

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 10 HTTP transactions. The main IP is 104.236.44.118, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.us.no.

This is the only time www.us.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	104.236.44.118 104.236.44.118	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 10	194.63.249.220 194.63.249.220	12996 (DOMENESHO...) (DOMENESHOP Oslo)
10	2

2 104.236.44.118 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: proxy.luadns.com

1uu.us.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.us.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 194.63.249.220 (Norway) 1 redirects

ASN12996 (DOMENESHOP Oslo, Norway, NO)

parkert-su.webit.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	webit.no 1 redirects parkert-su.webit.no	237 KB
2	us.no 1 redirects 1uu.us.no www.us.no	669 B
10	2

	Domain	Requested by
10	parkert-su.webit.no	1 redirects www.us.no parkert-su.webit.no
1	www.us.no
1	1uu.us.no	1 redirects
10	3

This site contains no links.

Subject Issuer	Validity	Valid
webit.no R3	`2022-04-27` - `2022-07-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://www.us.no/
Frame ID: 57F6885E74B2322E3F4B877EBFC5E8DC
Requests: 1 HTTP requests in this frame

Frame: https://parkert-su.webit.no/?domene=us.no
Frame ID: EE6A0710239AF0081ED49A6A6176B48E
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

www.us.no

Page URL History Show full URLs

http://1uu.us.no/greeting23742232-client.exe. HTTP 301
http://www.us.no/ Page URL

Page Statistics

10
Requests

90 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

237 kB
Transfer

237 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1uu.us.no/greeting23742232-client.exe. HTTP 301
http://www.us.no/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://parkert-su.webit.no/?domene=us.no HTTP 301
https://parkert-su.webit.no/?domene=us.no

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.us.no/
Redirect Chain

http://1uu.us.no/greeting23742232-client.exe.
http://www.us.no/

273 B
450 B

299ms
126ms

Document
text/html

104.236.44.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.us.no/
Protocol: HTTP/1.1
Server: 104.236.44.118 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: proxy.luadns.com
Software: nginx /
Resource Hash: 5105b0d408d31e251059a35df0a41da7a59a624506472aab5745c58e309fe720

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

Connection: keep-alive
Content-Length: 273
Content-Type: text/html; charset=utf-8
Date: Sat, 25 Jun 2022 11:37:49 GMT
Server: nginx
X-Redirect-Ttl: 180

Redirect headers

Connection: keep-alive
Content-Length: 51
Content-Type: text/html; charset=utf-8
Date: Sat, 25 Jun 2022 11:37:48 GMT
Location: http://www.us.no
Server: nginx
X-Redirect-Ttl: 181

GET
H2

200

/ Show response
parkert-su.webit.no/ Frame EE6A
Redirect Chain

http://parkert-su.webit.no/?domene=us.no
https://parkert-su.webit.no/?domene=us.no

4 KB
1 KB

494ms
45ms

Document
text/html

194.63.249.220
DOMENESHOP Oslo

General

Check archive.org

Show headers Download Go to

Full URL

https://parkert-su.webit.no/?domene=us.no

Requested by

Host: www.us.no
URL: http://www.us.no/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.63.249.220 , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),

Reverse DNS

Software

nginx /

Resource Hash

b4fe88a1dbc291e1dfc306028fc1a8df023f40ab17cc10d076c59aaff39878d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: http://www.us.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 25 Jun 2022 11:37:50 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sat, 25 Jun 2022 11:37:49 GMT
Location: https://parkert-su.webit.no/?domene=us.no
Server: nginx

GET
H2 200 parkert.png
parkert-su.webit.no/ Frame EE6A 57 KB
57 KB 47ms
44ms Image
image/png 194.63.249.220
DOMENESHOP Oslo

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://parkert-su.webit.no/parkert.png

Requested by

Host: parkert-su.webit.no
URL: https://parkert-su.webit.no/?domene=us.no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.63.249.220 , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),

Reverse DNS

Software

nginx /

Resource Hash

58394c811803ff88ba1ef305237d8531d0637e9adc1bf0149fb6f8cdf64fea04

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://parkert-su.webit.no/?domene=us.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
last-modified: Thu, 04 Feb 2021 17:40:50 GMT
server: nginx
etag: "e412-5ba863464aa70"
content-type: image/png
date: Sat, 25 Jun 2022 11:37:50 GMT
accept-ranges: bytes
content-length: 58386

GET
H2 200 flagg_no.png
parkert-su.webit.no/ Frame EE6A 3 KB
4 KB 130ms
128ms Image
image/png 194.63.249.220
DOMENESHOP Oslo

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://parkert-su.webit.no/flagg_no.png

Requested by

Host: parkert-su.webit.no
URL: https://parkert-su.webit.no/?domene=us.no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.63.249.220 , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),

Reverse DNS

Software

nginx /

Resource Hash

4a7ed0d1abf518a1b5839263977f0b1a3ed04eec87efccc1907352154bae03ac

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://parkert-su.webit.no/?domene=us.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
last-modified: Thu, 04 Feb 2021 17:40:50 GMT
server: nginx
etag: "df0-5ba8634601675"
content-type: image/png
date: Sat, 25 Jun 2022 11:37:50 GMT
accept-ranges: bytes
content-length: 3568

GET
H2 200 SPACER_LINE.png
parkert-su.webit.no/ Frame EE6A 978 B
1 KB 47ms
45ms Image
image/png 194.63.249.220
DOMENESHOP Oslo

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://parkert-su.webit.no/SPACER_LINE.png

Requested by

Host: parkert-su.webit.no
URL: https://parkert-su.webit.no/?domene=us.no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.63.249.220 , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),

Reverse DNS

Software

nginx /

Resource Hash

3b1189fa3eed61b120cc3309a36edfaae59a9f37e1fd808344ea9d3fbb867fdc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://parkert-su.webit.no/?domene=us.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
last-modified: Thu, 04 Feb 2021 17:40:50 GMT
server: nginx
etag: "3d2-5ba8634582708"
content-type: image/png
date: Sat, 25 Jun 2022 11:37:50 GMT
accept-ranges: bytes
content-length: 978

GET
H2 200 SPACER_LINE_2.png
parkert-su.webit.no/ Frame EE6A 990 B
1 KB 130ms
128ms Image
image/png 194.63.249.220
DOMENESHOP Oslo

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://parkert-su.webit.no/SPACER_LINE_2.png

Requested by

Host: parkert-su.webit.no
URL: https://parkert-su.webit.no/?domene=us.no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.63.249.220 , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),

Reverse DNS

Software

nginx /

Resource Hash

3d87b985bf73a7c5d75f4ce0c00792773276b4ce5071d449518368fdafa751fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://parkert-su.webit.no/?domene=us.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
last-modified: Thu, 04 Feb 2021 17:40:50 GMT
server: nginx
etag: "3de-5ba863460e19a"
content-type: image/png
date: Sat, 25 Jun 2022 11:37:50 GMT
accept-ranges: bytes
content-length: 990

GET
H2 200 flagg_us.png
parkert-su.webit.no/ Frame EE6A 4 KB
4 KB 48ms
46ms Image
image/png 194.63.249.220
DOMENESHOP Oslo

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://parkert-su.webit.no/flagg_us.png

Requested by

Host: parkert-su.webit.no
URL: https://parkert-su.webit.no/?domene=us.no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.63.249.220 , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),

Reverse DNS

Software

nginx /

Resource Hash

63fcc4d8a2179c349735dc62c5b4ea34022cbd8d1fe37e108a6fe505e296b851

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://parkert-su.webit.no/?domene=us.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
last-modified: Thu, 04 Feb 2021 17:40:50 GMT
server: nginx
etag: "e57-5ba86345e8fcc"
content-type: image/png
date: Sat, 25 Jun 2022 11:37:50 GMT
accept-ranges: bytes
content-length: 3671

GET
H2 200 flagg_gb.png
parkert-su.webit.no/ Frame EE6A 4 KB
4 KB 46ms
45ms Image
image/png 194.63.249.220
DOMENESHOP Oslo

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://parkert-su.webit.no/flagg_gb.png

Requested by

Host: parkert-su.webit.no
URL: https://parkert-su.webit.no/?domene=us.no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.63.249.220 , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),

Reverse DNS

Software

nginx /

Resource Hash

0ee2306e951a10caff02509e5d90d18b70533217c035054180a2cac08e5861d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://parkert-su.webit.no/?domene=us.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
last-modified: Thu, 04 Feb 2021 17:40:50 GMT
server: nginx
etag: "ed6-5ba86345fb8b3"
content-type: image/png
date: Sat, 25 Jun 2022 11:37:50 GMT
accept-ranges: bytes
content-length: 3798

GET
H2 200 2022-BANNER.png
parkert-su.webit.no/ Frame EE6A 163 KB
163 KB 130ms
129ms Image
image/png 194.63.249.220
DOMENESHOP Oslo

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://parkert-su.webit.no/2022-BANNER.png

Requested by

Host: parkert-su.webit.no
URL: https://parkert-su.webit.no/?domene=us.no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.63.249.220 , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),

Reverse DNS

Software

nginx /

Resource Hash

ed02ed9422ffedd76f66d3382221e3f6a805347600357f6db10b01c03b8ca3ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://parkert-su.webit.no/?domene=us.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
last-modified: Thu, 02 Jun 2022 10:55:20 GMT
server: nginx
etag: "28c22-5e074d79068f2"
content-type: image/png
date: Sat, 25 Jun 2022 11:37:50 GMT
accept-ranges: bytes
content-length: 166946

GET
H2 200 skillelinje_loddrett_62.png
parkert-su.webit.no/ Frame EE6A 955 B
1 KB 131ms
130ms Image
image/png 194.63.249.220
DOMENESHOP Oslo

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://parkert-su.webit.no/skillelinje_loddrett_62.png

Requested by

Host: parkert-su.webit.no
URL: https://parkert-su.webit.no/?domene=us.no

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.63.249.220 , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),

Reverse DNS

Software

nginx /

Resource Hash

3e7723e3153610297d3058c7b3611f1b806bc7b76d766abfcac005c57909b545

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://parkert-su.webit.no/?domene=us.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
last-modified: Thu, 04 Feb 2021 17:40:50 GMT
server: nginx
etag: "3bb-5ba86345c2e5f"
content-type: image/png
date: Sat, 25 Jun 2022 11:37:50 GMT
accept-ranges: bytes
content-length: 955

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1uu.us.no
parkert-su.webit.no
www.us.no
104.236.44.118
194.63.249.220
0ee2306e951a10caff02509e5d90d18b70533217c035054180a2cac08e5861d7
3b1189fa3eed61b120cc3309a36edfaae59a9f37e1fd808344ea9d3fbb867fdc
3d87b985bf73a7c5d75f4ce0c00792773276b4ce5071d449518368fdafa751fc
3e7723e3153610297d3058c7b3611f1b806bc7b76d766abfcac005c57909b545
4a7ed0d1abf518a1b5839263977f0b1a3ed04eec87efccc1907352154bae03ac
5105b0d408d31e251059a35df0a41da7a59a624506472aab5745c58e309fe720
58394c811803ff88ba1ef305237d8531d0637e9adc1bf0149fb6f8cdf64fea04
63fcc4d8a2179c349735dc62c5b4ea34022cbd8d1fe37e108a6fe505e296b851
b4fe88a1dbc291e1dfc306028fc1a8df023f40ab17cc10d076c59aaff39878d7
ed02ed9422ffedd76f66d3382221e3f6a805347600357f6db10b01c03b8ca3ce

www.us.no Open in urlscan Pro 104.236.44.118 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

90 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

2 Countries

237 kBTransfer

237 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Indicators

www.us.no Open in urlscan Pro
104.236.44.118 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

90 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

237 kB
Transfer

237 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions