Submitted URL: https://medibuskerud.appresso.no/
Effective URL: https://medibuskerud.appresso.no/a/user/login?next=https%3A//medibuskerud.appresso.no/
Submission: On April 03 via automatic, source certstream-suspicious — Scanned from NO

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 104.26.11.139, located in United States and belongs to CLOUDFLARENET, US. The main domain is medibuskerud.appresso.no.
TLS certificate: Issued by GTS CA 1P5 on February 15th 2023. Valid for: 3 months.
This is the only time medibuskerud.appresso.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 104.26.11.139 13335 (CLOUDFLAR...)
1 18.66.138.182 16509 (AMAZON-02)
1 52.218.96.243 16509 (AMAZON-02)
7 3
Apex Domain
Subdomains
Transfer
6 appresso.no
medibuskerud.appresso.no
430 KB
1 amazonaws.com
production-appresso-publish-manual-uploads-pp.s3-eu-west-1.amazonaws.com
75 KB
1 mapbox.com
api.tiles.mapbox.com — Cisco Umbrella Rank: 14648
8 KB
7 3
Domain Requested by
6 medibuskerud.appresso.no 1 redirects medibuskerud.appresso.no
1 production-appresso-publish-manual-uploads-pp.s3-eu-west-1.amazonaws.com medibuskerud.appresso.no
1 api.tiles.mapbox.com medibuskerud.appresso.no
7 3

This site contains no links.

Subject Issuer Validity Valid
*.appresso.no
GTS CA 1P5
2023-02-15 -
2023-05-16
3 months crt.sh
api.mapbox.com
Amazon RSA 2048 M02
2023-03-01 -
2024-01-04
10 months crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon
2022-09-21 -
2023-08-30
a year crt.sh

This page contains 1 frames:

Primary Page: https://medibuskerud.appresso.no/a/user/login?next=https%3A//medibuskerud.appresso.no/
Frame ID: B6E842A273CB7BAC2EA0DEB20D38B50F
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

Logg inn

Page URL History Show full URLs

  1. https://medibuskerud.appresso.no/ HTTP 302
    https://medibuskerud.appresso.no/a/user/login?next=https%3A//medibuskerud.appresso.no/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mapbox-gl.js

Overall confidence: 100%
Detected patterns
  • (?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

512 kB
Transfer

2614 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://medibuskerud.appresso.no/ HTTP 302
    https://medibuskerud.appresso.no/a/user/login?next=https%3A//medibuskerud.appresso.no/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
medibuskerud.appresso.no/a/user/
Redirect Chain
  • https://medibuskerud.appresso.no/
  • https://medibuskerud.appresso.no/a/user/login?next=https%3A//medibuskerud.appresso.no/
10 KB
3 KB
Document
General
Full URL
https://medibuskerud.appresso.no/a/user/login?next=https%3A//medibuskerud.appresso.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0594fd0e21e6c247d534a6818df0e1f767c5bb68af4ff8b6c517e94b468309e5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7b234af8ff6a1c12-OSL
content-encoding
br
content-language
nb
content-type
text/html; charset=utf-8
date
Mon, 03 Apr 2023 18:14:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2B05cfaMw6Y3y4XnULiujDz5KQX%2Fi8ff%2F0MVpLPZ5gzti1PB7HFICgozGFRgQskJBfBJ60%2B0Em6WWD8XfcJGwqda04K3Ww4lx6Gpio4cesiM33OtzXtInL1GCCUHbj%2FINdbErmwvR%2BXXvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Cookie
via
1.1 vegur
x-frame-options
SAMEORIGIN

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
7b234af79d0f1c12-OSL
content-language
nb
content-type
text/html; charset=utf-8
date
Mon, 03 Apr 2023 18:14:43 GMT
location
/a/user/login?next=https%3A//medibuskerud.appresso.no/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXt4Rq5wKwU6NeHwqQ9x6Jjav5JiSnvix8%2FQqsZrKAF%2BPbBGCaWdPLTap9AWOUgbeOf5yqdoWkbsiusVrO9Zq0rNn%2FaaFKTJZXSdp6PQiXenB4ZAbkeit1dRtV%2BFzNWk5N%2B1VntHFdfxuA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Cookie
via
1.1 vegur
x-frame-options
SAMEORIGIN
main.css
medibuskerud.appresso.no/static/appresso_publish_theme_historiskmaling/39/styles/
1 MB
188 KB
Stylesheet
General
Full URL
https://medibuskerud.appresso.no/static/appresso_publish_theme_historiskmaling/39/styles/main.css
Requested by
Host: medibuskerud.appresso.no
URL: https://medibuskerud.appresso.no/a/user/login?next=https%3A//medibuskerud.appresso.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c90e401003b588cc4bf5b990ac23e05c5590529300522e19e32b1e272fd034dd

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://medibuskerud.appresso.no/a/user/login?next=https%3A//medibuskerud.appresso.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 18:14:43 GMT
via
1.1 vegur
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 Feb 2021 15:28:29 -0000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
182
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJxqIvOY9VsZcRseq0x8%2B3nJhapcZ9oPYiEUi0XTbyOeMz%2FsGxfagln7O37enuAlazWVZ8QC5%2B07Ei8N%2FPj%2FwnReOMR3IaEqXHLk8ixdhUrI38FgGhUnSBoXsmL8%2FgiHxJPxsHisZ4HWjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7b234afa3a0f1c12-OSL
mapbox-gl.css
api.tiles.mapbox.com/mapbox-gl-js/v1.3.0/
32 KB
8 KB
Stylesheet
General
Full URL
https://api.tiles.mapbox.com/mapbox-gl-js/v1.3.0/mapbox-gl.css
Requested by
Host: medibuskerud.appresso.no
URL: https://medibuskerud.appresso.no/a/user/login?next=https%3A//medibuskerud.appresso.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.138.182 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-138-182.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
b767d871a9715e427ef81d98c0670ce4a62b17c16ef6f09c3baf4b235e90e58d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://medibuskerud.appresso.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 18 May 2022 21:39:13 GMT
Content-Encoding
gzip
Via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P4
Age
27635730
X-Powered-By
Express
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed Aug 28 2019 15:58:31 GMT+0000 (Coordinated Universal Time)
ETag
"93324584606cdac8adf4396bf3c8f9af"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
X-Amz-Cf-Id
TWotqyRyaf2X_nQBdNJzD8B6ZOJ7iQu75Xvug0dc1bA_NuapXiRbfQ==
rettogslettbad.png
production-appresso-publish-manual-uploads-pp.s3-eu-west-1.amazonaws.com/logosandstuff/
75 KB
75 KB
Image
General
Full URL
https://production-appresso-publish-manual-uploads-pp.s3-eu-west-1.amazonaws.com/logosandstuff/rettogslettbad.png
Requested by
Host: medibuskerud.appresso.no
URL: https://medibuskerud.appresso.no/a/user/login?next=https%3A//medibuskerud.appresso.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.96.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
96db6ef062499b32e08e9a7b0b53014d5441c0f145fed1b078709c12541ca28d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://medibuskerud.appresso.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 18:14:44 GMT
Last-Modified
Mon, 08 Mar 2021 00:28:00 GMT
Server
AmazonS3
x-amz-request-id
HPMZ6ZVMFJP72AYH
ETag
"e842d1783c8364108209ba40109209d1"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
76506
x-amz-id-2
Q3XwsMIZpWhf1Zm0M+5PWm0rvoDfuadm+5+YdfexDnouBZBO23CtsaOsWhpUgMhdyRXysHfHar0=
email-decode.min.js
medibuskerud.appresso.no/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://medibuskerud.appresso.no/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: medibuskerud.appresso.no
URL: https://medibuskerud.appresso.no/a/user/login?next=https%3A//medibuskerud.appresso.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://medibuskerud.appresso.no/a/user/login?next=https%3A//medibuskerud.appresso.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 18:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 Mar 2023 12:31:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6419a395-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FM4qOvmyIfVTKDSrd%2FhG8TdSUxwhEOe6Jdfm7PD6xxK8dOX5HdLYIdX9Q9Plks9ZApCHtiNLiLPKn%2FVn8jU1li5ZcIoWD6ia9BYcqmGoscL8IrEphKwvB3hPFunHa9mo60P3dGRoiEISGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7b234afa7a7d1c12-OSL
expires
Wed, 05 Apr 2023 18:14:43 GMT
django_cradmin_all.js
medibuskerud.appresso.no/static/django_cradmin_js/6.6.3/
995 KB
199 KB
Script
General
Full URL
https://medibuskerud.appresso.no/static/django_cradmin_js/6.6.3/django_cradmin_all.js
Requested by
Host: medibuskerud.appresso.no
URL: https://medibuskerud.appresso.no/a/user/login?next=https%3A//medibuskerud.appresso.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9275fdc043883bc9098c575ae5ebbd14ea6e56d9b3abfafbbf36754bc2187a9f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://medibuskerud.appresso.no/a/user/login?next=https%3A//medibuskerud.appresso.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 18:14:43 GMT
via
1.1 vegur
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 Feb 2021 15:28:27 -0000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
182
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncjIMfUbfGRf6nYgTmeknm1XemOfUdyWStgO97LRLSvKMTvyTvquLQSc%2BIH2o%2BXruT0wJsVSjqEN9gFqGcZnXNrbqBLZx98jzLr6%2Bo3uXd1kOTybn5COrXcBWpFrYsv1u6fHO6%2BFo%2BtNkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7b234afa7a801c12-OSL
fa-solid-900.woff2
medibuskerud.appresso.no/static/django_cradmin_styles/6.6.3/media/cradmin_fontawesome/webfonts/
38 KB
38 KB
Font
General
Full URL
https://medibuskerud.appresso.no/static/django_cradmin_styles/6.6.3/media/cradmin_fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: medibuskerud.appresso.no
URL: https://medibuskerud.appresso.no/static/appresso_publish_theme_historiskmaling/39/styles/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62554277d07b20c6bfae7c6267b3198b4846f604a37d4085bf9f54c392210b56

Request headers

Referer
https://medibuskerud.appresso.no/static/appresso_publish_theme_historiskmaling/39/styles/main.css
Origin
https://medibuskerud.appresso.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 18:14:43 GMT
via
1.1 vegur
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 Feb 2021 15:28:27 -0000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
180
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gWRG9VtJWKL2dx4ztTetAL71meDZeVm113DwBWR%2F3CKYBjMIQZYu0LQOEb7Z0is0yjwtXqZoh%2BBxzF7pc9Ou7gwxIE9mPVAXRyIyn8hulXipJPcyXwQKW6CuzNwyv3%2F%2BIAvm9hQD6cDuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cache-control
max-age=14400
cf-ray
7b234afbed121c12-OSL

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| gettext function| pluralidx function| ngettext function| gettext_noop function| pgettext function| npgettext function| interpolate function| get_format

2 Cookies

Domain/Path Name / Value
medibuskerud.appresso.no/ Name: sessionid
Value: vh77c7d2lck4lwakq56rflxvtiysa92o
medibuskerud.appresso.no/ Name: csrftoken
Value: 6yeGceHeKJ3fEhfrrAJSrFZ5pqCa2cHPRucLI5l8emOjqFfxT37W2JYRfwJrdVtK

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN