Report - lnkiy.in/bbcvspawg

Report Overview

Visited public
2024-08-14 12:42:19
Tags
URL
lnkiy.in/bbcvspawg
Finishing URL
norskebettingsider.io/
IP / ASN
3.110.117.245
#16509 AMAZON-02
Title
Norske Bettingsider → Beste Betting Sider for nordmenn 2024

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Sent	Received	IP
fonts.gstatic.com	unknown	1.1 kB	50 kB	216.58.207.227
r10.o.lencr.org	unknown	2.0 kB	5.3 kB	23.36.77.32
agraniedoutors.com	unknown	801 B	924 B	54.240.174.46
o.pki.goog	unknown	650 B	1.4 kB	142.250.74.131
lnkiy.in	unknown	647 B	26 kB	3.110.117.245
norskebettingsider.io	unknown	7.4 kB	330 kB	64.226.90.236
cdn.jsdelivr.net	439	1.0 kB	162 kB	104.18.186.31
fonts.googleapis.com	8877	470 B	1.9 kB	142.250.74.106
r11.o.lencr.org	unknown	981 B	2.7 kB	23.36.76.226
ookroush.com	unknown	4.0 kB	27 kB	139.45.197.243
my.rtmark.net	9054	523 B	678 B	139.45.195.8
t.co	569	944 B	1.9 kB	93.184.221.165
cdn.websitepolicies.io	91901	879 B	12 kB	194.242.11.186

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-08-14	medium	ookroush.com	Sinkholed
2024-08-14	medium	ookroush.com	Sinkholed
2024-08-14	medium	ookroush.com	Sinkholed
2024-08-14	medium	ookroush.com	Sinkholed
2024-08-14	medium	ookroush.com	Sinkholed
2024-08-14	medium	ookroush.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	norskebettingsider.io/	ScriptElement	469 B	2024-07-31	2024-11-01
Pretty URL norskebettingsider.io/ IP 64.226.90.236 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-07-31 15:25 Last Seen2024-11-01 12:55 Times Seen44 Hash 04305e3d5be82ea79191024d9d85e5de 258c360c8c658ed8be8bac3a3b7af0f1e0713942 916f535c17b3e50a8e93e1edd4320b98193ef2f433e06af720c46f21fe248bda Loading...

	norskebettingsider.io/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	ScriptElement	88 kB	2023-11-03	2025-05-06
Pretty URL norskebettingsider.io/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 64.226.90.236 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-05-06 05:58 Times Seen90865 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	cdn.websitepolicies.io/lib/cconsent/cconsent.min.js	ScriptElement	13 kB	2023-07-15	2025-01-30
Pretty URL cdn.websitepolicies.io/lib/cconsent/cconsent.min.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-15 19:00 Last Seen2025-01-30 21:19 Times Seen56 Hash 030088ef32b8e51f317d571b8468fe4c e0004aeb6da2ceaf098f0be2e1bbd7e8ebed00ae d1519ebf5ea97240ca31b770ffd6b1e01e0dd041367fedaa61d56ef4f613edf4 Loading...

	norskebettingsider.io/wp-content/themes/nbs/assets/js/custom.js?ver=1.0.0	ScriptElement	4.1 kB	2024-07-31	2024-11-01
Pretty URL norskebettingsider.io/wp-content/themes/nbs/assets/js/custom.js?ver=1.0.0 IP 64.226.90.236 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-31 15:25 Last Seen2024-11-01 12:55 Times Seen45 Hash 6a40dcdb36368e733373652fba858f5d d255d05604a2dc1c2345276b35b99e292742e193 aa40d8c14c758ee2847fee57c2e0c8ca27dfeae9454ee830c7121232d9aeb55f Loading...

HTTP Transactions (46)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
03ddbe8959d96b03a3cd39f53083e746
eb46646fda521c927c944256fa5ddc4f5a23403b
5612db29bfeed83bb6bfb62c075da224065ec2e5200d5101380f83243cf5385b

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5612DB29BFEED83BB6BFB62C075DA224065EC2E5200D5101380F83243CF5385B"
Last-Modified: Tue, 13 Aug 2024 18:56:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5504
Expires: Wed, 14 Aug 2024 14:13:37 GMT
Date: Wed, 14 Aug 2024 12:41:53 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
90149b127cd563315012f026a9e0544f
1e148905fa524fb8fec15249f30f33085978dc2e
7098a3b23aece2b00e86fd3a23c5e532001a5002b061170d3ed53ddd36bf8f5b

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "7098A3B23AECE2B00E86FD3A23C5E532001A5002B061170D3ED53DDD36BF8F5B"
Last-Modified: Tue, 13 Aug 2024 18:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13246
Expires: Wed, 14 Aug 2024 16:22:39 GMT
Date: Wed, 14 Aug 2024 12:41:53 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
024341a123220bb7f476663e0c2f941d
20e2ab3bdab6d6f5241eb3c45d44a9b191f6cb44
94e9518d845bb5293c2f009a196b74a3859a5ae3b3a1438234f867017c167e1b

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "94E9518D845BB5293C2F009A196B74A3859A5AE3B3A1438234F867017C167E1B"
Last-Modified: Tue, 13 Aug 2024 18:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11694
Expires: Wed, 14 Aug 2024 15:56:47 GMT
Date: Wed, 14 Aug 2024 12:41:53 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
1401eaecc1dc9b318d389cf687018dd9
49eef7150c440fee15deabf064e11a9fefad1845
5b79b468e1cac072d2582b2937241a1f1bee8fdbbc4741818061b6763652523e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5B79B468E1CAC072D2582B2937241A1F1BEE8FDBBC4741818061B6763652523E"
Last-Modified: Tue, 13 Aug 2024 18:57:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16108
Expires: Wed, 14 Aug 2024 17:10:21 GMT
Date: Wed, 14 Aug 2024 12:41:53 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
77619f0113a62e8c4c44f195901b385c
1e1a5e3768ca683e66667aa14efa7042df57ee2f
520dbca26889dcd055ad1e36265c6d088b8b7c9d6907cc59eecc7ff47e4c9942

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "520DBCA26889DCD055AD1E36265C6D088B8B7C9D6907CC59EECC7FF47E4C9942"
Last-Modified: Mon, 12 Aug 2024 21:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15783
Expires: Wed, 14 Aug 2024 17:04:58 GMT
Date: Wed, 14 Aug 2024 12:41:55 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
77619f0113a62e8c4c44f195901b385c
1e1a5e3768ca683e66667aa14efa7042df57ee2f
520dbca26889dcd055ad1e36265c6d088b8b7c9d6907cc59eecc7ff47e4c9942

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "520DBCA26889DCD055AD1E36265C6D088B8B7C9D6907CC59EECC7FF47E4C9942"
Last-Modified: Mon, 12 Aug 2024 21:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15783
Expires: Wed, 14 Aug 2024 17:04:58 GMT
Date: Wed, 14 Aug 2024 12:41:55 GMT
Connection: keep-alive

lnkiy.in/

3.110.117.245

26 kB

URL
lnkiy.in/
IP
3.110.117.245:0
ASN
#16509 AMAZON-02

File type
HTML document, ISO-8859 text
Size
26 kB (26083 bytes)
Hash
d595136559d02111a0f1ec334a6886f9
f9004fe45d5bc9df8b2b42b527134020100a9330
b7bbf2c5f06f1e6dc1458d3150ea501325c02e01da0718f8c6a4e0a7e0d6cb0a

HTTP Headers

GET / HTTP/1.1
Host: lnkiy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Set-Cookie: JSESSIONID=15AE74778BB92FAAAB97992326E4C3B6; Path=/; HttpOnly
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Transfer-Encoding: chunked
Date: Wed, 14 Aug 2024 12:41:56 GMT

lnkiy.in/bbcvspawg

3.110.117.245

0 B

URL
lnkiy.in/bbcvspawg
IP
3.110.117.245:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bbcvspawg HTTP/1.1
Host: lnkiy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 
Set-Cookie: JSESSIONID=984E0B2E861B925255F5BFF6E0D70F9B; Path=/; HttpOnly
Location: https://ookroush.com/4/7799258
Content-Length: 0
Date: Wed, 14 Aug 2024 12:41:58 GMT

ookroush.com/sftouch?userId=0080b8e5973d4761fe6908fe8a35783f&z=7799258&p_rid=ea4df37b-2b8a-4ad1-ab1f-70443a1e8806&p_src=sf&branchId=0&rb=kXJKAFfWzlOiXfnDxrX5xxDEiYtNocYKb9afLJjMEe-oNIHdrlgO97jbYz3q5fRrdN4FF3Vx3yOQpyTRkKxiu2G3Mvp4jjN18g5LUZV11o7FcIb4pdLyYwvDd-YCCJxeVhVnR3_cEYcqBYnkB7bXpqspiEG2zGnN88Cs083fwjXQ9N_EW-3t5m3j4KfaLO3eBEYeq02llq0xkrZ7FXYNUsvHcxzlQe4LD7O3XEv_EGIZSRCNiIztCA==

139.45.197.243

2 B

URL
ookroush.com/sftouch?userId=0080b8e5973d4761fe6908fe8a35783f&z=7799258&p_rid=ea4df37b-2b8a-4ad1-ab1f-70443a1e8806&p_src=sf&branchId=0&rb=kXJKAFfWzlOiXfnDxrX5xxDEiYtNocYKb9afLJjMEe-oNIHdrlgO97jbYz3q5fRrdN4FF3Vx3yOQpyTRkKxiu2G3Mvp4jjN18g5LUZV11o7FcIb4pdLyYwvDd-YCCJxeVhVnR3_cEYcqBYnkB7bXpqspiEG2zGnN88Cs083fwjXQ9N_EW-3t5m3j4KfaLO3eBEYeq02llq0xkrZ7FXYNUsvHcxzlQe4LD7O3XEv_EGIZSRCNiIztCA==
IP
139.45.197.243:0
ASN
#9002 RETN Limited

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /sftouch?userId=0080b8e5973d4761fe6908fe8a35783f&z=7799258&p_rid=ea4df37b-2b8a-4ad1-ab1f-70443a1e8806&p_src=sf&branchId=0&rb=kXJKAFfWzlOiXfnDxrX5xxDEiYtNocYKb9afLJjMEe-oNIHdrlgO97jbYz3q5fRrdN4FF3Vx3yOQpyTRkKxiu2G3Mvp4jjN18g5LUZV11o7FcIb4pdLyYwvDd-YCCJxeVhVnR3_cEYcqBYnkB7bXpqspiEG2zGnN88Cs083fwjXQ9N_EW-3t5m3j4KfaLO3eBEYeq02llq0xkrZ7FXYNUsvHcxzlQe4LD7O3XEv_EGIZSRCNiIztCA== HTTP/1.1
Host: ookroush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ookroush.com
DNT: 1
Connection: keep-alive
Referer: https://ookroush.com/4/7799258
Cookie: OAID=0080b8e5973d4761fe6908fe8a35783f; oaidts=1723639319
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 14 Aug 2024 12:41:59 GMT
content-type: text/plain
content-length: 2
x-trace-id: 347103e48c6d8c554cd7317e980ef4af
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ookroush.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
984067c8478324ccbf66a26b1f1e989f
7b6eae6a88161e6fb8ab48ddf94c3efcb8e2719b
48bc7fbc035bca93ac232c0421dd232108f2195766603cba64b9d4faa3db9663

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "48BC7FBC035BCA93AC232C0421DD232108F2195766603CBA64B9D4FAA3DB9663"
Last-Modified: Tue, 13 Aug 2024 18:31:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14386
Expires: Wed, 14 Aug 2024 16:41:45 GMT
Date: Wed, 14 Aug 2024 12:41:59 GMT
Connection: keep-alive

my.rtmark.net/img.gif?f=merge&userId=0080b8e5973d4761fe6908fe8a35783f&z=7799258&p_rid=ea4df37b-2b8a-4ad1-ab1f-70443a1e8806&p_src=sf

139.45.195.8

43 B

URL
my.rtmark.net/img.gif?f=merge&userId=0080b8e5973d4761fe6908fe8a35783f&z=7799258&p_rid=ea4df37b-2b8a-4ad1-ab1f-70443a1e8806&p_src=sf
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=merge&userId=0080b8e5973d4761fe6908fe8a35783f&z=7799258&p_rid=ea4df37b-2b8a-4ad1-ab1f-70443a1e8806&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ookroush.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 14 Aug 2024 12:41:59 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080b8e5973d4761fe6908fe8a35783f; expires=Thu, 14 Aug 2025 12:41:59 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ookroush.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=ea4df37b-2b8a-4ad1-ab1f-70443a1e8806

139.45.197.243

12 B

URL
ookroush.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=ea4df37b-2b8a-4ad1-ab1f-70443a1e8806
IP
139.45.197.243:0
ASN
#9002 RETN Limited

File type
JSON text data
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=ea4df37b-2b8a-4ad1-ab1f-70443a1e8806 HTTP/1.1
Host: ookroush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1383
Origin: https://ookroush.com
DNT: 1
Connection: keep-alive
Referer: https://ookroush.com/4/7799258
Cookie: OAID=0080b8e5973d4761fe6908fe8a35783f; oaidts=1723639319
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 14 Aug 2024 12:41:59 GMT
content-type: application/json; charset=utf-8
content-length: 12
access-control-allow-origin: https://ookroush.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

ookroush.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=ea4df37b-2b8a-4ad1-ab1f-70443a1e8806

139.45.197.243

0 B

URL
ookroush.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=ea4df37b-2b8a-4ad1-ab1f-70443a1e8806
IP
139.45.197.243:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=ea4df37b-2b8a-4ad1-ab1f-70443a1e8806 HTTP/1.1
Host: ookroush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 438
Origin: https://ookroush.com
DNT: 1
Connection: keep-alive
Referer: https://ookroush.com/4/7799258
Cookie: OAID=0080b8e5973d4761fe6908fe8a35783f; oaidts=1723639319
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 14 Aug 2024 12:41:59 GMT
content-length: 0
access-control-allow-origin: https://ookroush.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

ookroush.com/favicon.ico

139.45.197.243

0 B

URL
ookroush.com/favicon.ico
IP
139.45.197.243:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ookroush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ookroush.com/4/7799258
Cookie: OAID=0080b8e5973d4761fe6908fe8a35783f; oaidts=1723639319
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 14 Aug 2024 12:41:59 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2

ookroush.com/?z=7799258&syncedCookie=true&rhd=false

139.45.197.243

0 B

URL
ookroush.com/?z=7799258&syncedCookie=true&rhd=false
IP
139.45.197.243:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /?z=7799258&syncedCookie=true&rhd=false HTTP/1.1
Host: ookroush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 534
Origin: https://ookroush.com
DNT: 1
Connection: keep-alive
Referer: https://ookroush.com/afu.php?zoneid=7799258&var=7799258&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1
Cookie: OAID=0080b8e5973d4761fe6908fe8a35783f; oaidts=1723639319
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 14 Aug 2024 12:41:59 GMT
content-length: 0
location: https://agraniedoutors.com/f4751347-3851-4e97-9edb-f33d47970f03?zoneid=7799258&bannerid=21828515&zonetype={zone_type}&campaignid=8525123&device=desktop&region=30&isp=blix group as&useragent=Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0&language=en&connectiontype=broadband&cost=0.000600&visitor_id=847567336834872139
x-trace-id: 3ca23cd442e3be2d50889b7eb9f20442
link: <https://agraniedoutors.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ookroush.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080b8e5973d4761fe6908fe8a35783f; expires=Thu, 14 Aug 2025 12:41:59 GMT; path=/; secure; SameSite=None
oaidts=1723639319; expires=Thu, 14 Aug 2025 12:41:59 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 21 Aug 2024 12:41:59 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

agraniedoutors.com/f4751347-3851-4e97-9edb-f33d47970f03?zoneid=7799258&bannerid=21828515&zonetype={zone_type}&campaignid=8525123&device=desktop&region=30&isp=blix%20group%20as&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:96.0)%20Gecko/20100101%20Firefox/96.0&language=en&connectiontype=broadband&cost=0.000600&visitor_id=847567336834872139

54.240.174.46

0 B

URL
agraniedoutors.com/f4751347-3851-4e97-9edb-f33d47970f03?zoneid=7799258&bannerid=21828515&zonetype={zone_type}&campaignid=8525123&device=desktop&region=30&isp=blix%20group%20as&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:96.0)%20Gecko/20100101%20Firefox/96.0&language=en&connectiontype=broadband&cost=0.000600&visitor_id=847567336834872139
IP
54.240.174.46:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /f4751347-3851-4e97-9edb-f33d47970f03?zoneid=7799258&bannerid=21828515&zonetype={zone_type}&campaignid=8525123&device=desktop&region=30&isp=blix%20group%20as&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:96.0)%20Gecko/20100101%20Firefox/96.0&language=en&connectiontype=broadband&cost=0.000600&visitor_id=847567336834872139 HTTP/1.1
Host: agraniedoutors.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-length: 0
location: https://t.co/qkZ9VZxW3D
date: Wed, 14 Aug 2024 12:41:59 GMT
server: nginx
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: f4751347-3851-4e97-9edb-f33d47970f03-v4=GPm_dsybFS-c1j_JjE26nKuwXctQaUc06ClqS2IiUmA; Max-Age=86400; Expires=Thu, 15 Aug 2024 12:41:59 GMT; Domain=agraniedoutors.com; Path=/; Secure; HttpOnly;SameSite=None
voluum-cid-v4=%7B%22cid%22%3A%22wfns3scbgpav5ke3jarnm7lk%22%2C%22caid%22%3A%22f4751347-3851-4e97-9edb-f33d47970f03%22%7D; Max-Age=31536000; Expires=Thu, 14 Aug 2025 12:41:59 GMT; Domain=agraniedoutors.com; Path=/; Secure; HttpOnly;SameSite=None
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tDnYIqIzNVFDfA-0V6YLKuwYczWgOA8EkVrktx6nZLYcrYMFdeLOGQ==
X-Firefox-Spdy: h2

t.co/qkZ9VZxW3D

93.184.221.165

175 B

URL
t.co/qkZ9VZxW3D
IP
93.184.221.165:0
ASN
#15133 EDGECAST

File type
HTML document, ASCII text, with no line terminators
Size
175 B (175 bytes)
Hash
0349e0dcbc840a8f542f6bdbad68d6fd
4675bf455999d776b2f90cee50d4967ab01397ef
369fb1bb628e59347943e4dcc4aaebb1d128cde136ad9d45f36a561c6678a90e

HTTP Headers

GET /qkZ9VZxW3D HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
cache-control: private,max-age=300
content-type: text/html; charset=utf-8
date: Wed, 14 Aug 2024 12:41:59 GMT
expires: Wed, 14 Aug 2024 12:47:00 GMT
perf: 7402827104
server: tsa_o
set-cookie: muc=f546e4e4-e3e1-4aa1-9b80-26e20452c34b; Max-Age=34214400; Expires=Sun, 14 Sep 2025 12:42:00 GMT; Domain=t.co; Secure; SameSite=None
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 19dd5fe6cf44f6df8ce8f0acca9b1c1e744c0068386045d7f0a4eefa0b8a85e2
x-response-time: 111
x-transaction-id: dfe5aa6ee20a50f6
x-xss-protection: 0
content-length: 175
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
6efe8efe4ba538d6b1722d1d7fee24bb
c2206fdc807b774828a958071a5f3b27c4018788
931b722a63d781c0c8c1cbde231c0a45b76ce5d652418c7aaf56117a43044bdc

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "931B722A63D781C0C8C1CBDE231C0A45B76CE5D652418C7AAF56117A43044BDC"
Last-Modified: Tue, 13 Aug 2024 08:28:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16640
Expires: Wed, 14 Aug 2024 17:19:20 GMT
Date: Wed, 14 Aug 2024 12:42:00 GMT
Connection: keep-alive

t.co/favicon.ico

93.184.221.165

675 B

URL
t.co/favicon.ico
IP
93.184.221.165:0
ASN
#15133 EDGECAST

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
675 B (675 bytes)
Hash
864232b885e52799e6b0d1c37a4283a0
2c2500822c05b93cf169c338af2fdf7d04ea4260
2b56e0a792d9999e15f3ee39cabcba5cc3f88b4e640e71b3755c1424d8e12010

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.co/qkZ9VZxW3D
Cookie: muc=f546e4e4-e3e1-4aa1-9b80-26e20452c34b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store, max-age=0
content-type: image/x-icon
date: Wed, 14 Aug 2024 12:42:00 UTC
perf: 7402827104
server: tsa_o
strict-transport-security: max-age=0
x-connection-hash: c494301726afe364e61e30a077b04ab35d890962e1c354f26988812e2495413e
x-response-time: 100
x-transaction-id: 72a18f0e65619403
content-length: 675
X-Firefox-Spdy: h2

norskebettingsider.io/

64.226.90.236

200 OK

17 kB

URL User Request GET HTTP/1.1
norskebettingsider.io/
IP
64.226.90.236:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectnorskebettingsider.io
Fingerprint08:0A:E3:9E:50:FB:D3:3F:DE:57:8D:73:D9:3B:26:91:35:A0:C2:E5
ValidityMon, 24 Jun 2024 12:32:07 GMT - Sun, 22 Sep 2024 12:32:06 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1132), with CRLF, LF line terminators
Size
17 kB (17140 bytes)
Hash
3516af86454ae17d23a88a3346d8a018
e6da6d9acdf3326e62edfb33692856e87d4cc080
c8768cd0648bc7aa4da0d6eb81d87fcc43a9e33e569e3d3cfbf6f5d7c1ca243d

HTTP Headers

GET / HTTP/1.1
Host: norskebettingsider.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 14 Aug 2024 12:42:00 GMT
Server: Apache/2.4.52 (Ubuntu)
Link: <https://norskebettingsider.io/wp-json/>; rel="https://api.w.org/", <https://norskebettingsider.io/wp-json/wp/v2/pages/126>; rel="alternate"; title="JSON"; type="application/json", <https://norskebettingsider.io/>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17140
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cdn.jsdelivr.net/npm/remixicon@3.5.0/fonts/remixicon.css

104.18.186.31

200 OK

16 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/remixicon@3.5.0/fonts/remixicon.css
IP
104.18.186.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://norskebettingsider.io/
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
ASCII text
Size
16 kB (16438 bytes)
Hash
a1502679c4edcf458b19dce1380a0f79
e3c409b3612fed65e9bd95a5a724cc6cac3f6996
3319df8b9c28451700b6dc398868f64e5554b3cb164d188bf6f0cac6b6e39793

HTTP Headers

GET /npm/remixicon@3.5.0/fonts/remixicon.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://norskebettingsider.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 14 Aug 2024 12:42:00 GMT
content-type: text/css; charset=utf-8
content-length: 16438
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 3.5.0
x-jsd-version-type: version
etag: W/"1e1f5-48QJs2Ev7WXpvZWlpyTMbKw/aZY"
content-encoding: gzip
x-served-by: cache-fra-etou8220074-FRA, cache-lga21952-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 3466332
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yTATZsWCNsHXE%2BXAMgYY4kWL%2F7OjMSU2c%2FOyUp%2Ff%2BXY5o6G4E3bfKr8sPLS0VbC7oWbg1lJcREc0sZQ1470i4vUPtm988HUDlWjWp924eRJ2pe4E6BINJ%2FPhIczONzJuF9w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b3105bac85d5697-OSL
X-Firefox-Spdy: h2

norskebettingsider.io/wp-content/themes/nbs/style.css

64.226.90.236

200 OK

8.5 kB

URL GET HTTP/1.1
norskebettingsider.io/wp-content/themes/nbs/style.css
IP
64.226.90.236:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://norskebettingsider.io/
Certificate
IssuerLet's Encrypt
Subjectnorskebettingsider.io
Fingerprint08:0A:E3:9E:50:FB:D3:3F:DE:57:8D:73:D9:3B:26:91:35:A0:C2:E5
ValidityMon, 24 Jun 2024 12:32:07 GMT - Sun, 22 Sep 2024 12:32:06 GMT

File type
ASCII text
Size
8.5 kB (8467 bytes)
Hash
f874b632442dbe9fdef569ac9ff74771
f875922cc935d9a4c25bb62261dd874b2b76b774
a7e36d153e4f439fb9bde62a4cdb8e2b6492900636cd6e55e4f650be65290bf2

HTTP Headers

GET /wp-content/themes/nbs/style.css HTTP/1.1
Host: norskebettingsider.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://norskebettingsider.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 14 Aug 2024 12:42:00 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 12 Jul 2024 07:46:20 GMT
ETag: "df67-61d0813468aab-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8467
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

norskebettingsider.io/wp-content/themes/nbs/assets/js/custom.js?ver=1.0.0

64.226.90.236

200 OK

1.3 kB

URL GET HTTP/1.1
norskebettingsider.io/wp-content/themes/nbs/assets/js/custom.js?ver=1.0.0
IP
64.226.90.236:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://norskebettingsider.io/
Certificate
IssuerLet's Encrypt
Subjectnorskebettingsider.io
Fingerprint08:0A:E3:9E:50:FB:D3:3F:DE:57:8D:73:D9:3B:26:91:35:A0:C2:E5
ValidityMon, 24 Jun 2024 12:32:07 GMT - Sun, 22 Sep 2024 12:32:06 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
1.3 kB (1286 bytes)
Hash
6a40dcdb36368e733373652fba858f5d
d255d05604a2dc1c2345276b35b99e292742e193
aa40d8c14c758ee2847fee57c2e0c8ca27dfeae9454ee830c7121232d9aeb55f

HTTP Headers

GET /wp-content/themes/nbs/assets/js/custom.js?ver=1.0.0 HTTP/1.1
Host: norskebettingsider.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://norskebettingsider.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 14 Aug 2024 12:42:00 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 12 Jul 2024 07:46:20 GMT
ETag: "fd4-61d0813468aab-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1286
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/javascript

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
1d34c970341769f2767e533944b13bc5
a688af17a99853b760cd09296dcf6a16ff037c54
5cd14b964f7c4f6d6942652ede3b63ec56df8c1a2acd4d1ab15cc94cc7677f87

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5CD14B964F7C4F6D6942652EDE3B63EC56DF8C1A2ACD4D1AB15CC94CC7677F87"
Last-Modified: Tue, 13 Aug 2024 19:06:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12596
Expires: Wed, 14 Aug 2024 16:11:56 GMT
Date: Wed, 14 Aug 2024 12:42:00 GMT
Connection: keep-alive

norskebettingsider.io/wp-content/themes/nbs/assets/img/emta.png

64.226.90.236

200 OK

1.2 kB

URL GET HTTP/1.1
norskebettingsider.io/wp-content/themes/nbs/assets/img/emta.png
IP
64.226.90.236:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://norskebettingsider.io/
Certificate
IssuerLet's Encrypt
Subjectnorskebettingsider.io
Fingerprint08:0A:E3:9E:50:FB:D3:3F:DE:57:8D:73:D9:3B:26:91:35:A0:C2:E5
ValidityMon, 24 Jun 2024 12:32:07 GMT - Sun, 22 Sep 2024 12:32:06 GMT

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Size
1.2 kB (1189 bytes)
Hash
d9ebe2070f90d15e23ffc85af52a89ec
2d120748c3e920684f062d31e12ee46254190f10
75a257da389d220f0d7c516fb2a9ed92c93575f7e013ae92fc91d7c0f639f740

HTTP Headers

GET /wp-content/themes/nbs/assets/img/emta.png HTTP/1.1
Host: norskebettingsider.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://norskebettingsider.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 14 Aug 2024 12:42:00 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 12 Jul 2024 07:46:20 GMT
ETag: "4a5-61d0813468aab"
Accept-Ranges: bytes
Content-Length: 1189
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

norskebettingsider.io/wp-content/themes/nbs/assets/img/curacao.png

64.226.90.236

200 OK

1.6 kB

URL GET HTTP/1.1
norskebettingsider.io/wp-content/themes/nbs/assets/img/curacao.png
IP
64.226.90.236:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://norskebettingsider.io/
Certificate
IssuerLet's Encrypt
Subjectnorskebettingsider.io
Fingerprint08:0A:E3:9E:50:FB:D3:3F:DE:57:8D:73:D9:3B:26:91:35:A0:C2:E5
ValidityMon, 24 Jun 2024 12:32:07 GMT - Sun, 22 Sep 2024 12:32:06 GMT

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Size
1.6 kB (1587 bytes)
Hash
591d49ccac715b73abc0679edab07f04
ca1fa4b4b852d608a54bcd3229f91f99be6196e7
a13803d5cd6a8d07a0343fbd4a4b907a28f4c83a2972705d9eca284d6c6f3b3b

HTTP Headers

GET /wp-content/themes/nbs/assets/img/curacao.png HTTP/1.1
Host: norskebettingsider.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://norskebettingsider.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 14 Aug 2024 12:42:00 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 12 Jul 2024 07:46:20 GMT
ETag: "633-61d0813468aab"
Accept-Ranges: bytes
Content-Length: 1587
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

norskebettingsider.io/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

64.226.90.236

200 OK

30 kB

URL GET HTTP/1.1
norskebettingsider.io/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
64.226.90.236:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://norskebettingsider.io/
Certificate
IssuerLet's Encrypt
Subjectnorskebettingsider.io
Fingerprint08:0A:E3:9E:50:FB:D3:3F:DE:57:8D:73:D9:3B:26:91:35:A0:C2:E5
ValidityMon, 24 Jun 2024 12:32:07 GMT - Sun, 22 Sep 2024 12:32:06 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
30 kB (30368 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: norskebettingsider.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://norskebettingsider.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 14 Aug 2024 12:42:00 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Mon, 28 Aug 2023 17:14:23 GMT
ETag: "15601-603fed35e19c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30368
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/javascript

norskebettingsider.io/wp-content/uploads/2024/07/punterz.jpg

64.226.90.236

200 OK

35 kB

URL GET HTTP/1.1
norskebettingsider.io/wp-content/uploads/2024/07/punterz.jpg
IP
64.226.90.236:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://norskebettingsider.io/
Certificate
IssuerLet's Encrypt
Subjectnorskebettingsider.io
Fingerprint08:0A:E3:9E:50:FB:D3:3F:DE:57:8D:73:D9:3B:26:91:35:A0:C2:E5
ValidityMon, 24 Jun 2024 12:32:07 GMT - Sun, 22 Sep 2024 12:32:06 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 540x204, components 3
Size
35 kB (34990 bytes)
Hash
1fb11df29a16353bf158a9d8bea93cc7
7f3d0807c41b267b3cc92d192901dea564f05a0e
273b25c57f92d2cba57bea3bc4d6ee0e880f4504f4095ce9beb248cfa3817816

HTTP Headers

GET /wp-content/uploads/2024/07/punterz.jpg HTTP/1.1
Host: norskebettingsider.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://norskebettingsider.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 14 Aug 2024 12:42:00 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Tue, 16 Jul 2024 17:22:17 GMT
ETag: "88ae-61d609669ba24"
Accept-Ranges: bytes
Content-Length: 34990
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

cdn.websitepolicies.io/lib/cconsent/cconsent.min.js

194.242.11.186

200 OK

5.2 kB

URL GET HTTP/2
cdn.websitepolicies.io/lib/cconsent/cconsent.min.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://norskebettingsider.io/
Certificate
IssuerLet's Encrypt
Subjectcdn.websitepolicies.io
Fingerprint1F:8B:8A:C5:E2:49:EA:25:71:FC:BB:83:43:49:6F:18:76:F2:C1:8E
ValidityWed, 03 Jul 2024 12:11:06 GMT - Tue, 01 Oct 2024 12:11:05 GMT

File type
JavaScript source, ASCII text, with very long lines (12924), with no line terminators
Size
5.2 kB (5245 bytes)
Hash
030088ef32b8e51f317d571b8468fe4c
e0004aeb6da2ceaf098f0be2e1bbd7e8ebed00ae
d1519ebf5ea97240ca31b770ffd6b1e01e0dd041367fedaa61d56ef4f613edf4

HTTP Headers

GET /lib/cconsent/cconsent.min.js HTTP/1.1
Host: cdn.websitepolicies.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://norskebettingsider.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 14 Aug 2024 12:42:00 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 403741
cdn-uid: 16d357c7-5d61-4073-b136-11d78241bb5e
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
alt-svc: h3=":443"
cache-control: max-age=2592000
content-encoding: br
etag: W/"6426e30f-327c"
expires: Thu, 30 May 2024 17:51:01 GMT
last-modified: Fri, 31 Mar 2023 13:41:35 GMT
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WUaTjTVG9fWs0bQQFo5uFIJKXKzyj4oQ2XHbyeci9FXbUMsww2v67THswM5da%2BYGkevjwFw9%2FXn%2FaIzmZ6FtcuIhN9yfJsgqm34hbx0%2BZmI0RPuzDgbyc3MNCCAhOgOqL44ObnF8znXu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 87c960a32d2bb52d-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/30/2024 17:51:02
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 3dd24278dd71bb9d67a94b263e273acd
cdn-cache: HIT
X-Firefox-Spdy: h2

norskebettingsider.io/wp-content/uploads/2024/07/hot-bet.jpg

64.226.90.236

200 OK

41 kB

URL GET HTTP/1.1
norskebettingsider.io/wp-content/uploads/2024/07/hot-bet.jpg
IP
64.226.90.236:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://norskebettingsider.io/
Certificate
IssuerLet's Encrypt
Subjectnorskebettingsider.io
Fingerprint08:0A:E3:9E:50:FB:D3:3F:DE:57:8D:73:D9:3B:26:91:35:A0:C2:E5
ValidityMon, 24 Jun 2024 12:32:07 GMT - Sun, 22 Sep 2024 12:32:06 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 540x204, components 3
Size
41 kB (40742 bytes)
Hash
d34b268cd1d57199057a918dcfca3422
baf53c52114266a918aaa40114a4456b7f7cd78a
d78f738ce0a7b5a802954fe254f5c2cfdba70d7b33073935f8795d23add25e95

HTTP Headers

GET /wp-content/uploads/2024/07/hot-bet.jpg HTTP/1.1
Host: norskebettingsider.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://norskebettingsider.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 14 Aug 2024 12:42:00 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Tue, 16 Jul 2024 09:08:31 GMT
ETag: "9f26-61d59b08fc266"
Accept-Ranges: bytes
Content-Length: 40742
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

norskebettingsider.io/wp-content/themes/nbs/assets/img/norske-bettingsider.svg

64.226.90.236

200 OK

55 kB

URL GET HTTP/1.1
norskebettingsider.io/wp-content/themes/nbs/assets/img/norske-bettingsider.svg
IP
64.226.90.236:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://norskebettingsider.io/
Certificate
IssuerLet's Encrypt
Subjectnorskebettingsider.io
Fingerprint08:0A:E3:9E:50:FB:D3:3F:DE:57:8D:73:D9:3B:26:91:35:A0:C2:E5
ValidityMon, 24 Jun 2024 12:32:07 GMT - Sun, 22 Sep 2024 12:32:06 GMT

File type
SVG Scalable Vector Graphics image
Size
55 kB (54753 bytes)
Hash
36a5850f467b53cf983d7d2ec89de8ff
92acf87d1c03a8df52a0046874c98aeeb94a9801
b0b43c7933c6199de20ddc06d207683fe9674e75df93ac02bf1d0d45caed654a

HTTP Headers

GET /wp-content/themes/nbs/assets/img/norske-bettingsider.svg HTTP/1.1
Host: norskebettingsider.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://norskebettingsider.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 14 Aug 2024 12:42:00 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 12 Jul 2024 07:46:20 GMT
ETag: "d5e1-61d0813468aab"
Accept-Ranges: bytes
Content-Length: 54753
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml

norskebettingsider.io/wp-content/uploads/2024/07/jarle-jenssen.jpg

64.226.90.236

200 OK

28 kB

URL GET HTTP/1.1
norskebettingsider.io/wp-content/uploads/2024/07/jarle-jenssen.jpg
IP
64.226.90.236:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://norskebettingsider.io/
Certificate
IssuerLet's Encrypt
Subjectnorskebettingsider.io
Fingerprint08:0A:E3:9E:50:FB:D3:3F:DE:57:8D:73:D9:3B:26:91:35:A0:C2:E5
ValidityMon, 24 Jun 2024 12:32:07 GMT - Sun, 22 Sep 2024 12:32:06 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 160x160, components 3
Size
28 kB (28019 bytes)
Hash
e6c5e958885a6f8187821db197fe2e0b
f19a540aaba10b6ec3389233505fa895953805a0
75ca173b301d277b0ee9a439f2119a5cecc254d78c5f9e1774023e69100f7341

HTTP Headers

GET /wp-content/uploads/2024/07/jarle-jenssen.jpg HTTP/1.1
Host: norskebettingsider.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://norskebettingsider.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 14 Aug 2024 12:42:00 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Mon, 01 Jul 2024 06:35:46 GMT
ETag: "6d73-61c29cea9b2a2"
Accept-Ranges: bytes
Content-Length: 28019
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

norskebettingsider.io/wp-content/uploads/2024/07/ibet.jpg

64.226.90.236

200 OK

25 kB

URL GET HTTP/1.1
norskebettingsider.io/wp-content/uploads/2024/07/ibet.jpg
IP
64.226.90.236:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://norskebettingsider.io/
Certificate
IssuerLet's Encrypt
Subjectnorskebettingsider.io
Fingerprint08:0A:E3:9E:50:FB:D3:3F:DE:57:8D:73:D9:3B:26:91:35:A0:C2:E5
ValidityMon, 24 Jun 2024 12:32:07 GMT - Sun, 22 Sep 2024 12:32:06 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 540x204, components 3
Size
25 kB (25146 bytes)
Hash
943e90cfe3a40ae66a52f1a04469d4b7
e44ba57a673aa51386352e1eefa316da87e0c3cf
822c06c67b95d7b98d0a58f6482643e257e0152a17aac002a6447070afe4c36c

HTTP Headers

GET /wp-content/uploads/2024/07/ibet.jpg HTTP/1.1
Host: norskebettingsider.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://norskebettingsider.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 14 Aug 2024 12:42:00 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Mon, 22 Jul 2024 12:40:47 GMT
ETag: "623a-61dd55abcaa4f"
Accept-Ranges: bytes
Content-Length: 25146
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

norskebettingsider.io/wp-content/uploads/2024/07/prontobet.jpg

64.226.90.236

200 OK

36 kB

URL GET HTTP/1.1
norskebettingsider.io/wp-content/uploads/2024/07/prontobet.jpg
IP
64.226.90.236:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://norskebettingsider.io/
Certificate
IssuerLet's Encrypt
Subjectnorskebettingsider.io
Fingerprint08:0A:E3:9E:50:FB:D3:3F:DE:57:8D:73:D9:3B:26:91:35:A0:C2:E5
ValidityMon, 24 Jun 2024 12:32:07 GMT - Sun, 22 Sep 2024 12:32:06 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 540x204, components 3
Size
36 kB (36119 bytes)
Hash
2a9fcdec41dfa2d7065ead2ccd0510e5
127dd94d22b13c07b12735e1617c7f169aea6ccc
87be25d0870aaeddf83afa42797ea1bd73b16661293ca7d423c718627e6f6796

HTTP Headers

GET /wp-content/uploads/2024/07/prontobet.jpg HTTP/1.1
Host: norskebettingsider.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://norskebettingsider.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 14 Aug 2024 12:42:00 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Mon, 22 Jul 2024 12:14:50 GMT
ETag: "8d17-61dd4fdef53a6"
Accept-Ranges: bytes
Content-Length: 36119
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

norskebettingsider.io/wp-content/uploads/2024/07/dream-bet_.jpg

64.226.90.236

200 OK

20 kB

URL GET HTTP/1.1
norskebettingsider.io/wp-content/uploads/2024/07/dream-bet_.jpg
IP
64.226.90.236:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://norskebettingsider.io/
Certificate
IssuerLet's Encrypt
Subjectnorskebettingsider.io
Fingerprint08:0A:E3:9E:50:FB:D3:3F:DE:57:8D:73:D9:3B:26:91:35:A0:C2:E5
ValidityMon, 24 Jun 2024 12:32:07 GMT - Sun, 22 Sep 2024 12:32:06 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 540x204, components 3
Size
20 kB (19628 bytes)
Hash
9e2bb06f248cc190c1736c74bf1e7603
ecb2f23528e06f385a5ed8b89ded1fca2ec80e90
620dce8beac5b9a01c16b156eeab3609adf00a901a0a18818cfe0abb1b1f277c

HTTP Headers

GET /wp-content/uploads/2024/07/dream-bet_.jpg HTTP/1.1
Host: norskebettingsider.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://norskebettingsider.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 14 Aug 2024 12:42:00 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Tue, 16 Jul 2024 17:14:56 GMT
ETag: "4cac-61d607c1514f6"
Accept-Ranges: bytes
Content-Length: 19628
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

norskebettingsider.io/wp-content/themes/nbs/assets/img/mga.png

64.226.90.236

200 OK

564 B

URL GET HTTP/1.1
norskebettingsider.io/wp-content/themes/nbs/assets/img/mga.png
IP
64.226.90.236:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://norskebettingsider.io/
Certificate
IssuerLet's Encrypt
Subjectnorskebettingsider.io
Fingerprint08:0A:E3:9E:50:FB:D3:3F:DE:57:8D:73:D9:3B:26:91:35:A0:C2:E5
ValidityMon, 24 Jun 2024 12:32:07 GMT - Sun, 22 Sep 2024 12:32:06 GMT

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Size
564 B (564 bytes)
Hash
301696739d2fe784c6a11301eecc118e
4e531be5a6454353e5eb49a3ea881b3bf5c8eab6
562edd3b0041aa14759696ba6ef64aaedd827de88f8823a96279849b672adf7a

HTTP Headers

GET /wp-content/themes/nbs/assets/img/mga.png HTTP/1.1
Host: norskebettingsider.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://norskebettingsider.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 14 Aug 2024 12:42:00 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 12 Jul 2024 07:46:20 GMT
ETag: "234-61d0813468aab"
Accept-Ranges: bytes
Content-Length: 564
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

norskebettingsider.io/wp-content/uploads/2024/07/red-dice.jpg

64.226.90.236

200 OK

23 kB

URL GET HTTP/1.1
norskebettingsider.io/wp-content/uploads/2024/07/red-dice.jpg
IP
64.226.90.236:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://norskebettingsider.io/
Certificate
IssuerLet's Encrypt
Subjectnorskebettingsider.io
Fingerprint08:0A:E3:9E:50:FB:D3:3F:DE:57:8D:73:D9:3B:26:91:35:A0:C2:E5
ValidityMon, 24 Jun 2024 12:32:07 GMT - Sun, 22 Sep 2024 12:32:06 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 540x204, components 3
Size
23 kB (23243 bytes)
Hash
5c649e8bdc4a97fb8ffe9c7ee699a6ad
6bc59477ddba37f3de1a49562366d91655c42c4d
a3da1eaedcdc0529ebc5db4d9aef28827433cd18e9ebaefa3ba5998aa2c5bee8

HTTP Headers

GET /wp-content/uploads/2024/07/red-dice.jpg HTTP/1.1
Host: norskebettingsider.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://norskebettingsider.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 14 Aug 2024 12:42:00 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Mon, 22 Jul 2024 11:20:44 GMT
ETag: "5acb-61dd43c6a4e6d"
Accept-Ranges: bytes
Content-Length: 23243
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e56a082d6444f42c80a7ae10ec1e5909
b5a3766c1e5dcad969d411f99c54bb0ad0992ffb
5d15e52df1f7a97f31af113511ccade2d1aa23881cf1291255a79a30e201a1e4

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Aug 2024 12:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Fira+Sans:wght@400;500;700;900&display=swap

142.250.74.106

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Fira+Sans:wght@400;500;700;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://norskebettingsider.io/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC4:3F:12:39:D2:EC:4C:2C:1C:0A:A6:18:8E:2A:97:2C:D8:C2:7E:AF
ValidityTue, 30 Jul 2024 12:49:45 GMT - Tue, 22 Oct 2024 12:49:44 GMT

File type
gzip compressed data, max compression
Size
1.2 kB (1244 bytes)
Hash
26675f3ef408fa5a7fae884bdf466c22
48156b42670bbd92f378b6de0c6a6f424f51edfd
8a607fb25382ce891212c5e322c9f67d22d6c698be79b52ce2afb4bc868d36fe

HTTP Headers

GET /css2?family=Fira+Sans:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://norskebettingsider.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Aug 2024 12:42:00 GMT
date: Wed, 14 Aug 2024 12:42:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/remixicon@3.5.0/fonts/remixicon.woff2?t=1690730386070

104.18.186.31

200 OK

144 kB

URL GET HTTP/3
cdn.jsdelivr.net/npm/remixicon@3.5.0/fonts/remixicon.woff2?t=1690730386070
IP
104.18.186.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://norskebettingsider.io/
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 143720, version 1.0
Size
144 kB (143720 bytes)
Hash
a36fc087e9d4a3bdf4a2577e764f05c8
bf5516dcc619f8458cf0c2087347e3182d9062cb
b0d0b7e5101a1b8a54268b9188da520d19d74df9b35714a8ddb5987fad990591

HTTP Headers

GET /npm/remixicon@3.5.0/fonts/remixicon.woff2?t=1690730386070 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://norskebettingsider.io
DNT: 1
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 14 Aug 2024 12:42:01 GMT
content-type: font/woff2
content-length: 143720
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 3.5.0
x-jsd-version-type: version
etag: W/"23168-v1UW3MYZ+EWM8MIIc0fjGC2QYss"
x-served-by: cache-fra-etou8220072-FRA, cache-lga21960-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 3466526
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QYjquO7VL6eTwDlxXfd%2BP5peB9xnniZRJ6UgTqEt88JDVWrPuR4GetzLfdpqH9%2FLErGsRBxqw9c2QPV8wEUzY5kPWIUfCByjkguT43pp2fAxJNq9V0CIGWGE3lIMaJjekl4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b3105bd3cab56b5-OSL

fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

216.58.207.227

200 OK

25 kB

URL GET HTTP/2
fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://norskebettingsider.io/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24964, version 1.0
Size
25 kB (24964 bytes)
Hash
ab1e118c3ab25d4210327093166ca977
6d6c24619115649c4c80a20d725c78f65175fb38
45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc

HTTP Headers

GET /s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://norskebettingsider.io
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Aug 2024 01:56:20 GMT
expires: Tue, 12 Aug 2025 01:56:20 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 14:50:32 GMT
content-type: font/woff2
age: 211541
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://norskebettingsider.io/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23880, version 1.0
Size
24 kB (23880 bytes)
Hash
3327e58b1067b0af5d5f98c8ea3f3604
aaf02e57797dc98aa41fef219452674f02e06dd6
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57

HTTP Headers

GET /s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://norskebettingsider.io
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23880
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Aug 2024 03:01:19 GMT
expires: Sun, 10 Aug 2025 03:01:19 GMT
cache-control: public, max-age=31536000
age: 380442
last-modified: Tue, 02 May 2023 14:50:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
50a4a7906805a60318bdc9facec3b573
29d050938a52790e6cdad72830da0e51f0eaf125
d84de05fea477287d6a301c06e74d4cb60b990b10bbddccb8e38c1cb9006455f

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Aug 2024 12:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

norskebettingsider.io/wp-content/themes/nbs/assets/img/favicon.png

64.226.90.236

200 OK

1.8 kB

URL GET HTTP/1.1
norskebettingsider.io/wp-content/themes/nbs/assets/img/favicon.png
IP
64.226.90.236:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://norskebettingsider.io/
Certificate
IssuerLet's Encrypt
Subjectnorskebettingsider.io
Fingerprint08:0A:E3:9E:50:FB:D3:3F:DE:57:8D:73:D9:3B:26:91:35:A0:C2:E5
ValidityMon, 24 Jun 2024 12:32:07 GMT - Sun, 22 Sep 2024 12:32:06 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1771 bytes)
Hash
6674b50a8683f0662eb427ad7c2bce33
24bae3337c22ba571b2caeaee4774fbd7221fe05
449240eecfa998922bfe9fbe89796f8d94295b5295f10a5d7b1acadb2d0f2a4f

HTTP Headers

GET /wp-content/themes/nbs/assets/img/favicon.png HTTP/1.1
Host: norskebettingsider.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://norskebettingsider.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 14 Aug 2024 12:42:01 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 12 Jul 2024 07:46:20 GMT
ETag: "6eb-61d0813468aab"
Accept-Ranges: bytes
Content-Length: 1771
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

ookroush.com/4/7799258

139.45.197.243

22 kB

URL
ookroush.com/4/7799258
IP
139.45.197.243:0
ASN
#9002 RETN Limited

File type
gzip compressed data, max speed, from Unix
Size
22 kB (21847 bytes)
Hash
bb8a97b415b4f226849024392bfab347
087b8f270f9b79825314ebc68534cd1f1c56362a
d9597f9951bf5c3be19067f9a1a6ea1186ac6728462b3b391aa51a42514be2b5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /4/7799258 HTTP/1.1
Host: ookroush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 14 Aug 2024 12:41:59 GMT
content-type: text/html; charset=utf8
x-trace-id: 7189c76808dc9396a6aad1201aea0d48
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080b8e5973d4761fe6908fe8a35783f; expires=Thu, 14 Aug 2025 12:41:59 GMT; path=/; secure; SameSite=None
oaidts=1723639319; expires=Thu, 14 Aug 2025 12:41:59 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.websitepolicies.io/lib/cconsent/cconsent.min.css

194.242.11.186

200 OK

4.1 kB

URL GET HTTP/2
cdn.websitepolicies.io/lib/cconsent/cconsent.min.css
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://norskebettingsider.io/
Certificate
IssuerLet's Encrypt
Subjectcdn.websitepolicies.io
Fingerprint1F:8B:8A:C5:E2:49:EA:25:71:FC:BB:83:43:49:6F:18:76:F2:C1:8E
ValidityWed, 03 Jul 2024 12:11:06 GMT - Tue, 01 Oct 2024 12:11:05 GMT

File type
ASCII text, with very long lines (4061), with no line terminators
Size
4.1 kB (4061 bytes)
Hash
85aa23f1c650d56fce5c2debb62b7b91
f201c227f592dfb53b9b2260c847f6e09b0dfa99
85052f52964f14fe3aec6926f33ffb1d6d62dfa4d3f7fa60290d8c394f8914fe

HTTP Headers

GET /lib/cconsent/cconsent.min.css HTTP/1.1
Host: cdn.websitepolicies.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://norskebettingsider.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 14 Aug 2024 12:42:01 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 403741
cdn-uid: 16d357c7-5d61-4073-b136-11d78241bb5e
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
age: 196846
alt-svc: h3=":443"
cache-control: max-age=2592000
content-encoding: br
etag: W/"6426e318-fdd"
expires: Mon, 22 Jul 2024 09:31:52 GMT
last-modified: Fri, 31 Mar 2023 13:41:44 GMT
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B7Ky97PwsoYLUSXmxlJYGuyRepKvmb5u9qjWSOIfrAlKGkrrlsJvQ0jIHfPyaD8w8NscfHjdaOZ%2FIaSlOj6Wi5yVHR4cy4FR%2FWMiexkFtEvK5x0Adpo5SWamvUyLV0%2B2JBPLoEcyyl%2FH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 898e0025aa5956b9-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 06/24/2024 16:12:38
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 63031da553e6627de65a1820675f53af
cdn-cache: HIT
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (46)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN