Report - clarksnorge.net/

Report Overview

Visited public
2025-04-23 01:06:41
Tags
URL
clarksnorge.net/
Finishing URL
www.clarksnorge.net/
IP / ASN
104.160.5.112
#46805 Angelnet Limited
Title
Clarks Norge : Tidløs komfort og stil

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

118

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-04-16	8.3 kB	161 kB	142.250.178.42
clarksnorge.net	unknown	2023-08-07	2024-01-05	2024-10-27	484 B	103 kB	104.160.5.112
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-04-16	1.6 kB	26 kB	142.250.178.99
www.clarksnorge.net	unknown	2023-08-07	2024-12-12	2024-12-12	32 kB	17 MB	104.160.5.112

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed
2025-04-23	medium	clarksnorge.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (79)

URL IP Response Size

www.clarksnorge.net/images/kvinner/kvinners-sandaler/drivspenne_6X68H26_sand_kombinasjon_Clarks.png

104.160.5.112

200 OK

271 kB

URL GET
www.clarksnorge.net/images/kvinner/kvinners-sandaler/drivspenne_6X68H26_sand_kombinasjon_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
271 kB (270766 bytes)
Hash
25c287b7fca59c1f80fb44f7bd6e32fc
0de7b41ce3e27a03f0230ddbc51c4abb9d6febbe
ea6b9f0077cc9d865feaff6099ab25c1b8533381977b323236dcb021fc6088cd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/kvinners-sandaler/drivspenne_6X68H26_sand_kombinasjon_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 270766
last-modified: Mon, 11 Mar 2024 10:05:03 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eed74f-421ae"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

142.250.178.42

200 OK

34 kB

URL GET
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://www.clarksnorge.net/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7E:14:87:08:DF:BA:04:65:17:BA:3B:4F:BA:EA:BC:8C:3F:0A:A4:00
ValidityMon, 31 Mar 2025 08:55:43 GMT - Mon, 23 Jun 2025 08:55:42 GMT

File type
ASCII text, with very long lines (1572)
Size
34 kB (33510 bytes)
Hash
96bbf8b72a82b48af0dae5d748623ba5
298fbfe2e119d786f19a7414392bb2ee6f7dde64
1222c171f51afb03d90e701e6d1a9dbdbe31514f57c26b689f4e230ef328391f

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Apr 2025 01:06:12 GMT
date: Wed, 23 Apr 2025 01:06:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.clarksnorge.net/images/menn/tilbehor-for-menn/solid_mannskap_6X68H960_taupe_Clarks.png

104.160.5.112

200 OK

330 kB

URL GET
www.clarksnorge.net/images/menn/tilbehor-for-menn/solid_mannskap_6X68H960_taupe_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
330 kB (330172 bytes)
Hash
2869cbd6c152161d1f5279c57d9531e2
bd5901da65f16a194f67543152c92efd6109a592
11c6d2fa9ab105927601f38f3477f5c3282800450f2c80bc8dfc92f676790d6c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menn/tilbehor-for-menn/solid_mannskap_6X68H960_taupe_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 330172
last-modified: Mon, 11 Mar 2024 12:21:48 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eef75c-509bc"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/kvinners-sandaler/tuleah_sol_6X68H34_marine_skinn_Clarks.png

104.160.5.112

200 OK

334 kB

URL GET
www.clarksnorge.net/images/kvinner/kvinners-sandaler/tuleah_sol_6X68H34_marine_skinn_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
334 kB (333793 bytes)
Hash
9cf2513207ea88ac1f2da90be43753c3
1035ec4400480778c09abb58e6b2c232a0d35fc1
3a07b51afe15169e45e233f2f8653fdd4bcdc3df87d978f8b7386bce16c835d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/kvinners-sandaler/tuleah_sol_6X68H34_marine_skinn_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 333793
last-modified: Mon, 11 Mar 2024 10:06:17 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eed799-517e1"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Libre+Franklin:wght@100;200;300;400;500;600;700;800;900&display=swap

142.250.178.42

200 OK

18 kB

URL GET
fonts.googleapis.com/css2?family=Libre+Franklin:wght@100;200;300;400;500;600;700;800;900&display=swap
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://www.clarksnorge.net/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7E:14:87:08:DF:BA:04:65:17:BA:3B:4F:BA:EA:BC:8C:3F:0A:A4:00
ValidityMon, 31 Mar 2025 08:55:43 GMT - Mon, 23 Jun 2025 08:55:42 GMT

File type
ASCII text
Size
18 kB (17559 bytes)
Hash
f64ae941541249eec96d06f8e3c5ad7b
3653c05af239d54680485e0b10402601c20cfa08
174ff797df7ec6bf883050bff55d289e531668e34797993ecc6e6dc964e75b7e

HTTP Headers

GET /css2?family=Libre+Franklin:wght@100;200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Apr 2025 01:06:11 GMT
date: Wed, 23 Apr 2025 01:06:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.clarksnorge.net/images/kvinner/damestovler/wallabee_cup_st_vel_6X68H487_svart_nubuck_Clarks.png

104.160.5.112

200 OK

337 kB

URL GET
www.clarksnorge.net/images/kvinner/damestovler/wallabee_cup_st_vel_6X68H487_svart_nubuck_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
337 kB (337124 bytes)
Hash
0aeed93a2b08fe36f3c855d804d40cb8
c5783301b4a4b3520f289f993c5f96890a50e569
78940e85da23f48c3a1e2a6a177aea17874e61b17dde07742b6ffe098c6ac9c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/damestovler/wallabee_cup_st_vel_6X68H487_svart_nubuck_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 337124
last-modified: Mon, 11 Mar 2024 11:16:48 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eee820-524e4"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/damestovler/torhill_hei_6X68H389_m_rk_sand_semsket_skinn_Clarks.png

104.160.5.112

200 OK

444 kB

URL GET
www.clarksnorge.net/images/kvinner/damestovler/torhill_hei_6X68H389_m_rk_sand_semsket_skinn_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
444 kB (443494 bytes)
Hash
5b4cb3e8a9bfa5f752df61317aeb0d33
ca0f8b6a56b0889c8f6d867dbdd081f214d5db1c
006ae15745b546c2938e48470e2b9504d7849ce1d4cace6794205b10f8ec523b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/damestovler/torhill_hei_6X68H389_m_rk_sand_semsket_skinn_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 443494
last-modified: Mon, 11 Mar 2024 11:00:51 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eee463-6c466"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/kvinners-sandaler/tuleah_mai_6X68H36_Svart_l_r_Clarks.png

104.160.5.112

200 OK

289 kB

URL GET
www.clarksnorge.net/images/kvinner/kvinners-sandaler/tuleah_mai_6X68H36_Svart_l_r_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
289 kB (288729 bytes)
Hash
3afe8b7d27bb7c050a4d0bde1b17966b
2e2922ede7449515bf49e9ead624ab1d23aef222
9f7b88597adbc3dec3d2abcfbea275de1ab3cc8a60eb19a80481572264b2c9ff

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/kvinners-sandaler/tuleah_mai_6X68H36_Svart_l_r_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 288729
last-modified: Mon, 11 Mar 2024 10:06:34 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eed7aa-467d9"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/damestovler/un_loop_toppen_6X68H488_Svart_l_r_Clarks.png

104.160.5.112

200 OK

404 kB

URL GET
www.clarksnorge.net/images/kvinner/damestovler/un_loop_toppen_6X68H488_Svart_l_r_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
404 kB (403943 bytes)
Hash
18905b7cf7abb5165f5a3715444ede46
cfc1e71e24fdb1e6c95b569a4df5ff1f84ca574d
86542cc324715fa3cc9b59bb1086064bb4b6d57550db11238866f227c6d7e7fd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/damestovler/un_loop_toppen_6X68H488_Svart_l_r_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 403943
last-modified: Mon, 11 Mar 2024 11:16:57 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eee829-629e7"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/damestovler/memi_zip_6X68H493_Svart_l_r_Clarks.png

104.160.5.112

200 OK

295 kB

URL GET
www.clarksnorge.net/images/kvinner/damestovler/memi_zip_6X68H493_Svart_l_r_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
295 kB (294883 bytes)
Hash
0181d5a25d0bff7dc7f92c2582c6068c
70863e4ff328808c17b40902881721b33235d983
8b7c157f392360b79bcfbd9284471d33326cf046e6379d320cf4cc7bb0b2c7c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/damestovler/memi_zip_6X68H493_Svart_l_r_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 294883
last-modified: Mon, 11 Mar 2024 11:17:44 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eee858-47fe3"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/damestovler/trek_wedge_st_vel_6X68H392_svart_semsket_skinn_Clarks.png

104.160.5.112

200 OK

384 kB

URL GET
www.clarksnorge.net/images/kvinner/damestovler/trek_wedge_st_vel_6X68H392_svart_semsket_skinn_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
384 kB (383632 bytes)
Hash
b8ab90ff8a687b1b3b58f56d4f70edcc
c5f16d5278672ba84f0db3b88ece51bf252f1907
76a39317eee2af210c37885f7c66bd6dd8f71b1af7a79f78a16f034ef4e315a9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/damestovler/trek_wedge_st_vel_6X68H392_svart_semsket_skinn_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 383632
last-modified: Mon, 11 Mar 2024 11:01:15 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eee47b-5da90"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/menn/tilbehor-for-menn/solid_mannskap_6X68H963_kull_Clarks.png

104.160.5.112

200 OK

263 kB

URL GET
www.clarksnorge.net/images/menn/tilbehor-for-menn/solid_mannskap_6X68H963_kull_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
263 kB (263435 bytes)
Hash
03165537dcf7202a427780404d04cdd7
ed83fb7fdcb859624b5a17d0767c9ed27b132891
5407e562826c1d6719a08927a30a8e3cec37344117bac5ba04d73f5aeea865dc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menn/tilbehor-for-menn/solid_mannskap_6X68H963_kull_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 263435
last-modified: Mon, 11 Mar 2024 12:21:59 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eef767-4050b"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/damestovler/martine_rose_torhill_hei_6X68H393_rose_slange_Clarks.png

104.160.5.112

200 OK

479 kB

URL GET
www.clarksnorge.net/images/kvinner/damestovler/martine_rose_torhill_hei_6X68H393_rose_slange_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
479 kB (479352 bytes)
Hash
31b2311e3ad79b5d5b62b7e2f0b22cba
d12b6b542f3948f68a72927f1ca57587848a09ad
e947ece19c77813915427f10d5386d25fbf23d5f699e6427da52a6336ca26e53

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/damestovler/martine_rose_torhill_hei_6X68H393_rose_slange_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 479352
last-modified: Mon, 11 Mar 2024 11:01:24 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eee484-75078"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap

142.250.178.42

200 OK

6.8 kB

URL GET
fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://www.clarksnorge.net/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7E:14:87:08:DF:BA:04:65:17:BA:3B:4F:BA:EA:BC:8C:3F:0A:A4:00
ValidityMon, 31 Mar 2025 08:55:43 GMT - Mon, 23 Jun 2025 08:55:42 GMT

File type
ASCII text
Size
6.8 kB (6760 bytes)
Hash
fdadb3dce5d3214c01cd9fe539f3a4c5
063f9990ea698bc40ad956e87812626b31fe813b
7e54de6b61c47ea5ce879906f2fb6370bbd4af642d1a07528df1089753b13022

HTTP Headers

GET /css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Apr 2025 01:06:11 GMT
date: Wed, 23 Apr 2025 01:06:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.clarksnorge.net/images/kvinner/damestovler/seren_55_topp_6X68H492_Svart_l_r_Clarks.png

104.160.5.112

200 OK

416 kB

URL GET
www.clarksnorge.net/images/kvinner/damestovler/seren_55_topp_6X68H492_Svart_l_r_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
416 kB (416106 bytes)
Hash
e909954c3536af49e50fa2b467a12960
b2ea940ccccf8f01dbf71ce5b86266f0d62320d6
0591eeeeb62b57dc5f80f2ce3060a997261ce6797a94c1f647d79762d7428f93

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/damestovler/seren_55_topp_6X68H492_Svart_l_r_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 416106
last-modified: Mon, 11 Mar 2024 11:17:34 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eee84e-6596a"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/includes/templates/clarksnorge/jscript/jscript_plugins.js

104.160.5.112

200 OK

273 kB

URL GET
www.clarksnorge.net/includes/templates/clarksnorge/jscript/jscript_plugins.js
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (64795), with CRLF line terminators
Size
273 kB (273372 bytes)
Hash
36d8114fcecbbe3c7679bd537b80acdb
cacab1d6b85c4340de949407107d7744bf1691b3
7f458fbb712261d90f7bbbb34477872416103287ee9fd4eb649c189e009fbca4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/clarksnorge/jscript/jscript_plugins.js HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: application/javascript
last-modified: Thu, 30 May 2024 13:26:40 GMT
vary: Accept-Encoding
cache-control: max-age=300
expires: Wed, 23 Apr 2025 01:11:11 GMT
etag: W/"66587e90-42bdc"
content-encoding: gzip
X-Firefox-Spdy: h2

www.clarksnorge.net/images/menn/tilbehor-for-menn/solid_mannskap_6X68H962_svart_Clarks.png

104.160.5.112

200 OK

225 kB

URL GET
www.clarksnorge.net/images/menn/tilbehor-for-menn/solid_mannskap_6X68H962_svart_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
225 kB (224760 bytes)
Hash
b272ae2166ceddd82af579a250be2b68
3d7a3c4718ead0b193bbe8ba07cbb11914a9eb15
5819e40b3b0c3c69bf08d43c6f8f5db4686bf9080348faa6dd42bf317b78755f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menn/tilbehor-for-menn/solid_mannskap_6X68H962_svart_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 224760
last-modified: Mon, 11 Mar 2024 12:21:55 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eef763-36df8"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/kvinners-sandaler/merliah_raelyn_6X68H30_Svart_l_r_Clarks.png

104.160.5.112

200 OK

310 kB

URL GET
www.clarksnorge.net/images/kvinner/kvinners-sandaler/merliah_raelyn_6X68H30_Svart_l_r_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
310 kB (309960 bytes)
Hash
68d6b7caa3b7f30253dd98fd9e5d1fa9
0c6d123a58d9ab50fde1601b8ae1531c29cfd7bc
e48df80d4ed4ad1109c1e0e54367373e22b655275ad93ae90163eaa366cf5fcb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/kvinners-sandaler/merliah_raelyn_6X68H30_Svart_l_r_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 309960
last-modified: Mon, 11 Mar 2024 10:05:42 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eed776-4bac8"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/kvinners-sandaler/tuleah_sol_6X68H33_steinskinn_Clarks.png

104.160.5.112

200 OK

334 kB

URL GET
www.clarksnorge.net/images/kvinner/kvinners-sandaler/tuleah_sol_6X68H33_steinskinn_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
334 kB (333531 bytes)
Hash
5f309cf4af8358ba132cecda87b9d357
f34974fa7e599e9522ff326a756a064d7bfbbd07
dbd451849d6a9a5d4bf66709f87f0550a67e58b02f3be7e1a857b66670fd5ce9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/kvinners-sandaler/tuleah_sol_6X68H33_steinskinn_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 333531
last-modified: Mon, 11 Mar 2024 10:06:08 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eed790-516db"
accept-ranges: bytes
X-Firefox-Spdy: h2

clarksnorge.net/

104.160.5.112

301 Moved Permanently

102 kB

URL User Request GET
clarksnorge.net/
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type

Size
102 kB (102542 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 23 Apr 2025 01:06:09 GMT
content-type: text/html; charset=iso-8859-1
content-length: 236
location: https://www.clarksnorge.net/
X-Firefox-Spdy: h2

www.clarksnorge.net/

104.160.5.112

200 OK

102 kB

URL User Request GET
www.clarksnorge.net/
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2363), with CRLF, CR, LF line terminators
Size
102 kB (102542 bytes)
Hash
e1b66ebed08a706b3663679282afc3cf
2412958e086b3f6ed791af9fcfd93e2c6ab8cd52
9498098ed698383a687ca3bdb7f32ac55386bed471fdf6edbe9971c50af7645e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:10 GMT
content-type: text/html; charset=utf-8
content-length: 9895
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
set-cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9; path=/; domain=.www.clarksnorge.net; secure; HttpOnly; SameSite=lax
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/damestovler/martine_rose_torhill_hei_6X68H394_gr_nn_slange_Clarks.png

104.160.5.112

200 OK

467 kB

URL GET
www.clarksnorge.net/images/kvinner/damestovler/martine_rose_torhill_hei_6X68H394_gr_nn_slange_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
467 kB (467426 bytes)
Hash
0431198363c98a438c47309c31630f93
9588c2a7911124d61f04559999801c4329fbaa65
09035685a2dc5d4683a80bc3c67c984279e5469a771f1517a3e82e08689e32c5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/damestovler/martine_rose_torhill_hei_6X68H394_gr_nn_slange_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 467426
last-modified: Mon, 11 Mar 2024 11:01:34 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eee48e-721e2"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap

142.250.178.42

200 OK

12 kB

URL GET
fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://www.clarksnorge.net/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7E:14:87:08:DF:BA:04:65:17:BA:3B:4F:BA:EA:BC:8C:3F:0A:A4:00
ValidityMon, 31 Mar 2025 08:55:43 GMT - Mon, 23 Jun 2025 08:55:42 GMT

File type
ASCII text
Size
12 kB (11562 bytes)
Hash
973f68078d050e4ef1eb3375d801370e
df8bbed1613e7e694cb37d87fcad35b3a07d452a
c45ea91bad2704b080e42834ded3a1f697e71c898fc5bed23cd52c4901f3a01d

HTTP Headers

GET /css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Apr 2025 01:06:11 GMT
date: Wed, 23 Apr 2025 01:06:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.clarksnorge.net/images/menn/tilbehor-for-menn/3_pakke_foringer_6X68H955_svart_Clarks.png

104.160.5.112

200 OK

321 kB

URL GET
www.clarksnorge.net/images/menn/tilbehor-for-menn/3_pakke_foringer_6X68H955_svart_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
321 kB (320573 bytes)
Hash
9a179ad76cd6a4f6bca047952b1e99fa
f5ed7f1ab4b93c8d5be5b51bb3685ad35dfc3b0d
4d120a280fa46c95f0d128fbb0e9c9e2c417c13dc005b53fe2002ac3205d6747

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menn/tilbehor-for-menn/3_pakke_foringer_6X68H955_svart_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 320573
last-modified: Mon, 11 Mar 2024 12:21:28 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eef748-4e43d"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/payment.png

104.160.5.112

200 OK

6.2 kB

URL GET
www.clarksnorge.net/images/payment.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 248 x 26, 8-bit/color RGBA, non-interlaced
Size
6.2 kB (6248 bytes)
Hash
1fb5f66cada185d72ccefaeb9e9a2963
584108601272e3ed07abe10b4c3ca2f6b200d552
ef645db0e0a9a267fda954e584782b888929b2827548ecaef07600656022535b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/payment.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 6248
last-modified: Thu, 09 Jun 2022 15:19:36 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62a20f88-1868"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

142.250.178.99

200 OK

8.0 kB

URL GET
fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://www.clarksnorge.net/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:27:9C:C9:95:FF:8F:83:34:D0:B1:42:CB:B7:63:C0:8E:6F:3E:F1
ValidityMon, 31 Mar 2025 08:55:41 GMT - Mon, 23 Jun 2025 08:55:40 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.clarksnorge.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 17:59:32 GMT
expires: Fri, 17 Apr 2026 17:59:32 GMT
cache-control: public, max-age=31536000
age: 457601
last-modified: Wed, 04 Dec 2024 06:53:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.clarksnorge.net/includes/templates/clarksnorge/images/banner2.jpg

104.160.5.112

200 OK

150 kB

URL GET
www.clarksnorge.net/includes/templates/clarksnorge/images/banner2.jpg
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x720, components 3
Size
150 kB (149735 bytes)
Hash
65699373fedf393fead8a25588c2214f
4cae406daebb02014c9077a3c678da006e798329
893bdd9dcea2504c59673fe56e6f5dfcedcabad29a7da3f7f7e4c3911569e113

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/clarksnorge/images/banner2.jpg HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/jpeg
content-length: 149735
last-modified: Fri, 31 May 2024 02:05:03 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Fri, 23 May 2025 01:06:11 GMT
etag: "6659304f-248e7"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Staatliches&display=swap

142.250.178.42

200 OK

865 B

URL GET
fonts.googleapis.com/css2?family=Staatliches&display=swap
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://www.clarksnorge.net/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7E:14:87:08:DF:BA:04:65:17:BA:3B:4F:BA:EA:BC:8C:3F:0A:A4:00
ValidityMon, 31 Mar 2025 08:55:43 GMT - Mon, 23 Jun 2025 08:55:42 GMT

File type
ASCII text
Size
865 B (865 bytes)
Hash
c505c7b4546220eb1b8dcc888b511c37
0d72b695822407c71ba597776534f813d551d694
a55a8d2c10fc4662227d5a852ca8153c10c0540e47f602927705e1bba839fb02

HTTP Headers

GET /css2?family=Staatliches&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Apr 2025 01:06:12 GMT
date: Wed, 23 Apr 2025 01:06:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css2?family=Glegoo:wght@400;700&display=swap

142.250.178.42

200 OK

2.4 kB

URL GET
fonts.googleapis.com/css2?family=Glegoo:wght@400;700&display=swap
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://www.clarksnorge.net/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7E:14:87:08:DF:BA:04:65:17:BA:3B:4F:BA:EA:BC:8C:3F:0A:A4:00
ValidityMon, 31 Mar 2025 08:55:43 GMT - Mon, 23 Jun 2025 08:55:42 GMT

File type
ASCII text
Size
2.4 kB (2370 bytes)
Hash
af2b05854a2019533ae310b7b41214e7
b986b8fad9d1a3b562e9f970c0579f417012bea9
f21082e9c02b27821682de119c2881d95363984b8392064bf2b699fda7046cce

HTTP Headers

GET /css2?family=Glegoo:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Apr 2025 01:06:11 GMT
date: Wed, 23 Apr 2025 01:06:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.clarksnorge.net/images/kvinner/damestovler/ren_caddie_6X68H494_svart_semsket_skinn_Clarks.png

104.160.5.112

200 OK

185 kB

URL GET
www.clarksnorge.net/images/kvinner/damestovler/ren_caddie_6X68H494_svart_semsket_skinn_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
185 kB (185194 bytes)
Hash
52aa33119c1e2d6b8aa55620db37ebbb
41ee06ec324cefdbd1d3bca6adb1c2f3c01acc13
c9357c0901073961a759614a1e372a7827fcdaa552b5d4ff0ada7b4c1b3e9b29

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/damestovler/ren_caddie_6X68H494_svart_semsket_skinn_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 185194
last-modified: Mon, 11 Mar 2024 11:17:54 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eee862-2d36a"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Jost:wght@300;400;500;600;700;800&display=swap

142.250.178.42

200 OK

6.6 kB

URL GET
fonts.googleapis.com/css2?family=Jost:wght@300;400;500;600;700;800&display=swap
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://www.clarksnorge.net/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7E:14:87:08:DF:BA:04:65:17:BA:3B:4F:BA:EA:BC:8C:3F:0A:A4:00
ValidityMon, 31 Mar 2025 08:55:43 GMT - Mon, 23 Jun 2025 08:55:42 GMT

File type
ASCII text
Size
6.6 kB (6600 bytes)
Hash
18079f647e6965afb5f38f4cbb86497b
4a70688a9a0054e9c369ab7e81efc882d6d54407
debe95cb390f5df754de4cff8efab7b21a482f9bb44a616c57023385688d93a2

HTTP Headers

GET /css2?family=Jost:wght@300;400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Apr 2025 01:06:11 GMT
date: Wed, 23 Apr 2025 01:06:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.clarksnorge.net/images/menn/tilbehor-for-menn/solid_mannskap_6X68H961_marinen_Clarks.png

104.160.5.112

200 OK

257 kB

URL GET
www.clarksnorge.net/images/menn/tilbehor-for-menn/solid_mannskap_6X68H961_marinen_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
257 kB (257137 bytes)
Hash
cfb1acd556f922ae075ec834fd708abc
47f7b9436d4407e8bcefd85f7f5b64b5ba701f25
2411bda5985401f8acde6a168f5c39a9d970d9d5e214d265d64954ed7922a95c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menn/tilbehor-for-menn/solid_mannskap_6X68H961_marinen_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 257137
last-modified: Mon, 11 Mar 2024 12:21:52 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eef760-3ec71"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

142.250.178.99

200 OK

7.7 kB

URL GET
fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://www.clarksnorge.net/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:27:9C:C9:95:FF:8F:83:34:D0:B1:42:CB:B7:63:C0:8E:6F:3E:F1
ValidityMon, 31 Mar 2025 08:55:41 GMT - Mon, 23 Jun 2025 08:55:40 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.clarksnorge.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 18:00:13 GMT
expires: Fri, 17 Apr 2026 18:00:13 GMT
cache-control: public, max-age=31536000
age: 457559
last-modified: Wed, 04 Dec 2024 06:54:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.clarksnorge.net/images/menn/tilbehor-for-menn/menns_argyle_6X68H953_marinen_Clarks.png

104.160.5.112

200 OK

312 kB

URL GET
www.clarksnorge.net/images/menn/tilbehor-for-menn/menns_argyle_6X68H953_marinen_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
312 kB (311468 bytes)
Hash
aeda3197fcad072efeca10f0fc4bae8c
92c0f7d84fb35c188699193cb99c329d4e5fe584
17e8ba8d3695da0d7c77bcf3e0016950fa8e66092f2faa9c927f1c039bf212c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menn/tilbehor-for-menn/menns_argyle_6X68H953_marinen_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 311468
last-modified: Mon, 11 Mar 2024 12:21:20 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eef740-4c0ac"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.178.99

200 OK

7.9 kB

URL GET
fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://www.clarksnorge.net/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:27:9C:C9:95:FF:8F:83:34:D0:B1:42:CB:B7:63:C0:8E:6F:3E:F1
ValidityMon, 31 Mar 2025 08:55:41 GMT - Mon, 23 Jun 2025 08:55:40 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.clarksnorge.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 18:16:02 GMT
expires: Fri, 17 Apr 2026 18:16:02 GMT
cache-control: public, max-age=31536000
age: 456611
last-modified: Wed, 04 Dec 2024 06:53:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.clarksnorge.net/images/menn/tilbehor-for-menn/3_pack_atletisk_6X68H957_svart_Clarks.png

104.160.5.112

200 OK

383 kB

URL GET
www.clarksnorge.net/images/menn/tilbehor-for-menn/3_pack_atletisk_6X68H957_svart_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
383 kB (383230 bytes)
Hash
82ca8efaf0430253e2e11f87f2db3cb8
6e290bd27702368b30b0b4a4d5a32b5cefdb68df
bef5cf7bbddccfa3a646a7d4e2c3a729d730b95dcc986a61244ceca0ebeca62d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menn/tilbehor-for-menn/3_pack_atletisk_6X68H957_svart_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 383230
last-modified: Mon, 11 Mar 2024 12:21:35 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eef74f-5d8fe"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/includes/templates/clarksnorge/jscript/jscript_cookies.js

104.160.5.112

200 OK

745 B

URL GET
www.clarksnorge.net/includes/templates/clarksnorge/jscript/jscript_cookies.js
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (745), with no line terminators
Size
745 B (745 bytes)
Hash
65807f4bee7bcb4f6af769919ee805d3
c75e394f474f9238cb539f8b7ef9708cc083eff2
6979054ef7300efc7abcaefb0168e095f82adc208a00837ae1a95e0f72e2b598

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/clarksnorge/jscript/jscript_cookies.js HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: application/javascript
content-length: 430
x-accel-version: 0.01
last-modified: Thu, 30 May 2024 13:26:40 GMT
accept-ranges: bytes
cache-control: max-age=300
expires: Wed, 23 Apr 2025 01:11:11 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap

142.250.178.42

200 OK

9.7 kB

URL GET
fonts.googleapis.com/css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://www.clarksnorge.net/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7E:14:87:08:DF:BA:04:65:17:BA:3B:4F:BA:EA:BC:8C:3F:0A:A4:00
ValidityMon, 31 Mar 2025 08:55:43 GMT - Mon, 23 Jun 2025 08:55:42 GMT

File type
ASCII text
Size
9.7 kB (9656 bytes)
Hash
8209cff806aae56af4384e75c88bf521
9612d3683c6684462b6182398b41ae239cf00549
ea8def94ac615a03ed43ed4d8bb30dfde63f50e4c7d0b6ff58d0640fcd418a40

HTTP Headers

GET /css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Apr 2025 01:06:11 GMT
date: Wed, 23 Apr 2025 01:06:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.clarksnorge.net/images/kvinner/damestovler/oktavia_opp_6X68H386_m_rk_brun_semsket_skinn_Clarks.png

104.160.5.112

200 OK

466 kB

URL GET
www.clarksnorge.net/images/kvinner/damestovler/oktavia_opp_6X68H386_m_rk_brun_semsket_skinn_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
466 kB (465838 bytes)
Hash
6d58b3665b5cc27ee402165fa7fbdabb
fb37c0c83a98330f1ab0992bbc0678ebdb415991
2a1dc73c30e89061a00c3bb0420ec5ac510cd8a0be78daeb7a9a52c37b9ef7d6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/damestovler/oktavia_opp_6X68H386_m_rk_brun_semsket_skinn_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 465838
last-modified: Mon, 11 Mar 2024 11:00:15 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eee43f-71bae"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/damestovler/torhill_hei_6X68H388_svart_semsket_skinn_Clarks.png

104.160.5.112

200 OK

282 kB

URL GET
www.clarksnorge.net/images/kvinner/damestovler/torhill_hei_6X68H388_svart_semsket_skinn_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
282 kB (281967 bytes)
Hash
ce3f6f23819ab518a71f73b05dcc5761
bd11d4b7b984d23013cefb9f2e5d231cd4191113
d55444cb3feec4c022844878db4de03feb6e147c6b8856791276c4fda8a7737a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/damestovler/torhill_hei_6X68H388_svart_semsket_skinn_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 281967
last-modified: Mon, 11 Mar 2024 11:00:39 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eee457-44d6f"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/menn/tilbehor-for-menn/3_pakke_foringer_6X68H956_flerfarget_Clarks.png

104.160.5.112

200 OK

348 kB

URL GET
www.clarksnorge.net/images/menn/tilbehor-for-menn/3_pakke_foringer_6X68H956_flerfarget_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
348 kB (348240 bytes)
Hash
f3529958f8ba60903671e13a569d326e
c1d9343749e9f4c346a85e8dc93bce19750f6d80
8f79ce4cbd8747bc8048ee089ebdfb7ff96e0048881cdf3d363b1177b031dd9b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menn/tilbehor-for-menn/3_pakke_foringer_6X68H956_flerfarget_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 348240
last-modified: Mon, 11 Mar 2024 12:21:32 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eef74c-55050"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap

142.250.178.42

200 OK

2.7 kB

URL GET
fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://www.clarksnorge.net/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7E:14:87:08:DF:BA:04:65:17:BA:3B:4F:BA:EA:BC:8C:3F:0A:A4:00
ValidityMon, 31 Mar 2025 08:55:43 GMT - Mon, 23 Jun 2025 08:55:42 GMT

File type
ASCII text
Size
2.7 kB (2722 bytes)
Hash
cd7c8011d2e1f591c5b0f83195868d5c
ae9e31b75da6791e7dbada5bd7120370902381d2
8e286859dc23eb55d4905899f421af508e44ceb53293d55ea4e85d434314e7d9

HTTP Headers

GET /css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Apr 2025 01:06:11 GMT
date: Wed, 23 Apr 2025 01:06:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.clarksnorge.net/images/kvinner/damestovler/calla_zip_6X68H490_svart_crinkle_patent_Clarks.png

104.160.5.112

200 OK

384 kB

URL GET
www.clarksnorge.net/images/kvinner/damestovler/calla_zip_6X68H490_svart_crinkle_patent_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
384 kB (383726 bytes)
Hash
121a142c6dc9e0079862c3f00767f624
ff889bd0520a3a9b65331653b7953e6b6722fa70
c462b32928563fe65f8c457fc3b5f0eb654658ec2dfd85d17845a382f38f5181

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/damestovler/calla_zip_6X68H490_svart_crinkle_patent_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 383726
last-modified: Mon, 11 Mar 2024 11:17:16 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eee83c-5daee"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/damestovler/ren_caddie_6X68H495_Svart_l_r_Clarks.png

104.160.5.112

200 OK

204 kB

URL GET
www.clarksnorge.net/images/kvinner/damestovler/ren_caddie_6X68H495_Svart_l_r_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
204 kB (204119 bytes)
Hash
9c9eed1740c7e3a4fcec37f48622fc9a
d0050f1c365adf979ea6a22ad575183398b0fbba
2d1a605b36e1af894493c6280977691582eb68c3db38fdca6ff27a38e2f33c4f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/damestovler/ren_caddie_6X68H495_Svart_l_r_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 204119
last-modified: Mon, 11 Mar 2024 11:18:04 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eee86c-31d57"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/includes/templates/clarksnorge/images/banner3.jpg

104.160.5.112

200 OK

160 kB

URL GET
www.clarksnorge.net/includes/templates/clarksnorge/images/banner3.jpg
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x720, components 3
Size
160 kB (159496 bytes)
Hash
2519245c6aee80c83162f678a07b4aef
2126cebeaa4092d8c69c2f533ce824678b96196b
5d1cacb08b8f2ecaf5701fec3568963e78306b4a29e4ab58574de8ae37342d09

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/clarksnorge/images/banner3.jpg HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/jpeg
content-length: 159496
last-modified: Fri, 31 May 2024 02:05:03 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Fri, 23 May 2025 01:06:11 GMT
etag: "6659304f-26f08"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Crimson+Pro:wght@200;300;400;500;600;700;800;900&display=swap

142.250.178.42

200 OK

10 kB

URL GET
fonts.googleapis.com/css2?family=Crimson+Pro:wght@200;300;400;500;600;700;800;900&display=swap
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://www.clarksnorge.net/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7E:14:87:08:DF:BA:04:65:17:BA:3B:4F:BA:EA:BC:8C:3F:0A:A4:00
ValidityMon, 31 Mar 2025 08:55:43 GMT - Mon, 23 Jun 2025 08:55:42 GMT

File type
ASCII text
Size
10 kB (10152 bytes)
Hash
d0eee640ebed959d87434b2c23cfa085
60a198ed32c124612380a1c680b320ecc79cdafa
3bf18f8ac664e7de75fc7016a3aadd3f1285c2a20d9bb9b1938691e61fc880af

HTTP Headers

GET /css2?family=Crimson+Pro:wght@200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Apr 2025 01:06:12 GMT
date: Wed, 23 Apr 2025 01:06:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.clarksnorge.net/images/menn/tilbehor-for-menn/3_pack_atletisk_no_show_6X68H958_flerfarget_Clarks.png

104.160.5.112

200 OK

413 kB

URL GET
www.clarksnorge.net/images/menn/tilbehor-for-menn/3_pack_atletisk_no_show_6X68H958_flerfarget_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
413 kB (413230 bytes)
Hash
c0465f15d2961e82fc7d75deb2f23e61
fc3d8c9c47769920304ef9be83bc4a766f8a89e6
9f416b2514bb326add97a2623dfa27be6e0e852f5b3c31a66369f49badc2712b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menn/tilbehor-for-menn/3_pack_atletisk_no_show_6X68H958_flerfarget_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 413230
last-modified: Mon, 11 Mar 2024 12:21:39 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eef753-64e2e"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/kvinners-sandaler/tuleah_sol_6X68H32_Svart_l_r_Clarks.png

104.160.5.112

200 OK

333 kB

URL GET
www.clarksnorge.net/images/kvinner/kvinners-sandaler/tuleah_sol_6X68H32_Svart_l_r_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
333 kB (333171 bytes)
Hash
fb9a9bc755dcc22d99ffe9fd026f9526
1f2af0d02f00775deadd8a76eb6169e68d1b9d1b
ded6a5625ed450507245eef99af7efb6622005173cd2bf5577b02b75425b3240

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/kvinners-sandaler/tuleah_sol_6X68H32_Svart_l_r_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 333171
last-modified: Mon, 11 Mar 2024 10:06:00 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eed788-51573"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/kvinners-sandaler/tuleah_sol_6X68H31_brunt_skinn_Clarks.png

104.160.5.112

200 OK

352 kB

URL GET
www.clarksnorge.net/images/kvinner/kvinners-sandaler/tuleah_sol_6X68H31_brunt_skinn_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
352 kB (351570 bytes)
Hash
22820bfb05d5ef62dc1a163d7754a591
e13d60a867c2e7fa40959f03c74acd873ab7c965
6062ff33d337fe511ad06feae2273fc5d4e50e0ccb9a3f6a48be1bceb6e7de4b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/kvinners-sandaler/tuleah_sol_6X68H31_brunt_skinn_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 351570
last-modified: Mon, 11 Mar 2024 10:05:52 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eed780-55d52"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

142.250.178.42

200 OK

7.8 kB

URL GET
fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://www.clarksnorge.net/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7E:14:87:08:DF:BA:04:65:17:BA:3B:4F:BA:EA:BC:8C:3F:0A:A4:00
ValidityMon, 31 Mar 2025 08:55:43 GMT - Mon, 23 Jun 2025 08:55:42 GMT

File type
ASCII text
Size
7.8 kB (7794 bytes)
Hash
7031b7c9bfd2128cc10918c9fcf8682b
e431d72065928623e0da948c3eb4808f8d9e37dd
58f34dfefee98b8d0cd4b4d8d66f9ecbca5911bc1fce4b8cda3e2918feae6f72

HTTP Headers

GET /css2?family=Roboto+Condensed:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Apr 2025 01:06:12 GMT
date: Wed, 23 Apr 2025 01:06:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.clarksnorge.net/includes/templates/clarksnorge/images/logo.png

104.160.5.112

200 OK

4.0 kB

URL GET
www.clarksnorge.net/includes/templates/clarksnorge/images/logo.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 300 x 81, 8-bit/color RGBA, non-interlaced
Size
4.0 kB (4038 bytes)
Hash
6872153b8064073ad61eb2b00b3237e6
659ddfebc9ddf1f2c857ce9672d89e9c24ab6c62
6c83c588001942af44740eb9871a9f2aee7e484ed1ff70ffcd542d340540dc28

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/clarksnorge/images/logo.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 4038
last-modified: Fri, 31 May 2024 02:05:02 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Fri, 23 May 2025 01:06:11 GMT
etag: "6659304e-fc6"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/damestovler/oktavia_opp_6X68H387_Svart_l_r_Clarks.png

104.160.5.112

200 OK

529 kB

URL GET
www.clarksnorge.net/images/kvinner/damestovler/oktavia_opp_6X68H387_Svart_l_r_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
529 kB (528797 bytes)
Hash
d2443b793e7500a7df0f8b2f6e6b7385
9f850a4f9ae5f9d09937905fd7e05584b58e6bc7
89cbb37de0bdea8375588193eb24122b78488a1ca2789851badb9d43e5cb2357

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/damestovler/oktavia_opp_6X68H387_Svart_l_r_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 528797
last-modified: Mon, 11 Mar 2024 11:00:25 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eee449-8119d"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Merienda:wght@400;700&display=swap

142.250.178.42

200 OK

2.5 kB

URL GET
fonts.googleapis.com/css2?family=Merienda:wght@400;700&display=swap
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://www.clarksnorge.net/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7E:14:87:08:DF:BA:04:65:17:BA:3B:4F:BA:EA:BC:8C:3F:0A:A4:00
ValidityMon, 31 Mar 2025 08:55:43 GMT - Mon, 23 Jun 2025 08:55:42 GMT

File type
ASCII text
Size
2.5 kB (2484 bytes)
Hash
4c825e58d6483b66bef1e1b402286403
f061db2936035efcf7142c36b98c28c98c601fc5
75bca623ff67e3c42e315ed00ff88191d113028df40e802d4d697a8e85535578

HTTP Headers

GET /css2?family=Merienda:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Apr 2025 01:06:12 GMT
date: Wed, 23 Apr 2025 01:06:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.clarksnorge.net/images/kvinner/damestovler/torhill_hei_6X68H390_Svart_velvet_Clarks.png

104.160.5.112

200 OK

366 kB

URL GET
www.clarksnorge.net/images/kvinner/damestovler/torhill_hei_6X68H390_Svart_velvet_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
366 kB (366144 bytes)
Hash
b5e48069b56a00ce67926819d6b04456
71b65522ee457a75f1565eeb960af4d541107e12
c86825e6f385bacccf69f32af0920301e91fdd65ad12c6f54b87c35c3c761d70

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/damestovler/torhill_hei_6X68H390_Svart_velvet_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 366144
last-modified: Mon, 11 Mar 2024 11:00:58 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eee46a-59640"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/kvinners-sandaler/merliah_raelyn_6X68H29_hvitt_skinn_Clarks.png

104.160.5.112

200 OK

297 kB

URL GET
www.clarksnorge.net/images/kvinner/kvinners-sandaler/merliah_raelyn_6X68H29_hvitt_skinn_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
297 kB (297160 bytes)
Hash
9d4d74c0965c525cb8f23fce1bcdf1f4
af50b91fcb63a17fd6d126a0585e5f829d14b17e
fbebb4e9689fa7de56c0ada3e437b1ddeca4014c5695680d90cbcc794f0a9e91

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/kvinners-sandaler/merliah_raelyn_6X68H29_hvitt_skinn_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 297160
last-modified: Mon, 11 Mar 2024 10:05:32 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eed76c-488c8"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/damestovler/un_loop_toppen_6X68H489_m_rkebrun_Clarks.png

104.160.5.112

200 OK

490 kB

URL GET
www.clarksnorge.net/images/kvinner/damestovler/un_loop_toppen_6X68H489_m_rkebrun_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
490 kB (490539 bytes)
Hash
1db8ae96293f5969a35ad7e02ddca114
a1f92aa2f8b6d4e559ebb56f888f2ff8085b7329
aacbab7eab392a61d697fd7a103d2deefdbf30c528b0170fba0159d902cc1675

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/damestovler/un_loop_toppen_6X68H489_m_rkebrun_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 490539
last-modified: Mon, 11 Mar 2024 11:17:07 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eee833-77c2b"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Alata&display=swap

142.250.178.42

200 OK

1.2 kB

URL GET
fonts.googleapis.com/css2?family=Alata&display=swap
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://www.clarksnorge.net/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7E:14:87:08:DF:BA:04:65:17:BA:3B:4F:BA:EA:BC:8C:3F:0A:A4:00
ValidityMon, 31 Mar 2025 08:55:43 GMT - Mon, 23 Jun 2025 08:55:42 GMT

File type
ASCII text
Size
1.2 kB (1212 bytes)
Hash
216417cf1b78673b5ec7caa4ff05bef9
e566f62b35b347e0f59b779a5c58d914babdc70c
c4c3672e4431a4db73b14f57fcbf04eeaac3599752380f766ba55da9c2056b79

HTTP Headers

GET /css2?family=Alata&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Apr 2025 01:06:12 GMT
date: Wed, 23 Apr 2025 01:06:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.clarksnorge.net/images/menn/tilbehor-for-menn/menns_argyle_6X68H954_kull_Clarks.png

104.160.5.112

200 OK

326 kB

URL GET
www.clarksnorge.net/images/menn/tilbehor-for-menn/menns_argyle_6X68H954_kull_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
326 kB (326406 bytes)
Hash
04887164db5659c2ebc933a705824c48
78afe6e5386293528ac2454b240064906be66115
6bfb7443735fe45e0bb4f1753f3f70fb52b874fddefc13a63a80f7f6333a3189

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menn/tilbehor-for-menn/menns_argyle_6X68H954_kull_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 326406
last-modified: Mon, 11 Mar 2024 12:21:24 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eef744-4fb06"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/includes/templates/clarksnorge/fonts/annimex-icons.ttf?teavmy

104.160.5.112

200 OK

141 kB

URL GET
www.clarksnorge.net/includes/templates/clarksnorge/fonts/annimex-icons.ttf?teavmy
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, adorn-icons
Size
141 kB (140608 bytes)
Hash
7d3c0284348a1f07b4cd6ff41354551b
6ff4eb286a7b3c980866382a40dd9279c99cb9cd
924025d175bc0292a137b2b46a4ee48e77c8618c3ea19e44214b6abf30f16005

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/clarksnorge/fonts/annimex-icons.ttf?teavmy HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/includes/templates/clarksnorge/css/style_plugins.css
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:12 GMT
content-type: application/x-font-ttf
content-length: 140608
last-modified: Thu, 09 Jun 2022 01:11:08 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Wed, 23 Apr 2025 01:11:12 GMT
etag: "62a148ac-22540"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/includes/templates/clarksnorge/css/style_plugins.css

104.160.5.112

200 OK

221 kB

URL GET
www.clarksnorge.net/includes/templates/clarksnorge/css/style_plugins.css
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (64819), with CRLF line terminators
Size
221 kB (220842 bytes)
Hash
fa7a53072e154ba08c4f7a3cd5ea4422
ee4f4306a163636849ac5e5882e1ba55efc21932
330d6fcd2e245a900516e5dd0e2e329c89faeba64ad002ff3870eb09469b0588

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/clarksnorge/css/style_plugins.css HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: text/css
last-modified: Thu, 30 May 2024 13:26:32 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Wed, 23 Apr 2025 02:06:11 GMT
etag: W/"66587e88-35eaa"
content-encoding: gzip
X-Firefox-Spdy: h2

www.clarksnorge.net/includes/templates/clarksnorge/css/style_zp.css

104.160.5.112

200 OK

14 kB

URL GET
www.clarksnorge.net/includes/templates/clarksnorge/css/style_zp.css
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
14 kB (14261 bytes)
Hash
1aab931ce3c5f15ea44aceb7ea0da097
b17c592037856224b004a6f134b013ffe727f5fd
1278f032978bf67ee4458d1ffab0e4190c8c8429b8b5e314dadfe534021d40dd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/clarksnorge/css/style_zp.css HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: text/css
last-modified: Thu, 30 May 2024 13:26:32 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Wed, 23 Apr 2025 02:06:11 GMT
etag: W/"66587e88-37b5"
content-encoding: gzip
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/damestovler/cologne_arlo_6X68H491_lett_brunt_semsket_skinn_Clarks.png

104.160.5.112

200 OK

590 kB

URL GET
www.clarksnorge.net/images/kvinner/damestovler/cologne_arlo_6X68H491_lett_brunt_semsket_skinn_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
590 kB (589676 bytes)
Hash
5b2650adf19e8a099214b9ebdef9ebe5
75ba7a11f8a5df784bc99133c7d9b33ee2efa4d9
19262bd6cbdc1f96b612993d442a6969095fa8e16a9f9723f9a425ac84778b92

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/damestovler/cologne_arlo_6X68H491_lett_brunt_semsket_skinn_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 589676
last-modified: Mon, 11 Mar 2024 11:17:25 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eee845-8ff6c"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/includes/templates/clarksnorge/jscript/jquery.min.js

104.160.5.112

200 OK

90 kB

URL GET
www.clarksnorge.net/includes/templates/clarksnorge/jscript/jquery.min.js
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/clarksnorge/jscript/jquery.min.js HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: application/javascript
last-modified: Thu, 30 May 2024 13:26:40 GMT
vary: Accept-Encoding
cache-control: max-age=300
expires: Wed, 23 Apr 2025 01:11:11 GMT
etag: W/"66587e90-15d9d"
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap

142.250.178.42

200 OK

5.2 kB

URL GET
fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://www.clarksnorge.net/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7E:14:87:08:DF:BA:04:65:17:BA:3B:4F:BA:EA:BC:8C:3F:0A:A4:00
ValidityMon, 31 Mar 2025 08:55:43 GMT - Mon, 23 Jun 2025 08:55:42 GMT

File type
ASCII text
Size
5.2 kB (5196 bytes)
Hash
3bf584d20200220fcc39b5e65d8570f8
6c7ad21e6a518a6ba13bf25e44b92a68508034b7
261f1e6a1c70c745d80cbc4336f3cc1b5736b4f18929dd2cc81f5ebfd090bec5

HTTP Headers

GET /css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Apr 2025 01:06:11 GMT
date: Wed, 23 Apr 2025 01:06:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.clarksnorge.net/includes/templates/clarksnorge/css/stylesheet.css

104.160.5.112

200 OK

62 kB

URL GET
www.clarksnorge.net/includes/templates/clarksnorge/css/stylesheet.css
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
ASCII text, with very long lines (349), with CRLF line terminators
Size
62 kB (62531 bytes)
Hash
f726d340e71840550632f160f1f92c50
514f17ed05a9b73ebf8a7cd103f3d24da33bdda9
21bffa95d754034d7c1352dbe4dff9fd085d3d7b2534af4cd89b9c5ee43eb53a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/clarksnorge/css/stylesheet.css HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: text/css
last-modified: Thu, 30 May 2024 13:26:32 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Wed, 23 Apr 2025 02:06:11 GMT
etag: W/"66587e88-f443"
content-encoding: gzip
X-Firefox-Spdy: h2

www.clarksnorge.net/includes/templates/clarksnorge/images/banner1.jpg

104.160.5.112

200 OK

164 kB

URL GET
www.clarksnorge.net/includes/templates/clarksnorge/images/banner1.jpg
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x720, components 3
Size
164 kB (163807 bytes)
Hash
03a27aa6a5a1cf949d6812d4d281eb5c
5129d35b29758ce30d089335451c779a3dc74195
26d287a48bc81533b88e253287755d1bbaefb2ace06eefcb85e81bef41f14862

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/clarksnorge/images/banner1.jpg HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/jpeg
content-length: 163807
last-modified: Fri, 31 May 2024 02:05:03 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Fri, 23 May 2025 01:06:11 GMT
etag: "6659304f-27fdf"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/includes/templates/clarksnorge/jscript/jscript_zmain.js

104.160.5.112

200 OK

55 kB

URL GET
www.clarksnorge.net/includes/templates/clarksnorge/jscript/jscript_zmain.js
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (528), with CRLF line terminators
Size
55 kB (54953 bytes)
Hash
108936fd373556e5b51ebded20564122
f5edc3aea0309ea3b0ba4283f66d46e75fd73e3c
51c20acc572af12a66ca8508ab1b11ca6c29086c303bab771a58a5dbbb3e6628

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/clarksnorge/jscript/jscript_zmain.js HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: application/javascript
last-modified: Thu, 30 May 2024 13:26:40 GMT
vary: Accept-Encoding
cache-control: max-age=300
expires: Wed, 23 Apr 2025 01:11:11 GMT
etag: W/"66587e90-d6a9"
content-encoding: gzip
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/kvinners-sandaler/sivanne_bukt_6X68H37_tan_interesse_Clarks.png

104.160.5.112

200 OK

394 kB

URL GET
www.clarksnorge.net/images/kvinner/kvinners-sandaler/sivanne_bukt_6X68H37_tan_interesse_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
394 kB (393829 bytes)
Hash
26f8539db87a42158dfa6b4659d6723d
5b16bda327fded21e87748e5b36c373b7a6f30ce
b9497fa6dcfccfd37a945491b319da080a802ae203da75103cf2115840ea8e5e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/kvinners-sandaler/sivanne_bukt_6X68H37_tan_interesse_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 393829
last-modified: Mon, 11 Mar 2024 10:06:43 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eed7b3-60265"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/includes/templates/clarksnorge/images/favicon.ico

104.160.5.112

200 OK

1.2 kB

URL GET
www.clarksnorge.net/includes/templates/clarksnorge/images/favicon.ico
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 28x28, components 3
Size
1.2 kB (1191 bytes)
Hash
d1671a9bd76660f1c622e3374d911f02
7da91547b7a7bc483faf1bcadcedd498208f8951
00c2513b7da6114c25de1661e6fbaf38ce9a4092ffa2fbe67bfeb15f4ef1cbdd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/clarksnorge/images/favicon.ico HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:15 GMT
content-type: image/x-icon
content-length: 1191
last-modified: Fri, 31 May 2024 02:05:02 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 24 Apr 2025 01:06:15 GMT
etag: "6659304e-4a7"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/damestovler/torhill_hei_6X68H391_r_d_fl_yel_Clarks.png

104.160.5.112

200 OK

450 kB

URL GET
www.clarksnorge.net/images/kvinner/damestovler/torhill_hei_6X68H391_r_d_fl_yel_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
450 kB (449554 bytes)
Hash
d0343b604d8e454276483945f214f474
dcce38a729804daf80fc7edb558004f9108b5bd9
42d5c4ec8ebd28f501fe295a7d1627e107f3390ec584f33104dfd83394265ff8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/damestovler/torhill_hei_6X68H391_r_d_fl_yel_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 449554
last-modified: Mon, 11 Mar 2024 11:01:07 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eee473-6dc12"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/menn/tilbehor-for-menn/3_pack_atletisk_6X68H959_hvit_Clarks.png

104.160.5.112

200 OK

344 kB

URL GET
www.clarksnorge.net/images/menn/tilbehor-for-menn/3_pack_atletisk_6X68H959_hvit_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
344 kB (344374 bytes)
Hash
573b108e2759db161c383eab8e7614b8
bce7b2193664bbd2ab68bed37e0820b7f050078a
eace79e38045e9302ddd00b937ec7b85e537f345916926a83d0e4f2808e6f021

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menn/tilbehor-for-menn/3_pack_atletisk_6X68H959_hvit_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 344374
last-modified: Mon, 11 Mar 2024 12:21:43 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eef757-54136"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/kvinners-sandaler/tuleah_mai_6X68H35_metallisk_skinn_Clarks.png

104.160.5.112

200 OK

338 kB

URL GET
www.clarksnorge.net/images/kvinner/kvinners-sandaler/tuleah_mai_6X68H35_metallisk_skinn_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
338 kB (337768 bytes)
Hash
655608ede8d8c0681ebe31b6568e5b29
bc751e5042959f1d1b29cccc8051a7a0b5da69e6
d28aa7db1c9e370813908577a1a6a51b3a6fa8a42575109c36d2d7416c6b2831

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/kvinners-sandaler/tuleah_mai_6X68H35_metallisk_skinn_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 337768
last-modified: Mon, 11 Mar 2024 10:06:25 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eed7a1-52768"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/kvinners-sandaler/merliah_raelyn_6X68H28_bl_tt_skinn_Clarks.png

104.160.5.112

200 OK

357 kB

URL GET
www.clarksnorge.net/images/kvinner/kvinners-sandaler/merliah_raelyn_6X68H28_bl_tt_skinn_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
357 kB (357268 bytes)
Hash
4eafa09509f4b519a664db4038e33dcc
1ace36423c6356ecbabbca1473f294c21c3072dc
4ffdcbad530b1abcde19f977aa14af01f19cf41a18c53c44d8237961f4ee07e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/kvinners-sandaler/merliah_raelyn_6X68H28_bl_tt_skinn_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 357268
last-modified: Mon, 11 Mar 2024 10:05:23 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eed763-57394"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Quicksand:wght@400;500;600;700&display=swap

142.250.178.42

200 OK

5.0 kB

URL GET
fonts.googleapis.com/css2?family=Quicksand:wght@400;500;600;700&display=swap
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://www.clarksnorge.net/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7E:14:87:08:DF:BA:04:65:17:BA:3B:4F:BA:EA:BC:8C:3F:0A:A4:00
ValidityMon, 31 Mar 2025 08:55:43 GMT - Mon, 23 Jun 2025 08:55:42 GMT

File type
ASCII text
Size
5.0 kB (5004 bytes)
Hash
b3ab30fb77f7f9eedf2ca6f781b9f2f1
b01fb7b0e15186f2000baba26b9fd4c583354f13
3dacc7f22398ee6c30d6b183f92e690af8883619a8911b820b83bebc907592a0

HTTP Headers

GET /css2?family=Quicksand:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Apr 2025 01:06:11 GMT
date: Wed, 23 Apr 2025 01:06:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.clarksnorge.net/includes/templates/clarksnorge/css/style_zo.css

104.160.5.112

200 OK

155 kB

URL GET
www.clarksnorge.net/includes/templates/clarksnorge/css/style_zo.css
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
assembler source, ASCII text, with very long lines (537), with CRLF line terminators
Size
155 kB (155314 bytes)
Hash
80fe58a45e00e968720b2fa9ac3091da
222e662e350ab712478c3cd6750c21d212cf723f
5457924488d34814af8d28b59515a43bc7eb5baff843f1048b15a45c067d3fc5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /includes/templates/clarksnorge/css/style_zo.css HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: text/css
last-modified: Thu, 30 May 2024 13:26:32 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Wed, 23 Apr 2025 02:06:11 GMT
etag: W/"66587e88-25eb2"
content-encoding: gzip
X-Firefox-Spdy: h2

www.clarksnorge.net/images/kvinner/kvinners-sandaler/merliah_raelyn_6X68H27_korallskinn_Clarks.png

104.160.5.112

200 OK

353 kB

URL GET
www.clarksnorge.net/images/kvinner/kvinners-sandaler/merliah_raelyn_6X68H27_korallskinn_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
353 kB (352739 bytes)
Hash
71ef8894c3ed635e165c95405f0250a4
988193ced8c1fd0480031d8e8a47a50722e1f30c
055febfadb2555f4b1dcfc4c82a90253fa9f0299df985f5a2dc88d0f982fda07

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/kvinner/kvinners-sandaler/merliah_raelyn_6X68H27_korallskinn_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 352739
last-modified: Mon, 11 Mar 2024 10:05:14 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eed75a-561e3"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap

142.250.178.42

200 OK

9.8 kB

URL GET
fonts.googleapis.com/css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://www.clarksnorge.net/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7E:14:87:08:DF:BA:04:65:17:BA:3B:4F:BA:EA:BC:8C:3F:0A:A4:00
ValidityMon, 31 Mar 2025 08:55:43 GMT - Mon, 23 Jun 2025 08:55:42 GMT

File type
ASCII text
Size
9.8 kB (9834 bytes)
Hash
817024d62ad33a9315d9001c96414698
f0e417264d475590b247ae4e6cc5f90b4317852d
013c00c26d4827674736235cb7774ef90cdca8dd67c9190117a14618df26408a

HTTP Headers

GET /css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Apr 2025 01:06:11 GMT
date: Wed, 23 Apr 2025 01:06:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;0,900;1,700&display=swap

142.250.178.42

200 OK

16 kB

URL GET
fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;0,900;1,700&display=swap
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://www.clarksnorge.net/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7E:14:87:08:DF:BA:04:65:17:BA:3B:4F:BA:EA:BC:8C:3F:0A:A4:00
ValidityMon, 31 Mar 2025 08:55:43 GMT - Mon, 23 Jun 2025 08:55:42 GMT

File type
ASCII text
Size
16 kB (16237 bytes)
Hash
53a2afed17bd76094ff77cdd7614eda4
96ffaa142dca8adf151f99c9fcf9aff1527a2272
a6c53571b1551d920ee322b0a69f981dcb7e09050235806e88d0a2ab6bf45e92

HTTP Headers

GET /css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;0,900;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Apr 2025 01:06:12 GMT
date: Wed, 23 Apr 2025 01:06:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.clarksnorge.net/images/menn/tilbehor-for-menn/menns_vintermannskap_6X68H964_burgunder_Clarks.png

104.160.5.112

200 OK

352 kB

URL GET
www.clarksnorge.net/images/menn/tilbehor-for-menn/menns_vintermannskap_6X68H964_burgunder_Clarks.png
IP
104.160.5.112:443
ASN
#46805 Angelnet Limited

Requested by
https://www.clarksnorge.net/
Certificate
IssuerZeroSSL
Subjectclarksnorge.net
FingerprintA5:56:79:A8:88:56:36:4B:EB:49:AB:BA:17:EE:87:F8:1E:BA:FB:E6
ValidityWed, 05 Mar 2025 00:00:00 GMT - Tue, 03 Jun 2025 23:59:59 GMT

File type
PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced
Size
352 kB (352413 bytes)
Hash
163f884c8e0f73da482f6a75c7c6731e
36717ed5c66b98aab4a778bcbda4289d97998b5f
53e3ff510b00d9f745c52a4475d4720048ebc0494c6f03f74fe84e553b8b1310

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menn/tilbehor-for-menn/menns_vintermannskap_6X68H964_burgunder_Clarks.png HTTP/1.1
Host: www.clarksnorge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.clarksnorge.net/
Cookie: zenid=9bvnkvg8mr5ah5qpsuvum0m9n9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 23 Apr 2025 01:06:11 GMT
content-type: image/png
content-length: 352413
last-modified: Mon, 11 Mar 2024 12:22:03 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "65eef76b-5609d"
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (79)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections