nrk-nor.com Open in urlscan Pro
2606:4700:3035::681b:8f3f  Malicious Activity! Public Scan

Submitted URL: http://email.womenspelvicmedicine.com/link/4495d413ed205cada54e581033f39baa/bddb45950f225fdd0c0f2524cdc8a6a0
Effective URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3...
Submission: On May 13 via manual from GB

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 30 HTTP transactions. The main IP is 2606:4700:3035::681b:8f3f, located in United States and belongs to CLOUDFLARENET, US. The main domain is nrk-nor.com.
This is the only time nrk-nor.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Investment Scam (Online) Generic Crypto (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
1 1 45.65.124.180 209895 (KVANTANETAS)
1 30 2606:4700:303... 13335 (CLOUDFLAR...)
1 2600:9000:215... 16509 (AMAZON-02)
30 2
Apex Domain
Subdomains
Transfer
30 nrk-nor.com
nrk-nor.com
2 MB
1 gfycat.com
gfycat.com
1 womenspelvicmedicine.com
email.womenspelvicmedicine.com
1 KB
30 3
Domain Requested by
30 nrk-nor.com 1 redirects nrk-nor.com
1 gfycat.com nrk-nor.com
1 email.womenspelvicmedicine.com 1 redirects
30 3

This site contains no links.

Subject Issuer Validity Valid
gfycat.com
Amazon
2020-04-19 -
2021-05-19
a year crt.sh

This page contains 2 frames:

Primary Page: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Frame ID: 886E278EFD7DE696751C9F34E02F1324
Requests: 29 HTTP requests in this frame

Frame: https://gfycat.com/ifr/EmbellishedDeliriousArmyworm?controls=0&autoplay=1
Frame ID: 6452995D38491D22F8FE675F910DA70C
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://email.womenspelvicmedicine.com/link/4495d413ed205cada54e581033f39baa/bddb45950f225fdd0c0f2524cdc8a6a0 HTTP 302
    http://nrk-nor.com/gopre/a8b0fcef262e4e95a728d675d944f1b0/PRLND5e885887957dc7.72999349/s1=d1309... HTTP 302
    http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56b... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

30
Requests

3 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

2441 kB
Transfer

2646 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://email.womenspelvicmedicine.com/link/4495d413ed205cada54e581033f39baa/bddb45950f225fdd0c0f2524cdc8a6a0 HTTP 302
    http://nrk-nor.com/gopre/a8b0fcef262e4e95a728d675d944f1b0/PRLND5e885887957dc7.72999349/s1=d130903d0d5609973454fca3746ae2ce&s2=bddb45950f225fdd0c0f2524cdc8a6a0&s3=20_3966500 HTTP 302
    http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.php
nrk-nor.com/prelander/281_2/
Redirect Chain
  • http://email.womenspelvicmedicine.com/link/4495d413ed205cada54e581033f39baa/bddb45950f225fdd0c0f2524cdc8a6a0
  • http://nrk-nor.com/gopre/a8b0fcef262e4e95a728d675d944f1b0/PRLND5e885887957dc7.72999349/s1=d130903d0d5609973454fca3746ae2ce&s2=bddb45950f225fdd0c0f2524cdc8a6a0&s3=20_3966500
  • http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
38 KB
10 KB
Document
General
Full URL
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.6
Resource Hash
fa7271c392d1dc43fcbd57ffc283c550dfdf6545df49b0ab40d1c8bf2345843c

Request headers

Host
nrk-nor.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=dd76899eb1474c379bd827b40fdd8687c1589378344; PHPSESSID=7cs8od6n5n7bf7vqj3h72g4seq; XSRF-TOKEN=eyJpdiI6Im9EOVpaXC9EWURZd1J4ZkI1NGl5QWFnPT0iLCJ2YWx1ZSI6ImgzSlpkOHQrOTdzYnRrNmNLZTRNeTRTSUlpT1I1d3dkdjE2cGxsRjJ4R0dqQ1wvMHVwZFhjNWdCeG1qXC9MRVhGeiIsIm1hYyI6IjNhOTg4ZmUyMWViYmIzMGY2MzM2NjY3NDRkMzFmYWJlZTU3NzI4ZGYwMGM1NThkN2QzMWU4YTk1Y2NhNDE5M2IifQ%3D%3D; laravel_session=eyJpdiI6IlV6TFZvNmlZN3RGSjRncVV2TlZxMVE9PSIsInZhbHVlIjoiUU5GbUtwR0lnb0ZDc28yMEIwU0pnZktDWVlYQ3ErRUEyNEo5U0Frb3JFTWZWbVM2T3ZDN1ZSWEV4VUM0V3lcL0QiLCJtYWMiOiI2YjZhZTU3NWJkZGM5NWUxNzJmNjdmMjZkYmNiNjA1ZTQwNzg0NzYxNGE0ZGFjOTc2YjRkMjQ2MjM2MTdhNTRiIn0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.2.6
X-Varnish
3607294
Age
0
Via
1.1 varnish-v4
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
592ce5e63fd6175a-FRA
Content-Encoding
gzip
cf-request-id
02afee03df0000175a6789d200000001

Redirect headers

Date
Wed, 13 May 2020 13:59:05 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dd76899eb1474c379bd827b40fdd8687c1589378344; expires=Fri, 12-Jun-20 13:59:04 GMT; path=/; domain=.nrk-nor.com; HttpOnly; SameSite=Lax PHPSESSID=7cs8od6n5n7bf7vqj3h72g4seq; path=/ XSRF-TOKEN=eyJpdiI6Im9EOVpaXC9EWURZd1J4ZkI1NGl5QWFnPT0iLCJ2YWx1ZSI6ImgzSlpkOHQrOTdzYnRrNmNLZTRNeTRTSUlpT1I1d3dkdjE2cGxsRjJ4R0dqQ1wvMHVwZFhjNWdCeG1qXC9MRVhGeiIsIm1hYyI6IjNhOTg4ZmUyMWViYmIzMGY2MzM2NjY3NDRkMzFmYWJlZTU3NzI4ZGYwMGM1NThkN2QzMWU4YTk1Y2NhNDE5M2IifQ%3D%3D; expires=Wed, 13-May-2020 17:11:30 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IlV6TFZvNmlZN3RGSjRncVV2TlZxMVE9PSIsInZhbHVlIjoiUU5GbUtwR0lnb0ZDc28yMEIwU0pnZktDWVlYQ3ErRUEyNEo5U0Frb3JFTWZWbVM2T3ZDN1ZSWEV4VUM0V3lcL0QiLCJtYWMiOiI2YjZhZTU3NWJkZGM5NWUxNzJmNjdmMjZkYmNiNjA1ZTQwNzg0NzYxNGE0ZGFjOTc2YjRkMjQ2MjM2MTdhNTRiIn0%3D; expires=Wed, 13-May-2020 17:11:30 GMT; Max-Age=7200; path=/; httponly
X-Powered-By
PHP/7.2.6
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, no-cache, private
Pragma
no-cache
Location
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
X-Varnish
3607292
Age
0
Via
1.1 varnish-v4
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
592ce5de2bb4175a-FRA
cf-request-id
02afedfedc0000175a67bb3200000001
null
nrk-nor.com/prelander/281_2/images/
0
0
Script
General
Full URL
http://nrk-nor.com/prelander/281_2/images/null
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.6
Resource Hash

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Via
1.1 varnish-v4
CF-Cache-Status
DYNAMIC
Server
cloudflare
Age
0
X-Powered-By
PHP/7.2.6
Transfer-Encoding
chunked
X-Varnish
627783
Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip
Cache-Control
no-cache, private
Connection
keep-alive
CF-RAY
592ce5e6cd1205dc-FRA
cf-request-id
02afee0441000005dca1bc8200000001
bootstrap.min.css
nrk-nor.com/prelander/281_2/css/
100 KB
17 KB
Stylesheet
General
Full URL
http://nrk-nor.com/prelander/281_2/css/bootstrap.min.css
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddc97e8d5580ffd186b392d624ade219676ab344ed5ee12816a707beb65775be

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Via
1.1 varnish-v4
CF-Cache-Status
MISS
Last-Modified
Sat, 04 Apr 2020 09:51:20 GMT
Server
cloudflare
ETag
W/"191f0-5a273f9e2c77e"
Vary
Accept-Encoding
X-Varnish
2100300
Content-Type
text/css
Content-Encoding
gzip
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
592ce5e6c8511786-FRA
cf-request-id
02afee04410000178661228200000001
all.css
nrk-nor.com/prelander/281_2/css/
54 KB
12 KB
Stylesheet
General
Full URL
http://nrk-nor.com/prelander/281_2/css/all.css
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ac50fe0f38f942a09c62ded7b92d4cc76829190b781741423e6d0b4376b7d19

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Via
1.1 varnish-v4
CF-Cache-Status
REVALIDATED
Last-Modified
Sat, 04 Apr 2020 09:51:19 GMT
Server
cloudflare
ETag
W/"d70e-5a273f9cc594e"
Vary
Accept-Encoding
X-Varnish
2031659
Content-Type
text/css
Content-Encoding
gzip
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
592ce5e6cf810625-FRA
cf-request-id
02afee044100000625c088b200000001
style.css
nrk-nor.com/prelander/281_2/css/
9 KB
3 KB
Stylesheet
General
Full URL
http://nrk-nor.com/prelander/281_2/css/style.css
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58424c814f130d9ab3954e24fe385d8f1223005f6fefd3ec0628154734099249

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Via
1.1 varnish-v4
CF-Cache-Status
MISS
Last-Modified
Sat, 04 Apr 2020 09:51:20 GMT
Server
cloudflare
ETag
W/"2275-5a273f9e0279e"
Vary
Accept-Encoding
X-Varnish
1839504
Content-Type
text/css
Content-Encoding
gzip
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
592ce5e6da0ec2d1-FRA
cf-request-id
02afee04460000c2d115b61200000001
jquery.min.js
nrk-nor.com/prelander/281_2/js/
85 KB
30 KB
Script
General
Full URL
http://nrk-nor.com/prelander/281_2/js/jquery.min.js
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Via
1.1 varnish-v4
CF-Cache-Status
MISS
Last-Modified
Sat, 04 Apr 2020 09:51:48 GMT
Server
cloudflare
ETag
W/"1538f-5a273fb86ced5"
Vary
Accept-Encoding
X-Varnish
1247937
Content-Type
application/javascript
Content-Encoding
gzip
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
592ce5e6dfe83260-FRA
cf-request-id
02afee0445000032607c1e6200000001
bbclo.png
nrk-nor.com/prelander/281_2/images/
17 KB
17 KB
Image
General
Full URL
http://nrk-nor.com/prelander/281_2/images/bbclo.png
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2e8db82b8a57de0796378cf4a925a523cd5f1f3af16d7304fc6260deef9626e

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Via
1.1 varnish-v4
CF-Cache-Status
MISS
Last-Modified
Sat, 04 Apr 2020 09:51:24 GMT
Server
cloudflare
ETag
"4413-5a273fa15780e"
Vary
Accept-Encoding
X-Varnish
4232016
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
592ce5e6f9e3175a-FRA
Content-Length
17427
cf-request-id
02afee045b0000175a678b4200000001
image3.png
nrk-nor.com/prelander/281_2/images/
113 KB
113 KB
Image
General
Full URL
http://nrk-nor.com/prelander/281_2/images/image3.png
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b2ff61bb05dba0676c2b58fd5c14eb37c9c7f61215c2233b7eb87c7c0d83dbb

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Via
1.1 varnish-v4
CF-Cache-Status
MISS
Last-Modified
Sat, 04 Apr 2020 09:51:33 GMT
Server
cloudflare
ETag
"1c32a-5a273faa8bf2e"
Vary
Accept-Encoding
X-Varnish
3116797
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
592ce5e7bcc0c2d1-FRA
Content-Length
115498
cf-request-id
02afee04d60000c2d115b6b200000001
top.png.jpg
nrk-nor.com/prelander/281_2/images/
245 KB
245 KB
Image
General
Full URL
http://nrk-nor.com/prelander/281_2/images/top.png.jpg
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
720ef64b88dc4ed20cf100f2a1437e9d42cbcfc615986416d8c1ba5bcf0c5579

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Via
1.1 varnish-v4
CF-Cache-Status
MISS
Last-Modified
Sat, 04 Apr 2020 09:51:52 GMT
Server
cloudflare
ETag
"3d419-5a273fbc49f0d"
Vary
Accept-Encoding
X-Varnish
2920190
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
592ce5e7bac70625-FRA
Content-Length
250905
cf-request-id
02afee04d600000625c08a6200000001
mid.png
nrk-nor.com/prelander/281_2/images/
77 KB
77 KB
Image
General
Full URL
http://nrk-nor.com/prelander/281_2/images/mid.png
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e3ae2c0a63a2afb3c87bbf90093db193ebfc0cc353eae95243071e886ebb9f9

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Via
1.1 varnish-v4
CF-Cache-Status
MISS
Last-Modified
Sat, 04 Apr 2020 09:51:34 GMT
Server
cloudflare
ETag
"13261-5a273faaf664e"
Vary
Accept-Encoding
X-Varnish
2659156
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
592ce5e7ec34175a-FRA
Content-Length
78433
cf-request-id
02afee04f10000175a678cd200000001
muskbranson.jpg
nrk-nor.com/prelander/281_2/images/
160 KB
160 KB
Image
General
Full URL
http://nrk-nor.com/prelander/281_2/images/muskbranson.jpg
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50b0010a63d5ede70e4e7c8e005892248e19117182e7634f89c956bbc23ac69b

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Via
1.1 varnish-v4
CF-Cache-Status
MISS
Last-Modified
Sat, 04 Apr 2020 09:51:35 GMT
Server
cloudflare
ETag
"27ea3-5a273fac572d6"
Vary
Accept-Encoding
X-Varnish
4263680
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
592ce5e81b7e3260-FRA
Content-Length
163491
cf-request-id
02afee0512000032607c1f4200000001
dreamcar.jpg
nrk-nor.com/prelander/281_2/images/
160 KB
160 KB
Image
General
Full URL
http://nrk-nor.com/prelander/281_2/images/dreamcar.jpg
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3525ffd53596d03588ff1bceb57b5571395e10dae94c39a9cb1db4dcaf3d31b

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Via
1.1 varnish-v4
CF-Cache-Status
MISS
Last-Modified
Sat, 04 Apr 2020 09:51:31 GMT
Server
cloudflare
ETag
"27eee-5a273fa849946"
Vary
Accept-Encoding
X-Varnish
1247940
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
592ce5e84c701786-FRA
Content-Length
163566
cf-request-id
02afee0531000017866123a200000001
ZAfamily.png
nrk-nor.com/prelander/281_2/images/
686 KB
687 KB
Image
General
Full URL
http://nrk-nor.com/prelander/281_2/images/ZAfamily.png
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77f539853424cfb92bea3a349cfcf27addc9fdd4e345111d0d02a78b44499df

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Via
1.1 varnish-v4
CF-Cache-Status
MISS
Last-Modified
Sat, 04 Apr 2020 09:51:44 GMT
Server
cloudflare
ETag
"ab966-5a273fb4d7725"
Vary
Accept-Encoding
X-Varnish
3116800
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
592ce5e89f5ec2d1-FRA
Content-Length
702822
cf-request-id
02afee055c0000c2d115b74200000001
cta1b.jpg
nrk-nor.com/prelander/281_2/images/
59 KB
60 KB
Image
General
Full URL
http://nrk-nor.com/prelander/281_2/images/cta1b.jpg
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
072616d23670d9d44a168b21236e9d6bf344a05459601971afb906dead0c1205

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Via
1.1 varnish-v4
CF-Cache-Status
MISS
Last-Modified
Sat, 04 Apr 2020 09:51:29 GMT
Server
cloudflare
ETag
"ecbd-5a273fa5f8ce6"
Vary
Accept-Encoding
X-Varnish
1281733
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
592ce5e8cec90625-FRA
Content-Length
60605
cf-request-id
02afee057f00000625c08b8200000001
cta2.jpg
nrk-nor.com/prelander/281_2/images/
27 KB
27 KB
Image
General
Full URL
http://nrk-nor.com/prelander/281_2/images/cta2.jpg
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79f59204e875ae3362a8debcb65b334e11d6d4a5e6f15b79c11e8abe2614230a

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Via
1.1 varnish-v4
CF-Cache-Status
MISS
Last-Modified
Sat, 04 Apr 2020 09:51:29 GMT
Server
cloudflare
ETag
"6a4d-5a273fa61a026"
Vary
Accept-Encoding
X-Varnish
4263683
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
592ce5e9e97b3260-FRA
Content-Length
27213
cf-request-id
02afee0632000032607c209200000001
cta3.jpg
nrk-nor.com/prelander/281_2/images/
25 KB
26 KB
Image
General
Full URL
http://nrk-nor.com/prelander/281_2/images/cta3.jpg
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcf2290b5ab360ba1a13ac68f8e5486cd1a3352f1309aaf1a0b5178ce8f5bb2a

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Via
1.1 varnish-v4
CF-Cache-Status
MISS
Last-Modified
Sat, 04 Apr 2020 09:51:30 GMT
Server
cloudflare
ETag
"659c-5a273fa786c16"
Vary
Accept-Encoding
X-Varnish
1247943
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
592ce5e9f947175a-FRA
Content-Length
26012
cf-request-id
02afee06370000175a678fc200000001
canadian-man1.png
nrk-nor.com/prelander/281_2/images/
113 KB
113 KB
Image
General
Full URL
http://nrk-nor.com/prelander/281_2/images/canadian-man1.png
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7665df3c7fd4f03aaf21bc9403e1d973d71c0596a2a908b22f09d895ef34ae6

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Via
1.1 varnish-v4
CF-Cache-Status
REVALIDATED
Last-Modified
Sat, 04 Apr 2020 09:51:25 GMT
Server
cloudflare
ETag
"1c427-5a273fa22705e"
Vary
Accept-Encoding
X-Varnish
822210
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
592ce5e9fa9905dc-FRA
Content-Length
115751
cf-request-id
02afee063f000005dca1810200000001
canadian-man2.png
nrk-nor.com/prelander/281_2/images/
127 KB
127 KB
Image
General
Full URL
http://nrk-nor.com/prelander/281_2/images/canadian-man2.png
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b7a0466738b782589ee3cd356ade5e4aa501df873b269fde66bfab1a125a50

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Via
1.1 varnish-v4
CF-Cache-Status
REVALIDATED
Last-Modified
Sat, 04 Apr 2020 09:51:26 GMT
Server
cloudflare
ETag
"1fc25-5a273fa32fea6"
Vary
Accept-Encoding
X-Varnish
461872
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
592ce5ea091a1786-FRA
Content-Length
130085
cf-request-id
02afee06480000178661260200000001
side3.png
nrk-nor.com/prelander/281_2/images/
38 KB
38 KB
Image
General
Full URL
http://nrk-nor.com/prelander/281_2/images/side3.png
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5f99941f717ee56ec795c58e4c73d8f72d15494deb92d94894e2f0ea0f47b7e

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:07 GMT
Via
1.1 varnish-v4
CF-Cache-Status
MISS
Last-Modified
Sat, 04 Apr 2020 09:51:39 GMT
Server
cloudflare
ETag
"97f6-5a273fafb4fe6"
Vary
Accept-Encoding
X-Varnish
4232019
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
592ce5ea1b7e0625-FRA
Content-Length
38902
cf-request-id
02afee064f00000625c08ca200000001
side4.png
nrk-nor.com/prelander/281_2/images/
25 KB
26 KB
Image
General
Full URL
http://nrk-nor.com/prelander/281_2/images/side4.png
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b7e0a2736aeb5f656f8b9cc2fda4b3eb2ea212d2f344dae9b7792136c9c5562

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Via
1.1 varnish-v4
CF-Cache-Status
MISS
Last-Modified
Sat, 04 Apr 2020 09:51:40 GMT
Server
cloudflare
ETag
"6476-5a273fb1246ce"
Vary
Accept-Encoding
X-Varnish
4263686
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
592ce5ea8ba93260-FRA
Content-Length
25718
cf-request-id
02afee0694000032607c213200000001
canadian-woman.png
nrk-nor.com/prelander/281_2/images/
126 KB
127 KB
Image
General
Full URL
http://nrk-nor.com/prelander/281_2/images/canadian-woman.png
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0333c03a5ddd15d780c76d613f6fccb2099caa5a60c28224445bd3142c81a588

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Via
1.1 varnish-v4
CF-Cache-Status
MISS
Last-Modified
Sat, 04 Apr 2020 09:51:27 GMT
Server
cloudflare
ETag
"1f900-5a273fa4a8de6"
Vary
Accept-Encoding
X-Varnish
627789
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
592ce5eabb021786-FRA
Content-Length
129280
cf-request-id
02afee06b30000178661296200000001
side6.png
nrk-nor.com/prelander/281_2/images/
34 KB
35 KB
Image
General
Full URL
http://nrk-nor.com/prelander/281_2/images/side6.png
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54e408290bafacaad2eaf0b17ec04ecf29ae7333a69784730a1af7d749b3c4a9

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Via
1.1 varnish-v4
CF-Cache-Status
MISS
Last-Modified
Sat, 04 Apr 2020 09:51:41 GMT
Server
cloudflare
ETag
"88a3-5a273fb22d516"
Vary
Accept-Encoding
X-Varnish
4263689
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
592ce5eb1d6d3260-FRA
Content-Length
34979
cf-request-id
02afee06f0000032607c21e200000001
side7.png
nrk-nor.com/prelander/281_2/images/
30 KB
31 KB
Image
General
Full URL
http://nrk-nor.com/prelander/281_2/images/side7.png
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8ff47c69f9495e6ea65471b668c7d0145a9b2122aa780087cd59ca4ef8644b5

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:07 GMT
Via
1.1 varnish-v4
CF-Cache-Status
REVALIDATED
Last-Modified
Sat, 04 Apr 2020 09:51:42 GMT
Server
cloudflare
ETag
"79a4-5a273fb2939ce"
Vary
Accept-Encoding
X-Varnish
1933407
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
592ce5ebde0f175a-FRA
Content-Length
31140
cf-request-id
02afee07620000175a67933200000001
s1.jpg
nrk-nor.com/prelander/281_2/images/
61 KB
61 KB
Image
General
Full URL
http://nrk-nor.com/prelander/281_2/images/s1.jpg
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
735b4b98829a1b4b120b6d457def62d92cbb1325394a54ff528172d4b4912e5a

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:07 GMT
Via
1.1 varnish-v4
CF-Cache-Status
MISS
Last-Modified
Sat, 04 Apr 2020 09:51:36 GMT
Server
cloudflare
ETag
"f407-5a273fac9d7d6"
Vary
Accept-Encoding
X-Varnish
4263692
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
592ce5ec08243260-FRA
Content-Length
62471
cf-request-id
02afee0782000032607c22a200000001
s2.jpg
nrk-nor.com/prelander/281_2/images/
148 KB
149 KB
Image
General
Full URL
http://nrk-nor.com/prelander/281_2/images/s2.jpg
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a02c86d015fe07811b3c247c1fc8934a1ab62ad74817084ce9dc5ba340907eca

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:07 GMT
Via
1.1 varnish-v4
CF-Cache-Status
MISS
Last-Modified
Sat, 04 Apr 2020 09:51:40 GMT
Server
cloudflare
ETag
"25063-5a273fb0b93f6"
Vary
Accept-Encoding
X-Varnish
2920193
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
592ce5ec1f421786-FRA
Content-Length
151651
cf-request-id
02afee078f00001786612af200000001
s3.jpg
nrk-nor.com/prelander/281_2/images/
89 KB
90 KB
Image
General
Full URL
http://nrk-nor.com/prelander/281_2/images/s3.jpg
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22d0cf39229e9768c529651a007a807990761a96524028eb24227c69350bc37c

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:07 GMT
Via
1.1 varnish-v4
CF-Cache-Status
MISS
Last-Modified
Sat, 04 Apr 2020 09:51:37 GMT
Server
cloudflare
ETag
"16519-5a273fae435d6"
Vary
Accept-Encoding
X-Varnish
3246572
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
592ce5ec9aafc2d1-FRA
Content-Length
91417
cf-request-id
02afee07df0000c2d115ba4200000001
EmbellishedDeliriousArmyworm
gfycat.com/ifr/ Frame 6452
0
0
Document
General
Full URL
https://gfycat.com/ifr/EmbellishedDeliriousArmyworm?controls=0&autoplay=1
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:a200:d:a332:70c5:88c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
gfycat.com
:scheme
https
:path
/ifr/EmbellishedDeliriousArmyworm?controls=0&autoplay=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690

Response headers

status
200
content-type
text/html; charset=utf-8
content-encoding
gzip
date
Wed, 13 May 2020 13:59:06 GMT
etag
W/"6132-TLrUtmJ2EJE0/EdsYYA7VyAU4BI"
server
nginx
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
ALLOWALL
x-xss-protection
1; mode=block
vary
Accept-Encoding,CloudFront-Is-Mobile-Viewer,CloudFront-Is-Desktop-Viewer,CloudFront-Is-Tablet-Viewer
x-cache
Miss from cloudfront
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
0XtU27ygPEGpkxMtPbvQulHiiRXd4v-Egg5ETAVSG7DfVBqx2lbcXw==
opensans-bold.html
nrk-nor.com/prelander/281_2/
0
0
Font
General
Full URL
http://nrk-nor.com/prelander/281_2/opensans-bold.html
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.6
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://nrk-nor.com/prelander/281_2/css/style.css
Origin
http://nrk-nor.com

Response headers

Date
Wed, 13 May 2020 13:59:06 GMT
Via
1.1 varnish-v4
CF-Cache-Status
DYNAMIC
Server
cloudflare
Age
0
X-Powered-By
PHP/7.2.6
Transfer-Encoding
chunked
X-Varnish
1281736
Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip
Cache-Control
no-cache, private
Connection
keep-alive
CF-RAY
592ce5ea7a7d175a-FRA
cf-request-id
02afee068a0000175a6790c200000001
null
nrk-nor.com/prelander/281_2/images/
0
0
Script
General
Full URL
http://nrk-nor.com/prelander/281_2/images/null
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.6
Resource Hash

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:07 GMT
Via
1.1 varnish-v4
CF-Cache-Status
DYNAMIC
Server
cloudflare
Age
0
X-Powered-By
PHP/7.2.6
Transfer-Encoding
chunked
X-Varnish
3607300
Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip
Cache-Control
no-cache, private
Connection
keep-alive
CF-RAY
592ce5eacd6405dc-FRA
cf-request-id
02afee06bb000005dca1821200000001
null
nrk-nor.com/prelander/281_2/images/
0
0
Script
General
Full URL
http://nrk-nor.com/prelander/281_2/images/null
Requested by
Host: nrk-nor.com
URL: http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:8f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.6
Resource Hash

Request headers

Referer
http://nrk-nor.com/prelander/281_2/index.php?gs=tag5ebc0e22d07274.58951961&prehit=0cdced8c8d56bad464f1a019fea6d32a3339cd06&s2=bddb45950f225fdd0c0f2524cdc8a6a0&oq=1589382690
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:59:08 GMT
Via
1.1 varnish-v4
CF-Cache-Status
DYNAMIC
Server
cloudflare
Age
0
X-Powered-By
PHP/7.2.6
Transfer-Encoding
chunked
X-Varnish
3478714
Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip
Cache-Control
no-cache, private
Connection
keep-alive
CF-RAY
592ce5ed6fbe05dc-FRA
cf-request-id
02afee085e000005dca1860200000001

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Investment Scam (Online) Generic Crypto (Crypto Exchange)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery

2 Cookies

Domain/Path Name / Value
.gfycat.com/ Name: _gid
Value: GA1.2.583926269.1589378348
.gfycat.com/ Name: _ga
Value: GA1.2.1745640183.1589378348

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

email.womenspelvicmedicine.com
gfycat.com
nrk-nor.com
2600:9000:2156:a200:d:a332:70c5:88c1
2606:4700:3035::681b:8f3f
45.65.124.180
0333c03a5ddd15d780c76d613f6fccb2099caa5a60c28224445bd3142c81a588
072616d23670d9d44a168b21236e9d6bf344a05459601971afb906dead0c1205
0ac50fe0f38f942a09c62ded7b92d4cc76829190b781741423e6d0b4376b7d19
0e3ae2c0a63a2afb3c87bbf90093db193ebfc0cc353eae95243071e886ebb9f9
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b7e0a2736aeb5f656f8b9cc2fda4b3eb2ea212d2f344dae9b7792136c9c5562
22d0cf39229e9768c529651a007a807990761a96524028eb24227c69350bc37c
2b2ff61bb05dba0676c2b58fd5c14eb37c9c7f61215c2233b7eb87c7c0d83dbb
50b0010a63d5ede70e4e7c8e005892248e19117182e7634f89c956bbc23ac69b
54e408290bafacaad2eaf0b17ec04ecf29ae7333a69784730a1af7d749b3c4a9
58424c814f130d9ab3954e24fe385d8f1223005f6fefd3ec0628154734099249
62b7a0466738b782589ee3cd356ade5e4aa501df873b269fde66bfab1a125a50
720ef64b88dc4ed20cf100f2a1437e9d42cbcfc615986416d8c1ba5bcf0c5579
735b4b98829a1b4b120b6d457def62d92cbb1325394a54ff528172d4b4912e5a
79f59204e875ae3362a8debcb65b334e11d6d4a5e6f15b79c11e8abe2614230a
a02c86d015fe07811b3c247c1fc8934a1ab62ad74817084ce9dc5ba340907eca
a3525ffd53596d03588ff1bceb57b5571395e10dae94c39a9cb1db4dcaf3d31b
b2e8db82b8a57de0796378cf4a925a523cd5f1f3af16d7304fc6260deef9626e
b8ff47c69f9495e6ea65471b668c7d0145a9b2122aa780087cd59ca4ef8644b5
bcf2290b5ab360ba1a13ac68f8e5486cd1a3352f1309aaf1a0b5178ce8f5bb2a
ddc97e8d5580ffd186b392d624ade219676ab344ed5ee12816a707beb65775be
e5f99941f717ee56ec795c58e4c73d8f72d15494deb92d94894e2f0ea0f47b7e
f7665df3c7fd4f03aaf21bc9403e1d973d71c0596a2a908b22f09d895ef34ae6
f77f539853424cfb92bea3a349cfcf27addc9fdd4e345111d0d02a78b44499df
fa7271c392d1dc43fcbd57ffc283c550dfdf6545df49b0ab40d1c8bf2345843c