www.oddsandpots.com Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://jesigxfat.dev/lmao
Effective URL:
https://www.oddsandpots.com/wp-admin/includes/PostBank/
Submission: On June 13 via manual (June 13th 2022, 12:02:13 pm UTC) from DE — Scanned from DE

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 23 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.oddsandpots.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 18th 2022. Valid for: a year.

This is the only time www.oddsandpots.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Postbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2001:1600:4:b... 2001:1600:4:b:3673:5aff:fea4:aa94	29222 (INFOMANIA...) (INFOMANIAK-AS)
1 21	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	23.36.163.228 23.36.163.228	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:350... 2a02:26f0:3500:18::1724:a29c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
23	3

1 2001:1600:4:b:3673:5aff:fea4:aa94 (Switzerland) 1 redirects

ASN29222 (INFOMANIAK-AS, CH)

jesigxfat.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.oddsandpots.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.36.163.228 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-228.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img6.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:18::1724:a29c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

events.api.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	oddsandpots.com 1 redirects www.oddsandpots.com	1 MB
3	wsimg.com 2 redirects img1.wsimg.com — Cisco Umbrella Rank: 8734 img6.wsimg.com — Cisco Umbrella Rank: 11102	12 KB
2	secureserver.net events.api.secureserver.net — Cisco Umbrella Rank: 12459	588 B
1	jesigxfat.dev 1 redirects jesigxfat.dev	273 B
23	4

	Domain	Requested by
21	www.oddsandpots.com	1 redirects www.oddsandpots.com
2	events.api.secureserver.net	img1.wsimg.com
2	img1.wsimg.com	2 redirects
1	img6.wsimg.com	www.oddsandpots.com
1	jesigxfat.dev	1 redirects
23	5

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-18` - `2023-01-17`	a year	crt.sh
*.api.secureserver.net Starfield Secure Certificate Authority - G2	`2021-09-14` - `2022-10-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.oddsandpots.com/wp-admin/includes/PostBank/
Frame ID: 8CB3057A54C1E18B9A002F34727D15ED
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

https://jesigxfat.dev/lmao HTTP 302
https://www.oddsandpots.com/wp-admin/includes/PostBank HTTP 301
https://www.oddsandpots.com/wp-admin/includes/PostBank/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

96 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

3
IPs

3
Countries

1060 kB
Transfer

2108 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://jesigxfat.dev/lmao HTTP 302
https://www.oddsandpots.com/wp-admin/includes/PostBank HTTP 301
https://www.oddsandpots.com/wp-admin/includes/PostBank/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js HTTP 302
https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.oddsandpots.com/wp-admin/includes/PostBank/
Redirect Chain

https://jesigxfat.dev/lmao
https://www.oddsandpots.com/wp-admin/includes/PostBank
https://www.oddsandpots.com/wp-admin/includes/PostBank/

7 KB
2 KB

183ms
182ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: a94a3b55a2d818dfc6b95d9fc158d1674d2069e1d3f2848f568a18390ae5b3c1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 71aaaceefa1e90a9-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 13 Jun 2022 12:02:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Mon, 13 Jun 2022 13:02:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9ZvuB7v%2BEbpAtbT%2Bdef5oIqsMtWo93pefhbK4y%2FyEJj8ztEYDQ5s2lZY%2FF%2F%2FlnppGMqUWQmMyiAnaYbUT7R2Tyy93SZ9c5qwSDe3IQaI2ZxacLRn8jK4egx4vqUJQWj%2BY3t2l0wymrxkrPqXPa9ZQLN"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.3.33

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 71aaaceb5db290a9-FRA
content-type: text/html; charset=iso-8859-1
date: Mon, 13 Jun 2022 12:02:07 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Mon, 13 Jun 2022 13:02:07 GMT
location: https://www.oddsandpots.com/wp-admin/includes/PostBank/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZa9aM6rvl23dRigAxzPkoO%2FdBW418o%2BR4uX0AJuC6nxBT43JTp3W9YjAPEWzhoNJtJ3AdTFn26MjdcoBTN7W1hSLQzLX1EcZAwfl32H0%2B%2Fd9KawKxd4glObZoVS1Kh1l6bTI4HS%2F%2B8lhgmtoIrUFjit"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 bootstrap.min.css
www.oddsandpots.com/wp-admin/includes/PostBank/assets/css/ 152 KB
24 KB 28ms
27ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/css/bootstrap.min.css
Requested by: Host: www.oddsandpots.com
URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.4.1
Resource Hash: ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oddsandpots.com/wp-admin/includes/PostBank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:02:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85525
x-powered-by: W3 Total Cache/0.9.4.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Thu, 16 Dec 2021 10:30:50 GMT
server: cloudflare
etag: W/"26074-5d340ea8c8a80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4C%2BU5NC8qkerzaxc6rJdDCXvMdVjegTJzjqURZ4nx1gZ9nNunPDpN28lr9LCusDrqsMGNXWqAHdLbTLcHYeqh6uGLFU4qwQzUucKxuVKcaiO9GZyLo16eDPsOHtWeYh%2F7KIxImrEjNS3e0f1qogvt4MJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 71aaacf02b959290-FRA
expires: Mon, 12 Jun 2023 12:16:43 GMT

GET
H3 200 helpers.css
www.oddsandpots.com/wp-admin/includes/PostBank/assets/css/ 41 KB
4 KB 27ms
27ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/css/helpers.css
Requested by: Host: www.oddsandpots.com
URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.4.1
Resource Hash: 387f1794c17dee4f44dc6bc96ad7dd835706cc3f2e30bea841f626f583abb4b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oddsandpots.com/wp-admin/includes/PostBank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:02:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85525
x-powered-by: W3 Total Cache/0.9.4.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Thu, 16 Dec 2021 10:32:12 GMT
server: cloudflare
etag: W/"a316-5d340ef6fc300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6s5SduYodD2rtvJAQbMhky5aDgIEzG8Ll5cIV9NgGJ%2Fpp20W03%2BzxdZ6gv6BPR0U%2BGrprWmSOrN3DMKmiMQjL9Ir58YJv4hHR5hDvAtHYZXvbHkx%2BtBbvl1OAQGiLbu6ymJc60OTFpji0C0WnP4ka5l"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 71aaacf02b999290-FRA
expires: Mon, 12 Jun 2023 12:16:43 GMT

GET
H3 200 fonts.css
www.oddsandpots.com/wp-admin/includes/PostBank/assets/css/ 2 KB
943 B 36ms
35ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/css/fonts.css
Requested by: Host: www.oddsandpots.com
URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.4.1
Resource Hash: 4fa75ee47fff91e4313626e9472aafb62b06467c269bdac1e1ac767ac96eb235

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oddsandpots.com/wp-admin/includes/PostBank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:02:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85525
x-powered-by: W3 Total Cache/0.9.4.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Thu, 16 Dec 2021 10:32:28 GMT
server: cloudflare
etag: W/"7f8-5d340f063e700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSZkO7OAUvle82XzR4A8vEnzCurFQynR4oYEoO5RWpVyK2EtMZPxhvOZW9l5ctFz94zk7r1oMYTQnwc%2Bj%2B87URXWLSnu9vcHZPfhVEEmmBMtk6vSPFGAx%2B28ZrocHFNIQsloNnQHdg%2FWBs3iMe15DLAM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 71aaacf02b9c9290-FRA
expires: Mon, 12 Jun 2023 12:16:43 GMT

GET
H3 200 main.css
www.oddsandpots.com/wp-admin/includes/PostBank/assets/css/ 7 KB
2 KB 36ms
36ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/css/main.css
Requested by: Host: www.oddsandpots.com
URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.4.1
Resource Hash: 615e782518f2abc201644955b4569770d416f0ca2444d2f4c76b4475aa542f9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oddsandpots.com/wp-admin/includes/PostBank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:02:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85525
x-powered-by: W3 Total Cache/0.9.4.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Thu, 16 Dec 2021 10:32:50 GMT
server: cloudflare
etag: W/"1bee-5d340f1b39880-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2FRz4Jgp%2FJRvFRJFE0tDE81WuylDhwzYna5GtRSfYGQ%2F0tWF3dc1KOOB4a4sXfkqxOFDCI%2BBbBFoXuU420l4H5Nu0qtTzmzs1C%2BHdjK0RxK743U5%2Fj3HtidMzCDLhHR8gCSmle2smerZMg50vNVaOt4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 71aaacf02ba09290-FRA
expires: Mon, 12 Jun 2023 12:16:43 GMT

GET
H3 200 logo.svg
www.oddsandpots.com/wp-admin/includes/PostBank/assets/images/ 6 KB
3 KB 41ms
41ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/images/logo.svg
Requested by: Host: www.oddsandpots.com
URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.4.1
Resource Hash: 1ad849d8a916dcde00adb1ee3d0f21c7f636a98b7b2c49f57194f245d37b2e91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oddsandpots.com/wp-admin/includes/PostBank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:02:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85525
x-powered-by: W3 Total Cache/0.9.4.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Thu, 16 Dec 2021 10:34:16 GMT
server: cloudflare
etag: W/"18ff-5d340f6d3da00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GC%2FQ3JpKqKPLnBy6%2F0E5Le15iIdtX0om4HimrOLUKoQsZfJ0BJtyy318ecZodhAki0lGt18HGSEt8nUz0aSIW7P5Qbeui9z6Zlv5UAznsfo6TQevYHsulyQfKH74wYTYcOtS1zbHw6JMhzNCgZaf7Yzy"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 71aaacf03bd99290-FRA
expires: Mon, 12 Jun 2023 12:16:43 GMT

GET
H3 200 img1.jpg
www.oddsandpots.com/wp-admin/includes/PostBank/assets/images/ 370 KB
371 KB 42ms
41ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/images/img1.jpg
Requested by: Host: www.oddsandpots.com
URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.4.1
Resource Hash: 130d73c4eb6e09d7372576762b61bdc69ccc112befefde6c40220278baf30686

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oddsandpots.com/wp-admin/includes/PostBank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:02:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85525
x-powered-by: W3 Total Cache/0.9.4.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 378799
pragma: public
last-modified: Thu, 16 Dec 2021 10:34:32 GMT
server: cloudflare
etag: "5c7af-5d340f7c7fe00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=at1ZsYSXWT2%2BhxbdlJsqmuILbyFNnWYIZHI%2FOwejYBLBCXwF1te2KC14k%2BzbM8lcmmv%2FPhfmVq4WD0NNVqNH%2FSmVgkqS%2BOevoDP5soZDLP%2BMBHf3IdWSA6lzPJYKAqz6BGqDfHFGJUv2Vsi6kFJ6XKKL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 71aaacf03bdb9290-FRA
expires: Mon, 12 Jun 2023 12:16:43 GMT

GET
H3 200 img2.jpg
www.oddsandpots.com/wp-admin/includes/PostBank/assets/images/ 15 KB
16 KB 77ms
77ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/images/img2.jpg
Requested by: Host: www.oddsandpots.com
URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.4.1
Resource Hash: 550778f7050b2f39fc38c8e326c78e0a53921774f9f39dd3685f1c73efee2613

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oddsandpots.com/wp-admin/includes/PostBank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:02:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85525
x-powered-by: W3 Total Cache/0.9.4.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15808
pragma: public
last-modified: Thu, 16 Dec 2021 10:34:36 GMT
server: cloudflare
etag: "3dc0-5d340f8050700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bLfEooi%2BWlUkFm5lgmn7LHmVVtLUD0iAF6%2BxQ5vUiM%2FEmMdiV%2BF0hl4GW2fdnVjRZ%2B5p5lQItcvcoQOgSagySXwg6b3IkMuX1Y8T5%2FMjPolWx6Xy20x1TpcXv2ZLNiZG4AX6rg6ifqmO0wMf7oeenBin"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 71aaacf03bdc9290-FRA
expires: Mon, 12 Jun 2023 12:16:43 GMT

GET
H3 200 img3.jpg
www.oddsandpots.com/wp-admin/includes/PostBank/assets/images/ 186 KB
187 KB 78ms
77ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/images/img3.jpg
Requested by: Host: www.oddsandpots.com
URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.4.1
Resource Hash: 946660bb68994bd9480fd5822b55ebd2907bcf76927305e84f47c20431568789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oddsandpots.com/wp-admin/includes/PostBank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:02:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85525
x-powered-by: W3 Total Cache/0.9.4.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 190704
pragma: public
last-modified: Thu, 16 Dec 2021 10:34:44 GMT
server: cloudflare
etag: "2e8f0-5d340f87f1900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsFOmdKybsstFVaV%2BBBiEeWdwp4SqztVWIwyU7shO%2Bz6LR0AQYonV3%2FW8HbvmkFdGrj97xTdVACTLF9YEyykGw9KOrGLxtlXXTlYTemJ1XBr2nhhvSLYgyd3cmlUCvyPyCrL4%2B1MHO9%2BuIEQSxa0Wm%2B7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 71aaacf03bdd9290-FRA
expires: Mon, 12 Jun 2023 12:16:43 GMT

GET
H3 200 jquery.min.js Show response
www.oddsandpots.com/wp-admin/includes/PostBank/assets/js/ 86 KB
32 KB 40ms
40ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/js/jquery.min.js
Requested by: Host: www.oddsandpots.com
URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.4.1
Resource Hash: 2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oddsandpots.com/wp-admin/includes/PostBank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:02:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85525
x-powered-by: W3 Total Cache/0.9.4.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Thu, 16 Dec 2021 10:35:28 GMT
server: cloudflare
etag: W/"15851-5d340fb1e7c00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83rbgHljYPdGjThiP5jy34pcRhy0%2Bi0kiHgCHc430R1c9ICpOXR1a2I4TiKn%2FZvDcspI797b2IlhL2Q3fSDEY0qDk8EKNfE%2BmRdgsRdjyo9vxt1d1sGmsEycgD7mIh5TIth1jtjiC8srX1y4hIDuihPk"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 71aaacf03bd19290-FRA
expires: Mon, 12 Jun 2023 12:16:43 GMT

GET
H3 200 popper.min.js Show response
www.oddsandpots.com/wp-admin/includes/PostBank/assets/js/ 20 KB
8 KB 40ms
39ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/js/popper.min.js
Requested by: Host: www.oddsandpots.com
URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.4.1
Resource Hash: 315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oddsandpots.com/wp-admin/includes/PostBank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:02:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85525
x-powered-by: W3 Total Cache/0.9.4.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Thu, 16 Dec 2021 10:35:46 GMT
server: cloudflare
etag: W/"4f74-5d340fc312480-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8u%2FxNg82zuN11GM9Qd3JZ3qewlB5cfABusPRPxVsWlObpJGrTxjrZEh8%2BodL822o3%2B6vEqjeyTgwFQenlut7d5Z9SQyP9YxPbzGmmPCDSSEEXE9JERzOdMUiBMNEgmvdhiBBHKi6GwfEQx7FdrIT%2BLgx"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 71aaacf03bd59290-FRA
expires: Mon, 12 Jun 2023 12:16:43 GMT

GET
H3 200 bootstrap.min.js Show response
www.oddsandpots.com/wp-admin/includes/PostBank/assets/js/ 133 KB
26 KB 41ms
40ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/js/bootstrap.min.js
Requested by: Host: www.oddsandpots.com
URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.4.1
Resource Hash: d73bea9406631c38d4e2ececd4531cd7522c7edf81b57d08caf074654a5e1569

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oddsandpots.com/wp-admin/includes/PostBank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:02:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85525
x-powered-by: W3 Total Cache/0.9.4.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Thu, 16 Dec 2021 10:36:08 GMT
server: cloudflare
etag: W/"21386-5d340fd80d600-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3xCHhEhpK%2F23s1DT5Tzxr1p1QZs0qbpXxW07oxhINujdssTSCIVVidyoF8ayJ%2BAPauHar1qV5sH82dBw1bR5HgHuULzeJLRDbm5cWMvMu%2B%2F7TcKe8b8lyNzVQj%2Buk1zDdR7v7C9xv1bN81SFgzcqWGz"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 71aaacf03bd69290-FRA
expires: Mon, 12 Jun 2023 12:16:43 GMT

GET
H3 200 fontawesome.min.js Show response
www.oddsandpots.com/wp-admin/includes/PostBank/assets/js/ 1 MB
371 KB 47ms
46ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/js/fontawesome.min.js
Requested by: Host: www.oddsandpots.com
URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.4.1
Resource Hash: 21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oddsandpots.com/wp-admin/includes/PostBank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:02:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85525
x-powered-by: W3 Total Cache/0.9.4.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Thu, 16 Dec 2021 10:36:28 GMT
server: cloudflare
etag: W/"10314e-5d340feb20300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1UgfC3s1keQU5LZdwuJ17pNv908Wj%2BpfXZ%2B7yy2b0dOA81gfYn1Y3NvbibSqsrgv1X3JciOeljz%2F9E%2FojJYZlXkhmy7aDQRbkw5sg3lwTuuNbq%2FXVFdsaHK1Jknl4ZSrr0eaGEhEADPNeQ8Cz%2BGeQYS"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 71aaacf03bd79290-FRA
expires: Mon, 12 Jun 2023 12:16:43 GMT

GET
H3 200 main.js Show response
www.oddsandpots.com/wp-admin/includes/PostBank/assets/js/ 2 KB
1 KB 20ms
19ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/js/main.js
Requested by: Host: www.oddsandpots.com
URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.4.1
Resource Hash: e08509dbc957f16b23edf52159c4403dded420c385bcc4524a7ce4802ba3dfb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oddsandpots.com/wp-admin/includes/PostBank/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:02:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85525
x-powered-by: W3 Total Cache/0.9.4.1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Thu, 16 Dec 2021 10:36:42 GMT
server: cloudflare
etag: W/"6f7-5d340ff87a280-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpmDX1K3edqnfV6dgRa90gz0nrHU61dtLHmrcfoXbfX%2FylGeW100Q2NJDDx6VwzFOMRSfVmioXC1tndXv%2BOUoAFfa6RScYdnCMbgMMMjdE4AsWHmRUpPdC2fVfeAqkNXoqNvGPjkRjVrhzMmQl%2Fe5QQY"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 71aaacf03bd89290-FRA
expires: Mon, 12 Jun 2023 12:16:43 GMT

GET
H2

200

tccl.min.js Show response
img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/
Redirect Chain

https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
https://img1.wsimg.com/traffic-assets/js/tccl.min.js
https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js

44 KB
11 KB

10ms
8ms

Script
application/javascript

23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
Requested by: Host: www.oddsandpots.com
URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/
Protocol: H2
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6cb0efedc1729d965016a35584cb00b03aa46e1a5e170f4b3ce092c7c3e99ec7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oddsandpots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 135, 135
x-amz-version-id: Z0H0F1CdjRUI_nRMydHHi17Rv0HOw5tB
content-encoding: br
etag: "362d20193a8fed115f99b16a157b7fc4"
x-amz-request-id: N5JSXGJTVEFZM8E9
x-edgeconnect-midmile-rtt: 15, 15
x-amz-server-side-encryption: AES256
date: Mon, 13 Jun 2022 12:02:08 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 11155
x-amz-id-2: 73c+ZpWNgBh9xtilh6Nj22iH/BmUfkHwAgj9PgWHmvdTmSCUhi96da6Ell5SKHaif06RANK80zY=
last-modified: Mon, 11 Apr 2022 14:15:53 GMT
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

location: https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
date: Mon, 13 Jun 2022 12:02:08 GMT
cache-control: max-age=1800
access-control-allow-origin: *
timing-allow-origin: *
content-length: 0
expires: Mon, 13 Jun 2022 12:32:08 GMT

GET
H3 404 OpenSans-Bold.woff
www.oddsandpots.com/wp-admin/includes/PostBank/assets/fonts/ 0
0 585ms
584ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/fonts/OpenSans-Bold.woff
Requested by: Host: www.oddsandpots.com
URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/css/fonts.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/css/fonts.css
Origin: https://www.oddsandpots.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:02:08 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goBNwpsjhc0Z9wQdTz4alrBebnK5FFEvVPVVBZ3LAOoYsSnDujIfyKxmbFhufxYeHFmpyb0SxM3UfTMBy6nm27teKX4oxm5UhyWc%2BMfNIWL3M0Aklq1z9zofcOIDKcl9K0K2GQjwdJtXxBfzjAt%2BubVx"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 71aaacf06c449290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 OpenSans-SemiBold.woff
www.oddsandpots.com/wp-admin/includes/PostBank/assets/fonts/ 0
0 599ms
599ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/fonts/OpenSans-SemiBold.woff
Requested by: Host: www.oddsandpots.com
URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/css/fonts.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/css/fonts.css
Origin: https://www.oddsandpots.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:02:08 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZ27tvt5sY9IjahQ4iTbZ5lapPdpYYtweppUTPxMyP60yWukbU509l4DkFjWvWp%2FX1uKNNuQUMvdbXZ2R1nudk9HbjCt8nsTjyzz1fJ6HdGJSrvbEe5%2FJVzl7Wcva0bFZnJozzVcfGlSMJ7tzc%2F6oMC5"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 71aaacf06c469290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 OpenSans-Regular.woff
www.oddsandpots.com/wp-admin/includes/PostBank/assets/fonts/ 0
0 582ms
581ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/fonts/OpenSans-Regular.woff
Requested by: Host: www.oddsandpots.com
URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/css/fonts.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/css/fonts.css
Origin: https://www.oddsandpots.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:02:08 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAJOHwTnLoEzSolU3hM6Hy57n9uw2qnDeLm7LYxD60lkER5Hhx97KqCKaRoAkNjn2idKJaFh7k48ecibDUZOYboat2jzXy80a1BFnBBCxzI8NunwlZUF7l2kgE%2F91TN5OSVtBojqvklH15IQoDQ2jefA"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 71aaacf06c479290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 OpenSans-Regular.ttf
www.oddsandpots.com/wp-admin/includes/PostBank/assets/fonts/ 0
0 592ms
592ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/fonts/OpenSans-Regular.ttf
Requested by: Host: www.oddsandpots.com
URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/css/fonts.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/css/fonts.css
Origin: https://www.oddsandpots.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:02:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DOjrx5x1bztLR1Cv1RdzsNuiPXRpANEpD2aT%2Fp6i4eeE28NmAcmuDP8ww3ftShg3HdlwG9Q0Y2aeBqK9ZTiKcL4a2H6u%2FjKkcdsfouHmiWTRWWlx5Ppu6RIAUnpY9LzDPjWx71sidG96426QygTu8UH4"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 71aaacf40a9c9290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 OpenSans-Bold.ttf
www.oddsandpots.com/wp-admin/includes/PostBank/assets/fonts/ 0
0 587ms
586ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/fonts/OpenSans-Bold.ttf
Requested by: Host: www.oddsandpots.com
URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/css/fonts.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/css/fonts.css
Origin: https://www.oddsandpots.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:02:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0thM5kI10FaZd4tSKdGzwwK0BimRcgXG3EPE9wfeLY1eIPLeWFszKhEks6njsOcP3rg0539cAjZgO8%2Fmw2%2FHxhvG6igwlcSyKOZAt9lzv6xjcZENc77YnDgzfDPk2PmeysnSxgIpzarOaCnKP81amqD"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 71aaacf40aa39290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 OpenSans-SemiBold.ttf
www.oddsandpots.com/wp-admin/includes/PostBank/assets/fonts/ 0
0 577ms
576ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/fonts/OpenSans-SemiBold.ttf
Requested by: Host: www.oddsandpots.com
URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/css/fonts.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/css/fonts.css
Origin: https://www.oddsandpots.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:02:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fny57AWIeTQDG%2BrUmfdY4Gyidh2FILf6XgrkQVisSXiX5apS23Lq%2FbDyhgN9AQbkRDLGW6DCFRBCXvQnEGkZokGMC2NZNBlN7GVObGXb4VfJmNrG2%2Ba6Vep2sMzxP2WOdSZ%2BwO6NSxJsn%2FrmN3%2F7lsJ8"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 71aaacf41ad19290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
294 B 205ms
158ms XHR
image/gif 2a02:26f0:3500:18::1724:a29c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1655121728125&dh=www.oddsandpots.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&vci=1850958911&cv=2.0.0&z=1952888248&vg=b794f7dc-6b5c-539f-9149-98811b9c7a3e&vtg=b794f7dc-6b5c-539f-9149-98811b9c7a3e&dp=%2Fwp-admin%2Fincludes%2FPostBank&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22p3plcpnl1176%22%2C%22id%22%3A%228304685%22%7D&hit_id=8aed2171-6ec4-5c2f-86c1-d265379c10af&ht=pageview

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oddsandpots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
date: Mon, 13 Jun 2022 12:02:09 GMT
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://www.oddsandpots.com
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
294 B 195ms
157ms XHR
image/gif 2a02:26f0:3500:18::1724:a29c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1655121729245&dh=www.oddsandpots.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&vci=1850958911&cv=2.0.0&z=1999827075&vg=b794f7dc-6b5c-539f-9149-98811b9c7a3e&vtg=b794f7dc-6b5c-539f-9149-98811b9c7a3e&dp=%2Fwp-admin%2Fincludes%2FPostBank&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22p3plcpnl1176%22%2C%22id%22%3A%228304685%22%7D&hit_id=517aaee1-636f-5ada-9b0c-4b75d43d5bc5&ht=perf&tce=1655121727825&tcs=1655121727825&tdc=1655121729236&tdclee=1655121728146&tdcles=1655121728142&tdi=1655121728142&tdl=1655121728010&tdle=1655121727825&tdls=1655121727825&tfs=1655121727825&tns=1655121727074&trqs=1655121727826&tre=1655121728009&trps=1655121728008&tles=1655121729236&tlee=0&nt=navigate&nav_type=hard

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oddsandpots.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
date: Mon, 13 Jun 2022 12:02:09 GMT
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://www.oddsandpots.com
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Postbank (Banking)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.oddsandpots.com/	1970-01-20 12:30:57	Name: _tccl_visitor Value: b794f7dc-6b5c-539f-9149-98811b9c7a3e
			.oddsandpots.com/	1970-01-20 03:45:23	Name: _tccl_visit Value: b794f7dc-6b5c-539f-9149-98811b9c7a3e

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/fonts/OpenSans-Regular.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/fonts/OpenSans-Bold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/fonts/OpenSans-SemiBold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/fonts/OpenSans-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/fonts/OpenSans-Regular.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.oddsandpots.com/wp-admin/includes/PostBank/assets/fonts/OpenSans-SemiBold.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

events.api.secureserver.net
img1.wsimg.com
img6.wsimg.com
jesigxfat.dev
www.oddsandpots.com
2001:1600:4:b:3673:5aff:fea4:aa94
23.36.163.228
2a02:26f0:3500:18::1724:a29c
2a06:98c1:3121::3
130d73c4eb6e09d7372576762b61bdc69ccc112befefde6c40220278baf30686
1ad849d8a916dcde00adb1ee3d0f21c7f636a98b7b2c49f57194f245d37b2e91
21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58
387f1794c17dee4f44dc6bc96ad7dd835706cc3f2e30bea841f626f583abb4b0
4fa75ee47fff91e4313626e9472aafb62b06467c269bdac1e1ac767ac96eb235
550778f7050b2f39fc38c8e326c78e0a53921774f9f39dd3685f1c73efee2613
615e782518f2abc201644955b4569770d416f0ca2444d2f4c76b4475aa542f9b
6cb0efedc1729d965016a35584cb00b03aa46e1a5e170f4b3ce092c7c3e99ec7
946660bb68994bd9480fd5822b55ebd2907bcf76927305e84f47c20431568789
a94a3b55a2d818dfc6b95d9fc158d1674d2069e1d3f2848f568a18390ae5b3c1
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
d73bea9406631c38d4e2ececd4531cd7522c7edf81b57d08caf074654a5e1569
e08509dbc957f16b23edf52159c4403dded420c385bcc4524a7ce4802ba3dfb0

www.oddsandpots.com Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

96 %HTTPS

75 %IPv6

4 Domains

5 Subdomains

3 IPs

3 Countries

1060 kBTransfer

2108 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

25 JavaScript Global Variables

2 Cookies

6 Console Messages

Indicators

www.oddsandpots.com Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

96 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

3
IPs

3
Countries

1060 kB
Transfer

2108 kB
Size

2
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!