bookworms.monster Open in urlscan Pro
2606:4700:3037::6815:3ab4 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bookworms.monster/wmev/
Submission: On April 02 via api (April 2nd 2024, 3:17:13 pm UTC) from US — Scanned from US

Summary HTTP 32 Redirects Links 156 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 32 HTTP transactions. The main IP is 2606:4700:3037::6815:3ab4, located in United States and belongs to CLOUDFLARENET, US. The main domain is bookworms.monster.
TLS certificate: Issued by GTS CA 1P5 on February 29th 2024. Valid for: 3 months.

This is the only time bookworms.monster was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Investment Scam (Online) Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 6	2606:4700:303... 2606:4700:3037::6815:3ab4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	172.67.162.106 172.67.162.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.35.93.100 13.35.93.100	16509 (AMAZON-02) (AMAZON-02)
2	2001:67c:21e0... 2001:67c:21e0::16	2116 (GLOBALCON...) (GLOBALCONNECT-)
32	5

6 2606:4700:3037::6815:3ab4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bookworms.monster	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 172.67.162.106 (United States)

ASN13335 (CLOUDFLARENET, US)

bookworms.monster	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.93.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-100.jfk50.r.cloudfront.net

embed.ministore.helthjem.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:67c:21e0::16 (Norway)

ASN2116 (GLOBALCONNECT-, NO)

www.vg.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	bookworms.monster 1 redirects bookworms.monster	4 MB
3	helthjem.no embed.ministore.helthjem.no — Cisco Umbrella Rank: 807720 ministore.helthjem.no Failed	91 KB
2	vg.no www.vg.no — Cisco Umbrella Rank: 139164 ads.vg.no Failed	43 KB
32	3

	Domain	Requested by
26	bookworms.monster	1 redirects bookworms.monster
3	embed.ministore.helthjem.no	bookworms.monster embed.ministore.helthjem.no
2	www.vg.no	bookworms.monster
0	ads.vg.no Failed	www.vg.no
0	ministore.helthjem.no Failed	bookworms.monster
32	5

This site contains links to these domains. Also see Links.

Domain
bypassxr.com

Subject Issuer	Validity	Valid
bookworms.monster GTS CA 1P5	`2024-02-29` - `2024-05-29`	3 months	crt.sh
embed.ministore.helthjem.no Amazon RSA 2048 M02	`2024-02-04` - `2025-03-04`	a year	crt.sh
vg.no ZeroSSL RSA Domain Secure Site CA	`2024-03-27` - `2024-06-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bookworms.monster/wmev/
Frame ID: E933BE63A5ACED1617AD062D803A38C6
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jon Almaas investering imponerer eksperter og skremmer vettet av store banker

Page URL History Show full URLs

https://bookworms.monster/wmev/ Page URL
https://bookworms.monster/cdn-cgi/phish-bypass?atok=JyiJmK5L1Wtgc5mZIWVZi6sgrbYGnBs0RnUMUNAiyQg-171207... HTTP 301
https://bookworms.monster/wmev/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

94 %
HTTPS

50 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

4220 kB
Transfer

4443 kB
Size

1
Cookies

156 Outgoing links

These are links going to different origins than the main page.

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=0
Title: 6NYaFs2gsA oY4yPuWbJk

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=1
Title: HE33tVGugcEK Live

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=2
Title: ZeZgTVGTV

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=3
Title: PWB4AVG+

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=4
Title: MaM7JSport

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=5
Title: JNY83TV-guide

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=6
Title: 0JgAkTipsgVdnx oss

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=7
Title: gK8NbKJØPk1ll7 VG+

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=8
Title: 1J1SHNyheter

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=9
Title: f107uAlle5pPwq nyheter

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=10
Title: 7v99rInnenriks

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=11
Title: jJ3VrUtenriks

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=12
Title: tcfWSMeninger

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=13
Title: wQxPBStrømprisen

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=14
Title: Sdm2YSpesialer

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=15
Title: F4TRJSkattelister

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=16
Title: 6x9zCSport

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=17
Title: C3VcQVGmcJVB Live

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=18
Title: SIuSzSportskalender

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=19
Title: KtmVkFotball

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=20
Title: qH38VHaaland-tracker

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=21
Title: QfmvQVintersport

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=22
Title: K4dIcHåndball

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=23
Title: p3hWIIshockey

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=24
Title: blCDcFriidrett

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=25
Title: Y93JeGolf

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=26
Title: M2LIqMotorsport

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=27
Title: YSNKLAmerikansk8mS5b sport

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=28
Title: VzRneTennis

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=29
Title: mFVGzDirektesendinger

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=30
Title: lgvvcRampelys

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=31
Title: Be0LiFilm

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=32
Title: FYtPqBok

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=33
Title: BA0umMusikk

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=34
Title: SUE4mSpill

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=35
Title: 5bKGmTV

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=36
Title: LufFGVG-Lista

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=37
Title: dEksNForbruker

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=38
Title: vh4aHBil,RBbgz båtSp7Cp og1Sq7l motor

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=39
Title: o1vfZHelse

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=40
Title: 3V6szLivsstil

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=41
Title: bp1P9MatyTLUR oggdtvi drikke

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=42
Title: vFfCBReise

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=43
Title: T1A5nTeknologi

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=44
Title: rfNEiForbrukslån

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=45
Title: ChwrMVG+

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=46
Title: KiVnlDokumentarer

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=47
Title: RtGeNNyheter

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=48
Title: Xkd6ySport

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=49
Title: ddJuYRampelys

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=50
Title: nGcX3Bil,fjf6V båtZNUgq ogLPox7 motor

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=51
Title: eq6iCVin

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=52
Title: cmsB6Matty9pF ogN2Pwe drikke

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=53
Title: tf10rHelse

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=54
Title: tjz62VGTV

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=55
Title: zLe0pUnderholdning

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=56
Title: WnoN9Dokumentar

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=57
Title: FCfh4LiveoSngH sport

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=58
Title: OD95gTegneserier

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=59
Title: nmv4tPondus

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=60
Title: AEwAgLunch

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=61
Title: OEfrqHjalmar

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=62
Title: bS0qGStorefri

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=63
Title: NzZcvZelda

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=64
Title: Leq3NTegnehanne

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=65
Title: OlYTqPodkast

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=66
Title: D3nijAnnetIpV60 innhold

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=67
Title: b3w7gPodkast

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=68
Title: jFhOCOrdstjernen

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=69
Title: bnnX4E24

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=70
Title: fVjdEMinMote

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=71
Title: EGXRfGodt

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=72
Title: SD5OiPent

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=73
Title: vBIFaTek.no

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=74
Title: YPkb3DinePenger

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=75
Title: 6Hy4vTV-guide

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=76
Title: bleH7Vektklubb

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=77
Title: VctC7Tegneserier

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=78
Title: FzvdjE-avis

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=79
Title: 05b3oVG-lista

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=80
Title: XhRfmForside

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=81
Title: IpyH7Artister

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=82
Title: iCgvuTopplistene

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=83
Title: QyA9yPraktiskYr1hm informasjon

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=84
Title: Mo7QoGoldenTkiqT Circle

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=85
Title: tBICGNypDk4k påTYyFQ konsert

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=86
Title: pHHACFestivalvett

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=87
Title: BWjN4Område

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=88
Title: HEhqmArtikler9lpfv ogIY8Ev videoklipp

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=89
Title: MxwijVGN9jZ6 Minnesider

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=90
Title: S45GMPenger.no

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=91
Title: DvdqVStrømguiden

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=92
Title: 6FOdPPartnerstudio

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=93
Title: xiaMyBlackWA0f7 Friday

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=94
Title: jOAZJRabattkoder

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=95
Title: k89ASMatkanalen

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=96
Title: hualbMittCcIiq anbud

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=97
Title: 8e7smVGOA35M Butikk

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=98
Title: 0IbLtLadeappenBEbSx Elton

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=99
Title: oSqDIKupp

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=100
Title: qP8iiNavnelapper

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=101
Title: Ggl5zTipsrvsiw oss

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=102
Title: IFV0cKontaktgYaPr VG

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=103
Title: 3xgfPInformasjon

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=104
Title: 2VqOGKJØPVZuTT VG+

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=105
Title: bb8vkjrQV5 pVY4e0slya Kundeservice

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=106
Title: 5T3IhPersonverninnstillinger78pws 7gpiiVqLko

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=107
Title: ePhMKAlleZnwWb nyheter

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=108
Title: zoDppInnenriks

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=109
Title: I2HrBUtenriks

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=110
Title: P4nb9Meninger

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=111
Title: oLhqBStrømprisen

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=112
Title: H5MhRSpesialer

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=113
Title: mjxNvSkattelister

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=114
Title: Ls5fUgjørewE1Xc hvemRJP32 somG9kYi helstlr3Pa tilyI57V millionærYJtDQ i0Scnh løpetrvJjn avfKQ2n etpQXEA parXpNSi måneder

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=115
Title: E4PBwautomatiskApGxv tradingprogramCKjpB for9vDKr kryptovalutazzRrT somzJx1w heterfCxsf document.writeln(offer)SDFhWnulllwIOB

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=116
Title: T8UYtpMiUI JmdfiCWcsY

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=117
Title: 9kC1qf7CUt .st0 { fill: #CECCCF; } .st1 { fill: #F5F1F2; } .st2 { fill: #28283A; } .st3 { font-family: 'Arial-BoldMT'; } .st4 { font-size: 14px; } .st5 { font-size: 9px; } .st6 { font-family: 'ArialMT'; } .st7 { font-size: 11px; } .st8 { fill: #217C3F; } .st9 { font-size: 12px; } .st10 { fill: none; stroke: #000000; stroke-width: 0.75; stroke-miterlimit: 10; }

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=118
Title: document.writeln(offer)bfIPenullp8pu3

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=119
Title: document.writeln(offer)kT4lEnullbTBtj

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=120
Title: pn8X4fantastiskJpzLK mulighet

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=121
Title: document.writeln(offer)rQdQtnullDe6vu

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=122
Title: document.writeln(offer)xnLQKnullA1SPo

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=123
Title: WSsebintroduksjonsvideoNx7I6 omGsCyT plattformen

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=124
Title: RrLaDsmutthullet7urik til13oce rikdom

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=125
Title: document.writeln(offer)et4RFnullkuByz

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=126
Title: document.writeln(offer)hfHJYnull2urRV

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=127
Title: O60krsørgerzdiOe forXYSWV at1v974 duF5SNy tjener9bYmW penger.

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=128
Title: S0VCSsendery98eK bareEVBYe innj7zGm navnetEtLhO dittI1ktr ogj0W0n e-postadressen

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=129
Title: S0ZciregistrererKoBph deg

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=130
Title: znrOQduqb3

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=131
Title: q8TMnsetteGQwKs innLMwd4 pengeryDSil påT7W7a kontoenBmrUi din

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=132
Title: IbsTAsPuL5

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=133
Title: NKr7Mwypm3

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=134
Title: 07OUyregistrerUEZoa deguH3l1 nå,cwzJm forEx7Fa åvgWtz sikreE8o6N degD3bWT plass.

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=135
Title: 7BIrWREGISTRERGGdam8 NÅ

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=136
Title: VHlsNGardI4VZN Steiro

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=137
Title: KkYd9ToraEB5CS Bakkeq0da6 Håndlykken

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=138
Title: vRzCtØyvindHaJQr Brenne

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=139
Title: 9wyL1Jane8DZ0j Throndsen

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=140
Title: mGxOSHanneMoKGM Skartveit

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=141
Title: qCycQÅpenhetPk4IT omsgnYC VG

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=142
Title: 6ibmfLogge8eJx over3JxDR rettelserFGgej VGYKZlB har5gicT gjort

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=143
Title: 9kptiVGs4AstM trafikkregler

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=144
Title: gYK25RedaksjonellekJ0nz bindinger

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=145
Title: 5YhVd22EEuTe 00tz3pY 00bcIcp 00

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=146
Title: 8wklt2200

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=147
Title: CjgVp2200@vg.no

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=148
Title: 4Z5gYe-avisxeTTw her

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=149
Title: GlzhGKontaktTMFaq VG

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=150
Title: xcYl1VG+nzcfM Support

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=151
Title: 0opWUAnnonseinfo

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=152

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=153
Title: wRa7n©BlRXx uuSG12023H9sDA0XK0H VG

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=154
Title: D0lF1Brukervilkår

Search URL Search Domain Scan URL

URL: https://bypassxr.com/click.php?lp=1&uclick=null&uclickhash=null&place=155
Title: f9yd6PersonvernerklæringE90XD og4ZV93 informasjonskapsler

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bookworms.monster/wmev/ Page URL
https://bookworms.monster/cdn-cgi/phish-bypass?atok=JyiJmK5L1Wtgc5mZIWVZi6sgrbYGnBs0RnUMUNAiyQg-1712071021-0.0.1.1-%2Fwmev%2F HTTP 301
https://bookworms.monster/wmev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
bookworms.monster/wmev/ 4 KB
2 KB 313ms
31ms Document
text/html 2606:4700:3037::6815:3ab4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookworms.monster/wmev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:3ab4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e40388ae0f1566058a02a63de05576a29183489c5abb56ceed00a15293c0e5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cf-ray: 86e1c88b49bc4bc3-BUF
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 02 Apr 2024 15:17:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G5ZPNq6U%2FJzeJDAYLWzHX2jXmCl9yzjsDrvgMObzks%2FinfJJ2EzKTAG%2B9j9lyo5gswwR%2FJCMKChLrkkGQKSZr9Jw9z8Oq316WsgkW0pE34zxAHLxpvlFpXbNBIeZaECkG7oOqeIR7thA%2FfTk9dO3yw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 cf.errors.css
bookworms.monster/cdn-cgi/styles/ 24 KB
5 KB 33ms
33ms Stylesheet
text/css 2606:4700:3037::6815:3ab4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookworms.monster/cdn-cgi/styles/cf.errors.css

Requested by

Host: bookworms.monster
URL: https://bookworms.monster/wmev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:3ab4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
server: cloudflare
etag: W/"65fd6d96-5e44"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 86e1c88b99d84bc3-BUF
expires: Tue, 02 Apr 2024 17:17:01 GMT

GET
H2 200 icon-exclamation.png
bookworms.monster/cdn-cgi/images/ 452 B
541 B 29ms
28ms Image
image/png 2606:4700:3037::6815:3ab4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bookworms.monster/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: bookworms.monster
URL: https://bookworms.monster/cdn-cgi/styles/cf.errors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:3ab4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/cdn-cgi/styles/cf.errors.css
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:01 GMT
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
server: cloudflare
etag: "65fd6d96-1c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 86e1c88d1a704bc3-BUF
content-length: 452
expires: Tue, 02 Apr 2024 17:17:01 GMT

GET
H2 404 favicon.ico
bookworms.monster/ 564 B
500 B 217ms
215ms Other
text/html 2606:4700:3037::6815:3ab4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bookworms.monster/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3ab4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:01 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nzO2Oqu%2Fop7XCyplmTnAb9jv4nrpemMSqrrFI2pu2z4S%2FoivAtVgXeHKEBjBLVtir4FAih8eU1NlZXxjXacIOoFWvoY%2FQXD%2FjO66lMdZrBLE4MVjLAtVTtrF54LZy6YeiPZgNgZrn6gMWIU53waZVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 86e1c88d9aa74bc3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2

200

Primary Request / Show response
bookworms.monster/wmev/
Redirect Chain

https://bookworms.monster/cdn-cgi/phish-bypass?atok=JyiJmK5L1Wtgc5mZIWVZi6sgrbYGnBs0RnUMUNAiyQg-1712071021-0.0.1.1-%2Fwmev%2F
https://bookworms.monster/wmev/

85 KB
19 KB

215ms
214ms

Document
text/html

2606:4700:3037::6815:3ab4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bookworms.monster/wmev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3ab4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77638cde0e8992441d0e3acc264a2408f94d90f1ba4693fd588fa4626479b936

Request headers

Referer: https://bookworms.monster/wmev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86e1c8a9eea04bc3-BUF
content-encoding: br
content-type: text/html
date: Tue, 02 Apr 2024 15:17:06 GMT
last-modified: Mon, 01 Apr 2024 07:02:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=23Kkg9xjxKPY%2BYVoSJ5Dvw6VFIRQALjC8Lz4Ezccg%2FEJzcEFQLihwYoPPbIWgf%2FEa%2FpCiXwAK1LfaKyh%2BFHnpMzpn%2BA%2BizOU099gVVH%2Bf%2FEmqw%2FXSGalyIHCPHUTiHKzPH15m2BgcWHfXZMW%2BR3VSg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

cache-control: private, no-cache
cf-ray: 86e1c8a9ae8f4bc3-BUF
content-length: 167
content-type: text/html
date: Tue, 02 Apr 2024 15:17:06 GMT
location: https://bookworms.monster/wmev/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 reset.css
bookworms.monster/wmev/css/ 4 KB
2 KB 208ms
206ms Stylesheet
text/css 172.67.162.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bookworms.monster/wmev/css/reset.css
Requested by: Host: bookworms.monster
URL: https://bookworms.monster/wmev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f631cb7d1cb06e7dffa796fa706b9e4b768d047f7ab52cb2e5b6909395b6a5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 01 Apr 2024 07:02:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660a5c15-103f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fgu2mINEcEihRkkcog50ohWzRzToSmN25D5AD9i0yXaDMGuhUhNejv7kB146QLHpVVCNOY%2Fw76UjTG57eJorD40DUvrE8lZHXT69G0DqiW4OcvZGtQMueke%2BoMKrp0sCf1IfOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 86e1c8ab6c9e4bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.css
bookworms.monster/wmev/css/ 85 KB
11 KB 389ms
376ms Stylesheet
text/css 172.67.162.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bookworms.monster/wmev/css/style.css
Requested by: Host: bookworms.monster
URL: https://bookworms.monster/wmev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17d9be9c7e268da7806d8dd45d85ebefd87256800161057b2b28acb8a022a651

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 01 Apr 2024 07:02:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660a5c16-15429"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vfbwdZyBFOXMnUE3OcTfyTFzB9SiO3gZcRiBo2zel5JmP8aMuPjeiz3xAs6vGBaB6c5x1bN7n1lGXhS1ZrI2E2OG45l0q5sk4NZTOicCaUymHMdtmsbmV5BGNDzb4rKh17zqMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 86e1c8ab7ca94bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 dater.js Show response
bookworms.monster/wmev/js/ 530 B
666 B 217ms
205ms Script
application/javascript 172.67.162.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bookworms.monster/wmev/js/dater.js
Requested by: Host: bookworms.monster
URL: https://bookworms.monster/wmev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8307a5cedddfc8ae99f3e949aadca7efc93f624a9bf0fba7b45337d5190f74ec

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 01 Apr 2024 07:02:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660a5c1b-212"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fPrsy3gyJsS4GZjn6hGvie3KHh4%2B4WlJjeE9ctLQ1i1KCG%2BwJOvS16dThvvzstXvWdR7XODZYK1YY4mEbhESEGvJWZYqK9FrEiMa4o5QJTqCL6j5Z9UnjiyAITKNvEFrLEpTrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 86e1c8ab7caa4bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 ministore.pro.embed.js Show response
embed.ministore.helthjem.no/ 2 KB
948 B 199ms
32ms Script
application/javascript 13.35.93.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.ministore.helthjem.no/ministore.pro.embed.js
Requested by: Host: bookworms.monster
URL: https://bookworms.monster/wmev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.93.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-100.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 331a3e8f56dae80ad2fd615119b0b9f3c9c198309055607fcd836286269b3bdc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 06:44:14 GMT
content-encoding: br
via: 1.1 4bb97c894b41a52a86ef7d6744e0e642.cloudfront.net (CloudFront)
last-modified: Wed, 27 Oct 2021 12:07:43 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P8
age: 30774
etag: W/"600397576e0b8f1a50cae36b2ae5c2a2"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: L2UvUT_eNyLfFYnwjKW4v55ao7YtnhFnym2gAfzGb5JVaBXaMEzlew==

GET sideStore.embed.min.js
ministore.helthjem.no/ 0
0

GET
H2 200 midt-i-blinken-latest.js Show response
www.vg.no/vgc/blink/ 2 KB
2 KB 551ms
136ms Script
application/javascript 2001:67c:21e0::16
GLOBALCONNECT-

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vg.no/vgc/blink/midt-i-blinken-latest.js

Requested by

Host: bookworms.monster
URL: https://bookworms.monster/wmev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:21e0::16 , Norway, ASN2116 (GLOBALCONNECT-, NO),

Reverse DNS

Software

Resource Hash

518e9f979463b4322ee6b3bed23f65194542ebd5aaf16889daf1c7d4decf8d99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:07 GMT
content-encoding: br
strict-transport-security: max-age=15552000
age: 0
x-vg-tlsproxy: u89-tlsproxy-02.int.vgnett.no
x-cache: HIT:1206
x-vg-webcache: oa68-varnish-02
x-age: 596
content-length: 1370
x-varnish-director: static_web
x-vg-webserver: static-web-01
last-modified: Wed, 10 Jan 2024 08:31:06 GMT
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: max-age=3600
permissions-policy: ch-ua-model=*,ch-ua-platform-version=*
accept-ranges: bytes
expires: Tue, 02 Apr 2024 16:07:11 GMT

GET
H3 200 steinh1.jpg
bookworms.monster/wmev/images/ 114 KB
114 KB 434ms
421ms Image
image/jpeg 172.67.162.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bookworms.monster/wmev/images/steinh1.jpg
Requested by: Host: bookworms.monster
URL: https://bookworms.monster/wmev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37dd128d79de2212d6eeacda66e2c7e7963571f8604c4413c0fdd1f5e4f6faa3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:06 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Apr 2024 07:02:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "660a5c1a-1c7f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eTX%2FG%2FBf1Sj6Y%2BY0jddP2q9xMPYk7stz7vTZPzz4bu1fZwuLnx%2B%2Fx%2BSImnMXam5czpD%2BrCt5UkS4A6icZS4%2FyGwbGbvOTmxwK34MBMO1W7GMz5WyaLeiV4xwtmDzYT5TztFcHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86e1c8ab7cac4bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 116720

GET
H3 200 x2.jpg
bookworms.monster/wmev/images/ 80 KB
80 KB 415ms
403ms Image
image/jpeg 172.67.162.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bookworms.monster/wmev/images/x2.jpg
Requested by: Host: bookworms.monster
URL: https://bookworms.monster/wmev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 641732267911d2ba6f8634a26edabf54a3d2ac33c2005a7520ac609c92ee7778

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:06 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Apr 2024 07:02:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "660a5c1a-13e7d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lLeqnxDAigvwT2RrNaAE8VwGblLbzJ2MOp8Tu7c0Xz8wXql%2FcUfLRSUH9bDQn2KLdVd7jE02q30k4znmgEv1bKgWbtNL2VyHWBHbOhjl7vwqa4KS%2FGmf3wjF19UUFXjjCQTj5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86e1c8ab7cad4bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 81533

GET
H3 200 steinh3.jpg
bookworms.monster/wmev/images/ 92 KB
92 KB 391ms
377ms Image
image/jpeg 172.67.162.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bookworms.monster/wmev/images/steinh3.jpg
Requested by: Host: bookworms.monster
URL: https://bookworms.monster/wmev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38e9efbb6c2bcc211492a0ed7eeaa5ceb7d7c52fcc69f03acd4ca360c6a2d978

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:06 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Apr 2024 07:02:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "660a5c1a-16fd6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ZGRkjVlCFvqc%2BD0W027h9EDRUdKejQ7%2FmD9jI%2FHitOFZM6L3hZM%2FNYDNfXUeeSYT3spLjQAaOfP%2B2M7W15dhNFt4H9ljtdEC%2FEsL6qECvIRx65FLMFo8oWBuzVH5WAk8XktFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86e1c8ab8cae4bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 94166

GET
H3 200 muskbranson.jpg
bookworms.monster/wmev/images/ 160 KB
160 KB 424ms
420ms Image
image/jpeg 172.67.162.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bookworms.monster/wmev/images/muskbranson.jpg
Requested by: Host: bookworms.monster
URL: https://bookworms.monster/wmev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50b0010a63d5ede70e4e7c8e005892248e19117182e7634f89c956bbc23ac69b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:07 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Apr 2024 07:02:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "660a5c17-27ea3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BVG0Sy1JQTKED4iZtG1Ha1O7LlAeVeQU2IbUjp96q7P6PXtehh9DeE5ajgX0wkY%2B6jpRRn7jaDHmGqj8oXspowQMgVP2GWytOvXRpFHgP4TTJYF2GTiOQ8ZP3U3Qyt5VDBnOGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86e1c8adeda24bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 163491

GET
H3 200 dreamcar.jpg
bookworms.monster/wmev/images/ 160 KB
160 KB 385ms
376ms Image
image/jpeg 172.67.162.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bookworms.monster/wmev/images/dreamcar.jpg
Requested by: Host: bookworms.monster
URL: https://bookworms.monster/wmev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3525ffd53596d03588ff1bceb57b5571395e10dae94c39a9cb1db4dcaf3d31b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:07 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Apr 2024 07:02:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "660a5c17-27eee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B2Ln6fhxyraDjoQ1FPKhbBoymMO3jEiX%2FccF6P5H9%2BSMwnrrEfaNYDlHpgStw3ATJZbbWV9e9PW9sqRp8PdHzZg86AEdXLpmcO7j5kjinR7lUnpyyLtyVxbc%2B8AMXaXZzrgtZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86e1c8adfda74bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 163566

GET
H3 200 scandi-family.jpg
bookworms.monster/wmev/images/ 69 KB
70 KB 402ms
394ms Image
image/jpeg 172.67.162.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bookworms.monster/wmev/images/scandi-family.jpg
Requested by: Host: bookworms.monster
URL: https://bookworms.monster/wmev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89de577de8f862e95a454c41ac90d87fbe4cec0d1a904cbdae70c2f5c0a4d430

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:07 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Apr 2024 07:02:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "660a5c19-114d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dayz7ciVnFZDfym2QWMdf23ZQkZMgDuFUApu05gY2HRVz7qJrkVCNRem99IWlOi4q9XMHqnbBBdPy70FYWBsZl6176Vtj1NLlS0YqSfi5IL83eXU3tAXFtCQgTxwU2paVALwcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86e1c8ae0db14bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 70872

GET
H3 200 EmbellishedDeliriousArmyworm-size_restricted.gif
bookworms.monster/wmev/images/ 3 MB
3 MB 432ms
423ms Image
image/gif 172.67.162.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bookworms.monster/wmev/images/EmbellishedDeliriousArmyworm-size_restricted.gif
Requested by: Host: bookworms.monster
URL: https://bookworms.monster/wmev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2492de52faf6aa14ac467a3d8bb2011200cb65f1b45c491413269139fcf9bc8b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:07 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Apr 2024 07:02:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "660a5c18-2d84f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IgAmNcp8XQj2AKxhMmaYGpdoEZIDT9Ym%2Bvu4qFA21DDs%2Bk4jzTVsxJChzgV0Kgc2YxkVoJdByoKzV1fhxRUwJ2eU7hC7EQcUfKsgoIOdwQw%2FZCZVE%2BjCb1kz%2BpXv37oFJHNd2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86e1c8ae0db24bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 2983158

GET
H3 200 NO-check-Jahn.jpg
bookworms.monster/wmev/images/ 147 KB
148 KB 298ms
289ms Image
image/jpeg 172.67.162.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bookworms.monster/wmev/images/NO-check-Jahn.jpg
Requested by: Host: bookworms.monster
URL: https://bookworms.monster/wmev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bb3b8853d8380d5c2f2688728e2fc4f8f27aa7ad9845ce1d0c531e9c43bf6d2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:07 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Apr 2024 07:02:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "660a5c17-24dfe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2FFltVWUs1zdWZjmG2oVBQGqz14LVaj0n2nu5ZvZJoyjLkWgbvpuASt7lMQ67mnVVpKp60qdC9lk%2BOZNCgqMp56zBgjAHDuAiAUgwMiyEa4N1DLLwDz%2BRpJVHiNb1%2BW7oZKcgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86e1c8ae0db44bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 151038

GET
H3 200 prod1.jpg
bookworms.monster/wmev/images/ 48 KB
48 KB 380ms
371ms Image
image/jpeg 172.67.162.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bookworms.monster/wmev/images/prod1.jpg
Requested by: Host: bookworms.monster
URL: https://bookworms.monster/wmev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cfcfc9ed11fa644d9b6d01eaf30ceabdbc4cd21fe26b173e5a0452eebbb452b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:07 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Apr 2024 07:02:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "660a5c18-be5e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U8CZWR%2B24PHmdda7kCaMozGfZvr7GL31VUq2cGTkV25etOiRxwzWY4w7Ri4FnqeNXuWEG7a3aS6QOG37oVqDz4j8HrneR6TNnhqQ%2B20q6qWkXYEpUffaRXuLPRw94Tq%2Bepkptw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86e1c8ae0db54bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 48734

GET
H3 200 step2-NO.jpg
bookworms.monster/wmev/images/ 110 KB
110 KB 426ms
418ms Image
image/jpeg 172.67.162.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bookworms.monster/wmev/images/step2-NO.jpg
Requested by: Host: bookworms.monster
URL: https://bookworms.monster/wmev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 018a0e998aad724f04245028a7e006e29c2173d747de8690e7a4a301955788a8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:07 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Apr 2024 07:02:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "660a5c1a-1b80f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eXnP5xjZXKBe5xdinRZSrGeE8D1N2r9FulOnrdFJ%2BXNr22RWZm4%2FP4RdmmDY5K%2B8u6LFXg8GgYZx8URy0taYlASmnvzD2U7dctDGvRrng%2FNrtjU3nicYR1wNo2DDXJ3JKCLopw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86e1c8ae0db64bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 112655

GET
H3 200 step3-NO.jpg
bookworms.monster/wmev/images/ 108 KB
108 KB 431ms
421ms Image
image/jpeg 172.67.162.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bookworms.monster/wmev/images/step3-NO.jpg
Requested by: Host: bookworms.monster
URL: https://bookworms.monster/wmev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa706277ed531a79b46def6c11ccc4ef6c6e070842ad43d99baf7b17aa9526e5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:07 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Apr 2024 07:02:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "660a5c1a-1af22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WPl4utgNMKvBaViQhNchk9ibqElu127jyNJHBMW%2Bt%2BlSo6F4tTWl5D9PtqZC2uqso4Hm4XP%2Bs1WrNgAjq70qiHby7Sljd7QBBUahG1ICggVxwstXlc2%2FHZBuR%2Fw3gJyURLmteQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86e1c8ae0dba4bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 110370

GET
H3 200 email-decode.min.js Show response
bookworms.monster/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 68ms
56ms Script
application/javascript 172.67.162.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bookworms.monster/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: bookworms.monster
URL: https://bookworms.monster/wmev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.162.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65fd6d96-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5kPY%2Fq3t%2BAWxFQgALy69YK7bhfGHSy3RaiB3OERPuVFV45DFl6dNvH9qarAMf%2F9KteAR428v%2FgBuFJeUbv3xRKAi5TeJGPrgoc8U6z%2FD20Zxl7ALYBskbkMxvLVDJBFtvqII9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 86e1c8adfda94bbb-BUF
expires: Thu, 04 Apr 2024 15:17:06 GMT

GET
H3 200 jquery.min.js Show response
bookworms.monster/wmev/js/ 94 KB
34 KB 443ms
432ms Script
application/javascript 172.67.162.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bookworms.monster/wmev/js/jquery.min.js
Requested by: Host: bookworms.monster
URL: https://bookworms.monster/wmev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 01 Apr 2024 07:02:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660a5c1b-176d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FihyAqCsjB9L3fL%2BbmWknSPYigiOUzG9XBGhQcAB1bJvPzRAt2qc6kKigqXitNy2Zdtl8eGOcM96OgD7wjf1M%2FvEsDgQpxMaoHw6%2BxTcZTdFgFIU2xH8BwqBy6kIGupvCvZoGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 86e1c8adfdaa4bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 getdetector.js Show response
bookworms.monster/wmev/js/ 218 B
596 B 128ms
118ms Script
application/javascript 172.67.162.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bookworms.monster/wmev/js/getdetector.js
Requested by: Host: bookworms.monster
URL: https://bookworms.monster/wmev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06c0faf9c4fb7fcb5da73849515ed850b0ca585094d9b582aa859120a20c71f6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 01 Apr 2024 07:02:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660a5c1b-da"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kkSi1y%2FkB2WYcmF0mkExCakPkrFFZiXYGXatW8aBhNwDd80g%2FwCBNc%2FzdKBytv2leosinQiDNe7BiK0pbPsmJloZdnnuDWwrdtf3a7p1%2FACNC0ioodKjn%2Bpr3tNm8KPnCmd9NA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 86e1c8adfdab4bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 script_new.js Show response
bookworms.monster/wmev/js/ 3 KB
2 KB 211ms
202ms Script
application/javascript 172.67.162.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bookworms.monster/wmev/js/script_new.js
Requested by: Host: bookworms.monster
URL: https://bookworms.monster/wmev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 903d9bc642e3efac857e2f689b2161a8e353b5789a4d874c41234e6eba8e09b3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 01 Apr 2024 07:02:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660a5c1b-bbc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JRcYSNhQfpyspxh48G%2Fhs2pYM9oF7mFYag8j1fk6eATAxtYGPrraX9QL1a2jRi61VgqswJRyzDN9gsvtCN%2Fe56IEvXeBxo8deZw2Fmyv9ArORlrCYQ2TV9YU5MpNwSNidRXvmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 86e1c8adfdac4bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 script.js Show response
bookworms.monster/wmev/js/ 3 KB
2 KB 132ms
123ms Script
application/javascript 172.67.162.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bookworms.monster/wmev/js/script.js
Requested by: Host: bookworms.monster
URL: https://bookworms.monster/wmev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c12d192138c5aff895cb1305032edb9dab61bdf2879144a9825abe9828932cd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 01 Apr 2024 07:02:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660a5c1b-d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5rVGMjDRa%2FtQgI0XY%2Bs9VxrZ6MsUMzR0OdMRjiM8pvPe0EYIfoDa1XyipOmRA0SpSxh%2FRW6d%2FU3m3xeWl%2BjZCZTCulAAh%2Bq6rL%2BQkmISwWNstaPGyD%2BoiFxMaTo7T22JMsfmaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 86e1c8adfdad4bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 sheet-script.js Show response
bookworms.monster/wmev/js/ 2 KB
1 KB 127ms
115ms Script
application/javascript 172.67.162.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bookworms.monster/wmev/js/sheet-script.js
Requested by: Host: bookworms.monster
URL: https://bookworms.monster/wmev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77cb860f2b94b87572f1559f55ad91757cf9b13c4071e0f773cbe0fe34e78ca8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/wmev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 01 Apr 2024 07:02:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660a5c1b-9a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QsjS1s0OoC5zO4Qp4pyACkGveu%2BrkXKpMiPUn8r5Wyso6onigv6GkX7%2BcoMAPtkrIIPLlbUvatMzGzwWXNSKKgxQ07HKG52OTsl0yCaGbIvZosEQ%2FGim%2BBEOdO7AkG%2FV7f2S7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 86e1c8adfdb04bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 Inter-roman.var.subset.woff2
www.vg.no/vgc/font-spesial/Inter/3.15/ 41 KB
41 KB 511ms
121ms Font
font/woff2 2001:67c:21e0::16
GLOBALCONNECT-

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vg.no/vgc/font-spesial/Inter/3.15/Inter-roman.var.subset.woff2

Requested by

Host: bookworms.monster
URL: https://bookworms.monster/wmev/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:21e0::16 , Norway, ASN2116 (GLOBALCONNECT-, NO),

Reverse DNS

Software

Resource Hash

e793402f00190c189be5fa4a77cce2489798d6b5f72f28b0c626eb25e378f74a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/
Origin: https://bookworms.monster
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:17:07 GMT
strict-transport-security: max-age=15552000
age: 0
x-vg-tlsproxy: u89-tlsproxy-02.int.vgnett.no
x-cache: HIT:1032068
x-vg-webcache: u89-varnish-02
x-age: 1747342
content-length: 41664
x-varnish-director: static_web
last-modified: Fri, 09 Oct 2020 13:22:36 GMT
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version
vary: User-Agent,Origin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=15552000, immutable
permissions-policy: ch-ua-model=*,ch-ua-platform-version=*
accept-ranges: bytes
expires: Mon, 09 Sep 2024 09:54:44 GMT

GET
H2 200 ministore.pro.embed.css
embed.ministore.helthjem.no/ 2 KB
1 KB 29ms
28ms Stylesheet
text/css 13.35.93.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.ministore.helthjem.no/ministore.pro.embed.css?1712071027635
Requested by: Host: embed.ministore.helthjem.no
URL: https://embed.ministore.helthjem.no/ministore.pro.embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.93.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-100.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc1cdff472e435f66146803f1e3c7a84afc8d7fd1739c521aef754545857f231

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 08:04:22 GMT
content-encoding: gzip
via: 1.1 4bb97c894b41a52a86ef7d6744e0e642.cloudfront.net (CloudFront)
last-modified: Thu, 28 Oct 2021 20:59:10 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P8
age: 29257
etag: W/"fe0a64ae5384a4f9a11c86e4e8e579c9"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: QXPQdN9qweGtCbIPqzMFbn6wS5z1cHbDMjity3zQqXadWA1hgV_CrQ==

GET
H2 200 anton_logo.5c86ba78.png
embed.ministore.helthjem.no/static/media/ 88 KB
89 KB 35ms
34ms Image
image/png 13.35.93.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed.ministore.helthjem.no/static/media/anton_logo.5c86ba78.png
Requested by: Host: bookworms.monster
URL: https://bookworms.monster/wmev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.93.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-100.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1bd9f81d4a7d73f0c61fd1c95cc6bb1d668efb764e1825d109de9ecb93fdcf06

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bookworms.monster/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 08:05:03 GMT
via: 1.1 4bb97c894b41a52a86ef7d6744e0e642.cloudfront.net (CloudFront)
last-modified: Sun, 19 Dec 2021 20:48:24 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P8
age: 25925
etag: "5569228caa0b9b7b81e937c951ba0b78"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 90538
x-amz-cf-id: ZWsj03HZXIAnJW0oJGHvsFLYF-72YW9xgKrh0UMjGVBYi39e-uO_-A==

GET fresk.js
ads.vg.no/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ministore.helthjem.no
URL: https://ministore.helthjem.no/sideStore.embed.min.js

Domain: ads.vg.no
URL: https://ads.vg.no/fresk.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Investment Scam (Online) Generic Cloudflare (Online)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bookworms.monster/	1970-01-20 19:35:57	Name: __cf_mw_byp Value: JyiJmK5L1Wtgc5mZIWVZi6sgrbYGnBs0RnUMUNAiyQg-1712071021-0.0.1.1-/wmev/

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bookworms.monster/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://bookworms.monster/wmev/ Message: Access to script at 'https://ads.vg.no/fresk.js' from origin 'https://bookworms.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ads.vg.no/fresk.js Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.vg.no
bookworms.monster
embed.ministore.helthjem.no
ministore.helthjem.no
www.vg.no
ads.vg.no
ministore.helthjem.no
13.35.93.100
172.67.162.106
2001:67c:21e0::16
2606:4700:3037::6815:3ab4
018a0e998aad724f04245028a7e006e29c2173d747de8690e7a4a301955788a8
06c0faf9c4fb7fcb5da73849515ed850b0ca585094d9b582aa859120a20c71f6
0bb3b8853d8380d5c2f2688728e2fc4f8f27aa7ad9845ce1d0c531e9c43bf6d2
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
17d9be9c7e268da7806d8dd45d85ebefd87256800161057b2b28acb8a022a651
1bd9f81d4a7d73f0c61fd1c95cc6bb1d668efb764e1825d109de9ecb93fdcf06
2492de52faf6aa14ac467a3d8bb2011200cb65f1b45c491413269139fcf9bc8b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
331a3e8f56dae80ad2fd615119b0b9f3c9c198309055607fcd836286269b3bdc
37dd128d79de2212d6eeacda66e2c7e7963571f8604c4413c0fdd1f5e4f6faa3
38e9efbb6c2bcc211492a0ed7eeaa5ceb7d7c52fcc69f03acd4ca360c6a2d978
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f
50b0010a63d5ede70e4e7c8e005892248e19117182e7634f89c956bbc23ac69b
518e9f979463b4322ee6b3bed23f65194542ebd5aaf16889daf1c7d4decf8d99
641732267911d2ba6f8634a26edabf54a3d2ac33c2005a7520ac609c92ee7778
6cfcfc9ed11fa644d9b6d01eaf30ceabdbc4cd21fe26b173e5a0452eebbb452b
77638cde0e8992441d0e3acc264a2408f94d90f1ba4693fd588fa4626479b936
77cb860f2b94b87572f1559f55ad91757cf9b13c4071e0f773cbe0fe34e78ca8
8307a5cedddfc8ae99f3e949aadca7efc93f624a9bf0fba7b45337d5190f74ec
86f631cb7d1cb06e7dffa796fa706b9e4b768d047f7ab52cb2e5b6909395b6a5
89de577de8f862e95a454c41ac90d87fbe4cec0d1a904cbdae70c2f5c0a4d430
8c12d192138c5aff895cb1305032edb9dab61bdf2879144a9825abe9828932cd
903d9bc642e3efac857e2f689b2161a8e353b5789a4d874c41234e6eba8e09b3
a3525ffd53596d03588ff1bceb57b5571395e10dae94c39a9cb1db4dcaf3d31b
c1e40388ae0f1566058a02a63de05576a29183489c5abb56ceed00a15293c0e5
e793402f00190c189be5fa4a77cce2489798d6b5f72f28b0c626eb25e378f74a
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
fa706277ed531a79b46def6c11ccc4ef6c6e070842ad43d99baf7b17aa9526e5
fc1cdff472e435f66146803f1e3c7a84afc8d7fd1739c521aef754545857f231

bookworms.monster Open in urlscan Pro 2606:4700:3037::6815:3ab4 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

94 %HTTPS

50 %IPv6

3 Domains

5 Subdomains

5 IPs

2 Countries

4220 kBTransfer

4443 kBSize

1 Cookies

156 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bookworms.monster Open in urlscan Pro
2606:4700:3037::6815:3ab4 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

94 %
HTTPS

50 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

4220 kB
Transfer

4443 kB
Size

1
Cookies

32 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!