nrk-nor.com Open in urlscan Pro
2606:4700:3032::681b:8e3f Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://brightonlandscapesupply.com/link/d5aedc05848b3300d203dc9437d678b6/8a172876871121690f1712b7209201f4
Effective URL:
http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365...
Submission: On April 15 via manual (April 15th 2020, 11:53:38 am UTC) from IN

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3032::681b:8e3f, located in United States and belongs to CLOUDFLARENET, US. The main domain is nrk-nor.com.

This is the only time nrk-nor.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Investment Scam (Online) Lion's Den Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	51.158.163.241 51.158.163.241	12876 (Online SAS) (Online SAS)
1 28	2606:4700:303... 2606:4700:3032::681b:8e3f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2

1 51.158.163.241 (Paris, France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: brightonlandscapesupply.com

brightonlandscapesupply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:3032::681b:8e3f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nrk-nor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	nrk-nor.com 1 redirects nrk-nor.com	1 MB
1	brightonlandscapesupply.com 1 redirects brightonlandscapesupply.com	1 KB
0	nepreland.com Failed nepreland.com Failed
28	3

	Domain	Requested by
28	nrk-nor.com	1 redirects nrk-nor.com
1	brightonlandscapesupply.com	1 redirects
0	nepreland.com Failed	nrk-nor.com
28	3

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249
Frame ID: 3F85FB3304E9DD35F7D729CE902433DF
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://brightonlandscapesupply.com/link/d5aedc05848b3300d203dc9437d678b6/8a172876871121690f1712b7209201f4 HTTP 302
http://nrk-nor.com/gopre/a8b0fcef262e4e95a728d675d944f1b0/PRLND5e7b6bdb8cfca2.70874375/s1=6bbc6... HTTP 302
http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8f... Page URL

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

28
Requests

0 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

1412 kB
Transfer

1651 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://brightonlandscapesupply.com/link/d5aedc05848b3300d203dc9437d678b6/8a172876871121690f1712b7209201f4 HTTP 302
http://nrk-nor.com/gopre/a8b0fcef262e4e95a728d675d944f1b0/PRLND5e7b6bdb8cfca2.70874375/s1=6bbc68c2b44be7ed0e9a8472eb68d948&s2=8a172876871121690f1712b7209201f4&s3=34_674772 HTTP 302
http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.php Show response nrk-nor.com/prelander/495_1/ Redirect Chain http://brightonlandscapesupply.com/link/d5aedc05848b3300d203dc9437d678b6/8a172876871121690f1712b7209201f4 http://nrk-nor.com/gopre/a8b0fcef262e4e95a728d675d944f1b0/PRLND5e7b6bdb8cfca2.70874375/s1=6bbc68c2b44be7ed0e9a8472eb68d948&s2=8a172876871121690f1712b7209201f4&s3=34_674772 http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249	102 KB 20 KB	469ms 468ms	Document text/html	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.6 Resource Hash `a10c75a67ba1436096b6945775a74189050614ffc600934daea7a06f36427c5e` Request headers Host nrk-nor.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Cookie __cfduid=d8cc40396c3f0ae84de827a8f0fce10e21586951596; PHPSESSID=qv839keo08i2ia1ggq2nhmrbmk; XSRF-TOKEN=eyJpdiI6Im1ncnJiUHNac051TGVvZkUyVERETXc9PSIsInZhbHVlIjoicnZQYWJIbjdkYXh4NkFEN01ZblMxQjNtRmQxVnFkXC9oMG5ENjc3RFFpcGdHRTFrMHF4ZXBiZ2QxT1h2YjVicXoiLCJtYWMiOiIwNWI3M2NjNjQ4ZWY0ZTFmYzA3MjYzMDQxNzgxYmNlMTZiMjQ0NTI1MzhkZDgyYWU5ZDg0YjQ3NjMxYTIxNTk4In0%3D; laravel_session=eyJpdiI6ImhKZ0lQcXRZZmVnelBUUUdiWktSZlE9PSIsInZhbHVlIjoiQ1dRWXprUDhvRHBZaUl0ZEFCRGUrQnlTVnYwM2dTeGJSUUJMREh2akcrRk95V3J4cTV2dDA3dnNOSUVZaVozXC8iLCJtYWMiOiI4YTU0YTVlMTRiYTlmMGUzNWFkZDQ2Mzg2NjE4YTliYzFkZmZlNTA1NzRiZWYzNDhjY2ZjNDgzNWRiZmQzYWI5In0%3D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/7.2.6 X-Varnish 1507362 Age 0 Via 1.1 varnish-v4 CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 5845771ac95b1f55-FRA Content-Encoding gzip cf-request-id 021f48c4bb00001f5573329200000001 Redirect headers Date Wed, 15 Apr 2020 11:53:16 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d8cc40396c3f0ae84de827a8f0fce10e21586951596; expires=Fri, 15-May-20 11:53:16 GMT; path=/; domain=.nrk-nor.com; HttpOnly; SameSite=Lax PHPSESSID=qv839keo08i2ia1ggq2nhmrbmk; path=/ XSRF-TOKEN=eyJpdiI6Im1ncnJiUHNac051TGVvZkUyVERETXc9PSIsInZhbHVlIjoicnZQYWJIbjdkYXh4NkFEN01ZblMxQjNtRmQxVnFkXC9oMG5ENjc3RFFpcGdHRTFrMHF4ZXBiZ2QxT1h2YjVicXoiLCJtYWMiOiIwNWI3M2NjNjQ4ZWY0ZTFmYzA3MjYzMDQxNzgxYmNlMTZiMjQ0NTI1MzhkZDgyYWU5ZDg0YjQ3NjMxYTIxNTk4In0%3D; expires=Wed, 15-Apr-2020 13:47:29 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6ImhKZ0lQcXRZZmVnelBUUUdiWktSZlE9PSIsInZhbHVlIjoiQ1dRWXprUDhvRHBZaUl0ZEFCRGUrQnlTVnYwM2dTeGJSUUJMREh2akcrRk95V3J4cTV2dDA3dnNOSUVZaVozXC8iLCJtYWMiOiI4YTU0YTVlMTRiYTlmMGUzNWFkZDQ2Mzg2NjE4YTliYzFkZmZlNTA1NzRiZWYzNDhjY2ZjNDgzNWRiZmQzYWI5In0%3D; expires=Wed, 15-Apr-2020 13:47:29 GMT; Max-Age=7200; path=/; httponly X-Powered-By PHP/7.2.6 Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, no-cache, private Pragma no-cache Location http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 X-Varnish 1507359 Age 0 Via 1.1 varnish-v4 CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 5845771798661f55-FRA cf-request-id 021f48c2c300001f557330f200000001
GET H/1.1	200 OK	css.css nrk-nor.com/prelander/495_1/css/	116 KB 20 KB	27ms 21ms	Stylesheet text/css	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://nrk-nor.com/prelander/495_1/css/css.css Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `52fe4cf454ce49121688323fabb4111ead038790c0221de78b44864b86a5b4ac` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5575 Transfer-Encoding chunked Connection keep-alive Content-Encoding gzip cf-request-id 021f48c6990000dfad48388200000001 X-Varnish 3015894 Last-Modified Wed, 18 Mar 2020 09:00:13 GMT Server cloudflare ETag W/"1d0c6-5a11d47c1ca7d" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=14400 CF-RAY 5845771dcff6dfad-FRA
GET H/1.1	200 OK	intlTelInput.min.css nrk-nor.com/prelander/495_1/css/	18 KB 3 KB	51ms 45ms	Stylesheet text/css	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://nrk-nor.com/prelander/495_1/css/intlTelInput.min.css Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `08781faa483ed45947b94414cc365589e7a41c22989eb452372d64d93ae4c114` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5575 Transfer-Encoding chunked Connection keep-alive Content-Encoding gzip cf-request-id 021f48c69a00001f39e4ac8200000001 X-Varnish 2360328 Last-Modified Wed, 18 Mar 2020 09:00:13 GMT Server cloudflare ETag W/"4704-5a11d47c62b95" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=14400 CF-RAY 5845771dcd1e1f39-FRA
GET H/1.1	200 OK	jquery.min.js Show response nrk-nor.com/prelander/495_1/js/	86 KB 30 KB	25ms 19ms	Script application/javascript	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://nrk-nor.com/prelander/495_1/js/jquery.min.js Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5575 Transfer-Encoding chunked Connection keep-alive Content-Encoding gzip cf-request-id 021f48c69a0000dfe72bad6200000001 X-Varnish 4850244 Last-Modified Wed, 18 Mar 2020 09:00:32 GMT Server cloudflare ETag W/"15851-5a11d48e639c6" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=14400 CF-RAY 5845771dcad2dfe7-FRA
GET H/1.1	200 OK	logo.png nrk-nor.com/prelander/495_1/images/	6 KB 6 KB	13ms 13ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/logo.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `abfcb1683ba86df7a394fa39d6691eb207910eba690609687009a06e671c720e` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5575 Connection keep-alive Content-Length 5768 cf-request-id 021f48c6ba0000dfe72bafd200000001 X-Varnish 3212483 Last-Modified Wed, 18 Mar 2020 09:00:24 GMT Server cloudflare ETag "1688-5a11d486d2d7e" Vary Accept-Encoding Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771dfb8bdfe7-FRA
GET H/1.1	200 OK	cegrc1o7f3llvodpyray.jpg nrk-nor.com/prelander/495_1/images/	18 KB 18 KB	15ms 14ms	Image image/jpeg	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/cegrc1o7f3llvodpyray.jpg Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f462d3a1e8980262d49048bba0c93026ddb913f5d6aaf143ccc24eca599a8bb9` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5575 Connection keep-alive Content-Length 18280 cf-request-id 021f48c6c800001f39e4acb200000001 X-Varnish 3408214 Last-Modified Wed, 18 Mar 2020 09:00:16 GMT Server cloudflare ETag "4768-5a11d47f34675" Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771e0dda1f39-FRA
GET H/1.1	200 OK	jgc2qdsl7f0wbpyk9nap.jpg nrk-nor.com/prelander/495_1/images/	212 KB 213 KB	19ms 19ms	Image image/jpeg	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/jgc2qdsl7f0wbpyk9nap.jpg Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `460d40afe453c437dd71cde2c17dc53a178871476ff78b629bfce0ef7d9a7b23` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5575 Connection keep-alive Content-Length 217554 cf-request-id 021f48c6c80000dfe72bb09200000001 X-Varnish 3113778 Last-Modified Wed, 18 Mar 2020 09:00:21 GMT Server cloudflare ETag "351d2-5a11d48351a06" Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771e0bdddfe7-FRA
GET H/1.1	200 OK	jwccfgscfkwc894gdtcg.jpg nrk-nor.com/prelander/495_1/images/	54 KB 54 KB	15ms 12ms	Image image/jpeg	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/jwccfgscfkwc894gdtcg.jpg Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `468aea9e62bd52ee4fc4d480b8a323429278d25dacd57e0723d5a5b914c52c7a` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5575 Connection keep-alive Content-Length 55014 cf-request-id 021f48c6d70000dfad48390200000001 X-Varnish 1999392 Last-Modified Wed, 18 Mar 2020 09:00:22 GMT Server cloudflare ETag "d6e6-5a11d4851393e" Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771e28d7dfad-FRA
GET H/1.1	200 OK	dyxpm6j17qfnmnhj9rdc.jpg nrk-nor.com/prelander/495_1/images/	146 KB 146 KB	20ms 16ms	Image image/jpeg	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/dyxpm6j17qfnmnhj9rdc.jpg Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2734afde9c73e70b3786d0aeaee5568550c8d2c16f79b741bcae8cbf6e4d0543` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5575 Connection keep-alive Content-Length 149060 cf-request-id 021f48c6d900001f39e4acc200000001 X-Varnish 2687868 Last-Modified Wed, 18 Mar 2020 09:00:19 GMT Server cloudflare ETag "24644-5a11d481eb3a6" Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771e2e271f39-FRA
GET H/1.1	200 OK	xjfu04hzwv1fubhhu6l7.jpg nrk-nor.com/prelander/495_1/images/	82 KB 82 KB	35ms 26ms	Image image/jpeg	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/xjfu04hzwv1fubhhu6l7.jpg Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f6bd6a6b49896da68970bd62dc8c05c2de2e82b70862894950ffc937fa80793e` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5575 Connection keep-alive Content-Length 83860 cf-request-id 021f48c6dc0000980ee118e200000001 X-Varnish 1672305 Last-Modified Wed, 18 Mar 2020 09:00:30 GMT Server cloudflare ETag "14794-5a11d48c65d86" Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771e2ba6980e-FRA
GET H/1.1	200 OK	ulprhvedsgozq6r6gy8t.jpg nrk-nor.com/prelander/495_1/images/	91 KB 92 KB	26ms 18ms	Image image/jpeg	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/ulprhvedsgozq6r6gy8t.jpg Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bf5189504db2989e3793ea49c8896d16257f1c7c4e3ae1764e6b25e946c33ea2` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5575 Connection keep-alive Content-Length 93534 cf-request-id 021f48c6dc0000bf23132b4200000001 X-Varnish 5275905 Last-Modified Wed, 18 Mar 2020 09:00:27 GMT Server cloudflare ETag "16d5e-5a11d489a214e" Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771e2ea6bf23-FRA
GET H/1.1	200 OK	l4tebgz5cuohroqtccyi.jpg nrk-nor.com/prelander/495_1/images/	96 KB 97 KB	28ms 12ms	Image image/jpeg	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/l4tebgz5cuohroqtccyi.jpg Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `41df49a648ccd2386a5e32c674dc5979c069ec87359fb60aaec80eabec26c614` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5574 Connection keep-alive Content-Length 98681 cf-request-id 021f48c6e80000dfe72bb0f200000001 X-Varnish 4343899 Last-Modified Wed, 18 Mar 2020 09:00:23 GMT Server cloudflare ETag "18179-5a11d48572cae" Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771e4c56dfe7-FRA
GET H/1.1	200 OK	Step_1_Screenshot.png nrk-nor.com/prelander/495_1/images/	41 KB 41 KB	21ms 20ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/Step_1_Screenshot.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `13264bfcbeae75e4176f8a3f899c79f3c537975e6dfdd197d4ff415a32196dc4` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5574 Connection keep-alive Content-Length 41776 cf-request-id 021f48c6f10000dfad48393200000001 X-Varnish 2425622 Last-Modified Mon, 30 Mar 2020 11:33:28 GMT Server cloudflare ETag "a330-5a210d1e2f8fa" Vary Accept-Encoding Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771e4958dfad-FRA
GET H/1.1	200 OK	loading.gif nrk-nor.com/prelander/495_1/images/	3 KB 4 KB	19ms 14ms	Image image/gif	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/loading.gif Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5574 Connection keep-alive Content-Length 3208 cf-request-id 021f48c6ee00001f39e4ace200000001 X-Varnish 3343307 Last-Modified Wed, 18 Mar 2020 09:00:24 GMT Server cloudflare ETag "c88-5a11d4863b79e" Vary Accept-Encoding Content-Type image/gif Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771e4e681f39-FRA
GET H/1.1	200 OK	cta2.png nrk-nor.com/prelander/495_1/images/	134 KB 135 KB	40ms 31ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/cta2.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4623730049c816f0eeeea0723b92c16b2803cfa1fca1324efbd4af777af8865` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5574 Connection keep-alive Content-Length 137427 cf-request-id 021f48c6f70000bf23132bb200000001 X-Varnish 2884240 Last-Modified Wed, 18 Mar 2020 09:00:18 GMT Server cloudflare ETag "218d3-5a11d480858fd" Vary Accept-Encoding Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771e5ed0bf23-FRA
GET H/1.1	200 OK	cta3.png nrk-nor.com/prelander/495_1/images/	124 KB 124 KB	17ms 15ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/cta3.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5c3c295be8433cc36713bdfe3abe88546ac4b1dec7ba1fc1f264a0334d8a5265` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5574 Connection keep-alive Content-Length 126921 cf-request-id 021f48c6f80000dfe72bb10200000001 X-Varnish 3440980 Last-Modified Wed, 18 Mar 2020 09:00:18 GMT Server cloudflare ETag "1efc9-5a11d4810c53e" Vary Accept-Encoding Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771e5cb9dfe7-FRA
GET H/1.1	200 OK	l7kp6sagzvgjamrhi0w8.png nrk-nor.com/prelander/495_1/images/	34 KB 35 KB	19ms 13ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/l7kp6sagzvgjamrhi0w8.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5adbed9d75481c04641b70a78519079b1aa08150757ee14f7c84327356e73b1f` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5574 Connection keep-alive Content-Length 34888 cf-request-id 021f48c6fe00001f39e4ad0200000001 X-Varnish 3212486 Last-Modified Wed, 18 Mar 2020 09:00:23 GMT Server cloudflare ETag "8848-5a11d4860a676" Vary Accept-Encoding Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771e6ea41f39-FRA
GET H/1.1	200 OK	ainicniusbw2nyx3hlfi.png nrk-nor.com/prelander/495_1/images/	34 KB 35 KB	29ms 14ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/ainicniusbw2nyx3hlfi.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3dde975bef15653e64134deee5e1dd5220720f5ecb8fc26adc38f63b6cb57226` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5574 Connection keep-alive Content-Length 35141 cf-request-id 021f48c70c0000980ee1194200000001 X-Varnish 2360331 Last-Modified Wed, 18 Mar 2020 09:00:16 GMT Server cloudflare ETag "8945-5a11d47efcbd5" Vary Accept-Encoding Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771e7bf9980e-FRA
GET H/1.1	200 OK	xo0rgoorgbynpgw4kyqp.png nrk-nor.com/prelander/495_1/images/	38 KB 38 KB	31ms 17ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/xo0rgoorgbynpgw4kyqp.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e5f99941f717ee56ec795c58e4c73d8f72d15494deb92d94894e2f0ea0f47b7e` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5573 Connection keep-alive Content-Length 38902 cf-request-id 021f48c70b0000dfe72bb11200000001 X-Varnish 4850256 Last-Modified Wed, 18 Mar 2020 09:00:29 GMT Server cloudflare ETag "97f6-5a11d48b3cf86" Vary Accept-Encoding Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771e7d18dfe7-FRA
GET H/1.1	200 OK	ooo3goob2pv5nlmdwwas.png nrk-nor.com/prelander/495_1/images/	25 KB 26 KB	12ms 10ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/ooo3goob2pv5nlmdwwas.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1b7e0a2736aeb5f656f8b9cc2fda4b3eb2ea212d2f344dae9b7792136c9c5562` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5573 Connection keep-alive Content-Length 25718 cf-request-id 021f48c6ff0000980ee118f200000001 X-Varnish 4343908 Last-Modified Wed, 18 Mar 2020 09:00:26 GMT Server cloudflare ETag "6476-5a11d4887d99e" Vary Accept-Encoding Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771e6bde980e-FRA
GET H/1.1	200 OK	jfn5vt9dszilcurtwjlo.png nrk-nor.com/prelander/495_1/images/	37 KB 37 KB	13ms 11ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/jfn5vt9dszilcurtwjlo.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `494a3efdafd5407a5a88d922f5a4a72d71ac2f3ad8f3f9fe607f8cf89314dfa1` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5573 Connection keep-alive Content-Length 37859 cf-request-id 021f48c7000000dfad48395200000001 X-Varnish 5440544 Last-Modified Wed, 18 Mar 2020 09:00:20 GMT Server cloudflare ETag "93e3-5a11d482ca9de" Vary Accept-Encoding Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771e698bdfad-FRA
GET		opensans-bold.html nepreland.com/de/bipy/blog281/	0 0

GET H/1.1	200 OK	wy3fkittrrlvgut3odp2.png nrk-nor.com/prelander/495_1/images/	34 KB 35 KB	15ms 13ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/wy3fkittrrlvgut3odp2.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `54e408290bafacaad2eaf0b17ec04ecf29ae7333a69784730a1af7d749b3c4a9` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5573 Connection keep-alive Content-Length 34979 cf-request-id 021f48c75300001f5573360200000001 X-Varnish 3343304 Last-Modified Wed, 18 Mar 2020 09:00:28 GMT Server cloudflare ETag "88a3-5a11d48a3f4ee" Vary Accept-Encoding Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771eed711f55-FRA
GET H/1.1	200 OK	kdsy10yyahownwemccbo.png nrk-nor.com/prelander/495_1/images/	30 KB 31 KB	22ms 19ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/kdsy10yyahownwemccbo.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b8ff47c69f9495e6ea65471b668c7d0145a9b2122aa780087cd59ca4ef8644b5` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5573 Connection keep-alive Content-Length 31140 cf-request-id 021f48c7540000dfe72bb17200000001 X-Varnish 2687871 Last-Modified Wed, 18 Mar 2020 09:00:22 GMT Server cloudflare ETag "79a4-5a11d4844b61e" Vary Accept-Encoding Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771eee66dfe7-FRA
GET H/1.1	200 OK	checkmark.png nrk-nor.com/prelander/495_1/images/	341 B 788 B	12ms 10ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/checkmark.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5573 Connection keep-alive Content-Length 341 cf-request-id 021f48c7540000980ee119d200000001 X-Varnish 3408220 Last-Modified Wed, 18 Mar 2020 09:00:17 GMT Server cloudflare ETag "155-5a11d47fbf905" Vary Accept-Encoding Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771eec6f980e-FRA
GET H/1.1	200 OK	prod.jpg nrk-nor.com/prelander/495_1/images/	59 KB 60 KB	18ms 16ms	Image image/jpeg	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/prod.jpg Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `072616d23670d9d44a168b21236e9d6bf344a05459601971afb906dead0c1205` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5573 Connection keep-alive Content-Length 60605 cf-request-id 021f48c7550000bf23132c5200000001 X-Varnish 3245770 Last-Modified Wed, 18 Mar 2020 09:00:26 GMT Server cloudflare ETag "ecbd-5a11d488bec96" Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771eef8ebf23-FRA
GET H/1.1	200 OK	n4donflljypzf0jwaysp.png nrk-nor.com/prelander/495_1/images/	18 KB 18 KB	13ms 11ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/n4donflljypzf0jwaysp.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `18f964969c482859c4aaa2aec0b97e478485cc368a7f8e07579e82be930aabe4` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5573 Connection keep-alive Content-Length 18246 cf-request-id 021f48c75400001f39e4ad7200000001 X-Varnish 1901732 Last-Modified Wed, 18 Mar 2020 09:00:25 GMT Server cloudflare ETag "4746-5a11d48794b0e" Vary Accept-Encoding Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771eefdf1f39-FRA
GET H/1.1	200 OK	hiqtte24snwgkglyozuw.jpg nrk-nor.com/prelander/495_1/images/	11 KB 12 KB	21ms 19ms	Image image/jpeg	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/hiqtte24snwgkglyozuw.jpg Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e96f4511b6636.50532342&prehit=5a9bbb8d42d8fa56661dd5ebfd7a55365f4f1ae0&s2=8a172876871121690f1712b7209201f4&oq=1586951249 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ca783fcc65d1ba104e19854f40695c8edad38a43f24809007af1177e79d41b31` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 15 Apr 2020 11:53:17 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Age 5573 Connection keep-alive Content-Length 11676 cf-request-id 021f48c7550000dfad483a0200000001 X-Varnish 1051074 Last-Modified Wed, 18 Mar 2020 09:00:19 GMT Server cloudflare ETag "2d9c-5a11d481d05f6" Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5845771eeafcdfad-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nepreland.com
URL: https://nepreland.com/de/bipy/blog281/opensans-bold.html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Investment Scam (Online) Lion's Den Scam (Online)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nrk-nor.com/	1970-01-19 08:49:18	Name: XSRF-TOKEN Value: eyJpdiI6Im1ncnJiUHNac051TGVvZkUyVERETXc9PSIsInZhbHVlIjoicnZQYWJIbjdkYXh4NkFEN01ZblMxQjNtRmQxVnFkXC9oMG5ENjc3RFFpcGdHRTFrMHF4ZXBiZ2QxT1h2YjVicXoiLCJtYWMiOiIwNWI3M2NjNjQ4ZWY0ZTFmYzA3MjYzMDQxNzgxYmNlMTZiMjQ0NTI1MzhkZDgyYWU5ZDg0YjQ3NjMxYTIxNTk4In0%3D
nrk-nor.com/	1970-01-19 08:49:18	Name: laravel_session Value: eyJpdiI6ImhKZ0lQcXRZZmVnelBUUUdiWktSZlE9PSIsInZhbHVlIjoiQ1dRWXprUDhvRHBZaUl0ZEFCRGUrQnlTVnYwM2dTeGJSUUJMREh2akcrRk95V3J4cTV2dDA3dnNOSUVZaVozXC8iLCJtYWMiOiI4YTU0YTVlMTRiYTlmMGUzNWFkZDQ2Mzg2NjE4YTliYzFkZmZlNTA1NzRiZWYzNDhjY2ZjNDgzNWRiZmQzYWI5In0%3D
nrk-nor.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: qv839keo08i2ia1ggq2nhmrbmk
.nrk-nor.com/	1970-01-19 09:32:23	Name: __cfduid Value: d8cc40396c3f0ae84de827a8f0fce10e21586951596

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

brightonlandscapesupply.com
nepreland.com
nrk-nor.com
nepreland.com
2606:4700:3032::681b:8e3f
51.158.163.241
072616d23670d9d44a168b21236e9d6bf344a05459601971afb906dead0c1205
08781faa483ed45947b94414cc365589e7a41c22989eb452372d64d93ae4c114
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
13264bfcbeae75e4176f8a3f899c79f3c537975e6dfdd197d4ff415a32196dc4
18f964969c482859c4aaa2aec0b97e478485cc368a7f8e07579e82be930aabe4
1b7e0a2736aeb5f656f8b9cc2fda4b3eb2ea212d2f344dae9b7792136c9c5562
2734afde9c73e70b3786d0aeaee5568550c8d2c16f79b741bcae8cbf6e4d0543
3dde975bef15653e64134deee5e1dd5220720f5ecb8fc26adc38f63b6cb57226
41df49a648ccd2386a5e32c674dc5979c069ec87359fb60aaec80eabec26c614
460d40afe453c437dd71cde2c17dc53a178871476ff78b629bfce0ef7d9a7b23
468aea9e62bd52ee4fc4d480b8a323429278d25dacd57e0723d5a5b914c52c7a
494a3efdafd5407a5a88d922f5a4a72d71ac2f3ad8f3f9fe607f8cf89314dfa1
52fe4cf454ce49121688323fabb4111ead038790c0221de78b44864b86a5b4ac
54e408290bafacaad2eaf0b17ec04ecf29ae7333a69784730a1af7d749b3c4a9
5adbed9d75481c04641b70a78519079b1aa08150757ee14f7c84327356e73b1f
5c3c295be8433cc36713bdfe3abe88546ac4b1dec7ba1fc1f264a0334d8a5265
a10c75a67ba1436096b6945775a74189050614ffc600934daea7a06f36427c5e
abfcb1683ba86df7a394fa39d6691eb207910eba690609687009a06e671c720e
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
b8ff47c69f9495e6ea65471b668c7d0145a9b2122aa780087cd59ca4ef8644b5
bf5189504db2989e3793ea49c8896d16257f1c7c4e3ae1764e6b25e946c33ea2
ca783fcc65d1ba104e19854f40695c8edad38a43f24809007af1177e79d41b31
e5f99941f717ee56ec795c58e4c73d8f72d15494deb92d94894e2f0ea0f47b7e
e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8
f4623730049c816f0eeeea0723b92c16b2803cfa1fca1324efbd4af777af8865
f462d3a1e8980262d49048bba0c93026ddb913f5d6aaf143ccc24eca599a8bb9
f6bd6a6b49896da68970bd62dc8c05c2de2e82b70862894950ffc937fa80793e

nrk-nor.com Open in urlscan Pro 2606:4700:3032::681b:8e3f Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

0 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

1412 kBTransfer

1651 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

nrk-nor.com Open in urlscan Pro
2606:4700:3032::681b:8e3f Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

0 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

1412 kB
Transfer

1651 kB
Size

4
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!