Submitted URL: https://collegefootballdiscounttickets.nflodds.org/
Effective URL: https://nflodds.org/
Submission: On July 24 via api from US — Scanned from DE

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 18 HTTP transactions. The main IP is 198.12.237.182, located in Ashburn, United States and belongs to GO-DADDY-COM-LLC, US. The main domain is nflodds.org.
TLS certificate: Issued by R3 on May 31st 2024. Valid for: 3 months.
This is the only time nflodds.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.251.168 16509 (AMAZON-02)
5 198.12.237.182 398101 (GO-DADDY-...)
1 1 89.207.16.75 41041 (VCLK-EU-SE)
1 23.216.203.96 16625 (AKAMAI-AS)
5 104.18.190.136 13335 (CLOUDFLAR...)
5 104.18.192.136 13335 (CLOUDFLAR...)
1 2600:9000:266... 16509 (AMAZON-02)
1 18.245.60.7 16509 (AMAZON-02)
18 6
Apex Domain
Subdomains
Transfer
10 commissionkings.ag
js.commissionkings.ag
media.commissionkings.ag
274 KB
6 nflodds.org
collegefootballdiscounttickets.nflodds.org
nflodds.org
31 KB
1 booking.com
www.booking.com — Cisco Umbrella Rank: 11143
1 bstatic.com
cf.bstatic.com — Cisco Umbrella Rank: 19480
3 KB
1 yceml.net
www.yceml.net — Cisco Umbrella Rank: 66338
9 KB
1 tqlkg.com
www.tqlkg.com — Cisco Umbrella Rank: 251275
440 B
18 6
Domain Requested by
5 media.commissionkings.ag nflodds.org
5 js.commissionkings.ag nflodds.org
5 nflodds.org nflodds.org
1 www.booking.com cf.bstatic.com
1 cf.bstatic.com nflodds.org
1 www.yceml.net nflodds.org
1 www.tqlkg.com 1 redirects
1 collegefootballdiscounttickets.nflodds.org 1 redirects
18 8
Subject Issuer Validity Valid
cpanel.nflodds.org
R3
2024-05-31 -
2024-08-29
3 months crt.sh
js.commissionkings.ag
E5
2024-07-09 -
2024-10-07
3 months crt.sh
media.commissionkings.ag
E5
2024-07-09 -
2024-10-07
3 months crt.sh
*.bstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-29 -
2024-11-28
a year crt.sh
*.booking.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-05-01 -
2025-03-25
a year crt.sh

This page contains 2 frames:

Primary Page: https://nflodds.org/
Frame ID: 84839054FF59E8674771CA5DA14CD5DC
Requests: 17 HTTP requests in this frame

Frame: https://www.booking.com/flexiproduct.html?product=banner&w=300&h=250&lang=en&aid=2117704&target_aid=2117704&banner_id=103455&tmpl=affiliate_banner&fid=1721795670246&
Frame ID: 42D9B90515C5A239FCC2B3D9CB5D5008
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

NFL Odds and Sport Odds

Page URL History Show full URLs

  1. https://collegefootballdiscounttickets.nflodds.org/ HTTP 301
    https://nflodds.org/ Page URL

Page Statistics

18
Requests

94 %
HTTPS

13 %
IPv6

6
Domains

8
Subdomains

6
IPs

4
Countries

316 kB
Transfer

333 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://collegefootballdiscounttickets.nflodds.org/ HTTP 301
    https://nflodds.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://www.tqlkg.com/image-5599348-10813511 HTTP 302
  • https://www.yceml.net/0071/10813511-1610049718112

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
nflodds.org/
Redirect Chain
  • https://collegefootballdiscounttickets.nflodds.org/
  • https://nflodds.org/
17 KB
4 KB
Document
General
Full URL
https://nflodds.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.237.182 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
182.237.12.198.host.secureserver.net
Software
Apache / PHP/8.1.29
Resource Hash
fe5314216b309a383f5281606bf967c0c4d09f7071fe6c674cd9d25058aaca73

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-length
4442
content-type
text/html; charset=UTF-8
date
Wed, 24 Jul 2024 04:34:29 GMT
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/8.1.29

Redirect headers

Connection
close
Content-Length
71
Content-Type
text/html; charset=utf-8
Date
Wed, 24 Jul 2024 04:34:29 GMT
Location
https://nflodds.org#college-football
Server
ip-100-74-5-135.eu-west-2.compute.internal
Vary
Accept-Encoding
X-Request-Id
0120c2a0-d4f6-4b96-be41-4b872a489e0a
brevard-horse.css
nflodds.org/
4 KB
992 B
Stylesheet
General
Full URL
https://nflodds.org/brevard-horse.css
Requested by
Host: nflodds.org
URL: https://nflodds.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.237.182 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
182.237.12.198.host.secureserver.net
Software
Apache /
Resource Hash
98463c54236f4fbee3380131b6b2aaf5e7f68c6f4d230d3e3839e8987745b52d

Request headers

Referer
https://nflodds.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 04:34:29 GMT
content-encoding
br
last-modified
Mon, 03 Jun 2024 10:01:57 GMT
server
Apache
etag
"5ce5b68-e22-619f96c6e8f40-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
904
sports-betting-min.png
nflodds.org/Images/
14 KB
14 KB
Image
General
Full URL
https://nflodds.org/Images/sports-betting-min.png
Requested by
Host: nflodds.org
URL: https://nflodds.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.237.182 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
182.237.12.198.host.secureserver.net
Software
Apache /
Resource Hash
047a9a2b117834b78ada02e75d033ae673e0fbf011813789cfef9b1898ac3957

Request headers

Referer
https://nflodds.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 04:34:29 GMT
last-modified
Sun, 12 Jun 2022 13:07:33 GMT
server
Apache
accept-ranges
bytes
etag
"5e42243-36ce-5e13fdac3af40"
content-length
14030
content-type
image/png
10813511-1610049718112
www.yceml.net/0071/
Redirect Chain
  • https://www.tqlkg.com/image-5599348-10813511
  • https://www.yceml.net/0071/10813511-1610049718112
9 KB
9 KB
Image
General
Full URL
https://www.yceml.net/0071/10813511-1610049718112
Requested by
Host: nflodds.org
URL: https://nflodds.org/
Protocol
HTTP/1.1
Server
23.216.203.96 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-216-203-96.deploy.static.akamaitechnologies.com
Software
Resin/4.0.66 /
Resource Hash
05d1282d5bf7b3030679b74f0cd9250a1588979d60ebb108bb49d4d22f26bb54

Request headers

Referer
https://nflodds.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 24 Jul 2024 04:34:30 GMT
X-VC-HTTPS
On
Cache-Control
max-age=55413
Server
Resin/4.0.66
Connection
keep-alive
Content-Length
9462
Expires
Wed, 24 Jul 2024 19:58:03 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 24 Jul 2024 04:34:30 GMT
Server
Resin/4.0.66
Content-Type
text/html; charset=utf-8
Location
https://www.yceml.net/0071/10813511-1610049718112
P3P
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-VC-HTTPS
On
Content-Length
87
Expires
Wed, 24 Jul 2024 04:34:30 GMT
javascript.php
js.commissionkings.ag/
291 B
313 B
Script
General
Full URL
https://js.commissionkings.ag/javascript.php?prefix=TsCe_9xQn92h_7RUBh20pWNd7ZgqdRLk&media=2390&campaign=102
Requested by
Host: nflodds.org
URL: https://nflodds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.190.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ZBan
Resource Hash
3d079c57a9dc87831f0a6987b58b137c2b2032bb028fcb4a8b3f1c5c090685fe

Request headers

Referer
https://nflodds.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 04:34:30 GMT
content-encoding
gzip
cf-cache-status
BYPASS
z-cache
HIT
server
cloudflare
x-powered-by
ZBan
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=0, no-cache
cf-ray
8a8132b9ee951db0-FRA
javascript.php
js.commissionkings.ag/
325 B
332 B
Script
General
Full URL
https://js.commissionkings.ag/javascript.php?prefix=TsCe_9xQn91p0Q9kx2kJbGNd7ZgqdRLk&media=226&campaign=102
Requested by
Host: nflodds.org
URL: https://nflodds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.190.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ZBan
Resource Hash
ea75590a2c69fdc55bd0c2ddda1dcc1b5d05f4feeff456138e15a5ff785f76e9

Request headers

Referer
https://nflodds.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 04:34:30 GMT
content-encoding
gzip
cf-cache-status
BYPASS
z-cache
HIT
server
cloudflare
x-powered-by
ZBan
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=0, no-cache
cf-ray
8a8132b9ee961db0-FRA
baseball.jpg
nflodds.org/Images/
11 KB
11 KB
Image
General
Full URL
https://nflodds.org/Images/baseball.jpg
Requested by
Host: nflodds.org
URL: https://nflodds.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.237.182 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
182.237.12.198.host.secureserver.net
Software
Apache /
Resource Hash
70d27e4e59b46f92714ac0f24a7cecc822f172e8e0f25f4d3540faca5c86acff

Request headers

Referer
https://nflodds.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 04:34:29 GMT
last-modified
Sun, 12 Jun 2022 13:07:33 GMT
server
Apache
accept-ranges
bytes
etag
"5e42230-2a90-5e13fdac3af40"
content-length
10896
content-type
image/jpeg
javascript.php
js.commissionkings.ag/
308 B
308 B
Script
General
Full URL
https://js.commissionkings.ag/javascript.php?prefix=TsCe_9xQn90cl0SaCFSbQ2Nd7ZgqdRLk&media=1997&campaign=1
Requested by
Host: nflodds.org
URL: https://nflodds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.190.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ZBan
Resource Hash
e2b89e8b302ce6b53261387fb30fdbfed5c320acee15be3f0234ae78582c8d66

Request headers

Referer
https://nflodds.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 04:34:30 GMT
content-encoding
gzip
cf-cache-status
BYPASS
z-cache
HIT
server
cloudflare
x-powered-by
ZBan
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=0, no-cache
cf-ray
8a8132b9ee971db0-FRA
javascript.php
js.commissionkings.ag/
314 B
318 B
Script
General
Full URL
https://js.commissionkings.ag/javascript.php?prefix=TsCe_9xQn90cl0SaCFSbQ2Nd7ZgqdRLk&media=1882&campaign=1
Requested by
Host: nflodds.org
URL: https://nflodds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.190.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ZBan
Resource Hash
d847b392a04d501f83c5ebee684f913bad5e7e550bd922127a23791be0b2abd8

Request headers

Referer
https://nflodds.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 04:34:30 GMT
content-encoding
gzip
cf-cache-status
BYPASS
z-cache
HIT
server
cloudflare
x-powered-by
ZBan
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=0, no-cache
cf-ray
8a8132b9ee9a1db0-FRA
javascript.php
js.commissionkings.ag/
330 B
461 B
Script
General
Full URL
https://js.commissionkings.ag/javascript.php?prefix=TsCe_9xQn90cl0SaCFSbQ2Nd7ZgqdRLk&media=1862&campaign=1
Requested by
Host: nflodds.org
URL: https://nflodds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.190.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ZBan
Resource Hash
dd414d07bc432d7def1ab6b51bd968ed9eacbe8af0a4dc84dd1854a5452c180f

Request headers

Referer
https://nflodds.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 04:34:30 GMT
content-encoding
gzip
cf-cache-status
BYPASS
z-cache
HIT
server
cloudflare
x-powered-by
ZBan
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=0, no-cache
cf-ray
8a8132b9ee981db0-FRA
SB_AQC_banner_728x90_LIVEBETTING.gif
media.commissionkings.ag/uploads/
30 KB
30 KB
Image
General
Full URL
https://media.commissionkings.ag/uploads/SB_AQC_banner_728x90_LIVEBETTING.gif
Requested by
Host: nflodds.org
URL: https://nflodds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.192.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1c21e97f8dba00c750ec7fa47e295e5ad3a5f26171fe999e8429847d36c3b7c

Request headers

Referer
https://nflodds.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 04:34:30 GMT
x-amz-version-id
null
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Thu, 14 Sep 2023 22:19:05 GMT
server
cloudflare
cf-polished
status=not_needed
etag
"8e473a575f40d4302bd8a059bbf12e96"
vary
Accept-Encoding
content-type
image/gif
accept-ranges
bytes
cf-ray
8a8132bb8b73925b-FRA
content-length
30464
BOL_AQC_banner_728x90_87768_NFL2.gif
media.commissionkings.ag/uploads/
31 KB
31 KB
Image
General
Full URL
https://media.commissionkings.ag/uploads/BOL_AQC_banner_728x90_87768_NFL2.gif
Requested by
Host: nflodds.org
URL: https://nflodds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.192.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bddf8020d349c45393cfbc64f98c4b10572caa7f8cf49d906a29354c3e0b38

Request headers

Referer
https://nflodds.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 04:34:30 GMT
x-amz-version-id
null
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Mon, 22 Jul 2024 15:18:09 GMT
server
cloudflare
cf-polished
origSize=33528
etag
"aaa173a229c4cd1631cd14c3c19366a6"
vary
Accept-Encoding
content-type
image/gif
accept-ranges
bytes
cf-ray
8a8132bb8b78925b-FRA
content-length
31963
flexiproduct.js
cf.bstatic.com/static/affiliate_base/js/
6 KB
3 KB
Script
General
Full URL
https://cf.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1721795670184
Requested by
Host: nflodds.org
URL: https://nflodds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:f400:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nflodds.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 03 Jul 2024 02:11:43 GMT
content-encoding
br
via
1.1 b8455bc5c5405f573b6e4da5524ee9e2.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P8
age
1822967
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 13 Jun 2022 03:41:28 GMT
server
nginx
etag
W/"62a6b1e8-1849"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
QvjpfbopIxjaXuy7rma6ZVaD_uUcsHuYq_nWLrmtOOYEpyNNR10DDQ==
expires
Fri, 02 Aug 2024 02:11:43 GMT
SB_Aff_Banners_Bank_300x250.gif
media.commissionkings.ag/uploads/
58 KB
58 KB
Image
General
Full URL
https://media.commissionkings.ag/uploads/SB_Aff_Banners_Bank_300x250.gif
Requested by
Host: nflodds.org
URL: https://nflodds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.192.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e63a8f58116ae9211de2cd079d3f9b0087e18319de32ee30f54953e7ef0a13b5

Request headers

Referer
https://nflodds.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 04:34:30 GMT
x-amz-version-id
null
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Thu, 10 Jun 2021 18:56:24 GMT
server
cloudflare
age
22
cf-polished
status=not_needed
etag
"07c278d3de8c52d71b174605e9b1a774"
vary
Accept-Encoding
content-type
image/gif
accept-ranges
bytes
cf-ray
8a8132bb8b77925b-FRA
content-length
58982
CK_SS_WK24_21_AQC_WB_B_300x250.gif
media.commissionkings.ag/uploads/
76 KB
76 KB
Image
General
Full URL
https://media.commissionkings.ag/uploads/CK_SS_WK24_21_AQC_WB_B_300x250.gif
Requested by
Host: nflodds.org
URL: https://nflodds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.192.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56579bffa875bfea42ac5ded0474ba41f0c9d4beb9aa181c8455227a77f367bb

Request headers

Referer
https://nflodds.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 04:34:30 GMT
x-amz-version-id
null
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Tue, 22 Jun 2021 16:41:15 GMT
server
cloudflare
cf-polished
origSize=80691
etag
"4fdd9023ead364c23aebff09a5133e53"
vary
Accept-Encoding
content-type
image/gif
accept-ranges
bytes
cf-ray
8a8132bb8b75925b-FRA
content-length
77931
TG_AQC_Banner_WK41_44750_Poker_300x600.gif
media.commissionkings.ag/uploads/
76 KB
76 KB
Image
General
Full URL
https://media.commissionkings.ag/uploads/TG_AQC_Banner_WK41_44750_Poker_300x600.gif
Requested by
Host: nflodds.org
URL: https://nflodds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.192.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e51ca9c794dfa6027ef206382cbd82b5a76b2358189e4f995693c933343986c

Request headers

Referer
https://nflodds.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 04:34:30 GMT
x-amz-version-id
null
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Tue, 11 Oct 2022 18:38:07 GMT
server
cloudflare
cf-polished
origSize=78782
etag
"5b7a683ba570178f4a9b78c5d3d15cc8"
vary
Accept-Encoding
content-type
image/gif
accept-ranges
bytes
cf-ray
8a8132bb8b76925b-FRA
content-length
78061
flexiproduct.html
www.booking.com/ Frame 42D9
0
0
Document
General
Full URL
https://www.booking.com/flexiproduct.html?product=banner&w=300&h=250&lang=en&aid=2117704&target_aid=2117704&banner_id=103455&tmpl=affiliate_banner&fid=1721795670246&
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1721795670184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-7.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nflodds.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
private
content-encoding
br
content-length
1126
content-type
text/html; charset=UTF-8
date
Wed, 24 Jul 2024 04:34:30 GMT
nel
{"max_age":604800,"report_to":"default"}
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":604800,"group":"default"}
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding, User-Agent
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-id
axmKzAAne9nKu8_z00TYRkLcEikzniubePHw_how6RIfI3aFQ5_0JQ==
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Palm-tree.ico
nflodds.org/
315 B
388 B
Other
General
Full URL
https://nflodds.org/Palm-tree.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.237.182 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
182.237.12.198.host.secureserver.net
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer
https://nflodds.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 04:34:30 GMT
server
Apache
content-length
315
content-type
text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| _i_ function| _r_ object| BookingAff

1 Cookies

Domain/Path Name / Value
.booking.com/ Name: bkng
Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhDMSfLvcMG2VE2TMBtoHts6UpVCjcCLj43v1oovvpg60m4WQfiqeNfS8sppu9%2FFlwI9dIpaBbgRf3FDbB178LJFa4BDJXE6uyDB2C7zYIHxIu%2FgeoLvwnNB3bES3i8lyGUMZ2CPsvbJkwnYGna6IfQp

3 Console Messages

Source Level URL
Text
security warning URL: https://nflodds.org/#college-football
Message:
Mixed Content: The page at 'https://nflodds.org/#college-football' was loaded over HTTPS, but requested an insecure element 'http://www.tqlkg.com/image-5599348-10813511'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nflodds.org/#college-football(Line 92)
Message:
Mixed Content: The page at 'https://nflodds.org/#college-football' was loaded over HTTPS, but requested an insecure element 'http://www.tqlkg.com/image-5599348-10813511'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://nflodds.org/Palm-tree.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cf.bstatic.com
collegefootballdiscounttickets.nflodds.org
js.commissionkings.ag
media.commissionkings.ag
nflodds.org
www.booking.com
www.tqlkg.com
www.yceml.net
104.18.190.136
104.18.192.136
18.245.60.7
198.12.237.182
23.216.203.96
2600:9000:266e:f400:5:bf05:acc0:93a1
3.33.251.168
89.207.16.75
047a9a2b117834b78ada02e75d033ae673e0fbf011813789cfef9b1898ac3957
05d1282d5bf7b3030679b74f0cd9250a1588979d60ebb108bb49d4d22f26bb54
3d079c57a9dc87831f0a6987b58b137c2b2032bb028fcb4a8b3f1c5c090685fe
56579bffa875bfea42ac5ded0474ba41f0c9d4beb9aa181c8455227a77f367bb
6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90
70d27e4e59b46f92714ac0f24a7cecc822f172e8e0f25f4d3540faca5c86acff
79bddf8020d349c45393cfbc64f98c4b10572caa7f8cf49d906a29354c3e0b38
8e51ca9c794dfa6027ef206382cbd82b5a76b2358189e4f995693c933343986c
98463c54236f4fbee3380131b6b2aaf5e7f68c6f4d230d3e3839e8987745b52d
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d847b392a04d501f83c5ebee684f913bad5e7e550bd922127a23791be0b2abd8
dd414d07bc432d7def1ab6b51bd968ed9eacbe8af0a4dc84dd1854a5452c180f
e1c21e97f8dba00c750ec7fa47e295e5ad3a5f26171fe999e8429847d36c3b7c
e2b89e8b302ce6b53261387fb30fdbfed5c320acee15be3f0234ae78582c8d66
e63a8f58116ae9211de2cd079d3f9b0087e18319de32ee30f54953e7ef0a13b5
ea75590a2c69fdc55bd0c2ddda1dcc1b5d05f4feeff456138e15a5ff785f76e9
fe5314216b309a383f5281606bf967c0c4d09f7071fe6c674cd9d25058aaca73