nrk-nor.com Open in urlscan Pro
2606:4700:3032::681b:8e3f Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://uxerr.com/link/ee593efac51bf72edcd12a2efc6d9b60/fd76bbd27b58031fffdf2814e3e01565
Effective URL:
http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe187268...
Submission: On April 08 via manual (April 8th 2020, 1:57:34 pm UTC) from IN

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3032::681b:8e3f, located in United States and belongs to CLOUDFLARENET, US. The main domain is nrk-nor.com.

This is the only time nrk-nor.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Investment Scam (Online) Lion's Den Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	51.15.54.220 51.15.54.220	12876 (Online SAS) (Online SAS)
1 28	2606:4700:303... 2606:4700:3032::681b:8e3f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2

1 51.15.54.220 (Haarlem, Netherlands) 1 redirects

ASN12876 (Online SAS, FR)
PTR: uxerr.com

uxerr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:3032::681b:8e3f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nrk-nor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	nrk-nor.com 1 redirects nrk-nor.com	1 MB
1	uxerr.com 1 redirects uxerr.com	1 KB
0	nepreland.com Failed nepreland.com Failed
28	3

	Domain	Requested by
28	nrk-nor.com	1 redirects nrk-nor.com
1	uxerr.com	1 redirects
0	nepreland.com Failed	nrk-nor.com
28	3

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401
Frame ID: 447967B67359C8542096D9514856BF5E
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://uxerr.com/link/ee593efac51bf72edcd12a2efc6d9b60/fd76bbd27b58031fffdf2814e3e01565 HTTP 302
http://nrk-nor.com/gopre/a8b0fcef262e4e95a728d675d944f1b0/PRLND5e7b6bdb8cfca2.70874375/s1=50f73... HTTP 302
http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6... Page URL

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

28
Requests

0 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

1410 kB
Transfer

1651 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://uxerr.com/link/ee593efac51bf72edcd12a2efc6d9b60/fd76bbd27b58031fffdf2814e3e01565 HTTP 302
http://nrk-nor.com/gopre/a8b0fcef262e4e95a728d675d944f1b0/PRLND5e7b6bdb8cfca2.70874375/s1=50f73b35a8b84f6cdbc686a18f7dda5e&s2=fd76bbd27b58031fffdf2814e3e01565&s3=34_604571 HTTP 302
http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.php Show response nrk-nor.com/prelander/495_1/ Redirect Chain http://uxerr.com/link/ee593efac51bf72edcd12a2efc6d9b60/fd76bbd27b58031fffdf2814e3e01565 http://nrk-nor.com/gopre/a8b0fcef262e4e95a728d675d944f1b0/PRLND5e7b6bdb8cfca2.70874375/s1=50f73b35a8b84f6cdbc686a18f7dda5e&s2=fd76bbd27b58031fffdf2814e3e01565&s3=34_604571 http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401	102 KB 20 KB	122ms 122ms	Document text/html	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.6 Resource Hash `67a970a9e547bfe94efef4615b9aac78193352ec650fa1317e16c8d36a3acda9` Request headers Host nrk-nor.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Cookie __cfduid=d97d9a52e3e36029b198da572353b18ca1586354216; PHPSESSID=aqe3enfmki59c29hbgo49goj8l; XSRF-TOKEN=eyJpdiI6IjNcLzdDbXdmRXBSXC9DeVVKazUyeFVjUT09IiwidmFsdWUiOiIzaHgxNTR1QjFPSkxEMnRSTG9nbkk2eHRrVVdqZElnUU5zUFBLck9zNTY4YmpxYXFackdvd250VUxuY3lZYU5iIiwibWFjIjoiY2U5NDYyOTZkZDIwMDIzNjc2ZDRiZTlkYTE4YTBlY2M3OWExNjJkYThhZWI1YzQ3OWU3MDk2NDZiN2RiMzcyZiJ9; laravel_session=eyJpdiI6IjNzbHhmb0hYbHBUWDJqYjl4R20xTEE9PSIsInZhbHVlIjoidjJQUUdtWXdqXC9EQVpGaEtaVXZPQ1wvbzArTTkwcTNLSlhcL0o4NzF0UWlnT2FnRUhMaEhCTituSUlkclV2ekM1RCIsIm1hYyI6Ijg1YzE2YzU5NmRkYmE3NzQzNzQxZTkyMWJlOTE5NWExYzAwNWY3MzE0Yzk1MTgxMDY1M2Q0MWEwN2NiZDkxMTUifQ%3D%3D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/7.2.6 X-Varnish 1443134 Age 0 Via 1.1 varnish-v4 CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 580c7ea06b5a6395-FRA Content-Encoding gzip Redirect headers Date Wed, 08 Apr 2020 13:56:57 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d97d9a52e3e36029b198da572353b18ca1586354216; expires=Fri, 08-May-20 13:56:56 GMT; path=/; domain=.nrk-nor.com; HttpOnly; SameSite=Lax PHPSESSID=aqe3enfmki59c29hbgo49goj8l; path=/ XSRF-TOKEN=eyJpdiI6IjNcLzdDbXdmRXBSXC9DeVVKazUyeFVjUT09IiwidmFsdWUiOiIzaHgxNTR1QjFPSkxEMnRSTG9nbkk2eHRrVVdqZElnUU5zUFBLck9zNTY4YmpxYXFackdvd250VUxuY3lZYU5iIiwibWFjIjoiY2U5NDYyOTZkZDIwMDIzNjc2ZDRiZTlkYTE4YTBlY2M3OWExNjJkYThhZWI1YzQ3OWU3MDk2NDZiN2RiMzcyZiJ9; expires=Wed, 08-Apr-2020 16:33:21 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IjNzbHhmb0hYbHBUWDJqYjl4R20xTEE9PSIsInZhbHVlIjoidjJQUUdtWXdqXC9EQVpGaEtaVXZPQ1wvbzArTTkwcTNLSlhcL0o4NzF0UWlnT2FnRUhMaEhCTituSUlkclV2ekM1RCIsIm1hYyI6Ijg1YzE2YzU5NmRkYmE3NzQzNzQxZTkyMWJlOTE5NWExYzAwNWY3MzE0Yzk1MTgxMDY1M2Q0MWEwN2NiZDkxMTUifQ%3D%3D; expires=Wed, 08-Apr-2020 16:33:21 GMT; Max-Age=7200; path=/; httponly X-Powered-By PHP/7.2.6 Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, no-cache, private Pragma no-cache Location http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 X-Varnish 1443131 Age 0 Via 1.1 varnish-v4 CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 580c7e9e69d86395-FRA
GET H/1.1	200 OK	css.css nrk-nor.com/prelander/495_1/css/	116 KB 20 KB	39ms 33ms	Stylesheet text/css	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://nrk-nor.com/prelander/495_1/css/css.css Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `52fe4cf454ce49121688323fabb4111ead038790c0221de78b44864b86a5b4ac` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:13 GMT Server cloudflare Age 6129 ETag W/"1d0c6-5a11d47c1ca7d" Vary Accept-Encoding X-Varnish 3015894 Content-Type text/css Content-Encoding gzip Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 580c7ea13beddfcf-FRA
GET H/1.1	200 OK	intlTelInput.min.css nrk-nor.com/prelander/495_1/css/	18 KB 3 KB	29ms 23ms	Stylesheet text/css	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://nrk-nor.com/prelander/495_1/css/intlTelInput.min.css Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `08781faa483ed45947b94414cc365589e7a41c22989eb452372d64d93ae4c114` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:13 GMT Server cloudflare Age 6129 ETag W/"4704-5a11d47c62b95" Vary Accept-Encoding X-Varnish 2360328 Content-Type text/css Content-Encoding gzip Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 580c7ea13e2997d2-FRA
GET H/1.1	200 OK	jquery.min.js Show response nrk-nor.com/prelander/495_1/js/	86 KB 30 KB	30ms 24ms	Script application/javascript	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://nrk-nor.com/prelander/495_1/js/jquery.min.js Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:32 GMT Server cloudflare Age 6129 ETag W/"15851-5a11d48e639c6" Vary Accept-Encoding X-Varnish 4850244 Content-Type application/javascript Content-Encoding gzip Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 580c7ea13ce1d6b1-FRA
GET H/1.1	200 OK	logo.png nrk-nor.com/prelander/495_1/images/	6 KB 6 KB	28ms 22ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/logo.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `abfcb1683ba86df7a394fa39d6691eb207910eba690609687009a06e671c720e` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:24 GMT Server cloudflare Age 6129 ETag "1688-5a11d486d2d7e" Vary Accept-Encoding X-Varnish 1999439 Content-Type image/png Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea13a3e634d-FRA Content-Length 5768
GET H/1.1	200 OK	cegrc1o7f3llvodpyray.jpg nrk-nor.com/prelander/495_1/images/	18 KB 18 KB	30ms 24ms	Image image/jpeg	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/cegrc1o7f3llvodpyray.jpg Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f462d3a1e8980262d49048bba0c93026ddb913f5d6aaf143ccc24eca599a8bb9` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:16 GMT Server cloudflare Age 6129 ETag "4768-5a11d47f34675" Vary Accept-Encoding X-Varnish 5308529 Content-Type image/jpeg Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea13a6fc2e5-FRA Content-Length 18280
GET H/1.1	200 OK	jgc2qdsl7f0wbpyk9nap.jpg nrk-nor.com/prelander/495_1/images/	212 KB 213 KB	23ms 22ms	Image image/jpeg	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/jgc2qdsl7f0wbpyk9nap.jpg Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `460d40afe453c437dd71cde2c17dc53a178871476ff78b629bfce0ef7d9a7b23` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:21 GMT Server cloudflare Age 6129 ETag "351d2-5a11d48351a06" Vary Accept-Encoding X-Varnish 4885274 Content-Type image/jpeg Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea16a59634d-FRA Content-Length 217554
GET H/1.1	200 OK	jwccfgscfkwc894gdtcg.jpg nrk-nor.com/prelander/495_1/images/	54 KB 54 KB	16ms 16ms	Image image/jpeg	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/jwccfgscfkwc894gdtcg.jpg Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `468aea9e62bd52ee4fc4d480b8a323429278d25dacd57e0723d5a5b914c52c7a` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:22 GMT Server cloudflare Age 6129 ETag "d6e6-5a11d4851393e" Vary Accept-Encoding X-Varnish 1999392 Content-Type image/jpeg Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea16aedc2e5-FRA Content-Length 55014
GET H/1.1	200 OK	dyxpm6j17qfnmnhj9rdc.jpg nrk-nor.com/prelander/495_1/images/	146 KB 146 KB	17ms 16ms	Image image/jpeg	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/dyxpm6j17qfnmnhj9rdc.jpg Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2734afde9c73e70b3786d0aeaee5568550c8d2c16f79b741bcae8cbf6e4d0543` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:19 GMT Server cloudflare Age 6129 ETag "24644-5a11d481eb3a6" Vary Accept-Encoding X-Varnish 5112325 Content-Type image/jpeg Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea18b4fc2e5-FRA Content-Length 149060
GET H/1.1	200 OK	xjfu04hzwv1fubhhu6l7.jpg nrk-nor.com/prelander/495_1/images/	82 KB 82 KB	26ms 25ms	Image image/jpeg	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/xjfu04hzwv1fubhhu6l7.jpg Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f6bd6a6b49896da68970bd62dc8c05c2de2e82b70862894950ffc937fa80793e` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:30 GMT Server cloudflare Age 6129 ETag "14794-5a11d48c65d86" Vary Accept-Encoding X-Varnish 5275902 Content-Type image/jpeg Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea18cd0dfcf-FRA Content-Length 83860
GET H/1.1	200 OK	ulprhvedsgozq6r6gy8t.jpg nrk-nor.com/prelander/495_1/images/	91 KB 92 KB	14ms 12ms	Image image/jpeg	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/ulprhvedsgozq6r6gy8t.jpg Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bf5189504db2989e3793ea49c8896d16257f1c7c4e3ae1764e6b25e946c33ea2` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:27 GMT Server cloudflare Age 6129 ETag "16d5e-5a11d489a214e" Vary Accept-Encoding X-Varnish 5275905 Content-Type image/jpeg Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea18d93d6b1-FRA Content-Length 93534
GET H/1.1	200 OK	l4tebgz5cuohroqtccyi.jpg nrk-nor.com/prelander/495_1/images/	96 KB 97 KB	14ms 13ms	Image image/jpeg	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/l4tebgz5cuohroqtccyi.jpg Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `41df49a648ccd2386a5e32c674dc5979c069ec87359fb60aaec80eabec26c614` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:23 GMT Server cloudflare Age 6129 ETag "18179-5a11d48572cae" Vary Accept-Encoding X-Varnish 4343899 Content-Type image/jpeg Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea18e6697d2-FRA Content-Length 98681
GET		opensans-bold.html nepreland.com/de/bipy/blog281/	0 0

GET H/1.1	200 OK	Step_1_Screenshot.png nrk-nor.com/prelander/495_1/images/	41 KB 41 KB	14ms 13ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/Step_1_Screenshot.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `13264bfcbeae75e4176f8a3f899c79f3c537975e6dfdd197d4ff415a32196dc4` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Mon, 30 Mar 2020 11:33:28 GMT Server cloudflare Age 6129 ETag "a330-5a210d1e2f8fa" Vary Accept-Encoding X-Varnish 5275908 Content-Type image/png Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea1ddcfdfcf-FRA Content-Length 41776
GET H/1.1	200 OK	loading.gif nrk-nor.com/prelander/495_1/images/	3 KB 4 KB	17ms 16ms	Image image/gif	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/loading.gif Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:24 GMT Server cloudflare Age 6129 ETag "c88-5a11d4863b79e" Vary Accept-Encoding X-Varnish 4885283 Content-Type image/gif Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea1dc706395-FRA Content-Length 3208
GET H/1.1	200 OK	cta2.png nrk-nor.com/prelander/495_1/images/	134 KB 135 KB	15ms 14ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/cta2.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4623730049c816f0eeeea0723b92c16b2803cfa1fca1324efbd4af777af8865` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:18 GMT Server cloudflare Age 6129 ETag "218d3-5a11d480858fd" Vary Accept-Encoding X-Varnish 7149507 Content-Type image/png Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea1dc5fc2e5-FRA Content-Length 137427
GET H/1.1	200 OK	cta3.png nrk-nor.com/prelander/495_1/images/	124 KB 124 KB	13ms 12ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/cta3.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5c3c295be8433cc36713bdfe3abe88546ac4b1dec7ba1fc1f264a0334d8a5265` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:18 GMT Server cloudflare Age 6129 ETag "1efc9-5a11d4810c53e" Vary Accept-Encoding X-Varnish 66676 Content-Type image/png Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea1dea997d2-FRA Content-Length 126921
GET H/1.1	200 OK	l7kp6sagzvgjamrhi0w8.png nrk-nor.com/prelander/495_1/images/	34 KB 34 KB	14ms 12ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/l7kp6sagzvgjamrhi0w8.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5adbed9d75481c04641b70a78519079b1aa08150757ee14f7c84327356e73b1f` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:23 GMT Server cloudflare Age 6129 ETag "8848-5a11d4860a676" Vary Accept-Encoding X-Varnish 4885289 Content-Type image/png Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea1de73d6b1-FRA Content-Length 34888
GET H/1.1	200 OK	ainicniusbw2nyx3hlfi.png nrk-nor.com/prelander/495_1/images/	34 KB 35 KB	26ms 25ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/ainicniusbw2nyx3hlfi.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3dde975bef15653e64134deee5e1dd5220720f5ecb8fc26adc38f63b6cb57226` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:16 GMT Server cloudflare Age 6129 ETag "8945-5a11d47efcbd5" Vary Accept-Encoding X-Varnish 2360331 Content-Type image/png Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea1dabe634d-FRA Content-Length 35141
GET H/1.1	200 OK	xo0rgoorgbynpgw4kyqp.png nrk-nor.com/prelander/495_1/images/	38 KB 38 KB	14ms 13ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/xo0rgoorgbynpgw4kyqp.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e5f99941f717ee56ec795c58e4c73d8f72d15494deb92d94894e2f0ea0f47b7e` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:29 GMT Server cloudflare Age 6129 ETag "97f6-5a11d48b3cf86" Vary Accept-Encoding X-Varnish 4850256 Content-Type image/png Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea1fe05dfcf-FRA Content-Length 38902
GET H/1.1	200 OK	ooo3goob2pv5nlmdwwas.png nrk-nor.com/prelander/495_1/images/	25 KB 26 KB	21ms 20ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/ooo3goob2pv5nlmdwwas.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1b7e0a2736aeb5f656f8b9cc2fda4b3eb2ea212d2f344dae9b7792136c9c5562` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:26 GMT Server cloudflare Age 6129 ETag "6476-5a11d4887d99e" Vary Accept-Encoding X-Varnish 4343908 Content-Type image/png Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea1fea9d6b1-FRA Content-Length 25718
GET H/1.1	200 OK	jfn5vt9dszilcurtwjlo.png nrk-nor.com/prelander/495_1/images/	37 KB 37 KB	15ms 14ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/jfn5vt9dszilcurtwjlo.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `494a3efdafd5407a5a88d922f5a4a72d71ac2f3ad8f3f9fe607f8cf89314dfa1` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:20 GMT Server cloudflare Age 6129 ETag "93e3-5a11d482ca9de" Vary Accept-Encoding X-Varnish 5440544 Content-Type image/png Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea1fec897d2-FRA Content-Length 37859
GET H/1.1	200 OK	wy3fkittrrlvgut3odp2.png nrk-nor.com/prelander/495_1/images/	34 KB 35 KB	74ms 74ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/wy3fkittrrlvgut3odp2.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `54e408290bafacaad2eaf0b17ec04ecf29ae7333a69784730a1af7d749b3c4a9` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:28 GMT Server cloudflare Age 6129 ETag "88a3-5a11d48a3f4ee" Vary Accept-Encoding X-Varnish 66679 Content-Type image/png Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea1fcb5c2e5-FRA Content-Length 34979
GET H/1.1	200 OK	kdsy10yyahownwemccbo.png nrk-nor.com/prelander/495_1/images/	30 KB 31 KB	18ms 17ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/kdsy10yyahownwemccbo.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b8ff47c69f9495e6ea65471b668c7d0145a9b2122aa780087cd59ca4ef8644b5` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:22 GMT Server cloudflare Age 6129 ETag "79a4-5a11d4844b61e" Vary Accept-Encoding X-Varnish 4885292 Content-Type image/png Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea1fc8a6395-FRA Content-Length 31140
GET H/1.1	200 OK	checkmark.png nrk-nor.com/prelander/495_1/images/	341 B 739 B	18ms 17ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/checkmark.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:17 GMT Server cloudflare Age 6129 ETag "155-5a11d47fbf905" Vary Accept-Encoding X-Varnish 3015900 Content-Type image/png Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea20ae6634d-FRA Content-Length 341
GET H/1.1	200 OK	prod.jpg nrk-nor.com/prelander/495_1/images/	59 KB 60 KB	14ms 14ms	Image image/jpeg	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/prod.jpg Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `072616d23670d9d44a168b21236e9d6bf344a05459601971afb906dead0c1205` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:26 GMT Server cloudflare Age 6129 ETag "ecbd-5a11d488bec96" Vary Accept-Encoding X-Varnish 5275917 Content-Type image/jpeg Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea20e37dfcf-FRA Content-Length 60605
GET H/1.1	200 OK	n4donflljypzf0jwaysp.png nrk-nor.com/prelander/495_1/images/	18 KB 18 KB	12ms 12ms	Image image/png	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/n4donflljypzf0jwaysp.png Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `18f964969c482859c4aaa2aec0b97e478485cc368a7f8e07579e82be930aabe4` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:25 GMT Server cloudflare Age 6129 ETag "4746-5a11d48794b0e" Vary Accept-Encoding X-Varnish 4850259 Content-Type image/png Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea20ee197d2-FRA Content-Length 18246
GET H/1.1	200 OK	hiqtte24snwgkglyozuw.jpg nrk-nor.com/prelander/495_1/images/	11 KB 12 KB	13ms 12ms	Image image/jpeg	2606:4700:3032::681b:8e3f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nrk-nor.com/prelander/495_1/images/hiqtte24snwgkglyozuw.jpg Requested by Host: nrk-nor.com URL: http://nrk-nor.com/prelander/495_1/index.php?gs=tag5e8de0b11e4ff6.22300629&prehit=31d67a0c387f6d7113e35ea12fe1872686328368&s2=fd76bbd27b58031fffdf2814e3e01565&oq=1586356401 Protocol HTTP/1.1 Server 2606:4700:3032::681b:8e3f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ca783fcc65d1ba104e19854f40695c8edad38a43f24809007af1177e79d41b31` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 08 Apr 2020 13:56:57 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT Last-Modified Wed, 18 Mar 2020 09:00:19 GMT Server cloudflare Age 6129 ETag "2d9c-5a11d481d05f6" Vary Accept-Encoding X-Varnish 4850150 Content-Type image/jpeg Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 580c7ea21ca16395-FRA Content-Length 11676

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nepreland.com
URL: https://nepreland.com/de/bipy/blog281/opensans-bold.html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Investment Scam (Online) Lion's Den Scam (Online)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nrk-nor.com/	1970-01-19 08:39:21	Name: XSRF-TOKEN Value: eyJpdiI6IjNcLzdDbXdmRXBSXC9DeVVKazUyeFVjUT09IiwidmFsdWUiOiIzaHgxNTR1QjFPSkxEMnRSTG9nbkk2eHRrVVdqZElnUU5zUFBLck9zNTY4YmpxYXFackdvd250VUxuY3lZYU5iIiwibWFjIjoiY2U5NDYyOTZkZDIwMDIzNjc2ZDRiZTlkYTE4YTBlY2M3OWExNjJkYThhZWI1YzQ3OWU3MDk2NDZiN2RiMzcyZiJ9
nrk-nor.com/	1970-01-19 08:39:21	Name: laravel_session Value: eyJpdiI6IjNzbHhmb0hYbHBUWDJqYjl4R20xTEE9PSIsInZhbHVlIjoidjJQUUdtWXdqXC9EQVpGaEtaVXZPQ1wvbzArTTkwcTNLSlhcL0o4NzF0UWlnT2FnRUhMaEhCTituSUlkclV2ekM1RCIsIm1hYyI6Ijg1YzE2YzU5NmRkYmE3NzQzNzQxZTkyMWJlOTE5NWExYzAwNWY3MzE0Yzk1MTgxMDY1M2Q0MWEwN2NiZDkxMTUifQ%3D%3D
nrk-nor.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: aqe3enfmki59c29hbgo49goj8l
.nrk-nor.com/	1970-01-19 09:22:26	Name: __cfduid Value: d97d9a52e3e36029b198da572353b18ca1586354216

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nepreland.com
nrk-nor.com
uxerr.com
nepreland.com
2606:4700:3032::681b:8e3f
51.15.54.220
072616d23670d9d44a168b21236e9d6bf344a05459601971afb906dead0c1205
08781faa483ed45947b94414cc365589e7a41c22989eb452372d64d93ae4c114
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
13264bfcbeae75e4176f8a3f899c79f3c537975e6dfdd197d4ff415a32196dc4
18f964969c482859c4aaa2aec0b97e478485cc368a7f8e07579e82be930aabe4
1b7e0a2736aeb5f656f8b9cc2fda4b3eb2ea212d2f344dae9b7792136c9c5562
2734afde9c73e70b3786d0aeaee5568550c8d2c16f79b741bcae8cbf6e4d0543
3dde975bef15653e64134deee5e1dd5220720f5ecb8fc26adc38f63b6cb57226
41df49a648ccd2386a5e32c674dc5979c069ec87359fb60aaec80eabec26c614
460d40afe453c437dd71cde2c17dc53a178871476ff78b629bfce0ef7d9a7b23
468aea9e62bd52ee4fc4d480b8a323429278d25dacd57e0723d5a5b914c52c7a
494a3efdafd5407a5a88d922f5a4a72d71ac2f3ad8f3f9fe607f8cf89314dfa1
52fe4cf454ce49121688323fabb4111ead038790c0221de78b44864b86a5b4ac
54e408290bafacaad2eaf0b17ec04ecf29ae7333a69784730a1af7d749b3c4a9
5adbed9d75481c04641b70a78519079b1aa08150757ee14f7c84327356e73b1f
5c3c295be8433cc36713bdfe3abe88546ac4b1dec7ba1fc1f264a0334d8a5265
67a970a9e547bfe94efef4615b9aac78193352ec650fa1317e16c8d36a3acda9
abfcb1683ba86df7a394fa39d6691eb207910eba690609687009a06e671c720e
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
b8ff47c69f9495e6ea65471b668c7d0145a9b2122aa780087cd59ca4ef8644b5
bf5189504db2989e3793ea49c8896d16257f1c7c4e3ae1764e6b25e946c33ea2
ca783fcc65d1ba104e19854f40695c8edad38a43f24809007af1177e79d41b31
e5f99941f717ee56ec795c58e4c73d8f72d15494deb92d94894e2f0ea0f47b7e
e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8
f4623730049c816f0eeeea0723b92c16b2803cfa1fca1324efbd4af777af8865
f462d3a1e8980262d49048bba0c93026ddb913f5d6aaf143ccc24eca599a8bb9
f6bd6a6b49896da68970bd62dc8c05c2de2e82b70862894950ffc937fa80793e

nrk-nor.com Open in urlscan Pro 2606:4700:3032::681b:8e3f Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

0 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

1410 kBTransfer

1651 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

nrk-nor.com Open in urlscan Pro
2606:4700:3032::681b:8e3f Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

0 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

1410 kB
Transfer

1651 kB
Size

4
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!