www.norblaohipkodsumimit.cyou Open in urlscan Pro
172.67.219.159 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.norblaohipkodsumimit.cyou/
Submission: On November 22 via api (November 22nd 2024, 11:26:25 am UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 172.67.219.159, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.norblaohipkodsumimit.cyou.
TLS certificate: Issued by WE1 on November 8th 2024. Valid for: 3 months.

This is the only time www.norblaohipkodsumimit.cyou was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	172.67.219.159 172.67.219.159	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
4	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
12	3

7 172.67.219.159 (United States)

ASN13335 (CLOUDFLARENET, US)

www.norblaohipkodsumimit.cyou	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	norblaohipkodsumimit.cyou www.norblaohipkodsumimit.cyou	554 KB
4	gstatic.com fonts.gstatic.com	138 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
12	3

	Domain	Requested by
7	www.norblaohipkodsumimit.cyou	www.norblaohipkodsumimit.cyou
4	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.norblaohipkodsumimit.cyou
12	3

This site contains no links.

Subject Issuer	Validity	Valid
norblaohipkodsumimit.cyou WE1	`2024-11-08` - `2025-02-06`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.norblaohipkodsumimit.cyou/
Frame ID: 2267B1A99F2E2C9B922D16E1E1F1D549
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Budgeting Basics Clarified - Excelling in Your Financial Strategy Online Course / NxtGenLeap

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

12
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

694 kB
Transfer

1188 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
www.norblaohipkodsumimit.cyou/ 449 KB
26 KB 695ms
79ms Document
text/html 172.67.219.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.norblaohipkodsumimit.cyou/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.219.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b09c446ae15ff1fea2493ca30ceaeecb99ec509e93822d4826001332b76d2c4d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e68904738a34d3e-FRA
content-encoding: zstd
content-type: text/html
date: Fri, 22 Nov 2024 11:26:16 GMT
last-modified: Tue, 12 Nov 2024 08:44:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9AK775hO%2FkXS%2BQQQW2haKA8Aom6VrpCNxoIyTxD%2B4BnAdFMy2q%2FEpdUrahOFuXZETD58Hfj%2Bupqnu%2BKiJeaaolNblWuezsyEybFMLbPd4shyTNB95dzSVvQ5fuYKXE%2B3WnfeUc9%2FoISNXOlBHAVNbg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=11615&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4200&recv_bytes=4543&delivery_rate=527&cwnd=12000&unsent_bytes=0&cid=9d5373ccc31bea91&ts=605&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 16 KB
1 KB 615ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Requested by

Host: www.norblaohipkodsumimit.cyou
URL: https://www.norblaohipkodsumimit.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be3fe55543f758d8432ed5dfa6afbe9b79b226231c1a6ff6dcaefac0b2917bfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norblaohipkodsumimit.cyou/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 11:26:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 11:26:16 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 22 Nov 2024 10:13:20 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 global-theme.css
www.norblaohipkodsumimit.cyou/media/css_library/ 44 KB
7 KB 70ms
69ms Stylesheet
text/css 172.67.219.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.norblaohipkodsumimit.cyou/media/css_library/global-theme.css
Requested by: Host: www.norblaohipkodsumimit.cyou
URL: https://www.norblaohipkodsumimit.cyou/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.219.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e7ed2222aeca82dde833447ac0c11572b001b734279837a73dd13e849b14473

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norblaohipkodsumimit.cyou/

Response headers

cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"67331569-af4f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jobgi94BMIxd6QtnfygHroaCEf2FOanWRXpZna295gfO718hoSSWSn9m1UyAp4pwUDs0tZ%2BE4BzAdVBUxlJpVKBIG60Wo7qtu%2FLqqTzjB16kuDpFKIrEm86tXKswhxyAaCDX33JVS3mSN8g1iCy4Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e68904859be4d3e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9926&sent=41&recv=26&lost=0&retrans=0&sent_bytes=31211&recv_bytes=5485&delivery_rate=1491724&cwnd=12000&unsent_bytes=0&cid=9d5373ccc31bea91&ts=770&x=1", cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 11:26:16 GMT
content-type: text/css
last-modified: Tue, 12 Nov 2024 08:44:25 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 aM6zWh.jpg
www.norblaohipkodsumimit.cyou/image_bank/ 146 KB
147 KB 114ms
109ms Image
image/jpeg 172.67.219.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.norblaohipkodsumimit.cyou/image_bank/aM6zWh.jpg
Requested by: Host: www.norblaohipkodsumimit.cyou
URL: https://www.norblaohipkodsumimit.cyou/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.219.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76d11e70091b70fe667c76f14912f1648fd67f28eb994e1d778891e2d9b56c14

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norblaohipkodsumimit.cyou/

Response headers

cf-cache-status: MISS
etag: "67331568-2486f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B8ZKIjff7zd8d7EU0Bw48EhCSPOHp%2FLqB2mXBM9Hho43VrpK7QJCg6tlDM3F3%2BQLhDnnDi4TAGEtkVkPScc25KdpiyCeOfnSh8s3UBAgOVa0toJOD2zPdl2Qb34uaMzGch1It2%2FgZx%2Fn5laZvCeFTg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9101&sent=58&recv=33&lost=0&retrans=0&sent_bytes=50120&recv_bytes=7075&delivery_rate=102074&cwnd=12000&unsent_bytes=0&cid=9d5373ccc31bea91&ts=2048&x=1", cfHdrFlush;dur=8
date: Fri, 22 Nov 2024 11:26:17 GMT
content-type: image/jpeg
last-modified: Tue, 12 Nov 2024 08:44:24 GMT
vary: Accept-Encoding
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e6890502a104d3e-FRA
accept-ranges: bytes
content-length: 149615
server: cloudflare

GET
H3 200 geA41.jpg
www.norblaohipkodsumimit.cyou/image_bank/ 141 KB
141 KB 101ms
97ms Image
image/jpeg 172.67.219.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.norblaohipkodsumimit.cyou/image_bank/geA41.jpg
Requested by: Host: www.norblaohipkodsumimit.cyou
URL: https://www.norblaohipkodsumimit.cyou/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.219.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61916f6dd8237bb4139ee6472dc5f2146dc2e2f515c1c4abf19c65e07a6b20ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norblaohipkodsumimit.cyou/

Response headers

cf-cache-status: MISS
etag: "67331568-23300"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2vR1uGjxIDYp5ByM8U%2FkAErG1NuO0cSSrSct6%2FYt1UhJcgWYphEyv%2FjJsdIpcufD8ZDPD5QlYCLoFK69d6%2BFXCCZTgBLsTaJyDo23eXCkiYX34cVG2kY%2B3mk38cbRupIOdjLCdt3%2FlKwQm2XZv0KLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9101&sent=48&recv=33&lost=0&retrans=0&sent_bytes=38120&recv_bytes=7075&delivery_rate=102074&cwnd=12000&unsent_bytes=0&cid=9d5373ccc31bea91&ts=2022&x=1", cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 11:26:17 GMT
content-type: image/jpeg
last-modified: Tue, 12 Nov 2024 08:44:24 GMT
vary: Accept-Encoding
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e6890502a114d3e-FRA
accept-ranges: bytes
content-length: 144128
server: cloudflare

GET
H3 200 RceBJMaT.jpg
www.norblaohipkodsumimit.cyou/image_bank/ 152 KB
152 KB 142ms
139ms Image
image/jpeg 172.67.219.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.norblaohipkodsumimit.cyou/image_bank/RceBJMaT.jpg
Requested by: Host: www.norblaohipkodsumimit.cyou
URL: https://www.norblaohipkodsumimit.cyou/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.219.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1660d89004f316b34747a2e8cf493d674a87730454807f988b9fadc5af55723

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norblaohipkodsumimit.cyou/

Response headers

cf-cache-status: MISS
etag: "67331568-25e7c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pKXQGz%2B2Lnx6f74uN47UWLYT3%2FQ9s8SO4S%2BbQ%2BQ9mb5y5JsVIEa95tFi3kfN9qf7YTSprqXHF4I5c6rAqxKB2qjo7Gy7p2cmrTSnsgsRDcYq5pxuzGuM2PkwTaw%2BDvmPIfaz0WWbumbvRc4XsogE1w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9101&sent=58&recv=33&lost=0&retrans=0&sent_bytes=50120&recv_bytes=7075&delivery_rate=102074&cwnd=12000&unsent_bytes=0&cid=9d5373ccc31bea91&ts=2027&x=1", cfHdrFlush;dur=29
date: Fri, 22 Nov 2024 11:26:17 GMT
content-type: image/jpeg
last-modified: Tue, 12 Nov 2024 08:44:24 GMT
vary: Accept-Encoding
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e6890502a124d3e-FRA
accept-ranges: bytes
content-length: 155260
server: cloudflare

GET
H3 200 LpS8vj.jpg
www.norblaohipkodsumimit.cyou/media/participants/ 75 KB
76 KB 149ms
146ms Image
image/jpeg 172.67.219.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.norblaohipkodsumimit.cyou/media/participants/LpS8vj.jpg
Requested by: Host: www.norblaohipkodsumimit.cyou
URL: https://www.norblaohipkodsumimit.cyou/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.219.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b91bb999cc1ffea180bb0ae316b02f232091410712938ee020e19f9318611e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norblaohipkodsumimit.cyou/

Response headers

cf-cache-status: MISS
etag: "67331569-12d67"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V5GwAyOmT1ZLn9oiW9eew2lNNy2zt1HDVwdu4VBCfwGhVg7A6VQVMiQsUCJvBySTTEogLyF84Wf%2FjPpBz9txr0CbEP7ytO2nzarPYxJWU0QVR%2B9DPbPJ5DWqMQBiUz1nsSZZbLSAGYt6n9ILE2Utmw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9101&sent=58&recv=33&lost=0&retrans=0&sent_bytes=50120&recv_bytes=7075&delivery_rate=102074&cwnd=12000&unsent_bytes=0&cid=9d5373ccc31bea91&ts=2024&x=1", cfHdrFlush;dur=32
date: Fri, 22 Nov 2024 11:26:17 GMT
content-type: image/jpeg
last-modified: Tue, 12 Nov 2024 08:44:25 GMT
vary: Accept-Encoding
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e6890502a134d3e-FRA
accept-ranges: bytes
content-length: 77159
server: cloudflare

GET
H3 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
29 KB 690ms
48ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.norblaohipkodsumimit.cyou
Referer: https://fonts.googleapis.com/

Response headers

age: 158722
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 15:20:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 15:20:56 GMT
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29752
x-xss-protection: 0
server: sffe

GET
H3 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
34 KB 691ms
45ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.norblaohipkodsumimit.cyou
Referer: https://fonts.googleapis.com/

Response headers

age: 309471
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 21:28:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 21:28:27 GMT
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34852
x-xss-protection: 0
server: sffe

GET
H3 200 4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 38 KB
38 KB 693ms
45ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.norblaohipkodsumimit.cyou
Referer: https://fonts.googleapis.com/

Response headers

age: 329889
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 15:48:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 15:48:09 GMT
last-modified: Wed, 27 Apr 2022 17:04:53 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38752
x-xss-protection: 0
server: sffe

GET
H3 200 4iCp6KVjbNBYlgoKejZftVyPN4E.woff2
fonts.gstatic.com/s/ubuntu/v20/ 37 KB
37 KB 709ms
61ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCp6KVjbNBYlgoKejZftVyPN4E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

e71a3c4673efe1ecf818a578e99aa5469b34309cd5d46eeffbdf01644f273b51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.norblaohipkodsumimit.cyou
Referer: https://fonts.googleapis.com/

Response headers

age: 158713
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 15:21:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 15:21:05 GMT
last-modified: Wed, 27 Apr 2022 16:10:54 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38304
x-xss-protection: 0
server: sffe

GET
H3 200 shortcut-icon.svg
www.norblaohipkodsumimit.cyou/image_bank/ 28 KB
5 KB 73ms
59ms Other
image/svg+xml 172.67.219.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.norblaohipkodsumimit.cyou/image_bank/shortcut-icon.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.219.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cf5bb5e50f3f3f2672f7d8892aca1e5d3a08ab4698cd8d2635a7c3c8ca432d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.norblaohipkodsumimit.cyou/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67331568-6e06"
age: 17632
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BY6KgkLzEIT4%2Fop0PXJObP4TKQLcMvmmeO1d91fmYyrYDCP55oWW%2F4oXEocMg1XUWeRmLFFdMwaJiVnWUfV3EJIhQyFkMe0%2FuYl31DFi4aJYURlebnCc8NnUvbxuOBVT0JROxThPBK3iUfY9c8Fakg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11332&sent=504&recv=106&lost=0&retrans=0&sent_bytes=578885&recv_bytes=10665&delivery_rate=19951065&cwnd=244800&unsent_bytes=0&cid=9d5373ccc31bea91&ts=3405&x=1", cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 11:26:19 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Nov 2024 08:44:24 GMT
vary: Accept-Encoding
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e6890591b6c4d3e-FRA
server: cloudflare

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
www.norblaohipkodsumimit.cyou
172.217.18.3
172.67.219.159
2a00:1450:4001:800::200a
2e7ed2222aeca82dde833447ac0c11572b001b734279837a73dd13e849b14473
61916f6dd8237bb4139ee6472dc5f2146dc2e2f515c1c4abf19c65e07a6b20ca
6cf5bb5e50f3f3f2672f7d8892aca1e5d3a08ab4698cd8d2635a7c3c8ca432d0
76d11e70091b70fe667c76f14912f1648fd67f28eb994e1d778891e2d9b56c14
77b91bb999cc1ffea180bb0ae316b02f232091410712938ee020e19f9318611e
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
b09c446ae15ff1fea2493ca30ceaeecb99ec509e93822d4826001332b76d2c4d
b1660d89004f316b34747a2e8cf493d674a87730454807f988b9fadc5af55723
be3fe55543f758d8432ed5dfa6afbe9b79b226231c1a6ff6dcaefac0b2917bfb
e71a3c4673efe1ecf818a578e99aa5469b34309cd5d46eeffbdf01644f273b51

www.norblaohipkodsumimit.cyou Open in urlscan Pro 172.67.219.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

694 kBTransfer

1188 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

www.norblaohipkodsumimit.cyou Open in urlscan Pro
172.67.219.159 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

694 kB
Transfer

1188 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions