Report - go.gkrtmc.com/aff_c?offer_id=9608&aff_id=29592&aff_sub5=banner&source=1{var10}&click_id={clickid}/rd.html?go=https://getmedirty.com/tds?tdsId=s9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&p5=lp_1&s3=1{var10}/rd.html?go=https://getmedirty.com/tds?tdsId=s9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&s3=1{var10}/rd.html?go=https://getmedirty.com/tds?tdsId=s9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&p5=lp_1&s3=1{var10}/rd.html?go=https://getmedirty.com/tds?tdsId=s9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&p5=lp

Report Overview

Submitted URL
go.gkrtmc.com/aff_c?offer_id=9608&aff_id=29592&aff_sub5=banner&source=1{var10}&click_id={clickid}/rd.html?go=https://getmedirty.com/tds?tdsId=s9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&p5=lp_1&s3=1{var10}/rd.html?go=https://getmedirty.com/tds?tdsId=s9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&s3=1{var10}/rd.html?go=https://getmedirty.com/tds?tdsId=s9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&p5=lp_1&s3=1{var10}/rd.html?go=https://getmedirty.com/tds?tdsId=s9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&p5=lp_1&s3=1{var10}
IP
172.255.248.119
ASN
#7979 SERVERS-COM
Submitted
2024-04-25 08:48:21
Access
public
Website Title
hookeportalen.com
Final URL
www.hookeportalen.com/lp/1/4/1
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
queitho.com	unknown	2023-07-04	2023-07-20	2024-04-18	2.5 kB	6.8 kB	104.21.79.101
rgqval.awaitingdream.net	unknown	2024-03-18	2024-04-10	2024-04-18	710 B	964 B	52.19.138.177
hubtrack.eu	unknown	unknown	No data	No data	559 B	1.3 kB	89.185.246.143
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-25	887 B	340 kB	142.250.74.168
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-04-23	3.1 kB	1.8 kB	216.239.34.36
go.gkrtmc.com	unknown	2022-01-24	2022-01-24	2024-02-21	3.1 kB	4.8 kB	172.255.248.119
oacenom.com	unknown	2023-11-03	2023-11-03	2024-04-18	401 B	1.7 kB	188.114.96.1
cy.trck-capt-prv2.com	unknown	2020-08-27	2022-06-30	2024-04-18	532 B	159 B	3.122.47.174
www.hookeportalen.com	unknown	2020-09-04	2020-09-09	2024-02-21	19 kB	504 kB	77.93.196.119
hookeportalen.com	unknown	2020-09-04	2020-09-09	2024-02-27	588 B	130 kB	77.93.196.119
www.google.no	25607	2001-02-26	2016-04-05	2024-04-24	596 B	578 B	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	queitho.com	Sinkholed
2024-04-24	medium	queitho.com	Sinkholed
2024-04-24	medium	queitho.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	www.hookeportalen.com/js/services/gtm.min.js?3fee57ea	496 B	2023-03-29	2024-05-04
Pretty URL www.hookeportalen.com/js/services/gtm.min.js?3fee57ea IP 77.93.196.119 ASN #24971 Master Internet s.r.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:35:31 Last Seen2024-05-04 17:06:14 Times Seen64 Hash f7adf79d6dc8a21a227ca0b14c7c201b fcebb58a02fea5db634d275f218b62cdf6e6ae52 8f063c4a6947dd5550b8ed0902b46bb231317c8cdbe21da84f95b25788269164 Loading...

	www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1	39 B	2023-03-29	2024-04-26
Pretty URL www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1 IP 77.93.196.119 ASN #24971 Master Internet s.r.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 21:35:31 Last Seen2024-04-26 09:59:28 Times Seen43 Hash 940bd9479a29961a37e8a8ed3f2b6a11 9308e30a0d1552831dd206d96e405ed5655a9449 8c3eabb9efc3f32d8f1a6197126190980963f92c65b4c6c6451e253eb9c35601 Loading...

	www.hookeportalen.com/lp/1/4/1	0 B	2023-03-07	2024-05-05
Pretty URL www.hookeportalen.com/lp/1/4/1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-05 02:12:26 Times Seen37352094 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.hookeportalen.com/vendor/jquery/dist/jquery.min.js	97 kB	2023-03-07	2024-05-05
Pretty URL www.hookeportalen.com/vendor/jquery/dist/jquery.min.js IP 77.93.196.119 ASN #24971 Master Internet s.r.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-05 01:24:23 Times Seen119087 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	unknown	763 B	2024-04-11	2024-05-04
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-11 22:20:40 Last Seen2024-05-04 17:06:14 Times Seen10 Hash c188fca58942d58b36ef0236a31b5144 fb205c7622ea7dfa42f9f18f6d19aa0cb540f624 f004dd72342b2bec0b258a644a5272fa86994cf08e2dae4e91d96f66d1d3cad2 Loading...

	www.hookeportalen.com/js/polyfill.min.js?39a4304c	3.5 kB	2023-03-12	2024-05-04
Pretty URL www.hookeportalen.com/js/polyfill.min.js?39a4304c IP 77.93.196.119 ASN #24971 Master Internet s.r.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:06:25 Last Seen2024-05-04 17:06:14 Times Seen72 Hash 5f32df553d908d72c7df6f1fd82a0cf0 896e3584eb17fcd5956244def9443691b5f37e64 87ebef039796c9d4539e5b2eb8d880963c09c8b6d5644e46119bcd993a8905d5 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-TH5LF8L	238 kB	2024-04-25	2024-04-25
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-TH5LF8L IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 10:48:27 Last Seen2024-04-25 10:48:28 Times Seen2 Hash b10c615593d5b41ec0b91a1f1cb72056 2bbf189439ec187c0c8f57507d21af715885ce4c 5bee3678f179d1753342637977710f2f122ef1292947cef1c6662895c27a626c Loading...

	www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1	42 B	2023-03-12	2024-05-04
Pretty URL www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1 IP 77.93.196.119 ASN #24971 Master Internet s.r.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 14:06:25 Last Seen2024-05-04 17:06:13 Times Seen68 Hash 4b3501deee789669b90f67b302b019c8 dc6f80f8010ea98e99ed6a06e52c6dfd342eba78 74eb7ff1837d9b366a43e70ac9907b7b7a80173dec63d588268e2ad7e4126c49 Loading...

	www.googletagmanager.com/gtag/js?id=G-3MTWNWW4KG&l=dataLayer&cx=c	302 kB	2024-04-25	2024-04-25
Pretty URL www.googletagmanager.com/gtag/js?id=G-3MTWNWW4KG&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 10:48:27 Last Seen2024-04-25 10:48:28 Times Seen2 Hash 574fcc464b06790fd4ca151347321c31 dedb19bc79dd8ffc4349a1edc1b7f73d9c89d0af 5251bba5243b6eaad4b6ebf19571f5bbb83faa8501edb2d6e22053f93c86b476 Loading...

	www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1	29 B	2023-03-12	2024-05-04
Pretty URL www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1 IP 77.93.196.119 ASN #24971 Master Internet s.r.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 14:06:25 Last Seen2024-05-04 17:06:13 Times Seen56 Hash aaba3111c98fc710e050bf2bf6f2f34f f7f58d3e7c6345e66b6add35dac5ba1e131d5f8c 0c0802e412e7a506c1a20d24005347a439ea06c55762a451cf80009d5992a4ef Loading...

	unknown	1.8 kB	2024-04-13	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 04:21:31 Last Seen2024-04-26 09:59:28 Times Seen6 Hash e4721fd3e370732f63653fbf30b0dbc4 6aeb5986ee00c71dc9fb4df4a27f321706f96401 5e652e3ae041bf59f2428c674404a94a97b4d25c9381d9529c843962c036044d Loading...

	unknown	366 B	2024-04-11	2024-05-04
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-11 22:20:40 Last Seen2024-05-04 17:06:14 Times Seen10 Hash 8e64aef50b6a9ef6e9f0bf54c93bea65 b900e73ad75e2d4aa4ab579e2520652aba1f734b 784e9bb197707208ec8682f3ec5286594a1c0e48e97f5cec235fe7096462516e Loading...

	www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1	46 B	2023-03-12	2024-05-04
Pretty URL www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1 IP 77.93.196.119 ASN #24971 Master Internet s.r.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 14:06:25 Last Seen2024-05-04 17:06:14 Times Seen67 Hash 5ab6288d29ece5838fbc91c39a43063f ae45c2a0617ad79cd149d29a03d0c84dc0df603a 98bb75ceb1ebc27960dcae9f26ce0affe49daccd8ae0e08349d7efa028af6c97 Loading...

	www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1	46 B	2023-03-12	2024-05-04
Pretty URL www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1 IP 77.93.196.119 ASN #24971 Master Internet s.r.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 14:06:25 Last Seen2024-05-04 17:06:14 Times Seen67 Hash f6862fe9793ef3ecd754ff4adf2e4948 40e0d1bfbcf6135fe54faa024d9426f735f04db6 84b8224e0c619773e7c2cffd085dddce41ee409e8aeb2198dbac8ee23ab41911 Loading...

	www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1	34 B	2023-03-12	2024-05-04
Pretty URL www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1 IP 77.93.196.119 ASN #24971 Master Internet s.r.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 14:06:25 Last Seen2024-05-04 17:06:14 Times Seen67 Hash ea7b26a2088e11743f061e5124f6f7c5 64e913efdfa5bfe2ee22dfde389fb76638dc1be7 31a104a62a7a9ba92495a94b38a7f634bf7db7e35dc01c774a65513dae3726e5 Loading...

	www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1	676 B	2023-03-12	2024-05-04
Pretty URL www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1 IP 77.93.196.119 ASN #24971 Master Internet s.r.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 14:06:25 Last Seen2024-05-04 17:06:14 Times Seen66 Hash 36e9720b93623d1f909ef823754bd2d4 713ae7234f9b15f4e3fc1efab4caa75d38faed61 3dc1fe217611973f061da9babb7d2b90e1547211efc6fe51e4912460828838f8 Loading...

	www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1	6.7 kB	2023-05-07	2024-05-04
Pretty URL www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1 IP 77.93.196.119 ASN #24971 Master Internet s.r.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-07 17:16:49 Last Seen2024-05-04 17:06:14 Times Seen37 Hash 09b7eed00a71d90377ac7960cc8d31ab 07276a4328a3e0fb9cce4084c3b05347298efd41 e57c1affe32867002f8ef26a9c716ce0e71686876d988b387a29dc047c9ff7ea Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9c631c8a68c5f179a4739ffe9f1f8db1	7.4 kB	2023-03-12	2024-05-04
Pretty Observations First Seen2023-03-12 14:06:25 Last Seen2024-05-04 17:06:14 Times Seen72 Hash 9c631c8a68c5f179a4739ffe9f1f8db1 c4902c2e321ce150be6be6042194acadf1edad84 d51c72b1825de890d86744dfc1dd7dc57ff1389976e76a15b1915cf4001a0475 Loading...

	#2 Eval - c24b1e0b3bfcd24a885c4a8d1496cba2	64 B	2024-04-11	2024-05-04
Pretty Observations First Seen2024-04-11 22:20:41 Last Seen2024-05-04 17:06:14 Times Seen10 Hash c24b1e0b3bfcd24a885c4a8d1496cba2 6795ceb89a09c25e8e2995a66060c28c217fda6c 648af38babf7c9346aa53901b85dc7326893aeda625b5076191e26ed5026f426 Loading...

	#3 Eval - 55089128ba7570a3f72043b9ac4bd085	6 B	2023-03-07	2024-05-04
Pretty Observations First Seen2023-03-07 01:33:43 Last Seen2024-05-04 17:06:14 Times Seen384 Hash 55089128ba7570a3f72043b9ac4bd085 6b9e9599960ae362d20e5f6e8665169d7066ce16 dec7a076dec41531da7f2d40bd4b896e27d45dd09ecd541190941bf88e6de894 Loading...

HTTP Transactions (38)

URL IP Response Size

go.gkrtmc.com/aff_c?offer_id=9608&aff_id=29592&aff_sub5=banner&source=1{var10}&click_id={clickid}/rd.html?go=https://getmedirty.com/tds?tdsId=s9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&p5=lp_1&s3=1{var10}/rd.html?go=https://getmedirty.com/tds?tdsId=s9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&s3=1{var10}/rd.html?go=https://getmedirty.com/tds?tdsId=s9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&p5=lp_1&s3=1{var10}/rd.html?go=https://getmedirty.com/tds?tdsId=s9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&p5=lp_1&s3=1{var10}

172.255.248.119

864 B

URL
go.gkrtmc.com/aff_c?offer_id=9608&aff_id=29592&aff_sub5=banner&source=1{var10}&click_id={clickid}/rd.html?go=https://getmedirty.com/tds?tdsId=s9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&p5=lp_1&s3=1{var10}/rd.html?go=https://getmedirty.com/tds?tdsId=s9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&s3=1{var10}/rd.html?go=https://getmedirty.com/tds?tdsId=s9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&p5=lp_1&s3=1{var10}/rd.html?go=https://getmedirty.com/tds?tdsId=s9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&p5=lp_1&s3=1{var10}
IP
172.255.248.119:0
ASN
#7979 SERVERS-COM

File type
HTML document, ASCII text, with very long lines (864), with no line terminators
Size
864 B (864 bytes)
Hash
bbba102b1709a61cded639c5222acc66
d1e063b7c31c18df8d7fbc934dcafe903e4acf5c
6eeb5a8af2737d7b6f2393e77f52c9429a160eca6d62c8a3d6e68b351bffd6c8

HTTP Headers

GET /aff_c?offer_id=9608&aff_id=29592&aff_sub5=banner&source=1{var10}&click_id={clickid}/rd.html?go=https://getmedirty.com/tds?tdsId=s9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&p5=lp_1&s3=1{var10}/rd.html?go=https://getmedirty.com/tds?tdsId=s9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&s3=1{var10}/rd.html?go=https://getmedirty.com/tds?tdsId=s9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&p5=lp_1&s3=1{var10}/rd.html?go=https://getmedirty.com/tds?tdsId=s9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&p5=lp_1&s3=1{var10} HTTP/1.1
Host: go.gkrtmc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Thu, 25 Apr 2024 08:47:54 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 864
Connection: keep-alive
Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0
Set-Cookie: language=en; Domain=go.gkrtmc.com; Path=/; Expires=Sat, 25 May 2024 08:47:54 GMT
test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
Location: aff_c?offer_id=9949&aff_id=29592&aff_sub5=banner&source=1%7Bvar10%7D&click_id=%7Bclickid%7D%2Frd.html%3Fgo%3Dhttps%3A%2F%2Fgetmedirty.com%2Ftds%3FtdsId%3Ds9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&p5=lp_1&s3=1%7Bvar10%7D&last=3
Vary: Accept
Cache-Control: no-store, no-cache

go.gkrtmc.com/aff_c?offer_id=9949&aff_id=29592&aff_sub5=banner&source=1%7Bvar10%7D&click_id=%7Bclickid%7D%2Frd.html%3Fgo%3Dhttps%3A%2F%2Fgetmedirty.com%2Ftds%3FtdsId%3Ds9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&p5=lp_1&s3=1%7Bvar10%7D&last=3

172.255.248.119

416 B

URL
go.gkrtmc.com/aff_c?offer_id=9949&aff_id=29592&aff_sub5=banner&source=1%7Bvar10%7D&click_id=%7Bclickid%7D%2Frd.html%3Fgo%3Dhttps%3A%2F%2Fgetmedirty.com%2Ftds%3FtdsId%3Ds9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&p5=lp_1&s3=1%7Bvar10%7D&last=3
IP
172.255.248.119:0
ASN
#7979 SERVERS-COM

File type
HTML document, ASCII text, with very long lines (416), with no line terminators
Size
416 B (416 bytes)
Hash
7a0e3a214472b2045ffa8a3fccad76c2
d895db903297f388ee780dceadf4234675c1dfbd
c86e772e646f4cbc5f5aa86106f1f8ff9ee7d57957acf56dc4a10b71a6fa9416

HTTP Headers

GET /aff_c?offer_id=9949&aff_id=29592&aff_sub5=banner&source=1%7Bvar10%7D&click_id=%7Bclickid%7D%2Frd.html%3Fgo%3Dhttps%3A%2F%2Fgetmedirty.com%2Ftds%3FtdsId%3Ds9183ale_r&tds_campaign=s9183ale&utm_campaign=a0c2d620&utm_content=29592&utm_source=ddm&s1=ddn&s2=general&data2=31_29592_9608_d4e2dc37ef27a516e7e452b5bc6057b5&p1=ndt&p5=lp_1&s3=1%7Bvar10%7D&last=3 HTTP/1.1
Host: go.gkrtmc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: language=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Thu, 25 Apr 2024 08:47:54 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 416
Connection: keep-alive
Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0
Set-Cookie: language=en; Domain=go.gkrtmc.com; Path=/; Expires=Sat, 25 May 2024 08:47:54 GMT
test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
9949=32_29592_9949_82d13cb970a970c04499d5943333ad10; Domain=go.gkrtmc.com; Path=/; Expires=Sat, 25 May 2024 08:47:54 GMT; Secure; SameSite=None
op_9949=0; Domain=go.gkrtmc.com; Path=/; Expires=Sat, 25 May 2024 08:47:54 GMT
user_id=c183909b-3c83-456b-903f-0c41846b5433_2ed499d191df1aee1d635dd55f50d600; Domain=go.gkrtmc.com; Path=/; Expires=Tue, 24 Apr 2029 08:47:54 GMT; Secure; SameSite=None
Location: /rd.html?go=https%3A%2F%2Fqueitho.com%2Fclient%3Fcamp%3Ds3%26aff_id%3D2%26aff_sub%3D29592%26source%3D29592%26aff_sub2%3Dbanner%26click_id%3D32_29592_9949_82d13cb970a970c04499d5943333ad10
Vary: Accept
Cache-Control: no-store, no-cache

go.gkrtmc.com/rd.html?go=https%3A%2F%2Fqueitho.com%2Fclient%3Fcamp%3Ds3%26aff_id%3D2%26aff_sub%3D29592%26source%3D29592%26aff_sub2%3Dbanner%26click_id%3D32_29592_9949_82d13cb970a970c04499d5943333ad10

172.255.248.119

255 B

URL
go.gkrtmc.com/rd.html?go=https%3A%2F%2Fqueitho.com%2Fclient%3Fcamp%3Ds3%26aff_id%3D2%26aff_sub%3D29592%26source%3D29592%26aff_sub2%3Dbanner%26click_id%3D32_29592_9949_82d13cb970a970c04499d5943333ad10
IP
172.255.248.119:0
ASN
#7979 SERVERS-COM

File type
HTML document, ASCII text
Size
255 B (255 bytes)
Hash
d032811d8a01caff2a5ce141a657ca0e
7cfb5ac640b5496f18939ee73dc89cccf77125cc
e2efe220662dd9a54582aa6ab3f6d9fcaf0341710d0b01aa051fc09258ff9e6e

HTTP Headers

GET /rd.html?go=https%3A%2F%2Fqueitho.com%2Fclient%3Fcamp%3Ds3%26aff_id%3D2%26aff_sub%3D29592%26source%3D29592%26aff_sub2%3Dbanner%26click_id%3D32_29592_9949_82d13cb970a970c04499d5943333ad10 HTTP/1.1
Host: go.gkrtmc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: language=en; 9949=32_29592_9949_82d13cb970a970c04499d5943333ad10; op_9949=0; user_id=c183909b-3c83-456b-903f-0c41846b5433_2ed499d191df1aee1d635dd55f50d600
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:47:54 GMT
Content-Type: text/html
Last-Modified: Fri, 13 Aug 2021 14:56:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61168831-149"
Cache-Control: no-store, no-cache
Content-Encoding: gzip

oacenom.com/ckset

188.114.96.1

117 B

URL
oacenom.com/ckset
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
117 B (117 bytes)
Hash
1cbf443f67b3ed25c7a710055ec506f0
3a769b34e13d2373f329cb4186ac50d50f6e47e7
a8941f7c62520d838a9eb40b43cd545c424b6664fb4ca4e7bdcbf09b57a4afea

HTTP Headers

POST /ckset HTTP/1.1
Host: oacenom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://queitho.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 201 Created
date: Thu, 25 Apr 2024 08:47:55 GMT
content-type: application/json; charset=utf-8
content-length: 117
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
set-cookie: mastidencook=5243477b-7deb-4727-a048-e8a16f776788_7c9f572fa8c4b64d352caebcc91a1ceb; Domain=oacenom.com; Path=/; Expires=Tue, 24 Apr 2029 08:47:55 GMT; Secure; SameSite=None
etag: W/"75-OnabNOE9I3PzKctBhqxQ1Q9uR+c"
access-control-allow-origin: https://queitho.com
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GQsQVPA0zSBHAdtXlpKLbOfeTPJwcvgLbRExfY1vr9Pe6Jp%2FNU6nZ1PuTf4f5Mm%2BUlUIPaUIgW5i0oMDqeYRm%2BDGRdHHLTSdv58TjnwKIw%2FVi1qdt0gReHMbUAMndA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d1231a9560b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

queitho.com/visit?aff_id=2&aff_sub=29592&aff_sub2=banner&click_id=32_29592_9949_82d13cb970a970c04499d5943333ad10&source=29592&ttype=direct&camp=s3&p_camp=&bstep=&sid=&efcn=custom-unknown&cntp=custom-unknown&sch=&scw=&vph=&vpw=&lt=

104.21.79.101

813 B

URL
queitho.com/visit?aff_id=2&aff_sub=29592&aff_sub2=banner&click_id=32_29592_9949_82d13cb970a970c04499d5943333ad10&source=29592&ttype=direct&camp=s3&p_camp=&bstep=&sid=&efcn=custom-unknown&cntp=custom-unknown&sch=&scw=&vph=&vpw=&lt=
IP
104.21.79.101:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
813 B (813 bytes)
Hash
ba2c1a42f08f4b39844d45f033abebfc
8bbaf6a32397cbf374d2149ca0cedce08bb90df4
d414c76cb933cf12d66c058abcbc51f36414e3380ff1552cfbe9bd00a68f3dc1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /visit?aff_id=2&aff_sub=29592&aff_sub2=banner&click_id=32_29592_9949_82d13cb970a970c04499d5943333ad10&source=29592&ttype=direct&camp=s3&p_camp=&bstep=&sid=&efcn=custom-unknown&cntp=custom-unknown&sch=&scw=&vph=&vpw=&lt= HTTP/1.1
Host: queitho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 403
Origin: https://queitho.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 201 Created
date: Thu, 25 Apr 2024 08:47:55 GMT
content-type: application/json; charset=utf-8
content-length: 813
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
set-cookie: browserLanguage=en; Domain=queitho.com; Path=/; Expires=Sat, 25 May 2024 08:47:55 GMT
userId=3afa76a4-2c22-4e8d-80ea-e274eea3e2db_63bbcf22ba184fa876d005bc9d752353; Domain=queitho.com; Path=/; Expires=Tue, 24 Apr 2029 08:47:55 GMT; Secure; SameSite=None
cache-control: no-store, no-store, no-cache
etag: W/"32d-i7r2oyOXy/N00hScoM7c4Iu5DfQ"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WCmsxIMD4cXaUEmTM5HTMYAPKW6caXn75BYiK6ph0iIZ%2FsyOo%2BIzM3rXBEzqIwgLUh7lmAlhQoYbJvOBS%2BqQ8cw9xlbUJu%2BPJhg%2BSb2wZK3Q%2B%2BEJjjyttxEU%2BdA3eg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d12321a18b51e-OSL
alt-svc: h3=":443"; ma=86400

queitho.com/fl?aff_id=2&aff_sub=29592&aff_sub2=banner&click_id=32_29592_9949_82d13cb970a970c04499d5943333ad10&source=29592&ttype=direct&camp=f109&sl_cid=5716eb5b-5125-4585-b5be-7ce85a6bf4d1_43535edc2f73052e5e6f3586b5b66e38&p_camp=&bstep=&sid=s3&efcn=custom-unknown&cntp=custom-unknown&sch=1024&scw=1280&vph=1024&vpw=1280&ref=https%3A%2F%2Fgo.gkrtmc.com%2F&lt=

104.21.79.101

1.3 kB

URL
queitho.com/fl?aff_id=2&aff_sub=29592&aff_sub2=banner&click_id=32_29592_9949_82d13cb970a970c04499d5943333ad10&source=29592&ttype=direct&camp=f109&sl_cid=5716eb5b-5125-4585-b5be-7ce85a6bf4d1_43535edc2f73052e5e6f3586b5b66e38&p_camp=&bstep=&sid=s3&efcn=custom-unknown&cntp=custom-unknown&sch=1024&scw=1280&vph=1024&vpw=1280&ref=https%3A%2F%2Fgo.gkrtmc.com%2F&lt=
IP
104.21.79.101:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
1.3 kB (1310 bytes)
Hash
c1c4ba31ac0628fa422766b96e3c897f
9198f2af7f2e57518a0487b1ab0e85984cedacc9
c0d7fee60f94b81d8051b54185f44d167ab8f8c0963d9ed41686a9bb58512707

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fl?aff_id=2&aff_sub=29592&aff_sub2=banner&click_id=32_29592_9949_82d13cb970a970c04499d5943333ad10&source=29592&ttype=direct&camp=f109&sl_cid=5716eb5b-5125-4585-b5be-7ce85a6bf4d1_43535edc2f73052e5e6f3586b5b66e38&p_camp=&bstep=&sid=s3&efcn=custom-unknown&cntp=custom-unknown&sch=1024&scw=1280&vph=1024&vpw=1280&ref=https%3A%2F%2Fgo.gkrtmc.com%2F&lt= HTTP/1.1
Host: queitho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 410
Origin: https://queitho.com
DNT: 1
Connection: keep-alive
Cookie: browserLanguage=en; userId=3afa76a4-2c22-4e8d-80ea-e274eea3e2db_63bbcf22ba184fa876d005bc9d752353
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 201 Created
date: Thu, 25 Apr 2024 08:47:55 GMT
content-type: application/json; charset=utf-8
content-length: 1310
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
set-cookie: browserLanguage=en; Domain=queitho.com; Path=/; Expires=Sat, 25 May 2024 08:47:55 GMT
cache-control: no-store, no-store, no-cache
etag: W/"51e-kZjyr38uV1GKBIexqw6FmEztrMk"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=otTF4A3vrBaOU7Apgm2W%2FG1QatkkciYyIGhDvLpRaZyzZ63et%2BA0KJi9MC7mu5Dpvc070DV3Qr2Cu%2BQohJP54aMQ2iHKwYn9UajVib53A%2FpwRWC6AySS7uIz65w%2FYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d12329a6ab51e-OSL
alt-svc: h3=":443"; ma=86400

queitho.com/ofp?aff_id=2&aff_sub=29592&aff_sub2=banner&click_id=32_29592_9949_82d13cb970a970c04499d5943333ad10&source=29592&ttype=direct&camp=f109&sl_cid=5716eb5b-5125-4585-b5be-7ce85a6bf4d1_43535edc2f73052e5e6f3586b5b66e38&p_camp=&bstep=0&sid=s3&ofp_id=111&efcn=custom-unknown&cntp=custom-unknown&sch=1024&scw=1280&vph=1024&vpw=1280&ref=https%3A%2F%2Fgo.gkrtmc.com%2F&lt=0

104.21.79.101

231 B

URL
queitho.com/ofp?aff_id=2&aff_sub=29592&aff_sub2=banner&click_id=32_29592_9949_82d13cb970a970c04499d5943333ad10&source=29592&ttype=direct&camp=f109&sl_cid=5716eb5b-5125-4585-b5be-7ce85a6bf4d1_43535edc2f73052e5e6f3586b5b66e38&p_camp=&bstep=0&sid=s3&ofp_id=111&efcn=custom-unknown&cntp=custom-unknown&sch=1024&scw=1280&vph=1024&vpw=1280&ref=https%3A%2F%2Fgo.gkrtmc.com%2F&lt=0
IP
104.21.79.101:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
231 B (231 bytes)
Hash
6eb1c6f53771ed9a7fb7263a68538109
f0c20e2dd06051b457ee03f3bfd17f7ab5c18d2c
6fc78cca6b2dd307da2ad0dfaf09d223f4978674dabf67cbd8116e11284ba7d8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /ofp?aff_id=2&aff_sub=29592&aff_sub2=banner&click_id=32_29592_9949_82d13cb970a970c04499d5943333ad10&source=29592&ttype=direct&camp=f109&sl_cid=5716eb5b-5125-4585-b5be-7ce85a6bf4d1_43535edc2f73052e5e6f3586b5b66e38&p_camp=&bstep=0&sid=s3&ofp_id=111&efcn=custom-unknown&cntp=custom-unknown&sch=1024&scw=1280&vph=1024&vpw=1280&ref=https%3A%2F%2Fgo.gkrtmc.com%2F&lt=0 HTTP/1.1
Host: queitho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 417
Origin: https://queitho.com
DNT: 1
Connection: keep-alive
Cookie: browserLanguage=en; userId=3afa76a4-2c22-4e8d-80ea-e274eea3e2db_63bbcf22ba184fa876d005bc9d752353
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 201 Created
date: Thu, 25 Apr 2024 08:47:55 GMT
content-type: application/json; charset=utf-8
content-length: 231
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
set-cookie: browserLanguage=en; Domain=queitho.com; Path=/; Expires=Sat, 25 May 2024 08:47:55 GMT
cache-control: no-store, no-store, no-cache
etag: W/"e7-8MIOLdBgUbRX7gPzv9F/erXBjSw"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ITw12k%2F1vzoOM5rhmWiDa%2B8QpXBedudN%2FIjVtutHPuNi8ZKvWRX%2FKzDLBA4V9uisMW1B4VJuc%2BZ%2B6kCI1%2BGEWr7Ln6PpKY%2BqQfdZiJnExhMrzwZoCTNXPf4tqkgbcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d12336b3bb51e-OSL
alt-svc: h3=":443"; ma=86400

rgqval.awaitingdream.net/?tds_cid=3a6d620dcaef5001d07476d32ab82b752b7e5864&s1=134504&ban=other&utm_source=e2905f55ec3a568b&s2=2005070&click_id=3a6d620dcaef5001d07476d32ab82b752b7e5864&s5=dit1029&j1=1&j9=1&s3=sml_e1f18e7f

52.19.138.177

136 B

URL
rgqval.awaitingdream.net/?tds_cid=3a6d620dcaef5001d07476d32ab82b752b7e5864&s1=134504&ban=other&utm_source=e2905f55ec3a568b&s2=2005070&click_id=3a6d620dcaef5001d07476d32ab82b752b7e5864&s5=dit1029&j1=1&j9=1&s3=sml_e1f18e7f
IP
52.19.138.177:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text
Size
136 B (136 bytes)
Hash
78c798b57ce0000d5132c7f4997d5ec0
28cce51add9d03031884e25b307571aa6c312763
05ef6f9fac1a1bef62687fb68fc5117ee080e12c7f0739167361917925827cdb

HTTP Headers

GET /?tds_cid=3a6d620dcaef5001d07476d32ab82b752b7e5864&s1=134504&ban=other&utm_source=e2905f55ec3a568b&s2=2005070&click_id=3a6d620dcaef5001d07476d32ab82b752b7e5864&s5=dit1029&j1=1&j9=1&s3=sml_e1f18e7f HTTP/1.1
Host: rgqval.awaitingdream.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://empirelayer.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Thu, 25 Apr 2024 08:47:56 GMT
content-type: text/html; charset=utf-8
content-length: 136
location: https://cy.trck-capt-prv2.com/click?o=4691&a=198&sub_id1=yezrt662a18bc000539d3&sub_id3=134504_2005070
set-cookie: unique_id=662a18bc0004ef64; Path=/; Expires=Mon, 24 Jun 2024 08:47:56 GMT; Secure; SameSite=None
unique_id2=6629998a0007bd3d; Path=/; Expires=Wed, 24 Jul 2024 08:47:56 GMT; Secure; SameSite=None
6629998a0007bd3d_c=1; Path=/; Expires=Wed, 24 Jul 2024 08:47:56 GMT; Secure; SameSite=None
ref_token=134504; Path=/; Expires=Sat, 25 May 2024 08:47:56 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Thu, 25 Apr 2024 08:47:56 GMT; Secure; SameSite=None
tid=yezrt662a18bc000539d3; Path=/; Expires=Fri, 30 Mar 2029 08:47:56 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2

cy.trck-capt-prv2.com/favicon.ico

3.122.47.174

0 B

URL
cy.trck-capt-prv2.com/favicon.ico
IP
3.122.47.174:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cy.trck-capt-prv2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: U-ba9fab001f67381e56e410575874d967=unique; o_ba9fab001f67381e56e410575874d967=d3435442-7dae-4dbd-aae5-d584ec4d6635
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: awselb/2.0
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: text/plain; charset=utf-8
content-length: 0
X-Firefox-Spdy: h2

hubtrack.eu/?aff_id=9737&offer_id=13995&ext_id=7acd7991d2f4696ac54721fb64b98bf1&source=198_134504_2005070

89.185.246.143

302 Found

233 B

URL User Request GET HTTP/1.1
hubtrack.eu/?aff_id=9737&offer_id=13995&ext_id=7acd7991d2f4696ac54721fb64b98bf1&source=198_134504_2005070
IP
89.185.246.143:443
ASN
#24971 Master Internet s.r.o.

Certificate
IssuerLet's Encrypt
Subjecthubtrack.eu
FingerprintC6:63:00:89:3E:B4:78:7F:00:57:F2:D8:19:D1:BE:CB:93:F2:30:E8
ValidityTue, 20 Feb 2024 09:46:46 GMT - Mon, 20 May 2024 09:46:45 GMT

File type
HTML document, ASCII text
Size
233 B (233 bytes)
Hash
66d34a4a7e60a4e331b01a6853bde08e
9b5ecb186cba7e8c5b0ce795bc70169130652a3c
7015b13e2c62d55a2fe46e901ab773638718c8da0573b692a99cb04834c620ad

HTTP Headers

GET /?aff_id=9737&offer_id=13995&ext_id=7acd7991d2f4696ac54721fb64b98bf1&source=198_134504_2005070 HTTP/1.1
Host: hubtrack.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Thu, 25 Apr 2024 08:45:21 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
X-Powered-By: Nette Framework 3
Vary: X-Requested-With
Set-Cookie: _nss=1; path=/; secure; HttpOnly; SameSite=Strict
aff-bb320c502370eadcdd1d1a2b3cfe12a5=a%3A3%3A%7Bs%3A2%3A%22id%22%3Bi%3A4476529815%3Bs%3A4%3A%22trid%22%3Bs%3A22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%3Bs%3A3%3A%22get%22%3Ba%3A4%3A%7Bs%3A6%3A%22aff_id%22%3Bi%3A9737%3Bs%3A8%3A%22offer_id%22%3Bi%3A13995%3Bs%3A6%3A%22ext_id%22%3Bs%3A32%3A%227acd7991d2f4696ac54721fb64b98bf1%22%3Bs%3A6%3A%22source%22%3Bs%3A18%3A%22198_134504_2005070%22%3B%7D%7D; expires=Fri, 26-Apr-2024 08:45:21 GMT; Max-Age=86400; path=/; secure; HttpOnly; SameSite=Lax
X-Click-Id: 4476529815
X-TransactionId: Y7ErhpjDTwY481nSgyXoMQ
Location: https://hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1&
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff

www.hookeportalen.com/img/country_flag_icon_gb.png

77.93.196.119

200 OK

6.2 kB

URL GET HTTP/2
www.hookeportalen.com/img/country_flag_icon_gb.png
IP
77.93.196.119:443
ASN
#24971 Master Internet s.r.o.

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerLet's Encrypt
Subjecthookeportalen.com
Fingerprint07:9A:83:13:39:63:38:B4:99:BE:6B:58:91:57:67:22:DA:0D:27:98
ValidityWed, 06 Mar 2024 10:16:55 GMT - Tue, 04 Jun 2024 10:16:54 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
6.2 kB (6222 bytes)
Hash
95ac71725790e555982d4f2b38a9e970
75b3cdc4b565a82b25340ac515ffa85f07ec68aa
43130693ca0e67315df363cc1a1f1f79914504435782a247f046d06424a2f0b7

HTTP Headers

GET /img/country_flag_icon_gb.png HTTP/1.1
Host: www.hookeportalen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Cookie: iaff=%7B%22e%22%3A%7B%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22afid%22%3A%229737%22%2C%22ofid%22%3A%2213995%22%2C%22source%22%3A%22198_134504_2005070%22%2C%22ext_id%22%3A%227acd7991d2f4696ac54721fb64b98bf1%22%7D%2C%22a%22%3A%7B%22afid%22%3A9737%2C%22ofid%22%3A13995%2C%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22source%22%3A%22198_134504_2005070%22%7D%2C%22s%22%3A%22ImaxCash%22%7D; user_lang_id_ui=14; imx_lp=%7B%22title%22%3Anull%2C%22desc%22%3Anull%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.2
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: image/png
content-length: 6222
last-modified: Tue, 05 Mar 2024 13:25:12 GMT
etag: "65e71d38-184e"
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
X-Firefox-Spdy: h2

hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1&

77.93.196.119

302 Found

130 kB

URL User Request GET HTTP/2
hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1&
IP
77.93.196.119:443
ASN
#24971 Master Internet s.r.o.

Certificate
IssuerLet's Encrypt
Subjecthookeportalen.com
Fingerprint07:9A:83:13:39:63:38:B4:99:BE:6B:58:91:57:67:22:DA:0D:27:98
ValidityWed, 06 Mar 2024 10:16:55 GMT - Tue, 04 Jun 2024 10:16:54 GMT

File type
gzip compressed data, from Unix
Size
130 kB (129544 bytes)
Hash
a31ef06836c5a1642704efd0c8c3a135
e6053f542c6b24dcd60a2faca4878a748122e2d0
b65cb039c7ea283baeae920826988efe78cf85df57f8e057fb8f8f8a6aea0a9d

HTTP Headers

GET /?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1& HTTP/1.1
Host: hookeportalen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.25.2
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: text/html; charset=utf-8
location: https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
x-powered-by: Nette Framework
x-frame-options: SAMEORIGIN
content-encoding: gzip
vary: X-Requested-With, Accept-Encoding
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

www.hookeportalen.com/img/lp/loading.gif?a57354db

77.93.196.119

200 OK

1.9 kB

URL GET HTTP/2
www.hookeportalen.com/img/lp/loading.gif?a57354db
IP
77.93.196.119:443
ASN
#24971 Master Internet s.r.o.

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerLet's Encrypt
Subjecthookeportalen.com
Fingerprint07:9A:83:13:39:63:38:B4:99:BE:6B:58:91:57:67:22:DA:0D:27:98
ValidityWed, 06 Mar 2024 10:16:55 GMT - Tue, 04 Jun 2024 10:16:54 GMT

File type
GIF image data, version 89a, 28 x 28
Size
1.9 kB (1925 bytes)
Hash
aa739e221648d729d5a4d2e9bc7b8649
c4eb9c718e0e0e58298482443a82e05b098fe13b
be55c8fc639ab0b327d742bdbcc27511f1e89e016a258e29c3cfebfe44e14383

HTTP Headers

GET /img/lp/loading.gif?a57354db HTTP/1.1
Host: www.hookeportalen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/lp/1/4/1
Cookie: iaff=%7B%22e%22%3A%7B%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22afid%22%3A%229737%22%2C%22ofid%22%3A%2213995%22%2C%22source%22%3A%22198_134504_2005070%22%2C%22ext_id%22%3A%227acd7991d2f4696ac54721fb64b98bf1%22%7D%2C%22a%22%3A%7B%22afid%22%3A9737%2C%22ofid%22%3A13995%2C%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22source%22%3A%22198_134504_2005070%22%7D%2C%22s%22%3A%22ImaxCash%22%7D; user_lang_id_ui=14; imx_lp=%7B%22title%22%3Anull%2C%22desc%22%3Anull%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.2
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: image/gif
content-length: 1925
last-modified: Fri, 23 Mar 2018 14:39:08 GMT
etag: "5ab5118c-785"
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
X-Firefox-Spdy: h2

www.hookeportalen.com/img/lp/lux/sprites2.png?df8a6557

77.93.196.119

200 OK

2.9 kB

URL GET HTTP/2
www.hookeportalen.com/img/lp/lux/sprites2.png?df8a6557
IP
77.93.196.119:443
ASN
#24971 Master Internet s.r.o.

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerLet's Encrypt
Subjecthookeportalen.com
Fingerprint07:9A:83:13:39:63:38:B4:99:BE:6B:58:91:57:67:22:DA:0D:27:98
ValidityWed, 06 Mar 2024 10:16:55 GMT - Tue, 04 Jun 2024 10:16:54 GMT

File type
PNG image data, 69 x 216, 8-bit/color RGBA, non-interlaced
Size
2.9 kB (2924 bytes)
Hash
1223b198f79be430b6faac39e884050f
b06c5a2d801f34a6ce6b693c25aba83f8a7f758d
68ed05d0e19e85c9a895ce14b0b8cc7ce48eea6ecf5d45648458440f1fa1e792

HTTP Headers

GET /img/lp/lux/sprites2.png?df8a6557 HTTP/1.1
Host: www.hookeportalen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/lp/1/4/1
Cookie: iaff=%7B%22e%22%3A%7B%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22afid%22%3A%229737%22%2C%22ofid%22%3A%2213995%22%2C%22source%22%3A%22198_134504_2005070%22%2C%22ext_id%22%3A%227acd7991d2f4696ac54721fb64b98bf1%22%7D%2C%22a%22%3A%7B%22afid%22%3A9737%2C%22ofid%22%3A13995%2C%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22source%22%3A%22198_134504_2005070%22%7D%2C%22s%22%3A%22ImaxCash%22%7D; user_lang_id_ui=14; imx_lp=%7B%22title%22%3Anull%2C%22desc%22%3Anull%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.2
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: image/png
content-length: 2924
last-modified: Fri, 11 May 2018 14:33:56 GMT
etag: "5af5a9d4-b6c"
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
X-Firefox-Spdy: h2

www.hookeportalen.com/vendor/jquery/dist/jquery.min.js

77.93.196.119

200 OK

34 kB

URL GET HTTP/2
www.hookeportalen.com/vendor/jquery/dist/jquery.min.js
IP
77.93.196.119:443
ASN
#24971 Master Internet s.r.o.

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerLet's Encrypt
Subjecthookeportalen.com
Fingerprint07:9A:83:13:39:63:38:B4:99:BE:6B:58:91:57:67:22:DA:0D:27:98
ValidityWed, 06 Mar 2024 10:16:55 GMT - Tue, 04 Jun 2024 10:16:54 GMT

File type
gzip compressed data, from Unix
Size
34 kB (34503 bytes)
Hash
f1c08e4b4777952c21a6cb133fe0d4f3
c483b6dea5f23914eb847a92b766349d8763ada4
bf6a82247a39802e23ded8dae716bce73cb5fc9983461d3070e6e6362c345742

HTTP Headers

GET /vendor/jquery/dist/jquery.min.js HTTP/1.1
Host: www.hookeportalen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Cookie: iaff=%7B%22e%22%3A%7B%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22afid%22%3A%229737%22%2C%22ofid%22%3A%2213995%22%2C%22source%22%3A%22198_134504_2005070%22%2C%22ext_id%22%3A%227acd7991d2f4696ac54721fb64b98bf1%22%7D%2C%22a%22%3A%7B%22afid%22%3A9737%2C%22ofid%22%3A13995%2C%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22source%22%3A%22198_134504_2005070%22%7D%2C%22s%22%3A%22ImaxCash%22%7D; user_lang_id_ui=14; imx_lp=%7B%22title%22%3Anull%2C%22desc%22%3Anull%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.2
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 30 Jun 2017 09:11:39 GMT
vary: Accept-Encoding
etag: W/"595615cb-17b8b"
cache-control: public, max-age=2592000, immutable
content-encoding: gzip
X-Firefox-Spdy: h2

www.hookeportalen.com/img/lp/lux/stars.png?b773f04a

77.93.196.119

200 OK

1.4 kB

URL GET HTTP/2
www.hookeportalen.com/img/lp/lux/stars.png?b773f04a
IP
77.93.196.119:443
ASN
#24971 Master Internet s.r.o.

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerLet's Encrypt
Subjecthookeportalen.com
Fingerprint07:9A:83:13:39:63:38:B4:99:BE:6B:58:91:57:67:22:DA:0D:27:98
ValidityWed, 06 Mar 2024 10:16:55 GMT - Tue, 04 Jun 2024 10:16:54 GMT

File type
PNG image data, 118 x 45, 8-bit/color RGBA, non-interlaced
Size
1.4 kB (1427 bytes)
Hash
0b64450cdca40d5995c44a3a9d7c594e
b6283c9a412d7ee161cd6676d3d1b136a58fba6b
e16adead61579cae0306f6028b1db6340798d433753b80767e7cc36899a4c178

HTTP Headers

GET /img/lp/lux/stars.png?b773f04a HTTP/1.1
Host: www.hookeportalen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/lp/1/4/1
Cookie: iaff=%7B%22e%22%3A%7B%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22afid%22%3A%229737%22%2C%22ofid%22%3A%2213995%22%2C%22source%22%3A%22198_134504_2005070%22%2C%22ext_id%22%3A%227acd7991d2f4696ac54721fb64b98bf1%22%7D%2C%22a%22%3A%7B%22afid%22%3A9737%2C%22ofid%22%3A13995%2C%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22source%22%3A%22198_134504_2005070%22%7D%2C%22s%22%3A%22ImaxCash%22%7D; user_lang_id_ui=14; imx_lp=%7B%22title%22%3Anull%2C%22desc%22%3Anull%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.2
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: image/png
content-length: 1427
last-modified: Wed, 14 Feb 2018 12:09:26 GMT
etag: "5a8426f6-593"
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
X-Firefox-Spdy: h2

www.hookeportalen.com/js/polyfill.min.js?39a4304c

77.93.196.119

200 OK

1.5 kB

URL GET HTTP/2
www.hookeportalen.com/js/polyfill.min.js?39a4304c
IP
77.93.196.119:443
ASN
#24971 Master Internet s.r.o.

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerLet's Encrypt
Subjecthookeportalen.com
Fingerprint07:9A:83:13:39:63:38:B4:99:BE:6B:58:91:57:67:22:DA:0D:27:98
ValidityWed, 06 Mar 2024 10:16:55 GMT - Tue, 04 Jun 2024 10:16:54 GMT

File type
gzip compressed data, from Unix
Size
1.5 kB (1496 bytes)
Hash
395dac5ae1a0487ed19bf71eae63369a
d77b1fbb6f48b4619678c32ef98a5bc98d80e785
225dece246054029bcca6fc74a7d3046be036b08eb399e28cfa437dc340358c9

HTTP Headers

GET /js/polyfill.min.js?39a4304c HTTP/1.1
Host: www.hookeportalen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Cookie: iaff=%7B%22e%22%3A%7B%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22afid%22%3A%229737%22%2C%22ofid%22%3A%2213995%22%2C%22source%22%3A%22198_134504_2005070%22%2C%22ext_id%22%3A%227acd7991d2f4696ac54721fb64b98bf1%22%7D%2C%22a%22%3A%7B%22afid%22%3A9737%2C%22ofid%22%3A13995%2C%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22source%22%3A%22198_134504_2005070%22%7D%2C%22s%22%3A%22ImaxCash%22%7D; user_lang_id_ui=14; imx_lp=%7B%22title%22%3Anull%2C%22desc%22%3Anull%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.2
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 03 May 2022 11:55:44 GMT
vary: Accept-Encoding
etag: W/"62711840-dd6"
cache-control: public, max-age=2592000, immutable
content-encoding: gzip
X-Firefox-Spdy: h2

www.hookeportalen.com/vendor/font-awesome/css/all.min.css

77.93.196.119

200 OK

100 kB

URL GET HTTP/2
www.hookeportalen.com/vendor/font-awesome/css/all.min.css
IP
77.93.196.119:443
ASN
#24971 Master Internet s.r.o.

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerLet's Encrypt
Subjecthookeportalen.com
Fingerprint07:9A:83:13:39:63:38:B4:99:BE:6B:58:91:57:67:22:DA:0D:27:98
ValidityWed, 06 Mar 2024 10:16:55 GMT - Tue, 04 Jun 2024 10:16:54 GMT

File type
gzip compressed data, from Unix
Size
100 kB (99477 bytes)
Hash
e033cf31c5acc7b8271d0dc134f118d0
67b3ead7c67d8c6860c1c9d1e6b220bed409a957
0330295ea4c63480f545e7f7e1d981cb01f0bb24402fa0be9a09ad6fa7079956

HTTP Headers

GET /vendor/font-awesome/css/all.min.css HTTP/1.1
Host: www.hookeportalen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Cookie: iaff=%7B%22e%22%3A%7B%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22afid%22%3A%229737%22%2C%22ofid%22%3A%2213995%22%2C%22source%22%3A%22198_134504_2005070%22%2C%22ext_id%22%3A%227acd7991d2f4696ac54721fb64b98bf1%22%7D%2C%22a%22%3A%7B%22afid%22%3A9737%2C%22ofid%22%3A13995%2C%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22source%22%3A%22198_134504_2005070%22%7D%2C%22s%22%3A%22ImaxCash%22%7D; user_lang_id_ui=14; imx_lp=%7B%22title%22%3Anull%2C%22desc%22%3Anull%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.2
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: text/css
last-modified: Wed, 01 Jun 2022 11:48:24 GMT
vary: Accept-Encoding
etag: W/"62975208-189ae"
cache-control: public, max-age=2592000, immutable
content-encoding: gzip
X-Firefox-Spdy: h2

www.hookeportalen.com/favicon-310x310.png?cd80af12

77.93.196.119

200 OK

40 kB

URL GET HTTP/2
www.hookeportalen.com/favicon-310x310.png?cd80af12
IP
77.93.196.119:443
ASN
#24971 Master Internet s.r.o.

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerLet's Encrypt
Subjecthookeportalen.com
Fingerprint07:9A:83:13:39:63:38:B4:99:BE:6B:58:91:57:67:22:DA:0D:27:98
ValidityWed, 06 Mar 2024 10:16:55 GMT - Tue, 04 Jun 2024 10:16:54 GMT

File type
PNG image data, 310 x 310, 8-bit/color RGBA, non-interlaced
Size
40 kB (40152 bytes)
Hash
41d21595e87d05665dd5a167fe74f582
538376d7fab0e08fa6ec287c2872b0650092f201
3f84c4bb0c96b6c173ba4e23f0ba51ed67b84a077e2e080579a04b38bb14790e

HTTP Headers

GET /favicon-310x310.png?cd80af12 HTTP/1.1
Host: www.hookeportalen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/lp/1/4/1
Cookie: iaff=%7B%22e%22%3A%7B%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22afid%22%3A%229737%22%2C%22ofid%22%3A%2213995%22%2C%22source%22%3A%22198_134504_2005070%22%2C%22ext_id%22%3A%227acd7991d2f4696ac54721fb64b98bf1%22%7D%2C%22a%22%3A%7B%22afid%22%3A9737%2C%22ofid%22%3A13995%2C%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22source%22%3A%22198_134504_2005070%22%7D%2C%22s%22%3A%22ImaxCash%22%7D; user_lang_id_ui=14; imx_lp=%7B%22title%22%3Anull%2C%22desc%22%3Anull%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.2
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: image/png
content-length: 40152
last-modified: Fri, 11 May 2018 14:33:56 GMT
etag: "5af5a9d4-9cd8"
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
X-Firefox-Spdy: h2

www.hookeportalen.com/favicon.ico?97ef708f

77.93.196.119

200 OK

5.4 kB

URL GET HTTP/2
www.hookeportalen.com/favicon.ico?97ef708f
IP
77.93.196.119:443
ASN
#24971 Master Internet s.r.o.

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerLet's Encrypt
Subjecthookeportalen.com
Fingerprint07:9A:83:13:39:63:38:B4:99:BE:6B:58:91:57:67:22:DA:0D:27:98
ValidityWed, 06 Mar 2024 10:16:55 GMT - Tue, 04 Jun 2024 10:16:54 GMT

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
5.4 kB (5430 bytes)
Hash
f539b79d41644a94cf131911c6880d36
b9aca1ea6c8c93f30575391fad803044da0aad6e
fe6aaf8f6a96fa1e8b920e5f181e0adf8c28567cf411cee8849812635aff5389

HTTP Headers

GET /favicon.ico?97ef708f HTTP/1.1
Host: www.hookeportalen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/lp/1/4/1
Cookie: iaff=%7B%22e%22%3A%7B%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22afid%22%3A%229737%22%2C%22ofid%22%3A%2213995%22%2C%22source%22%3A%22198_134504_2005070%22%2C%22ext_id%22%3A%227acd7991d2f4696ac54721fb64b98bf1%22%7D%2C%22a%22%3A%7B%22afid%22%3A9737%2C%22ofid%22%3A13995%2C%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22source%22%3A%22198_134504_2005070%22%7D%2C%22s%22%3A%22ImaxCash%22%7D; user_lang_id_ui=14; imx_lp=%7B%22title%22%3Anull%2C%22desc%22%3Anull%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.2
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: image/x-icon
content-length: 5430
last-modified: Wed, 02 May 2018 09:47:49 GMT
etag: "5ae98945-1536"
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
X-Firefox-Spdy: h2

www.hookeportalen.com/img/lp/loading.gif?a57354db

77.93.196.119

200 OK

1.9 kB

URL GET HTTP/2
www.hookeportalen.com/img/lp/loading.gif?a57354db
IP
77.93.196.119:443
ASN
#24971 Master Internet s.r.o.

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerLet's Encrypt
Subjecthookeportalen.com
Fingerprint07:9A:83:13:39:63:38:B4:99:BE:6B:58:91:57:67:22:DA:0D:27:98
ValidityWed, 06 Mar 2024 10:16:55 GMT - Tue, 04 Jun 2024 10:16:54 GMT

File type
GIF image data, version 89a, 28 x 28
Size
1.9 kB (1925 bytes)
Hash
aa739e221648d729d5a4d2e9bc7b8649
c4eb9c718e0e0e58298482443a82e05b098fe13b
be55c8fc639ab0b327d742bdbcc27511f1e89e016a258e29c3cfebfe44e14383

HTTP Headers

GET /img/lp/loading.gif?a57354db HTTP/1.1
Host: www.hookeportalen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Cookie: iaff=%7B%22e%22%3A%7B%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22afid%22%3A%229737%22%2C%22ofid%22%3A%2213995%22%2C%22source%22%3A%22198_134504_2005070%22%2C%22ext_id%22%3A%227acd7991d2f4696ac54721fb64b98bf1%22%7D%2C%22a%22%3A%7B%22afid%22%3A9737%2C%22ofid%22%3A13995%2C%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22source%22%3A%22198_134504_2005070%22%7D%2C%22s%22%3A%22ImaxCash%22%7D; user_lang_id_ui=14; imx_lp=%7B%22title%22%3Anull%2C%22desc%22%3Anull%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.2
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: image/gif
content-length: 1925
last-modified: Fri, 23 Mar 2018 14:39:08 GMT
etag: "5ab5118c-785"
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
X-Firefox-Spdy: h2

www.hookeportalen.com/vendor/cookieconsent/cookieconsent.css

77.93.196.119

200 OK

28 kB

URL GET HTTP/2
www.hookeportalen.com/vendor/cookieconsent/cookieconsent.css
IP
77.93.196.119:443
ASN
#24971 Master Internet s.r.o.

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerLet's Encrypt
Subjecthookeportalen.com
Fingerprint07:9A:83:13:39:63:38:B4:99:BE:6B:58:91:57:67:22:DA:0D:27:98
ValidityWed, 06 Mar 2024 10:16:55 GMT - Tue, 04 Jun 2024 10:16:54 GMT

File type
gzip compressed data, from Unix
Size
28 kB (27631 bytes)
Hash
c0fde700197c62b3d6037cbecf04e9ae
7a6cd1a2df00e63dc9c8784ccc694917e7bd138f
46481498f5c16d01d645e2705b6de8348bc10c3f077bf1c84daa21f9964fdb4c

HTTP Headers

GET /vendor/cookieconsent/cookieconsent.css HTTP/1.1
Host: www.hookeportalen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/lp/1/4/1
Cookie: iaff=%7B%22e%22%3A%7B%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22afid%22%3A%229737%22%2C%22ofid%22%3A%2213995%22%2C%22source%22%3A%22198_134504_2005070%22%2C%22ext_id%22%3A%227acd7991d2f4696ac54721fb64b98bf1%22%7D%2C%22a%22%3A%7B%22afid%22%3A9737%2C%22ofid%22%3A13995%2C%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22source%22%3A%22198_134504_2005070%22%7D%2C%22s%22%3A%22ImaxCash%22%7D; user_lang_id_ui=14; imx_lp=%7B%22title%22%3Anull%2C%22desc%22%3Anull%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.2
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: text/css
last-modified: Thu, 13 Jan 2022 07:13:05 GMT
vary: Accept-Encoding
etag: W/"61dfd101-4951"
cache-control: public, max-age=2592000, immutable
content-encoding: gzip
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-3MTWNWW4KG&l=dataLayer&cx=c

142.250.74.168

200 OK

101 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-3MTWNWW4KG&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
101 kB (100668 bytes)
Hash
574fcc464b06790fd4ca151347321c31
dedb19bc79dd8ffc4349a1edc1b7f73d9c89d0af
5251bba5243b6eaad4b6ebf19571f5bbb83faa8501edb2d6e22053f93c86b476

HTTP Headers

GET /gtag/js?id=G-3MTWNWW4KG&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 08:47:57 GMT
expires: Thu, 25 Apr 2024 08:47:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100668
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3MTWNWW4KG&cid=2009589404.1714034878&gtm=45je44o0v899473295z877517646za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1011809456

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3MTWNWW4KG&cid=2009589404.1714034878&gtm=45je44o0v899473295z877517646za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1011809456
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint4E:BD:F9:72:97:67:A2:4B:EE:E4:B0:03:CD:C8:F3:30:53:27:53:1D
ValidityMon, 18 Mar 2024 20:50:06 GMT - Mon, 10 Jun 2024 20:50:05 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3MTWNWW4KG&cid=2009589404.1714034878&gtm=45je44o0v899473295z877517646za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1011809456 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 25 Apr 2024 08:47:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-RTY8L6W2N4&gtm=45je44o0v899473295z877517646za200&_p=1714034877710&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2009589404.1714034878&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714034878&sct=1&seg=0&dl=https%3A%2F%2Fwww.hookeportalen.com%2Flp%2F1%2F4%2F1&dt=hookeportalen.com&en=page_view&_fv=1&_nsi=1&_ss=1&ep.lp_form_type=4&tfd=1244

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-RTY8L6W2N4&gtm=45je44o0v899473295z877517646za200&_p=1714034877710&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2009589404.1714034878&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714034878&sct=1&seg=0&dl=https%3A%2F%2Fwww.hookeportalen.com%2Flp%2F1%2F4%2F1&dt=hookeportalen.com&en=page_view&_fv=1&_nsi=1&_ss=1&ep.lp_form_type=4&tfd=1244
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-RTY8L6W2N4&gtm=45je44o0v899473295z877517646za200&_p=1714034877710&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2009589404.1714034878&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714034878&sct=1&seg=0&dl=https%3A%2F%2Fwww.hookeportalen.com%2Flp%2F1%2F4%2F1&dt=hookeportalen.com&en=page_view&_fv=1&_nsi=1&_ss=1&ep.lp_form_type=4&tfd=1244 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hookeportalen.com
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.hookeportalen.com
date: Thu, 25 Apr 2024 08:47:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-3MTWNWW4KG&gtm=45je44o0v899473295z877517646za200&_p=1714034877710&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2009589404.1714034878&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714034878&sct=1&seg=0&dl=https%3A%2F%2Fwww.hookeportalen.com%2Flp%2F1%2F4%2F1&dt=hookeportalen.com&en=page_view&_fv=1&_nsi=1&_ss=1&ep.lp_form_type=4&tfd=1244

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-3MTWNWW4KG&gtm=45je44o0v899473295z877517646za200&_p=1714034877710&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2009589404.1714034878&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714034878&sct=1&seg=0&dl=https%3A%2F%2Fwww.hookeportalen.com%2Flp%2F1%2F4%2F1&dt=hookeportalen.com&en=page_view&_fv=1&_nsi=1&_ss=1&ep.lp_form_type=4&tfd=1244
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-3MTWNWW4KG&gtm=45je44o0v899473295z877517646za200&_p=1714034877710&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2009589404.1714034878&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714034878&sct=1&seg=0&dl=https%3A%2F%2Fwww.hookeportalen.com%2Flp%2F1%2F4%2F1&dt=hookeportalen.com&en=page_view&_fv=1&_nsi=1&_ss=1&ep.lp_form_type=4&tfd=1244 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hookeportalen.com
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.hookeportalen.com
date: Thu, 25 Apr 2024 08:47:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-RTY8L6W2N4&gtm=45je44o0v899473295z877517646za200&_p=1714034877710&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2009589404.1714034878&ul=en-us&sr=1280x1024&pscdl=noapi&sid=1714034878&sct=1&seg=0&dl=https%3A%2F%2Fwww.hookeportalen.com%2Flp%2F1%2F4%2F1&dt=hookeportalen.com&_s=2&tfd=6256

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-RTY8L6W2N4&gtm=45je44o0v899473295z877517646za200&_p=1714034877710&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2009589404.1714034878&ul=en-us&sr=1280x1024&pscdl=noapi&sid=1714034878&sct=1&seg=0&dl=https%3A%2F%2Fwww.hookeportalen.com%2Flp%2F1%2F4%2F1&dt=hookeportalen.com&_s=2&tfd=6256
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-RTY8L6W2N4&gtm=45je44o0v899473295z877517646za200&_p=1714034877710&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2009589404.1714034878&ul=en-us&sr=1280x1024&pscdl=noapi&sid=1714034878&sct=1&seg=0&dl=https%3A%2F%2Fwww.hookeportalen.com%2Flp%2F1%2F4%2F1&dt=hookeportalen.com&_s=2&tfd=6256 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 83
Origin: https://www.hookeportalen.com
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://www.hookeportalen.com
date: Thu, 25 Apr 2024 08:48:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

region1.analytics.google.com/g/collect?v=2&tid=G-3MTWNWW4KG&gtm=45je44o0v899473295z877517646za200&_p=1714034877710&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2009589404.1714034878&ul=en-us&sr=1280x1024&pscdl=noapi&sid=1714034878&sct=1&seg=0&dl=https%3A%2F%2Fwww.hookeportalen.com%2Flp%2F1%2F4%2F1&dt=hookeportalen.com&_s=2&tfd=6256

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-3MTWNWW4KG&gtm=45je44o0v899473295z877517646za200&_p=1714034877710&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2009589404.1714034878&ul=en-us&sr=1280x1024&pscdl=noapi&sid=1714034878&sct=1&seg=0&dl=https%3A%2F%2Fwww.hookeportalen.com%2Flp%2F1%2F4%2F1&dt=hookeportalen.com&_s=2&tfd=6256
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-3MTWNWW4KG&gtm=45je44o0v899473295z877517646za200&_p=1714034877710&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2009589404.1714034878&ul=en-us&sr=1280x1024&pscdl=noapi&sid=1714034878&sct=1&seg=0&dl=https%3A%2F%2Fwww.hookeportalen.com%2Flp%2F1%2F4%2F1&dt=hookeportalen.com&_s=2&tfd=6256 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 83
Origin: https://www.hookeportalen.com
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://www.hookeportalen.com
date: Thu, 25 Apr 2024 08:48:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.hookeportalen.com/img/lp/lux/bg.jpg?faab2c97

77.93.196.119

200 OK

97 kB

URL GET HTTP/2
www.hookeportalen.com/img/lp/lux/bg.jpg?faab2c97
IP
77.93.196.119:443
ASN
#24971 Master Internet s.r.o.

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerLet's Encrypt
Subjecthookeportalen.com
Fingerprint07:9A:83:13:39:63:38:B4:99:BE:6B:58:91:57:67:22:DA:0D:27:98
ValidityWed, 06 Mar 2024 10:16:55 GMT - Tue, 04 Jun 2024 10:16:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x621, components 3
Size
97 kB (97143 bytes)
Hash
fc3bda30785f8cafbe9cdfc12e22292e
7f160ff912bc89ba3b57a72013d9cfced02dec90
b9b452b0e0924e52d65db780129a27646206fe757b749653a77b864f80fcf86a

HTTP Headers

GET /img/lp/lux/bg.jpg?faab2c97 HTTP/1.1
Host: www.hookeportalen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/lp/1/4/1
Cookie: iaff=%7B%22e%22%3A%7B%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22afid%22%3A%229737%22%2C%22ofid%22%3A%2213995%22%2C%22source%22%3A%22198_134504_2005070%22%2C%22ext_id%22%3A%227acd7991d2f4696ac54721fb64b98bf1%22%7D%2C%22a%22%3A%7B%22afid%22%3A9737%2C%22ofid%22%3A13995%2C%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22source%22%3A%22198_134504_2005070%22%7D%2C%22s%22%3A%22ImaxCash%22%7D; user_lang_id_ui=14; imx_lp=%7B%22title%22%3Anull%2C%22desc%22%3Anull%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.25.2
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: image/jpeg
content-length: 97143
last-modified: Thu, 05 Sep 2019 09:03:15 GMT
etag: "5d70cf53-17b77"
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
X-Firefox-Spdy: h2

www.hookeportalen.com/js/lp/skrestapi.min.js?39a4304c&_=1714034877812

77.93.196.119

200 OK

7.4 kB

URL GET HTTP/2
www.hookeportalen.com/js/lp/skrestapi.min.js?39a4304c&_=1714034877812
IP
77.93.196.119:443
ASN
#24971 Master Internet s.r.o.

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerLet's Encrypt
Subjecthookeportalen.com
Fingerprint07:9A:83:13:39:63:38:B4:99:BE:6B:58:91:57:67:22:DA:0D:27:98
ValidityWed, 06 Mar 2024 10:16:55 GMT - Tue, 04 Jun 2024 10:16:54 GMT

File type
JavaScript source, ASCII text, with very long lines (7563), with no line terminators
Size
7.4 kB (7352 bytes)
Hash
ae8dff7821e25a8d7a9cdfe6d5a3982e
3472dcae1bbeb9e4820de9e0d4de775f14d91080
068f0f620aca84b8c3ed3ffaf513d353a806b9df80666dabf37a3b2021cc032e

HTTP Headers

GET /js/lp/skrestapi.min.js?39a4304c&_=1714034877812 HTTP/1.1
Host: www.hookeportalen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/lp/1/4/1
Cookie: iaff=%7B%22e%22%3A%7B%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22afid%22%3A%229737%22%2C%22ofid%22%3A%2213995%22%2C%22source%22%3A%22198_134504_2005070%22%2C%22ext_id%22%3A%227acd7991d2f4696ac54721fb64b98bf1%22%7D%2C%22a%22%3A%7B%22afid%22%3A9737%2C%22ofid%22%3A13995%2C%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22source%22%3A%22198_134504_2005070%22%7D%2C%22s%22%3A%22ImaxCash%22%7D; user_lang_id_ui=14; imx_lp=%7B%22title%22%3Anull%2C%22desc%22%3Anull%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.25.2
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 03 May 2022 11:55:44 GMT
vary: Accept-Encoding
etag: W/"62711840-1cb8"
cache-control: public, max-age=2592000, immutable
content-encoding: gzip
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-TH5LF8L

142.250.74.168

200 OK

238 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-TH5LF8L
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (18372)
Size
238 kB (237927 bytes)
Hash
b10c615593d5b41ec0b91a1f1cb72056
2bbf189439ec187c0c8f57507d21af715885ce4c
5bee3678f179d1753342637977710f2f122ef1292947cef1c6662895c27a626c

HTTP Headers

GET /gtm.js?id=GTM-TH5LF8L HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 08:47:57 GMT
expires: Thu, 25 Apr 2024 08:47:57 GMT
cache-control: private, max-age=900
last-modified: Thu, 25 Apr 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78924
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.hookeportalen.com/img/lp/lux/ab-desktop-5.jpg

77.93.196.119

200 OK

23 kB

URL GET HTTP/2
www.hookeportalen.com/img/lp/lux/ab-desktop-5.jpg
IP
77.93.196.119:443
ASN
#24971 Master Internet s.r.o.

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerLet's Encrypt
Subjecthookeportalen.com
Fingerprint07:9A:83:13:39:63:38:B4:99:BE:6B:58:91:57:67:22:DA:0D:27:98
ValidityWed, 06 Mar 2024 10:16:55 GMT - Tue, 04 Jun 2024 10:16:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x621, components 3
Size
23 kB (23180 bytes)
Hash
ec2509780b41792a3e82c6452cad101e
4979160b54f032150ebd674ce53dd8b015a62a32
d79e54b27abec0e340ba9ca3a6563e452fc6bec38e8a16d5ef7138a9dcf7708f

HTTP Headers

GET /img/lp/lux/ab-desktop-5.jpg HTTP/1.1
Host: www.hookeportalen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/lp/1/4/1
Cookie: iaff=%7B%22e%22%3A%7B%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22afid%22%3A%229737%22%2C%22ofid%22%3A%2213995%22%2C%22source%22%3A%22198_134504_2005070%22%2C%22ext_id%22%3A%227acd7991d2f4696ac54721fb64b98bf1%22%7D%2C%22a%22%3A%7B%22afid%22%3A9737%2C%22ofid%22%3A13995%2C%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22source%22%3A%22198_134504_2005070%22%7D%2C%22s%22%3A%22ImaxCash%22%7D; user_lang_id_ui=14; imx_lp=%7B%22title%22%3Anull%2C%22desc%22%3Anull%7D; cb1=cb1-5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.25.2
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: image/jpeg
content-length: 23180
last-modified: Tue, 09 Apr 2024 06:34:19 GMT
etag: "6614e16b-5a8c"
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
X-Firefox-Spdy: h2

www.hookeportalen.com/img/lp/lux/bubbles.png?c40e23fa

77.93.196.119

200 OK

710 B

URL GET HTTP/2
www.hookeportalen.com/img/lp/lux/bubbles.png?c40e23fa
IP
77.93.196.119:443
ASN
#24971 Master Internet s.r.o.

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerLet's Encrypt
Subjecthookeportalen.com
Fingerprint07:9A:83:13:39:63:38:B4:99:BE:6B:58:91:57:67:22:DA:0D:27:98
ValidityWed, 06 Mar 2024 10:16:55 GMT - Tue, 04 Jun 2024 10:16:54 GMT

File type
PNG image data, 464 x 267, 4-bit colormap, non-interlaced
Size
710 B (710 bytes)
Hash
1d1cd7d64dfb24856414fc90588ac5ad
a0e26885f7b1ca86c9a3bee5b8ac516119a4a814
23382f4efc7f079248ef8c845dd3d6c7831fb6cc4aac02c803f7dbcca3d78631

HTTP Headers

GET /img/lp/lux/bubbles.png?c40e23fa HTTP/1.1
Host: www.hookeportalen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/lp/1/4/1
Cookie: iaff=%7B%22e%22%3A%7B%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22afid%22%3A%229737%22%2C%22ofid%22%3A%2213995%22%2C%22source%22%3A%22198_134504_2005070%22%2C%22ext_id%22%3A%227acd7991d2f4696ac54721fb64b98bf1%22%7D%2C%22a%22%3A%7B%22afid%22%3A9737%2C%22ofid%22%3A13995%2C%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22source%22%3A%22198_134504_2005070%22%7D%2C%22s%22%3A%22ImaxCash%22%7D; user_lang_id_ui=14; imx_lp=%7B%22title%22%3Anull%2C%22desc%22%3Anull%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.25.2
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: image/png
content-length: 710
last-modified: Fri, 11 May 2018 14:33:56 GMT
etag: "5af5a9d4-2c6"
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
X-Firefox-Spdy: h2

www.hookeportalen.com/upload/logo/www.hookeportalen.com.svg?182d318a

77.93.196.119

200 OK

7.8 kB

URL GET HTTP/2
www.hookeportalen.com/upload/logo/www.hookeportalen.com.svg?182d318a
IP
77.93.196.119:443
ASN
#24971 Master Internet s.r.o.

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerLet's Encrypt
Subjecthookeportalen.com
Fingerprint07:9A:83:13:39:63:38:B4:99:BE:6B:58:91:57:67:22:DA:0D:27:98
ValidityWed, 06 Mar 2024 10:16:55 GMT - Tue, 04 Jun 2024 10:16:54 GMT

File type
SVG Scalable Vector Graphics image
Size
7.8 kB (7788 bytes)
Hash
5e7754b7ee75a35119223e8e4a3c1620
7d0872317c78f7a3bee5428a1f441f057bb40e5d
85286a75e71674ee78ef44a40c3b6390fea6793352b6aa835d56a4a90246264f

HTTP Headers

GET /upload/logo/www.hookeportalen.com.svg?182d318a HTTP/1.1
Host: www.hookeportalen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/plain, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/lp/1/4/1
Cookie: iaff=%7B%22e%22%3A%7B%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22afid%22%3A%229737%22%2C%22ofid%22%3A%2213995%22%2C%22source%22%3A%22198_134504_2005070%22%2C%22ext_id%22%3A%227acd7991d2f4696ac54721fb64b98bf1%22%7D%2C%22a%22%3A%7B%22afid%22%3A9737%2C%22ofid%22%3A13995%2C%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22source%22%3A%22198_134504_2005070%22%7D%2C%22s%22%3A%22ImaxCash%22%7D; user_lang_id_ui=14; imx_lp=%7B%22title%22%3Anull%2C%22desc%22%3Anull%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.25.2
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Sep 2020 11:19:52 GMT
vary: Accept-Encoding
etag: W/"5f69ddd8-1e6c"
cache-control: public, max-age=2592000, immutable
content-encoding: gzip
X-Firefox-Spdy: h2

www.hookeportalen.com/js/services/gtm.min.js?3fee57ea

77.93.196.119

200 OK

496 B

URL GET HTTP/2
www.hookeportalen.com/js/services/gtm.min.js?3fee57ea
IP
77.93.196.119:443
ASN
#24971 Master Internet s.r.o.

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerLet's Encrypt
Subjecthookeportalen.com
Fingerprint07:9A:83:13:39:63:38:B4:99:BE:6B:58:91:57:67:22:DA:0D:27:98
ValidityWed, 06 Mar 2024 10:16:55 GMT - Tue, 04 Jun 2024 10:16:54 GMT

File type
JavaScript source, ASCII text, with very long lines (517), with no line terminators
Size
496 B (496 bytes)
Hash
440354b8f6b3b5871353b26c3942c21b
fdfbd16c678e4ca254e7cb14f90a6ecc12760880
33b5a778eb597dad476010e8a6d163c87e118b52065985bb87407042df34a6bf

HTTP Headers

GET /js/services/gtm.min.js?3fee57ea HTTP/1.1
Host: www.hookeportalen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Cookie: iaff=%7B%22e%22%3A%7B%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22afid%22%3A%229737%22%2C%22ofid%22%3A%2213995%22%2C%22source%22%3A%22198_134504_2005070%22%2C%22ext_id%22%3A%227acd7991d2f4696ac54721fb64b98bf1%22%7D%2C%22a%22%3A%7B%22afid%22%3A9737%2C%22ofid%22%3A13995%2C%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22source%22%3A%22198_134504_2005070%22%7D%2C%22s%22%3A%22ImaxCash%22%7D; user_lang_id_ui=14; imx_lp=%7B%22title%22%3Anull%2C%22desc%22%3Anull%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.25.2
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 29 Dec 2022 08:14:19 GMT
vary: Accept-Encoding
etag: W/"63ad4c5b-1f0"
cache-control: public, max-age=2592000, immutable
content-encoding: gzip
X-Firefox-Spdy: h2

www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1

77.93.196.119

200 OK

136 kB

URL User Request GET HTTP/2
www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
IP
77.93.196.119:443
ASN
#24971 Master Internet s.r.o.

Certificate
IssuerLet's Encrypt
Subjecthookeportalen.com
Fingerprint07:9A:83:13:39:63:38:B4:99:BE:6B:58:91:57:67:22:DA:0D:27:98
ValidityWed, 06 Mar 2024 10:16:55 GMT - Tue, 04 Jun 2024 10:16:54 GMT

File type

Size
136 kB (136204 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1 HTTP/1.1
Host: www.hookeportalen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.25.2
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: text/html; charset=utf-8
x-powered-by: Nette Framework
vary: X-Requested-With, X-Requested-With, Accept-Encoding
set-cookie: iaff=%7B%22e%22%3A%7B%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22afid%22%3A%229737%22%2C%22ofid%22%3A%2213995%22%2C%22source%22%3A%22198_134504_2005070%22%2C%22ext_id%22%3A%227acd7991d2f4696ac54721fb64b98bf1%22%7D%2C%22a%22%3A%7B%22afid%22%3A9737%2C%22ofid%22%3A13995%2C%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22source%22%3A%22198_134504_2005070%22%7D%2C%22s%22%3A%22ImaxCash%22%7D; expires=Sun, 09-Jun-2024 08:47:57 GMT; Max-Age=3888000; path=/; secure; SameSite=None
user_lang_id_ui=14; expires=Sat, 25-May-2024 08:47:57 GMT; Max-Age=2592000; path=/
user_lang_id_ui=14; expires=Sat, 25-May-2024 08:47:57 GMT; Max-Age=2592000; path=/
iaff=%7B%22e%22%3A%7B%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22afid%22%3A%229737%22%2C%22ofid%22%3A%2213995%22%2C%22source%22%3A%22198_134504_2005070%22%2C%22ext_id%22%3A%227acd7991d2f4696ac54721fb64b98bf1%22%7D%2C%22a%22%3A%7B%22afid%22%3A9737%2C%22ofid%22%3A13995%2C%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22source%22%3A%22198_134504_2005070%22%7D%2C%22s%22%3A%22ImaxCash%22%7D; expires=Sun, 09-Jun-2024 08:47:57 GMT; Max-Age=3888000; path=/; secure; SameSite=None
imx_lp=%7B%22title%22%3Anull%2C%22desc%22%3Anull%7D; expires=Tue, 25-Apr-2034 08:47:57 GMT; Max-Age=315532800; path=/; HttpOnly
content-encoding: gzip
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

www.hookeportalen.com/api/rest/v1/en-GB/member-landingpage-statistics

77.93.196.119

201 Created

494 B

URL POST HTTP/2
www.hookeportalen.com/api/rest/v1/en-GB/member-landingpage-statistics
IP
77.93.196.119:443
ASN
#24971 Master Internet s.r.o.

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerLet's Encrypt
Subjecthookeportalen.com
Fingerprint07:9A:83:13:39:63:38:B4:99:BE:6B:58:91:57:67:22:DA:0D:27:98
ValidityWed, 06 Mar 2024 10:16:55 GMT - Tue, 04 Jun 2024 10:16:54 GMT

File type
ASCII text, with very long lines (561), with no line terminators
Size
494 B (494 bytes)
Hash
d9f576d0e60a587c761db4173b82070c
22fe464799b42b3576334ea5ebf1a9e8ca2c1407
d14d8335294e05f93fcb84c72067bb795b5dc508f8b7f95557fd3e09b2238248

HTTP Headers

POST /api/rest/v1/en-GB/member-landingpage-statistics HTTP/1.1
Host: www.hookeportalen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Access-Control-Allow-Origin: *
X-Requested-With: XMLHttpRequest
Content-Length: 85
Origin: https://www.hookeportalen.com
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/lp/1/4/1
Cookie: iaff=%7B%22e%22%3A%7B%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22afid%22%3A%229737%22%2C%22ofid%22%3A%2213995%22%2C%22source%22%3A%22198_134504_2005070%22%2C%22ext_id%22%3A%227acd7991d2f4696ac54721fb64b98bf1%22%7D%2C%22a%22%3A%7B%22afid%22%3A9737%2C%22ofid%22%3A13995%2C%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22source%22%3A%22198_134504_2005070%22%7D%2C%22s%22%3A%22ImaxCash%22%7D; user_lang_id_ui=14; imx_lp=%7B%22title%22%3Anull%2C%22desc%22%3Anull%7D; cb1=cb1-5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 201 Created
server: nginx/1.25.2
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: application/json; charset=UTF-8
x-powered-by: Nette Framework
x-frame-options: SAMEORIGIN
access-control-allow-headers: access-control-allow-origin,content-type
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-encoding: gzip
vary: X-Requested-With, Accept-Encoding
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

www.hookeportalen.com/img/lp/lux/tail.png?148badea

77.93.196.119

200 OK

163 B

URL GET HTTP/2
www.hookeportalen.com/img/lp/lux/tail.png?148badea
IP
77.93.196.119:443
ASN
#24971 Master Internet s.r.o.

Requested by
https://www.hookeportalen.com/?trid=Y7ErhpjDTwY481nSgyXoMQ&afid=9737&ofid=13995&source=198_134504_2005070&ext_id=7acd7991d2f4696ac54721fb64b98bf1
Certificate
IssuerLet's Encrypt
Subjecthookeportalen.com
Fingerprint07:9A:83:13:39:63:38:B4:99:BE:6B:58:91:57:67:22:DA:0D:27:98
ValidityWed, 06 Mar 2024 10:16:55 GMT - Tue, 04 Jun 2024 10:16:54 GMT

File type
PNG image data, 40 x 42, 2-bit colormap, non-interlaced
Size
163 B (163 bytes)
Hash
7e416b8c543455c698112477ef582b9e
368cf9269a05f966b23a08fd052f63f42b9da907
5ee5580dfdc8182505f7df89c5caa6ea1d2eecad4294bcc064f84db7b98656c7

HTTP Headers

GET /img/lp/lux/tail.png?148badea HTTP/1.1
Host: www.hookeportalen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.hookeportalen.com/lp/1/4/1
Cookie: iaff=%7B%22e%22%3A%7B%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22afid%22%3A%229737%22%2C%22ofid%22%3A%2213995%22%2C%22source%22%3A%22198_134504_2005070%22%2C%22ext_id%22%3A%227acd7991d2f4696ac54721fb64b98bf1%22%7D%2C%22a%22%3A%7B%22afid%22%3A9737%2C%22ofid%22%3A13995%2C%22trid%22%3A%22Y7ErhpjDTwY481nSgyXoMQ%22%2C%22source%22%3A%22198_134504_2005070%22%7D%2C%22s%22%3A%22ImaxCash%22%7D; user_lang_id_ui=14; imx_lp=%7B%22title%22%3Anull%2C%22desc%22%3Anull%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.25.2
date: Thu, 25 Apr 2024 08:47:57 GMT
content-type: image/png
content-length: 163
last-modified: Wed, 14 Feb 2018 12:09:26 GMT
etag: "5a8426f6-a3"
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL