www.norgesspill.com Open in urlscan Pro
104.18.84.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.radurlaub-mallorca.eu/index.php/campaigns/yt647btgkx5d7/track-url/vt119jpm80297/cbcff8b9e943958a1f7c0281f20ae2ea784b45ce
Effective URL:
https://www.norgesspill.com/no
Submission: On May 16 via api (May 16th 2022, 8:53:26 am UTC) from IE — Scanned from DE

Summary HTTP 113 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 35 IPs in 10 countries across 26 domains to perform 113 HTTP transactions. The main IP is 104.18.84.10, located in and belongs to CLOUDFLARENET, US. The main domain is www.norgesspill.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 28th 2021. Valid for: a year.

This is the only time www.norgesspill.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 14	104.18.84.10 104.18.84.10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
46	2600:9000:205... 2600:9000:2057:8600:f:dcfa:3700:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
2	65.9.63.3 65.9.63.3	16509 (AMAZON-02) (AMAZON-02)
2 3	37.157.3.28 37.157.3.28	198622 (ADFORM) (ADFORM)
1	37.157.5.72 37.157.5.72	198622 (ADFORM) (ADFORM)
1	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 ^_^) (CDN77 ^_^)
3	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700:303... 2606:4700:3036::ac43:af7f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.247.242.32 162.247.242.32	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	2a00:1450:400... 2a00:1450:400c:c0d::9b	15169 (GOOGLE) (GOOGLE)
1	99.86.7.16 99.86.7.16	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	85.202.161.148 85.202.161.148	20473 (AS-CHOOPA) (AS-CHOOPA)
1 4	54.208.143.141 54.208.143.141	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.215.118 143.204.215.118	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:1c00:b:5e2c:3740:21	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3031::6815:2a29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	5.226.179.10 5.226.179.10	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
6 7	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
2 2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 2	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	35.178.150.13 35.178.150.13	16509 (AMAZON-02) (AMAZON-02)
1 2	79.125.102.158 79.125.102.158	16509 (AMAZON-02) (AMAZON-02)
113	35

1 2a06:98c1:3121::a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.radurlaub-mallorca.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.18.84.10 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ads.norgesspill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.norgesspill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2600:9000:2057:8600:f:dcfa:3700:21 (United States)

ASN16509 (AMAZON-02, US)

d3eg6wi5fpm57g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

9905434.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.63.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-3.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.3.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.adnuntius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

static2.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:af7f (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.32 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: service.newrelic.co.nz

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.7.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-16.fra6.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.202.161.148 (Rovigo, Italy)

ASN20473 (AS-CHOOPA, US)
PTR: 85.202.161.148.adnuntius.com

data.adnuntius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.208.143.141 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-143-141.compute-1.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-118.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:1c00:b:5e2c:3740:21 (United States)

ASN16509 (AMAZON-02, US)

d3j4vz29nirhst.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::6815:2a29 (United States)

ASN13335 (CLOUDFLARENET, US)

products.admaxium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.226.179.10 (United Kingdom)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

members.bet365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.211.178.172 (North Charleston, United States) 6 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.45 (Utrecht, Netherlands) 1 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.178.150.13 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-178-150-13.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.125.102.158 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-102-158.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	cloudfront.net d3eg6wi5fpm57g.cloudfront.net d3j4vz29nirhst.cloudfront.net	727 KB
14	norgesspill.com 3 redirects ads.norgesspill.com www.norgesspill.com	87 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	525 KB
7	bidswitch.net 6 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	4 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	48 KB
7	creative-serving.com 1 redirects static2.creative-serving.com — Cisco Umbrella Rank: 50769 ads.creative-serving.com — Cisco Umbrella Rank: 3750	15 KB
5	doubleclick.net 3 redirects 9905434.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 92 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	2 KB
4	adform.net 2 redirects a1.adform.net — Cisco Umbrella Rank: 13017 s2.adform.net — Cisco Umbrella Rank: 5663	30 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 645 script.hotjar.com — Cisco Umbrella Rank: 896 vars.hotjar.com — Cisco Umbrella Rank: 989	69 KB
3	adnuntius.com cdn.adnuntius.com — Cisco Umbrella Rank: 48944 data.adnuntius.com	26 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 214	2 KB
2	1rx.io 1 redirects sync.1rx.io — Cisco Umbrella Rank: 520	679 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 663	2 KB
2	bet365.com members.bet365.com — Cisco Umbrella Rank: 52694	2 KB
2	admaxium.com products.admaxium.com — Cisco Umbrella Rank: 250964	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5483 adservice.google.de — Cisco Umbrella Rank: 7678	1 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 586	508 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 441	334 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 354	239 B
1	prdredir.com scripts.prdredir.com — Cisco Umbrella Rank: 71082	22 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 381	14 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	66 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 432	6 KB
1	radurlaub-mallorca.eu 1 redirects www.radurlaub-mallorca.eu	749 B
113	26

	Domain	Requested by
46	d3eg6wi5fpm57g.cloudfront.net	www.norgesspill.com
13	www.norgesspill.com	2 redirects www.norgesspill.com
7	x.bidswitch.net	6 redirects
6	www.gstatic.com	www.norgesspill.com www.google.com www.gstatic.com
6	www.google.com	www.norgesspill.com www.google.com www.gstatic.com
4	ads.creative-serving.com	1 redirects www.norgesspill.com
3	static2.creative-serving.com	www.norgesspill.com
3	a1.adform.net	2 redirects
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
2	dpm.demdex.net	1 redirects
2	sync.1rx.io	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	id5-sync.com	www.norgesspill.com
2	members.bet365.com	products.admaxium.com
2	products.admaxium.com	www.norgesspill.com
2	d3j4vz29nirhst.cloudfront.net
2	data.adnuntius.com	www.norgesspill.com
2	bam.nr-data.net	www.norgesspill.com
2	static.hotjar.com	www.norgesspill.com
2	9905434.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.norgesspill.com
1	aa.agkn.com	1 redirects
1	pixel.rubiconproject.com
1	adservice.google.de	adservice.google.com
1	vars.hotjar.com	www.norgesspill.com
1	www.google.de
1	adservice.google.com	9905434.fls.doubleclick.net
1	script.hotjar.com	www.norgesspill.com
1	stats.g.doubleclick.net	www.norgesspill.com
1	scripts.prdredir.com	www.norgesspill.com
1	cdn.adnuntius.com	www.norgesspill.com
1	s2.adform.net
1	js-agent.newrelic.com	www.norgesspill.com
1	fonts.googleapis.com	www.norgesspill.com
1	www.googletagmanager.com	www.norgesspill.com
1	cdn.jsdelivr.net	www.norgesspill.com
1	ads.norgesspill.com	1 redirects
1	www.radurlaub-mallorca.eu	1 redirects
113	38

This site contains links to these domains. Also see Links.

Domain
kampanjer.norgesspill.com
authorisation.mga.org.mt
www.hjelpelinjen.no
www.spillavhengighet.no
www.blakors.no

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-28` - `2022-06-27`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
1548354739.rsc.cdn77.org R3	`2022-05-03` - `2022-08-01`	3 months	crt.sh
static2.creative-serving.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-10` - `2022-09-10`	a year	crt.sh
*.prdredir.com E1	`2022-03-20` - `2022-06-18`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
data.adnuntius.com R3	`2022-05-09` - `2022-08-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
bet365.com Cloudflare Inc ECC CA-3	`2022-01-20` - `2023-01-19`	a year	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.creative-serving.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-25` - `2023-04-03`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://www.norgesspill.com/no
Frame ID: E5468EA5349DF6086AD4ECC1C080A379
Requests: 95 HTTP requests in this frame

Frame: https://9905434.fls.doubleclick.net/activityi;dc_pre=CPGu9r_S4_cCFatJHQkd4rMLtg;src=9905434;type=ros0;cat=norge0;ord=980434030226;gtm=2wg5b0;auiddc=1653580920.1652691200;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno
Frame ID: 1D241B308B13DC895FECEF1DD7BC2B5F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPGu9r_S4_cCFatJHQkd4rMLtg;src=9905434;type=ros0;cat=norge0;ord=980434030226;gtm=2wg5b0;auiddc=1653580920.1652691200;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno
Frame ID: BD42C61AF29942659779D3C7A28323D8
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: AD91B0031DC60C869D76BBBD4416ED3B
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPGu9r_S4_cCFatJHQkd4rMLtg;src=9905434;type=ros0;cat=norge0;ord=980434030226;gtm=2wg5b0;auiddc=1653580920.1652691200;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno
Frame ID: BD6D3F2653C2DB4729B8FB76CE8108B7
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfW3CEUAAAAAAANBgnrxLj_YebjlvwVImDy0FU3&co=aHR0cHM6Ly93d3cubm9yZ2Vzc3BpbGwuY29tOjQ0Mw..&hl=en&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=invisible&cb=cyyle2zcp62c
Frame ID: 0A5779D88D7DF2E9E57275BD5539FA02
Requests: 7 HTTP requests in this frame

Frame: https://products.admaxium.com/product/7f7aec1b3a685323c23494c9227c9ff5442d9d48ef67c7206049eefc45d3af8a
Frame ID: D0D324CBD004CA369CDC0FE454E8209F
Requests: 1 HTTP requests in this frame

Frame: https://products.admaxium.com/product/2d8d8abfc8841c339f139d81fce2ecd4560cc7b94c8460d05e68b571cc62edbe
Frame ID: 4C6ECC95FEA1C51C4D434E144E092207
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=0aeEuuJmrVqDrEL39Fsg5-UJ&k=6LfW3CEUAAAAAAANBgnrxLj_YebjlvwVImDy0FU3
Frame ID: E379473C9147A0B5B79F687975E54AF2
Requests: 4 HTTP requests in this frame

Frame: https://members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_01122412&enableDeviceDetection=1&prdid=1&platform=0&rurl=https%3A%2F%2Fmembers.bet365.com%2FMembers%2FHelpers%2FDefaultAff.aspx%3Faffiliate%3D365_01122412%26BCTID%3D1560100313%26enableDeviceDetection%3D1%26prdid%3D1%26platform%3D0&DisplayMode=Desktop
Frame ID: B5B7D484DE9EB5EB72488D48DC6B099D
Requests: 1 HTTP requests in this frame

Frame: https://members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_01089727&enableDeviceDetection=1&prdid=1&platform=0&rurl=https%3A%2F%2Fmembers.bet365.com%2FMembers%2FHelpers%2FDefaultAff.aspx%3Faffiliate%3D365_01089727%26BCTID%3D1560100313%26enableDeviceDetection%3D1%26prdid%3D1%26platform%3D0&DisplayMode=Desktop
Frame ID: 6ABC6111B6BC0D64C3A12E4A02D2F5AC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Norgesspill Nettcasino - Norges Beste Nettcasino

Page URL History Show full URLs

https://www.radurlaub-mallorca.eu/index.php/campaigns/yt647btgkx5d7/track-url/vt119jpm80297/cbcff8b9e943958a1f... HTTP 301
https://ads.norgesspill.com/tracking.php?tracking_code&aid=105856&mid=906&sid=349268&pid=95 HTTP 302
https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20220516aed0a2117d6e492bb94251a5b... HTTP 301
https://www.norgesspill.com/no/(modal:register)?aff=105856_W1cBmOAhBABA20220516aed0a2117d6e492bb94251a5b... HTTP 301
https://www.norgesspill.com/no Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

113
Requests

92 %
HTTPS

46 %
IPv6

26
Domains

38
Subdomains

35
IPs

10
Countries

1662 kB
Transfer

4700 kB
Size

41
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://kampanjer.norgesspill.com/velkommen/
Title: Hent tilbud

Search URL Search Domain Scan URL

URL: https://authorisation.mga.org.mt/verification.aspx?lang=EN&company=49ffd5a6-c61d-49b8-92cd-ab1bd1786451&details=1

Search URL Search Domain Scan URL

URL: https://www.hjelpelinjen.no/
Title: Hjelpelinjen.no

Search URL Search Domain Scan URL

URL: https://www.spillavhengighet.no/
Title: Spillavhengighet.no

Search URL Search Domain Scan URL

URL: https://www.blakors.no/
Title: Blåkors.no

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.radurlaub-mallorca.eu/index.php/campaigns/yt647btgkx5d7/track-url/vt119jpm80297/cbcff8b9e943958a1f7c0281f20ae2ea784b45ce HTTP 301
https://ads.norgesspill.com/tracking.php?tracking_code&aid=105856&mid=906&sid=349268&pid=95 HTTP 302
https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20220516aed0a2117d6e492bb94251a5b43feec1 HTTP 301
https://www.norgesspill.com/no/(modal:register)?aff=105856_W1cBmOAhBABA20220516aed0a2117d6e492bb94251a5b43feec1 HTTP 301
https://www.norgesspill.com/no Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://9905434.fls.doubleclick.net/activityi;src=9905434;type=ros0;cat=norge0;ord=980434030226;gtm=2wg5b0;auiddc=1653580920.1652691200;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno HTTP 302
https://9905434.fls.doubleclick.net/activityi;dc_pre=CPGu9r_S4_cCFatJHQkd4rMLtg;src=9905434;type=ros0;cat=norge0;ord=980434030226;gtm=2wg5b0;auiddc=1653580920.1652691200;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno

Request Chain 34

https://a1.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 64

https://ads.creative-serving.com/cm?redir=https%3A%2F%2Fdata.adnuntius.com%2Fsync%3FbrowserId%3Dzv1vh95cmqrjrrl6r9tx2qvw%26folderId%3D000000000017def0%26externalSystemType%3DP161%26externalSystemUserId%3D%24%7BUUID%7D HTTP 302
https://data.adnuntius.com/sync?browserId=zv1vh95cmqrjrrl6r9tx2qvw&folderId=000000000017def0&externalSystemType=P161&externalSystemUserId=20415792-85d4-49ee-ad91-5550dca2fb74

Request Chain 83

https://a1.adform.net/Serving/TrackPoint/?pm=2033710&ADFPageName=Norgesspill%20undefined%20-%20Home&ADFdivider=%7C&ord=622129767515&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjIiOiJodHRwczovL3d3dy5ub3JnZXNzcGlsbC5jb20vbm8iLCJzdjQiOiJ1bmRlZmluZWQifQ&loc=https%3A%2F%2Fwww.norgesspill.com%2Fno HTTP 302
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2033710&ADFPageName=Norgesspill%20undefined%20-%20Home&ADFdivider=%7C&ord=622129767515&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjIiOiJodHRwczovL3d3dy5ub3JnZXNzcGlsbC5jb20vbm8iLCJzdjQiOiJ1bmRlZmluZWQifQ&loc=https%3A%2F%2Fwww.norgesspill.com%2Fno

Request Chain 106

https://x.bidswitch.net/sync?dsp_id=4&user_id=20415792-85d4-49ee-ad91-5550dca2fb74&ssp=&expires=30&user_group=2&cb=545 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=20415792-85d4-49ee-ad91-5550dca2fb74&ssp=&expires=30&user_group=2&cb=545 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=EYIE6r_2Ryq8UI9t1xmtCQ== HTTP 302
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEMc9OqKfuugbqFKRytGPb6c&google_cver=1

Request Chain 107

https://x.bidswitch.net/sync?dsp_id=4&user_id=20415792-85d4-49ee-ad91-5550dca2fb74&ssp=&expires=30&user_group=2&cb=533 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=20415792-85d4-49ee-ad91-5550dca2fb74&ssp=&expires=30&user_group=2&cb=533 HTTP 302
https://sync.1rx.io/usersync/bidswitch/118204ea-bff6-472a-bc50-8f6dd719ad09?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/118204ea-bff6-472a-bc50-8f6dd719ad09?zcc=1&cb=1652691204720

Request Chain 108

https://x.bidswitch.net/sync?dsp_id=4&user_id=20415792-85d4-49ee-ad91-5550dca2fb74&ssp=&expires=30&user_group=2&cb=562 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=20415792-85d4-49ee-ad91-5550dca2fb74&ssp=&expires=30&user_group=2&cb=562 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=118204ea-bff6-472a-bc50-8f6dd719ad09&expires=30

Request Chain 109

https://aa.agkn.com/adscores/g.pixel?sid=9212282158 HTTP 302
https://ads.creative-serving.com/cm_nst?cookie_id=164850804153000110550

Request Chain 111

https://dpm.demdex.net/ibs:dpid=393426&dpuuid=20415792-85d4-49ee-ad91-5550dca2fb74 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=20415792-85d4-49ee-ad91-5550dca2fb74

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm&google_sc HTTP 302
https://ads.creative-serving.com/gcm?google_gid=CAESECQpYskVEojKgO2RP6x9yC8&google_cver=1

113 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request no Show response
www.norgesspill.com/
Redirect Chain

https://www.radurlaub-mallorca.eu/index.php/campaigns/yt647btgkx5d7/track-url/vt119jpm80297/cbcff8b9e943958a1f7c0281f20ae2ea784b45ce
https://ads.norgesspill.com/tracking.php?tracking_code&aid=105856&mid=906&sid=349268&pid=95
https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20220516aed0a2117d6e492bb94251a5b43feec1
https://www.norgesspill.com/no/(modal:register)?aff=105856_W1cBmOAhBABA20220516aed0a2117d6e492bb94251a5b43feec1
https://www.norgesspill.com/no

46 KB
16 KB

269ms
269ms

Document
text/html

104.18.84.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norgesspill.com/no

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.84.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d85463850645b1efd6d78bd24d32a1c99a368d505ac2b01e0e05d0e22eb700f1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .casinomodule.com .playngonetwork.com;
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: *
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 70c2e1e5ad659124-FRA
content-encoding: gzip
content-security-policy: frame-ancestors 'self' *.casinomodule.com *.playngonetwork.com;
content-type: text/html;charset=UTF-8
date: Mon, 16 May 2022 08:53:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: *
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 70c2e1e53c719124-FRA
content-security-policy: frame-ancestors 'self' *.casinomodule.com *.playngonetwork.com;
content-type: text/html
date: Mon, 16 May 2022 08:53:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://www.norgesspill.com/no
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 translations Show response
www.norgesspill.com/preload/17/67/no-NO/ 126 KB
33 KB 25ms
24ms Script
application/javascript 104.18.84.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norgesspill.com/preload/17/67/no-NO/translations?hash=v2_99d35a5bd1854bd06ee40b7337659187

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.84.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d93cd2e5beb2d9856e7f9746dc1b69281101528fca341cb187bacfa5b0c2e1a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .casinomodule.com .playngonetwork.com;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:53:21 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 112309
x-xss-protection: 1; mode=block
last-modified: Sun, 15 May 2022 01:41:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: *
content-security-policy: frame-ancestors 'self' *.casinomodule.com *.playngonetwork.com;
cf-ray: 70c2e1e789789124-FRA
expires: Tue, 16 May 2023 08:53:21 GMT

GET
H2 200 app.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/ 213 KB
74 KB 41ms
9ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/app.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32a0a6db65ee81653e3d8f6d2b4b751f26ac67ee4bf69f807401e76f55c0a470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:06 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:00 GMT
server: AmazonS3
age: 2836
etag: W/"6cdcf800aa60d9c38536b4911e19ea79"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: pXlSko2eZ3oSEmgeYgSggiNOnVqrXJ4ShTUIZ6dqjqDfRRBSBVuyog==

GET
H2 200 mobile-core-assets.css
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/css/ 125 KB
25 KB 40ms
8ms Stylesheet
text/css 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/css/mobile-core-assets.css
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 859b949015ceebdf3da7f74a7d5c27183e84f6ae1f0d75063be5ae117eb649ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:06 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:00 GMT
server: AmazonS3
age: 2836
etag: W/"a9d36b6a31ae554a4110a94b745cb955"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: text/css
x-amz-cf-id: ODcDp98tjU0pndp5edHsVIn64tHbjut9o9Yxp8b0nZ03Mv6zqVebPg==

GET
H2 200 template-sun-assets.css
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/css/ 5 KB
2 KB 40ms
9ms Stylesheet
text/css 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/css/template-sun-assets.css
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a89858ae3a5e3549ddf80d3cddf2a785d1852bc3226e266a1805839bd5f2395

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:40 GMT
content-encoding: br
last-modified: Mon, 16 May 2022 07:52:00 GMT
server: AmazonS3
age: 2802
etag: W/"b8c93bfd4f0bf176517f535ebb789dfc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: text/css
x-amz-cf-id: QClYj-6s6GRtz6wC7rfUWY8X2jshcmXgyDxuD2-XtUijF4BGTmrJCg==

GET
H2 200 norgesspill.css
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/css/ 69 KB
10 KB 53ms
22ms Stylesheet
text/css 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/css/norgesspill.css
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c9d6e7bee7dbb8d6391703a2b1faa00ed2b186bd2e16a3700b354fb605158de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:07:19 GMT
content-encoding: br
last-modified: Mon, 16 May 2022 07:52:00 GMT
server: AmazonS3
age: 2763
etag: W/"b28f9637ed66ff5ac52771fb9d335a19"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: text/css
x-amz-cf-id: g0akai9ModlMqj1gaLgx0OLNMUHJdNb9FLBkHID-G_Ul6c3H-1wm4g==

GET
H2 200 webfontloader.min.js Show response
cdn.jsdelivr.net/npm/webfontloader@1.6.28/ 12 KB
6 KB 36ms
14ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/webfontloader@1.6.28/webfontloader.min.js

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2686d1245000570ac793349a1e85b90c3c097af7ae1cbc15471b83cffbfc270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:53:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4836690
x-jsd-version: 1.6.28
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19161-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"31b0-vG/+nA2LMoVWRhmkRcbKV1650PU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKZj1THlwj5gpZK9mgGwOIvMhP%2FEAqCh6lL4QoqdawctW%2FUV15vO3hzRopx0h8dt3%2BXEePlF9PBasXrrrjIgIjaVp8w0HBIByW20SladxxVQckhfCi0uEfPYeuahmyDqGU49E6wNXT1Q6hUUGjk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 70c2e1e7ae755c02-FRA

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 197 KB
66 KB 56ms
32ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-54234LZ

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

748f3663dfe4d56052a494f4fa5515e5b865e2827893e682f25385134d2a5910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:53:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66698
x-xss-protection: 0
last-modified: Mon, 16 May 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 16 May 2022 08:53:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 42ms
18ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:wght@400;700&display=swap

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17ab18efb06d6e99214141753b3d058c23239473ac62acdbe307faba26c88c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 May 2022 08:53:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 16 May 2022 08:53:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 May 2022 08:53:21 GMT

GET
H2 200 10.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 29 KB
9 KB 12ms
11ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/10.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae7a9b7df070a11585d13c9f86df502dbae5ffb88cea286f757bf7f9e60239f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:07 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:01 GMT
server: AmazonS3
age: 2835
etag: W/"76a54878899041d4813839b41521b46e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: ugEJV20E_YdwMnly5illVpHuP0y7Lgo8DxKkdKvUBHhPiYoTVkrU5Q==

GET
H2 200 14.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 17 KB
7 KB 12ms
11ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/14.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23adce2a2569d2c7f0d6842305f780c2c90afcb9a4b6f46c0bd63f675009ec50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:07 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:01 GMT
server: AmazonS3
age: 2835
etag: W/"df3898dd723581b5f1e324900e201e90"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: yL2L12TlB07x1skmQdZnm37qJ-bxJ5iO8BtcRBzyYl2IEGxG7Uq7_g==

GET
H2 200 11.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 10 KB
4 KB 8ms
8ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/11.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df6c68cec967b79760a43f31a090cb1db3a9309181a54d0ffcf64d392180d1e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:07 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:01 GMT
server: AmazonS3
age: 2835
etag: W/"54bf3ed709bc6b4ee6e971da32fab547"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: Ttq_Gd18BkhVx3RH494agaQoczj_Kn5Oq6jjuNEuluJEK9ezJyJepw==

GET
H2 200 8.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 24 KB
9 KB 11ms
11ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/8.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25a94e85f5a54acedae7980d782bb7711482309a4cdc0f3475bfffd52849fb7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:07 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:03 GMT
server: AmazonS3
age: 2835
etag: W/"1b08264413bde5f293fe4608bc87632a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: D9mrtz3Io9dVKm8J1wktKNZx12xUDa7hOgjao_cPYSHb3OX240PPSg==

GET
H2 200 9.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 54 KB
18 KB 11ms
11ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/9.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a2c2fb1650693ee52b0d75a924231b71d2bfa6d6de32eb415d9a833e41decac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:07 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:02 GMT
server: AmazonS3
age: 2835
etag: W/"a9d4fa6ff13642659bc1c9da4f2d6eea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: ei7z2jZZa1IvlYM3nDRyrWLUhzygmyH3PGchAezyP5sNjlYJx5xyVw==

GET
H2 200 1.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 14 KB
5 KB 11ms
11ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/1.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24a3a92cabe3fd942c13c6ac2aeb776be6e0ebdcdf1e5c0e26096d3c7fcb24e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:07 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:01 GMT
server: AmazonS3
age: 2835
etag: W/"3a300120f7106d0671fc6d0b4aecbdca"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: MXxFcQbxnXp3mAAp5oYUeUOBzo4MaZn7ia1GjhFw-_DlKciFb0-2Kw==

GET
H2 200 0.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 29 KB
10 KB 11ms
11ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/0.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0ba3cbcf8412d8a4562804a1854d15178d0296f2e7aa4d7ffa390f17f270183

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:07 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:00 GMT
server: AmazonS3
age: 2835
etag: W/"67b1eb3130550245b1b4d56c7999dec0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: wT56kmArWRZP3LSjDDW1P_wXmtjPIIsiv-SahdseI3gAJl5mFO6yUQ==

GET
H2 200 2.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 46 KB
18 KB 12ms
11ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/2.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fcbdee2ed7bc27bc88e0bf1b774a0923aad00dba55c203ed0f632a2e3ff5557f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:07 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:02 GMT
server: AmazonS3
age: 2835
etag: W/"72b715ec344d96ca3f349a23953219f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: pZVsspNCZrVj42aSzeeawNxugWn4EEQwjbi07PnO2dz7eR3jkta3Mw==

GET
H2 200 7.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 58 KB
20 KB 11ms
11ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/7.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0429145ff637ac79111f2e81dff4c6458b545ca90ca0b1d013b3680a60c0f35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:07 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:02 GMT
server: AmazonS3
age: 2835
etag: W/"eaa62307e4b0df0c04f4bec6ab8164cc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: ps2Vp7Bhocn1dxH0t-9UGcKfnooMEPu4ebypL5ofVowQdH5--virgQ==

GET
H2 200 16.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 7 KB
3 KB 12ms
12ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/16.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c34b0ff1476010960b120a816b00ecd82f2e84036b99c449766aee324ea5ac9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:07 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:01 GMT
server: AmazonS3
age: 2835
etag: W/"1ce425e7a73e18311c60c814c963bc79"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: wwOvUIf-2ylnP8-LB8IxcLShRylG78IfObQNo8ZqyMhTWiJcQwFD5A==

GET
H2 200 3.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 40 KB
13 KB 12ms
12ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/3.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9af8860b38bf2fb321dbc510dd508d80513b53c7e1f05141b293cd9a52b5fc0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:07 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:02 GMT
server: AmazonS3
age: 2835
etag: W/"77bc873ebf349e3e9debafd4caed282e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: Zp0YqSlCb2krFufeCau8PhefDwN6gdTZ3k4Koi56D11RFLxcc_KZTA==

GET
H2 200 15.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 34 KB
10 KB 15ms
15ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/15.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a777aa2ffec858497b52203d65f1f3f5c0441658c6b1624ada28bc0a33e40a6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:07 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:01 GMT
server: AmazonS3
age: 2835
etag: W/"a4a2eb0cc6b4c7a6f5cda0738c2551df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: t90ywGFJY13IudmJEcdnCvFLHZdZjsMUClAVNmK-y3pg5Y5gpfvOJw==

GET
H2 200 13.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 42 KB
12 KB 15ms
15ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/13.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb5f798232d8b7a4f0520dc9ef0cbb3ef27c2cfb970cc339b48a8e89f6afad24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:07 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:01 GMT
server: AmazonS3
age: 2835
etag: W/"e6fb5841952d8145d4aeb22a71364001"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: m3v4Z10aFWli-bpaynGVKO6rC7hpGuXBsd5sIcJQ029HJ6UBesNc2w==

GET
H2 200 4.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 89 KB
28 KB 15ms
15ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/4.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e926c1646537f6e4eb23513f857f719a6b7f977cf8f14c994f2a99022418dd92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:07 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:02 GMT
server: AmazonS3
age: 2835
etag: W/"c1cf4edc2aca9a64b129dd395913407e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: HorlgEAAOBQmHJygrHy3z1UPd8bH4aav6jR6qyV30EHMoEbT6Id1vA==

GET
H2 200 12.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 27 KB
9 KB 15ms
15ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/12.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62a4fa1b2bd0721ff039eee62ccb5e07c44f26fea7fb3b6a731356013c02d0cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:07 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:01 GMT
server: AmazonS3
age: 2835
etag: W/"3a276dd9315cf7dcea95842e6bddb01f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: 8nCg5Sr2zFfyF6AlFB1vjUQsfzEcOsmYQ6qa7WRFcZQa3SvypwnvjQ==

GET
H2 200 6.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 36 KB
12 KB 15ms
15ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/6.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e32e1812cba803f9d3901527d0f0fbcfb7a20ec93173624fbc57b1811df8328c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:07 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:02 GMT
server: AmazonS3
age: 2835
etag: W/"ca297b26f6d94b4db7da9adcad0d6132"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: xar4NL5ugEFFEabYoLNi7M2B9Czcyj6wQWz7Fm6pyFN2rPtzvrSYwQ==

GET
H2 200 5.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 83 KB
24 KB 15ms
15ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/5.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9b59282ae078162f30156eb1e0e2f26383ab30043d236eac45b07fed0f62b57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:07 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:02 GMT
server: AmazonS3
age: 2835
etag: W/"3759affa5af6cae22a84f12829dba451"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: -xucf5Oq7fLhr7N56165OzYXAu3Ib_PKt03dJYJsqdnNq0qNQ4XC4g==

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 16 KB
17 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.norgesspill.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 19:32:49 GMT
x-content-type-options: nosniff
age: 393632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16720
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 May 2023 19:32:49 GMT

GET
H2 200 nr-spa-1169.min.js Show response
js-agent.newrelic.com/ 37 KB
14 KB 37ms
12ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1169.min.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37072a42526245f257b725698d7e70dfab281bfd00d38f1112dafd36a6e04176

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "5e3590bffa49fddc4bc389e63736da42"
x-amz-request-id: GD4DHEPRAQ39FBKR
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 13996
x-amz-id-2: wLDnrwlo477voeguMMzBKITBnDarkWqcsMJpiKO7rzGgUjj7uNSCyL23KxarjkrJ3iQNcNFtkFs=
x-served-by: cache-hhn4063-HHN
last-modified: Wed, 20 May 2020 21:16:17 GMT
server: AmazonS3
x-timer: S1652691201.445793,VS0,VE0
date: Mon, 16 May 2022 08:53:21 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1740

GET
H2 200 188.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 38 KB
12 KB 8ms
8ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/188.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbd92d743f3928c514b32681eb8383d412b4b28bdea812fbf06d078cb3ea210d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:08 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:01 GMT
server: AmazonS3
age: 2834
etag: W/"4f1794d5cf0ef1fc11c7a0f9bc0c9284"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: PursQ1oqyX1Q3gJrgaivp3cnS3UnVeuQ5-RQQQpAgzQ3MstZCRg83Q==

GET
H2 200 phone-verification-modal.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 19 KB
7 KB 9ms
8ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/phone-verification-modal.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c0f512725926659d02acad116ff5154da95c6025004d965059fa51d44515717

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:08 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:04 GMT
server: AmazonS3
age: 2834
etag: W/"6b33dd5b4da8fc1399987a403083f6b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: lzUzxubFBNztZl4jgmub5mtk_pCfUTXAVAJsSbmSv6k1LwKA9BQw8g==

GET
H2 200 / Show response
www.norgesspill.com/tracking/ 622 B
385 B 179ms
178ms Fetch
application/json 104.18.84.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norgesspill.com/tracking/?frame=site

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.84.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e45e2ee38d323f42849669a11df8c79c87bdf2436937bdf1a497a8290009afe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .casinomodule.com .playngonetwork.com;
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://www.norgesspill.com/no
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:53:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: *
content-security-policy: frame-ancestors 'self' *.casinomodule.com *.playngonetwork.com;
cf-ray: 70c2e1e8fd589124-FRA
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 34ms
9ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4711
date: Mon, 16 May 2022 07:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 16 May 2022 09:34:50 GMT

GET
H3

200

activityi;dc_pre=CPGu9r_S4_cCFatJHQkd4rMLtg;src=9905434;type=ros0;cat=norge0;ord=980434030226;gtm=2wg5b0;auiddc=1653580920.1652691200;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=ht... Show response
9905434.fls.doubleclick.net/ Frame 1D24
Redirect Chain

https://9905434.fls.doubleclick.net/activityi;src=9905434;type=ros0;cat=norge0;ord=980434030226;gtm=2wg5b0;auiddc=1653580920.1652691200;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=...
https://9905434.fls.doubleclick.net/activityi;dc_pre=CPGu9r_S4_cCFatJHQkd4rMLtg;src=9905434;type=ros0;cat=norge0;ord=980434030226;gtm=2wg5b0;auiddc=1653580920.1652691200;u2=https%3A%2F%2Fwww.norges...

538 B
419 B

34ms
19ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9905434.fls.doubleclick.net/activityi;dc_pre=CPGu9r_S4_cCFatJHQkd4rMLtg;src=9905434;type=ros0;cat=norge0;ord=980434030226;gtm=2wg5b0;auiddc=1653580920.1652691200;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54234LZ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

a99910187453e7f4abbf6ef41cc51259a53613e9a3bf2b8fdaf735dbdcac14b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 394
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 May 2022 08:53:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 May 2022 08:53:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9905434.fls.doubleclick.net/activityi;dc_pre=CPGu9r_S4_cCFatJHQkd4rMLtg;src=9905434;type=ros0;cat=norge0;ord=980434030226;gtm=2wg5b0;auiddc=1653580920.1652691200;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hotjar-2934924.js Show response
static.hotjar.com/c/ 4 KB
2 KB 52ms
15ms Script
application/javascript 65.9.63.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2934924.js?sv=7

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.63.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-63-3.fra56.r.cloudfront.net

Software

Resource Hash

016785c0449cbb5eb099b530a4a7f3e8f943a7b4723cfc67020341d5c7a50fcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:52:44 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 37
etag: W/e0b619431685dbd502e22df72180e138
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: iq5cuEDFN4P5vL9xvaRPeYCeIzPuvgO6uPyEJj7ymy_BSusoa-HAcQ==
via: 1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://a1.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
29 KB

135ms
35ms

Script
application/x-javascript

37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Protocol: H2
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:53:21 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 14:10:54 GMT
server: nginx
etag: W/"61f1566e-14282"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Mon, 16 May 2022 08:53:21 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2 200 adn.js Show response
cdn.adnuntius.com/ 91 KB
25 KB 62ms
13ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnuntius.com/adn.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 79ce997b357b93ea7898fa3a0bcf92885a79308c0a5ef2253d94b96e39531411

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-77-nzt: AcO1ry9Sw0X/0QAAAA
x-accel-expires: @1652691592
date: Mon, 16 May 2022 08:53:21 GMT
content-encoding: br
etag: W/"6271c4be-16c6f"
last-modified: Wed, 04 May 2022 00:11:42 GMT
server: CDN77-Turbo
x-77-nzt-ray: xrD3RVmVM38
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 209
x-77-pop: frankfurtDE

GET
H2 200 pixel_loader.js Show response
static2.creative-serving.com/ 527 B
693 B 46ms
11ms Script
text/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.creative-serving.com/pixel_loader.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9bbde4e879f5cc6d8e98b1e5605898a933825190f867b66285b084bc3ee785e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:53:21 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 21:32:00 GMT
server: UploadServer
age: 0
etag: "68faa1738e44f8aabb6f53cba51f29d3"
x-hw: 1652691201.cds203.fr8.hn,1652691201.cds290.fr8.c
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 320

GET
H2 200 k_norgesspill.js Show response
scripts.prdredir.com/scripts/ 61 KB
22 KB 166ms
131ms Script
text/javascript 2606:4700:3036::ac43:af7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.prdredir.com/scripts/k_norgesspill.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:af7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Phusion Passenger(R) 6.0.11
Resource Hash: b674677a3d59fffef6b9292aae3ab4843389076a5cc3882bf032dab450497f2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:53:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Phusion Passenger(R) 6.0.11
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 4c85bd8a-a6bb-49c7-b46c-736c827761b9
x-runtime: 0.010935
server: cloudflare
etag: W/"b674677a3d59fffef6b9292aae3ab484"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbTRgELtm5%2BQU%2BtnPyPk9JwGzxfd9VHYrLE%2BR6RShjaxCXr9ntJeZRWyn2ALIXKGjEngpegBQy%2Fvaynd8aYVO0Wc%2Bn4Bfi6UP6H6T6UGqNUDdX3%2B1hvqY3A5FYjt428At48ixR%2BY8oRvWgmPYTwTM934jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, public
cf-ray: 70c2e1e96bc19b8c-FRA
expires: 2022-04-16 08:53:21 UTC

GET
H2 200 logo-wespin.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 40 KB
16 KB 8ms
7ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/logo-wespin.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1978776eaae423741d6f0b02a67d4e0a81535ddbd1c718fb15c5cd0a76fad79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:09 GMT
content-encoding: br
last-modified: Mon, 16 May 2022 07:52:04 GMT
server: AmazonS3
age: 2833
etag: W/"2ecdc42a43cf2874ffb66328f9fe7191"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: aqe4JsJtFEVicI0W3YYtu9QU1G315EeuRKrT0bYqeI0ZiWqvNdw8rw==

GET
H/1.1 200
OK e4634a9f18 Show response
bam.nr-data.net/1/ 57 B
322 B 413ms
100ms Script
text/javascript 162.247.242.32
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/e4634a9f18?a=37177158&sa=1&v=1169.7b094c0&t=Unnamed%20Transaction&rst=1590&ck=1&ref=https://www.norgesspill.com/no&be=1316&fe=1529&dc=1333&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1652691198967,%22n%22:0,%22f%22:1019,%22dn%22:1019,%22dne%22:1019,%22c%22:1019,%22ce%22:1019,%22rq%22:1020,%22rp%22:1288,%22rpe%22:1331,%22dl%22:1292,%22di%22:1333,%22ds%22:1333,%22de%22:1333,%22dc%22:1529,%22l%22:1529,%22le%22:1530%7D,%22navigation%22:%7B%7D%7D&fp=1378&jsonp=NREUM.setToken
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.32 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: service.newrelic.co.nz
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 18.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 12 KB
4 KB 9ms
9ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/18.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d506aada244996e20388925d9a42e6a813b81b4efdc7cf4b6aea2fb31d23ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:08 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:03 GMT
server: AmazonS3
age: 2834
etag: W/"53b986a1d56bc19938eceef8197e0f9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: rcxOu7d74kpAiP9uJTbmd5ZHmkuux_n_V49e4BXqDIAzZIJPX3OXfA==

GET
H2 200 33.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 17 KB
6 KB 9ms
9ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/33.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a590d48390719a5e1faa8d8f3fbd3a439728eb241562df9f238c5199d9953243

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:08 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:02 GMT
server: AmazonS3
age: 2834
etag: W/"873cd8089da7d22ce5b0c26f2c5dffc6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: _If4stQLyUue1d42hsXHSGf6DE5hYRfd0hbXtrmPsOVB0PXVi1rFyg==

GET
H2 200 103.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 26 KB
8 KB 9ms
9ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/103.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe231ec04161955602c6630d39f324f48441afcacaebdb10c3adc581fcb59794

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:08 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:01 GMT
server: AmazonS3
age: 2834
etag: W/"a5cd01a154c1408667d59b7a719a5c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: 1h33DL1M5EtOYcxVPYCYulC4TU_bzV3WgkgMAhWCIPZ7y2T-I1GkJw==

GET
H2 200 19.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 164 KB
57 KB 9ms
9ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/19.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41c7e8f571935abc4986a6386ab01ae624881d7a65acc4b8556b2fc93dd7876b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:08 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:01 GMT
server: AmazonS3
age: 2834
etag: W/"432899b8fd4918a25bd3b353e49908a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: BKIERimdPG6pZiemXIiNbqcYFRgllQooLmR31tQmWJ-lJyck6ehB0g==

GET
H2 200 17.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 104 KB
27 KB 9ms
9ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/17.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d78ad3d64d55841a9adf772d81635ec078a97e4a2f53fe57bb76a0792cf90afd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:08 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:01 GMT
server: AmazonS3
age: 2834
etag: W/"1330562ef862d9126ec40afaa2c9eb50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: AC_HBgZQl6_YrvBLpux89V9a-g6u9Ze47I2Ta2aO6bJnuTtDWz5MfQ==

GET
H2 200 37.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 19 KB
7 KB 13ms
13ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/37.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5a1329758f412bb2c40a2d13d41e02653b58e510353165da2e9546098b85542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:08 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:02 GMT
server: AmazonS3
age: 2834
etag: W/"4da0f8886c2ffddcd4a3be634af9a959"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: 0W8WBQVp94e1j4KX7lw9S7hUkFLK42M73D__5iRnMlTW7PIdcgh8sA==

GET
H2 200 play-now-deposit.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 95 KB
29 KB 9ms
9ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/play-now-deposit.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99964759114293196848fdb6d6b7b2e21c6be0b6039f0ff04af07dbd9c2e420e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:08 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:04 GMT
server: AmazonS3
age: 2834
etag: W/"b795e8e60d94441f7ba1965addc5e08c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: Whyv8lJVGGtIvI0Jcj4lO6y9UzefaomCHqtSC5yyAhI92PHo5l0YIQ==

GET
H2 200 sun-template.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 52 KB
16 KB 12ms
12ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/sun-template.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 419e1eb777d604386aae1525160cd937df4a0db019692dafb95943985eca1b37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:42 GMT
content-encoding: br
last-modified: Mon, 16 May 2022 07:52:05 GMT
server: AmazonS3
age: 2800
etag: W/"743e82d7ef81553e0cf0c3de7e889c42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: vHwpe_A_IggTUHJViSmSKeXd21d5hDGt0VXlUJadw6zg0tzmYnVOfA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 15ms
15ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1670956337&t=pageview&_s=1&dl=https%3A%2F%2Fwww.norgesspill.com%2Fno&ul=en-us&de=UTF-8&dt=Norgesspill%20Nettcasino%20-%20Norges%20Beste%20Nettcasino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2077754741&gjid=1451380381&cid=1415533959.1652691201&tid=UA-81872348-1&_gid=792244381.1652691201&_r=1&gtm=2wg5b054234LZ&cd2=Not%20logged-in&cd8=function(a)%7Ba.set(%22dimension%22%2Bb%2Ca.get(%22clientId%22))%7D&cd23=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36&cd25=&cd26=36&cd27=https%3A%2F%2Fwww.norgesspill.com%2Fno&cd5=1415533959.1652691201&z=953541498

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norgesspill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 16 May 2022 08:53:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.norgesspill.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo-facebook.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 36 KB
13 KB 8ms
8ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/logo-facebook.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 068bcb2fcf331a2df691da3da4511a341285101d980a2b3863946fb148978770

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:09 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:04 GMT
server: AmazonS3
age: 2833
etag: W/"71c27c0acfab30e0953d455395c5ca18"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: cGWl0NzYv7J3Vz24H5y_gVCFXr0mBAhROw2tA2eC2OK91J2RmzXbwQ==

GET
H2 200 notifications.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 18 KB
6 KB 8ms
8ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/notifications.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee53fd56a5e524f710d86c53037a9442e90c71a541c624dd30e04757a25980a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:09 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:04 GMT
server: AmazonS3
age: 2833
etag: W/"85b618bc1087dbb614feb730d8f14519"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: wY5n4PYmJrnBV62DMDVptJeADHeVI6nn9Pnd8Do4swd1ATANhcVH3g==

GET
H2 200 affiliate.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 18 KB
8 KB 9ms
8ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/affiliate.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 432506113909f5522a25bbc5e027af5fd9ae3162793156cf5d1a37a552cc7f96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:09 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:03 GMT
server: AmazonS3
age: 2832
etag: W/"460ad7c3d3000c07d1fd4d6b731f18de"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: vnqxglaKI-ir342oMHe3KBSKxlwp3y27JWmbA_3a-uULSpQN2iFMVg==

GET
H2 200 recaptcha.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 10 KB
5 KB 8ms
8ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/recaptcha.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c9ba6ac3eb304c7d73fc58193f42cb357d74aed65a1e3dfdb49e2d55412cd4cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:09 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:05 GMT
server: AmazonS3
age: 2833
etag: W/"2808fecce2ed6eeb1108ada7cbb71edf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: ZCoT6PbKyf2OLGsI0nXxRpKwofzz4uuccF9w4n_vuyBILRA3igg1gA==

GET
H2 200 185.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 28 KB
9 KB 8ms
8ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/185.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c76b2c2a82ce5a1fa43d854e2db76cb369c3830e229190e1f47273d4610a11d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:09 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:01 GMT
server: AmazonS3
age: 2832
etag: W/"85f832f54f1c04806b4436313f7770ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: uZ4Sn0OqNvSiSAhIQKUCRNLf7WLDVePhadbXhNXThP9yWGmA5yv61A==

GET
H2 200 modal-popup.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 21 KB
7 KB 7ms
7ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/modal-popup.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f873b498184e9cb7e7aa8448b5593872ed64979cf326fd4bc516935083cdafaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:17 GMT
content-encoding: br
last-modified: Mon, 16 May 2022 07:52:04 GMT
server: AmazonS3
age: 2825
etag: W/"84eba65e2de707f268d8577e9c600c5c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: uaPX02cKxAKqarzyIkQ8kckQQDxGQ_jjWaAG_Ds6NHp6PHC32w8-SA==

GET
H2 200 sportsbook.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 20 KB
7 KB 8ms
8ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/sportsbook.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b36bf51377f9b0789bbceb4eae55c7b69da314ac7ddcbc258ef949c8916e4fb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:10 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:05 GMT
server: AmazonS3
age: 2832
etag: W/"499abd5e74b8fb8cb6c30491973bfefb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: tnHLuw6kdMVTCX9RHBqcvgDwib3qvqgR8EfTrC5h7hHs6R-q7PgypQ==

GET
H2 200 live-casino.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 34 KB
10 KB 8ms
8ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/live-casino.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14ae5bc28dba7477abed075e1be71f8e69ee2e54d3a7e9f4f7a9c9bec1fa016b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:45 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:04 GMT
server: AmazonS3
age: 2797
etag: W/"e73f838294935df6854e0cceb42dab9e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: n5Lsue0oh3lZXO02u4q1F7JYy2KctHVTNvJoiUoj5592N4YcvfsCeg==

GET
H2 200 homepage.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 24 KB
8 KB 8ms
8ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/homepage.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf175edb68ee39b906ccdba201ef439a2f5a8a936cbb9849ab29a4c65c6eac6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:44 GMT
content-encoding: br
last-modified: Mon, 16 May 2022 07:52:03 GMT
server: AmazonS3
age: 2798
etag: W/"22c1d826bfc0c1022a775169290c3449"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: 9bmaCCTLHitcJZmGCjbUXc9XtXH8TGiiwUOOKcAWfr9xCSeCohP0LQ==

POST
H2 200 textKey Show response
www.norgesspill.com/ 259 B
176 B 170ms
170ms Fetch
application/json 104.18.84.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norgesspill.com/textKey

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.84.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66804ac250ff7adf342defc676fc6afe04a656e8dd63a25c37303328a3cea130

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .casinomodule.com .playngonetwork.com;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.norgesspill.com/no
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 16 May 2022 08:53:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: *
content-security-policy: frame-ancestors 'self' *.casinomodule.com *.playngonetwork.com;
cf-ray: 70c2e1ea58a49124-FRA
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 45ms
15ms XHR
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-81872348-1&cid=1415533959.1652691201&jid=2077754741&gjid=1451380381&_gid=792244381.1652691201&_u=YEBAAEAAAAAAAC~&z=1056776999

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norgesspill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 16 May 2022 08:53:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.norgesspill.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.842d4c8f486a0abe4e43.js Show response
script.hotjar.com/ 239 KB
63 KB 32ms
9ms Script
application/javascript 99.86.7.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.842d4c8f486a0abe4e43.js

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-16.fra6.r.cloudfront.net

Software

Resource Hash

f12263d9799b70e11201f3b0637b29cf0ad78edd091ba78cbe2737477af0c5ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 08:07:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 261975
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63718
access-control-allow-origin: *
last-modified: Fri, 13 May 2022 08:06:30 GMT
etag: "58257474b797ae6eda8d81fd89959bf1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: zhjzWGXUH6fM3LqvGtoGYSgByvh1cd6AqkFopVGWicJQmLv-QlcFQw==

GET
H2 200 pixel.js Show response
static2.creative-serving.com/ 4 KB
2 KB 313ms
10ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.creative-serving.com/pixel.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: UploadServer /
Resource Hash: df16ae2f3f4c003e55aa93796b78c0ab73e0155ae32bea72cee59d1e0832f92d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:53:21 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 21:32:00 GMT
server: UploadServer
etag: "ddebe66232ec2ff147a8664e2ecc6e4f"
x-hw: 1652691201.cds203.fr8.hn,1652691201.cds159.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1505

GET
H2 200 dc_pre=CPGu9r_S4_cCFatJHQkd4rMLtg;src=9905434;type=ros0;cat=norge0;ord=980434030226;gtm=2wg5b0;auiddc=1653580920.1652691200;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%... Show response
adservice.google.com/ddm/fls/i/ Frame BD42 537 B
865 B 67ms
44ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPGu9r_S4_cCFatJHQkd4rMLtg;src=9905434;type=ros0;cat=norge0;ord=980434030226;gtm=2wg5b0;auiddc=1653580920.1652691200;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno

Requested by

Host: 9905434.fls.doubleclick.net
URL: https://9905434.fls.doubleclick.net/activityi;dc_pre=CPGu9r_S4_cCFatJHQkd4rMLtg;src=9905434;type=ros0;cat=norge0;ord=980434030226;gtm=2wg5b0;auiddc=1653580920.1652691200;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdf4747e5b6808599d393f4792bbe58471514f7cdb0270b8e5b8f8b70be4eff1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9905434.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 396
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 May 2022 08:53:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 visitor Show response
data.adnuntius.com/ 0
410 B 1066ms
563ms XHR
text/plain 85.202.161.148
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://data.adnuntius.com/visitor?tzo=0&folderId=000000000017def0&browserId=zv1vh95cmqrjrrl6r9tx2qvw&sessionId=3h6gg2f1kcmp6hrs2qzmmdn5
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.202.161.148 Rovigo, Italy, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 85.202.161.148.adnuntius.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.norgesspill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 16 May 2022 08:53:22 GMT
x-adn-diagnostic-request-id: b397861a9b29fc9c0862a32e5df7ba0d
access-control-allow-origin: https://www.norgesspill.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-adn-backend-server-id: f4528267
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
data.adnuntius.com/
Redirect Chain

https://ads.creative-serving.com/cm?redir=https%3A%2F%2Fdata.adnuntius.com%2Fsync%3FbrowserId%3Dzv1vh95cmqrjrrl6r9tx2qvw%26folderId%3D000000000017def0%26externalSystemType%3DP161%26externalSystemUs...
https://data.adnuntius.com/sync?browserId=zv1vh95cmqrjrrl6r9tx2qvw&folderId=000000000017def0&externalSystemType=P161&externalSystemUserId=20415792-85d4-49ee-ad91-5550dca2fb74

0
302 B

587ms
564ms

Image
text/plain

85.202.161.148
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adnuntius.com/sync?browserId=zv1vh95cmqrjrrl6r9tx2qvw&folderId=000000000017def0&externalSystemType=P161&externalSystemUserId=20415792-85d4-49ee-ad91-5550dca2fb74
Protocol: H2
Server: 85.202.161.148 Rovigo, Italy, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 85.202.161.148.adnuntius.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 08:53:22 GMT
vary: Accept-Encoding, User-Agent
x-adn-diagnostic-request-id: f23845e126b7a6678e7e99ed760dc333
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-adn-backend-server-id: fad6b3cf
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://data.adnuntius.com/sync?browserId=zv1vh95cmqrjrrl6r9tx2qvw&folderId=000000000017def0&externalSystemType=P161&externalSystemUserId=20415792-85d4-49ee-ad91-5550dca2fb74
Date: Mon, 16 May 2022 08:53:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 184.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 24 KB
8 KB 8ms
7ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/184.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e83592be89e810c6ac0d38501f0437d2f7dcf548061a6e8491a6e802a47948af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:05 GMT
content-encoding: br
last-modified: Mon, 16 May 2022 07:52:01 GMT
server: AmazonS3
age: 2837
etag: W/"e044757ff33e61f7102b05be53438d49"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: B6YOU6LgYavYv3DicMFMyB5DoxvRlyTjqd3y5jNSMZpQC-oGZdglAg==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
969 B 40ms
16ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fc44665cde905b9012e5c4a5499020f0365bddc5f2202efa6d45d41a12989017

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 556
x-xss-protection: 1; mode=block
expires: Mon, 16 May 2022 08:53:21 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 34ms
33ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-81872348-1&cid=1415533959.1652691201&jid=2077754741&_u=YEBAAEAAAAAAAC~&z=205415368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 08:53:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 56ms
32ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-81872348-1&cid=1415533959.1652691201&jid=2077754741&_u=YEBAAEAAAAAAAC~&z=205415368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 08:53:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-2934924.js Show response
static.hotjar.com/c/ 4 KB
2 KB 8ms
8ms Script
application/javascript 65.9.63.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2934924.js?sv=7

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.63.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-63-3.fra56.r.cloudfront.net

Software

Resource Hash

016785c0449cbb5eb099b530a4a7f3e8f943a7b4723cfc67020341d5c7a50fcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:52:44 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 37
etag: W/e0b619431685dbd502e22df72180e138
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: R96bUxOSspGh_xycTfw4mAwP3pfMGMJv2S8u_aV4Rf8ubYUwKHnPhw==
via: 1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)

GET
H2 200 homepageCarouselItems Show response
www.norgesspill.com/rest/ 674 B
334 B 65ms
64ms Fetch
application/json 104.18.84.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norgesspill.com/rest/homepageCarouselItems

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.84.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ced2a7159b787b2d3e535f04b9d6ee1a08a2d6df01e2ddc2fa487eb2d158939

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .casinomodule.com .playngonetwork.com;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.norgesspill.com/no
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 16 May 2022 08:53:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: *
content-security-policy: frame-ancestors 'self' *.casinomodule.com *.playngonetwork.com;
cf-ray: 70c2e1eb1a559124-FRA
x-xss-protection: 1; mode=block

GET
H2 200 resources Show response
www.norgesspill.com/rest/ 156 B
219 B 168ms
168ms Fetch
application/json 104.18.84.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norgesspill.com/rest/resources?key=HOMEPAGE_FLOATING_BANNER

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.84.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

658d6fc454b70445755b22290fd607ba58910c1c8d9b770e16d76683f386f105

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .casinomodule.com .playngonetwork.com;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.norgesspill.com/no
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 16 May 2022 08:53:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: *
content-security-policy: frame-ancestors 'self' *.casinomodule.com *.playngonetwork.com;
cf-ray: 70c2e1eb1a599124-FRA
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
www.norgesspill.com/tracking/ 624 B
374 B 128ms
126ms Fetch
application/json 104.18.84.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norgesspill.com/tracking/?frame=start

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.84.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0927e530068da309ff4f2d1ed70af0f3540792b6420c354723fd9d342a44d777

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .casinomodule.com .playngonetwork.com;
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://www.norgesspill.com/no
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:53:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: *
content-security-policy: frame-ancestors 'self' *.casinomodule.com *.playngonetwork.com;
cf-ray: 70c2e1eb1a619124-FRA
x-xss-protection: 1; mode=block

GET
H2 200 v2 Show response
www.norgesspill.com/rest/state/casino/games/ 256 KB
29 KB 195ms
195ms Fetch
application/json 104.18.84.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norgesspill.com/rest/state/casino/games/v2?dummy=10

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.84.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

626d166e6895f5fd4cabe875c0c68bd3f9753b175ea2d0b8d92a63f4bd4b1097

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .casinomodule.com .playngonetwork.com;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.norgesspill.com/no
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 16 May 2022 08:53:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300
access-control-allow-credentials: *
content-security-policy: frame-ancestors 'self' *.casinomodule.com *.playngonetwork.com;
cf-ray: 70c2e1eb1a649124-FRA
x-xss-protection: 1; mode=block

GET
H2 200 25.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 24 KB
7 KB 9ms
9ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/25.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ab2b0a458dd3f88ece740d56dfe957afc154cb8a0f268d30fc4c7410d5c5614

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:44 GMT
content-encoding: br
last-modified: Mon, 16 May 2022 07:52:02 GMT
server: AmazonS3
age: 2798
etag: W/"fbd6fb91c5ed154bb573e8360068ef92"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: 4Ie7rQjxV-HQkhW8SRK0S7UMwChXnIAgxA9H1zSdRq89UHa1lSC-Xg==

GET
H2 200 101.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 25 KB
9 KB 9ms
9ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/101.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d2e6a63c1f26b6228721ed02c5602423383d53da1b3f3df1e270e4b0da7d7e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:44 GMT
content-encoding: br
last-modified: Mon, 16 May 2022 07:52:01 GMT
server: AmazonS3
age: 2798
etag: W/"4c40185ce184edc400b57c860294e306"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: 2W2pbl2TLLuqHHQ9Qs5F_5xW7Jk2C5UuI-5MyBcDXhbzhCnbHw-1Yg==

GET
H2 200 currency-selector.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 32 KB
11 KB 9ms
9ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/currency-selector.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b30a386c47d429855b88e0c42e8114610c64c21c6521b4b2ff11dc729b1fda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:06 GMT
content-encoding: br
last-modified: Mon, 16 May 2022 07:52:03 GMT
server: AmazonS3
age: 2836
etag: W/"6a0c81cb0f400f1d42a269dc8a856d99"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: 3SHrwuagRu67zmmaNHTnZ_xgZ4E_MkX4rcicqE42be6wmofmJ7HFpA==

GET
H2 200 box-21ccaa45726c0f3c8c458f7a87eb2298.html Show response
vars.hotjar.com/ Frame AD91 2 KB
1 KB 33ms
7ms Document
text/html 143.204.215.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-118.fra53.r.cloudfront.net
Software: /
Resource Hash: c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

Referer: https://www.norgesspill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 16310882
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 Nov 2021 14:05:19 GMT
etag: "6a4e2ae376c29011d2e53de65a08d0b7"
last-modified: Tue, 01 Jun 2021 09:17:15 GMT
vary: Accept-Encoding
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-cf-id: Y6iwbSyOdrDLasnbcXyula0lhH80eCRXu9Ls7mCfJknzSxILiLdFmg==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 dc_pre=CPGu9r_S4_cCFatJHQkd4rMLtg;src=9905434;type=ros0;cat=norge0;ord=980434030226;gtm=2wg5b0;auiddc=1653580920.1652691200;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%... Show response
adservice.google.de/ddm/fls/i/ Frame BD6D 194 B
870 B 81ms
43ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CPGu9r_S4_cCFatJHQkd4rMLtg;src=9905434;type=ros0;cat=norge0;ord=980434030226;gtm=2wg5b0;auiddc=1653580920.1652691200;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPGu9r_S4_cCFatJHQkd4rMLtg;src=9905434;type=ros0;cat=norge0;ord=980434030226;gtm=2wg5b0;auiddc=1653580920.1652691200;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 May 2022 08:53:21 GMT
expires: Mon, 16 May 2022 08:53:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/ 361 KB
143 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/recaptcha__en.js

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

423da8631ba1344684bd6adadcd25f2932e128a8f656f80aea6beac58a0ef579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.norgesspill.com/
Origin: https://www.norgesspill.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146043
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:02:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 May 2023 08:53:06 GMT

GET
H2 200 resources Show response
www.norgesspill.com/rest/ 156 B
243 B 59ms
58ms Fetch
application/json 104.18.84.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norgesspill.com/rest/resources?key=HOMEPAGE_FLOATING_BANNER

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.84.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

658d6fc454b70445755b22290fd607ba58910c1c8d9b770e16d76683f386f105

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .casinomodule.com .playngonetwork.com;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.norgesspill.com/no
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 16 May 2022 08:53:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: *
content-security-policy: frame-ancestors 'self' *.casinomodule.com *.playngonetwork.com;
cf-ray: 70c2e1ec5d559124-FRA
x-xss-protection: 1; mode=block

GET
H2 200 logo-mga.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/ 25 KB
9 KB 8ms
8ms Script
application/javascript 2600:9000:2057:8600:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@15082-12cb/js/chunk/logo-mga.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0dd21b5091d1c13ef35ba0e5332f54b844a93fad16f9983e45ee0f7ca487242d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:06:46 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:52:04 GMT
server: AmazonS3
age: 2796
etag: W/"d7d8ca7956e42f3317dad503cb3e1fe3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: ILhOYRgkdRHNr83QVilxv_cANefAtHZA6f3QKXxatV4Azo-SVzIf3Q==

GET
H2 200 norgesspill-homepage1.webp
d3j4vz29nirhst.cloudfront.net/norgesspill/no_no/general/HOMEPAGE_CAROUSEL_ITEM_1_IMAGE/4/1920w/ 27 KB
27 KB 57ms
20ms Image
image/webp 2600:9000:2057:1c00:b:5e2c:3740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4vz29nirhst.cloudfront.net/norgesspill/no_no/general/HOMEPAGE_CAROUSEL_ITEM_1_IMAGE/4/1920w/norgesspill-homepage1.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1c00:b:5e2c:3740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5270a7d11ef45144be00d2e3240473bc363086e76eba6fe741d8ecdff8057ea4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:53:22 GMT
via: 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
last-modified: Tue, 07 Sep 2021 10:03:49 GMT
server: AmazonS3
age: 25612
etag: "74b305940a35733295952b71c9b5de90"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31540000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 27438
x-amz-cf-id: NDbfjD8qiN2Z8FrNbCKlr6JiMC5Th5CRXawBl7BiV79lrAfwu9RfNA==

GET
H2

200

/ Show response
a1.adform.net/Serving/TrackPoint/
Redirect Chain

https://a1.adform.net/Serving/TrackPoint/?pm=2033710&ADFPageName=Norgesspill%20undefined%20-%20Home&ADFdivider=%7C&ord=622129767515&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjIiOiJod...
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2033710&ADFPageName=Norgesspill%20undefined%20-%20Home&ADFdivider=%7C&ord=622129767515&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjIi...

128 B
605 B

29ms
29ms

Script
text/javascript

37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2033710&ADFPageName=Norgesspill%20undefined%20-%20Home&ADFdivider=%7C&ord=622129767515&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjIiOiJodHRwczovL3d3dy5ub3JnZXNzcGlsbC5jb20vbm8iLCJzdjQiOiJ1bmRlZmluZWQifQ&loc=https%3A%2F%2Fwww.norgesspill.com%2Fno

Protocol

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2e7da08109661789b2f17f5f532a245b7e1f7550348c64d41d82a7c12192df65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 08:53:22 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 199
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 16 May 2022 08:53:22 GMT
server: nginx
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2033710&ADFPageName=Norgesspill%20undefined%20-%20Home&ADFdivider=%7C&ord=622129767515&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjIiOiJodHRwczovL3d3dy5ub3JnZXNzcGlsbC5jb20vbm8iLCJzdjQiOiJ1bmRlZmluZWQifQ&loc=https%3A%2F%2Fwww.norgesspill.com%2Fno
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0A57 42 KB
22 KB 44ms
26ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfW3CEUAAAAAAANBgnrxLj_YebjlvwVImDy0FU3&co=aHR0cHM6Ly93d3cubm9yZ2Vzc3BpbGwuY29tOjQ0Mw..&hl=en&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=invisible&cb=cyyle2zcp62c

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8c8bf310a839f41a6fc94400c137ce248c08cf316f796a58dfb494706dbbe61d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G_zhPy6T5ZULToGFCwZaHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.norgesspill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22436
content-security-policy: script-src 'report-sample' 'nonce-G_zhPy6T5ZULToGFCwZaHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 16 May 2022 08:53:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 JingleWMW.jpg
d3j4vz29nirhst.cloudfront.net/norgesspill/no_no/casino/RT_JINGLEWAYSMEGAWAYS/1/640w/ 69 KB
69 KB 11ms
11ms Image
image/jpeg 2600:9000:2057:1c00:b:5e2c:3740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4vz29nirhst.cloudfront.net/norgesspill/no_no/casino/RT_JINGLEWAYSMEGAWAYS/1/640w/JingleWMW.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1c00:b:5e2c:3740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa7920b7523b344741a6ac15a3144ac2c96baecac1bccfa35cc52194fa2cb7f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 17:54:43 GMT
via: 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
last-modified: Thu, 02 Dec 2021 13:55:28 GMT
server: AmazonS3
age: 53920
etag: "bfe495db4f0349bdab79938da4bb38a3"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31540000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 70588
x-amz-cf-id: yjs_SCmoqNQAOpz8p4ilK46WJ5crszkXopqNCxMew_Ea3u9RmX5P-w==

GET
H2 200 7f7aec1b3a685323c23494c9227c9ff5442d9d48ef67c7206049eefc45d3af8a Show response
products.admaxium.com/product/ Frame D0D3 567 B
591 B 160ms
111ms Document
text/html 2606:4700:3031::6815:2a29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://products.admaxium.com/product/7f7aec1b3a685323c23494c9227c9ff5442d9d48ef67c7206049eefc45d3af8a

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:2a29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38c284337f2466294b0aba7154d5ef6cb9285ce7b57cb47ee62e9838f16e4c07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.norgesspill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70c2e1ee4dbd9bbe-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Mon, 16 May 2022 08:53:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vx6Ceh5PqeefUmCRIni5iOllxTffU%2FzCCZ4i15MiizLmKKQAEnBkx%2BKPpaiLUwoWyd4K24rd79UDL6%2B5Dq8qlt9b4eLbBNQi45NxcshaDqOxmfX%2Fxw37JgJ%2BsAq7ED7m4mgB%2FLMbOiIeNMG6TEXt4UcnUDo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
status: 200 OK
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 2d8d8abfc8841c339f139d81fce2ecd4560cc7b94c8460d05e68b571cc62edbe Show response
products.admaxium.com/product/ Frame 4C6E 567 B
900 B 155ms
109ms Document
text/html 2606:4700:3031::6815:2a29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://products.admaxium.com/product/2d8d8abfc8841c339f139d81fce2ecd4560cc7b94c8460d05e68b571cc62edbe

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:2a29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

555cc18c3e2c6c593c880f7ce79ff34b3f95a1f3b6c03faa1bb02d27b8e595c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.norgesspill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70c2e1ee4dbe9bbe-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Mon, 16 May 2022 08:53:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3p0LnibqAF%2BAoRu1e0yxphkk6RM0HqJpd4Ww%2B6hic2xBoPU%2FGthJnNlRAaLWO9RtWHxUEvRM2pls01j3pm4T33YPkW0FiugrmkkiY8ljLDa%2FVLxacm%2BDvD1mWLy7HRJ%2BxkfJw72CLyAgxg6gNmKsDco0TgA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
status: 200 OK
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 winners Show response
www.norgesspill.com/rest/ 3 KB
690 B 67ms
67ms Fetch
application/json 104.18.84.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norgesspill.com/rest/winners

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.84.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e8de143c928cf093b58105fb9df8f71caeed4eea737d1a0b964f6c7fdba0e65

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .casinomodule.com .playngonetwork.com;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.norgesspill.com/no
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 16 May 2022 08:53:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: *
content-security-policy: frame-ancestors 'self' *.casinomodule.com *.playngonetwork.com;
cf-ray: 70c2e1ee09ab9124-FRA
x-xss-protection: 1; mode=block

GET
H2 200 explore Show response
www.norgesspill.com/rest/state/casino/ 49 KB
5 KB 188ms
188ms Fetch
application/json 104.18.84.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norgesspill.com/rest/state/casino/explore?seed=257&dummy=4267612927

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.84.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cba99a67786611cd77f2dbb04b91582ab9a2cafc770e24c2ebf6ce0050dd0b17

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .casinomodule.com .playngonetwork.com;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.norgesspill.com/no
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

pragma: no-cache
date: Mon, 16 May 2022 08:53:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: *
content-security-policy: frame-ancestors 'self' *.casinomodule.com *.playngonetwork.com;
cf-ray: 70c2e1ee19b19124-FRA
x-xss-protection: 1; mode=block
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/ Frame 0A57 51 KB
24 KB 23ms
7ms Stylesheet
text/css 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfW3CEUAAAAAAANBgnrxLj_YebjlvwVImDy0FU3&co=aHR0cHM6Ly93d3cubm9yZ2Vzc3BpbGwuY29tOjQ0Mw..&hl=en&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=invisible&cb=cyyle2zcp62c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 05:37:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:02:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 May 2023 05:37:11 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/ Frame 0A57 361 KB
143 KB 28ms
12ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

423da8631ba1344684bd6adadcd25f2932e128a8f656f80aea6beac58a0ef579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146043
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:02:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 May 2023 08:53:20 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0A57 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 306793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 19 May 2022 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0A57 15 KB
15 KB 26ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 488801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 10 May 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0A57 15 KB
15 KB 27ms
11ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 14:17:54 GMT
x-content-type-options: nosniff
age: 498928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 10 May 2023 14:17:54 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0A57 102 B
134 B 16ms
16ms Other
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=0aeEuuJmrVqDrEL39Fsg5-UJ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e80a5bf86d3d027ba9579ffa4548530efc67bd0533533d3408e23e4665e2a790

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfW3CEUAAAAAAANBgnrxLj_YebjlvwVImDy0FU3&co=aHR0cHM6Ly93d3cubm9yZ2Vzc3BpbGwuY29tOjQ0Mw..&hl=en&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=invisible&cb=cyyle2zcp62c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 16 May 2022 08:53:22 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame E379 7 KB
1 KB 20ms
19ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=0aeEuuJmrVqDrEL39Fsg5-UJ&k=6LfW3CEUAAAAAAANBgnrxLj_YebjlvwVImDy0FU3

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

58e372d0e469f27aafae4ce89b9f79e89803bf2393144f8510edcaf7cf9645df

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-x9geoBlRphrFabrXYi9SXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.norgesspill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1110
content-security-policy: script-src 'report-sample' 'nonce-x9geoBlRphrFabrXYi9SXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 16 May 2022 08:53:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK DefaultAff.aspx Show response
members.bet365.com/Members/Helpers/ Frame B5B7 84 B
1 KB 186ms
155ms Document
text/html 5.226.179.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_01122412&enableDeviceDetection=1&prdid=1&platform=0&rurl=https%3A%2F%2Fmembers.bet365.com%2FMembers%2FHelpers%2FDefaultAff.aspx%3Faffiliate%3D365_01122412%26BCTID%3D1560100313%26enableDeviceDetection%3D1%26prdid%3D1%26platform%3D0&DisplayMode=Desktop
Requested by: Host: products.admaxium.com
URL: https://products.admaxium.com/product/2d8d8abfc8841c339f139d81fce2ecd4560cc7b94c8460d05e68b571cc62edbe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.10 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba

Request headers

Referer: https://products.admaxium.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 70c2e1ef9ed45ca4-FRA
Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 177
Content-Type: text/html; charset=utf-8
Date: Mon, 16 May 2022 08:53:22 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ME-Redirect: PQB
Server: cloudflare
Vary: Accept-Encoding

GET
H/1.1 200
OK DefaultAff.aspx Show response
members.bet365.com/Members/Helpers/ Frame 6ABC 84 B
1 KB 177ms
147ms Document
text/html 5.226.179.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_01089727&enableDeviceDetection=1&prdid=1&platform=0&rurl=https%3A%2F%2Fmembers.bet365.com%2FMembers%2FHelpers%2FDefaultAff.aspx%3Faffiliate%3D365_01089727%26BCTID%3D1560100313%26enableDeviceDetection%3D1%26prdid%3D1%26platform%3D0&DisplayMode=Desktop
Requested by: Host: products.admaxium.com
URL: https://products.admaxium.com/product/7f7aec1b3a685323c23494c9227c9ff5442d9d48ef67c7206049eefc45d3af8a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.10 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba

Request headers

Referer: https://products.admaxium.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 70c2e1ef9e3c9040-FRA
Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 177
Content-Type: text/html; charset=utf-8
Date: Mon, 16 May 2022 08:53:22 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ME-Redirect: PQB
Server: cloudflare
Vary: Accept-Encoding

POST
H/1.1 200
OK e4634a9f18 Show response
bam.nr-data.net/events/1/ 24 B
186 B 100ms
100ms XHR
image/gif 162.247.242.32
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/e4634a9f18?a=37177158&sa=1&v=1169.7b094c0&t=Unnamed%20Transaction&rst=2638&ck=1&ref=https://www.norgesspill.com/no
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.32 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: service.newrelic.co.nz
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.norgesspill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.norgesspill.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/ Frame E379 51 KB
24 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=0aeEuuJmrVqDrEL39Fsg5-UJ&k=6LfW3CEUAAAAAAANBgnrxLj_YebjlvwVImDy0FU3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 05:37:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:02:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 May 2023 05:37:11 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/ Frame E379 361 KB
143 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=0aeEuuJmrVqDrEL39Fsg5-UJ&k=6LfW3CEUAAAAAAANBgnrxLj_YebjlvwVImDy0FU3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

423da8631ba1344684bd6adadcd25f2932e128a8f656f80aea6beac58a0ef579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146043
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:02:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 May 2023 08:53:20 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame E379 37 KB
22 KB 45ms
45ms XHR
application/json 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfW3CEUAAAAAAANBgnrxLj_YebjlvwVImDy0FU3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

41deb04ce35f307c480143859a34436c530c717706ae7bec9699284120ea71fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=0aeEuuJmrVqDrEL39Fsg5-UJ&k=6LfW3CEUAAAAAAANBgnrxLj_YebjlvwVImDy0FU3
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 16 May 2022 08:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22966
x-xss-protection: 1; mode=block
expires: Mon, 16 May 2022 08:53:22 GMT

GET
H2 200 id5-api-2.js Show response
static2.creative-serving.com/ 33 KB
10 KB 312ms
10ms Script
text/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.creative-serving.com/id5-api-2.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b9f590b71a56c0601f7977e5fb4a4126964a8324cae426e43d454ee92978f8eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:53:24 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 19:23:14 GMT
server: UploadServer
age: 0
etag: "43e554f8c9787fa63a85955c07ba1918"
x-hw: 1652691204.cds203.fr8.hn,1652691204.cds208.fr8.c
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9982

POST
H/1.1 200 101.json Show response
id5-sync.com/g/v2/ 213 B
626 B 38ms
10ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/101.json

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

f4075f6c93b51ff81c4290cb471b81844a2e27a629dcb22bc691a98f5ebb1a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.norgesspill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.norgesspill.com
date: Mon, 16 May 2022 08:53:23 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK pixel Show response
ads.creative-serving.com/ 772 B
1 KB 95ms
95ms Script
text/javascript 54.208.143.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.creative-serving.com/pixel?id=3161964&id5id=0&type=jsonp&cb=syncResponse
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.143.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-143-141.compute-1.amazonaws.com
Software: /
Resource Hash: a0d29ede22f84cca61c3f2af6f91a3ead7d9ee9e3ef3deded1c2bf252f87b7d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 16 May 2022 08:53:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 772
Content-Type: text/javascript

GET
H/1.1

200
OK

google_sync_status
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=20415792-85d4-49ee-ad91-5550dca2fb74&ssp=&expires=30&user_group=2&cb=545
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=20415792-85d4-49ee-ad91-5550dca2fb74&ssp=&expires=30&user_group=2&cb=545
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=EYIE6r_2Ryq8UI9t1xmtCQ==
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEMc9OqKfuugbqFKRytGPb6c&google_cver=1

43 B
235 B

102ms
102ms

Image
image/gif

35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEMc9OqKfuugbqFKRytGPb6c&google_cver=1
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 16 May 2022 08:53:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 16 May 2022 08:53:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEMc9OqKfuugbqFKRytGPb6c&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

118204ea-bff6-472a-bc50-8f6dd719ad09
sync.1rx.io/usersync/bidswitch/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=20415792-85d4-49ee-ad91-5550dca2fb74&ssp=&expires=30&user_group=2&cb=533
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=20415792-85d4-49ee-ad91-5550dca2fb74&ssp=&expires=30&user_group=2&cb=533
https://sync.1rx.io/usersync/bidswitch/118204ea-bff6-472a-bc50-8f6dd719ad09?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/118204ea-bff6-472a-bc50-8f6dd719ad09?zcc=1&cb=1652691204720

43 B
172 B

14ms
14ms

Image
image/gif

213.19.147.45
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/bidswitch/118204ea-bff6-472a-bc50-8f6dd719ad09?zcc=1&cb=1652691204720
Protocol: H2
Server: 213.19.147.45 Utrecht, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 08:53:24 GMT
cache-control: no-store, no-cache, must-revalidate
server: Tengine
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 16 May 2022 08:53:24 GMT
server: Tengine
etag: RX24c5b621a1e84c1ebdf2ba13a09becae003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync/bidswitch/118204ea-bff6-472a-bc50-8f6dd719ad09?zcc=1&cb=1652691204720
cache-control: no-store, no-cache, must-revalidate
content-type: text/html
expires: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=20415792-85d4-49ee-ad91-5550dca2fb74&ssp=&expires=30&user_group=2&cb=562
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=20415792-85d4-49ee-ad91-5550dca2fb74&ssp=&expires=30&user_group=2&cb=562
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=118204ea-bff6-472a-bc50-8f6dd719ad09&expires=30

0
239 B

99ms
10ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=118204ea-bff6-472a-bc50-8f6dd719ad09&expires=30
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

Location: //pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=118204ea-bff6-472a-bc50-8f6dd719ad09&expires=30
Date: Mon, 16 May 2022 08:53:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cm_nst
ads.creative-serving.com/
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212282158
https://ads.creative-serving.com/cm_nst?cookie_id=164850804153000110550

43 B
220 B

172ms
95ms

Image
image/gif

54.208.143.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.creative-serving.com/cm_nst?cookie_id=164850804153000110550
Protocol: HTTP/1.1
Server: 54.208.143.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-143-141.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 16 May 2022 08:53:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 16 May 2022 08:53:24 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://ads.creative-serving.com/cm_nst?cookie_id=164850804153000110550
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1 200 1.gif
id5-sync.com/s/101/20415792-85d4-49ee-ad91-5550dca2fb74/ 43 B
1 KB 9ms
9ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/101/20415792-85d4-49ee-ad91-5550dca2fb74/1.gif

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:53:23 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=393426&dpuuid=20415792-85d4-49ee-ad91-5550dca2fb74
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=20415792-85d4-49ee-ad91-5550dca2fb74

42 B
945 B

34ms
34ms

Image
image/gif

79.125.102.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=20415792-85d4-49ee-ad91-5550dca2fb74

Protocol

HTTP/1.1

Server

79.125.102.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-79-125-102-158.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v031-0ed85f882.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 2ug5vuDeSNQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v031-07265f57c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: y5nzME3DTOw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=20415792-85d4-49ee-ad91-5550dca2fb74
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

gcm
ads.creative-serving.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm&google_sc
https://ads.creative-serving.com/gcm?google_gid=CAESECQpYskVEojKgO2RP6x9yC8&google_cver=1

43 B
220 B

95ms
94ms

Image
image/gif

54.208.143.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.creative-serving.com/gcm?google_gid=CAESECQpYskVEojKgO2RP6x9yC8&google_cver=1
Protocol: HTTP/1.1
Server: 54.208.143.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-143-141.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 16 May 2022 08:53:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 16 May 2022 08:53:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.creative-serving.com/gcm?google_gid=CAESECQpYskVEojKgO2RP6x9yC8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 07:24:03	Name: _GRECAPTCHA Value: 09AHXvv8egTdEq6Z3b3qTC4CZb-MnakHqCg9SkncZWQ1oRqkYFapKXmX_NmxSRApEEnt_wmQoeYV6PrVUm6-NgRHU
www.norgesspill.com/	1969-12-31 23:59:59	Name: franchise Value: 67
www.norgesspill.com/	1969-12-31 23:59:59	Name: franchiseCode Value: NORWAY_NORGESSPILL
.norgesspill.com/	1969-12-31 23:59:59	Name: locale Value: no_NO
.norgesspill.com/	1969-12-31 23:59:59	Name: useMobile Value: true
.norgesspill.com/	1970-01-20 05:16:20	Name: showAppBanner Value: true
www.norgesspill.com/	1970-01-20 03:48:03	Name: AffiliateId Value: 162497
www.norgesspill.com/	1970-01-20 03:48:03	Name: BannerTag Value: "{\"btag\":\"105856_W1cBmOAhBABA20220516aed0a2117d6e492bb94251a5b43feec1\",\"created\":\"2022-05-16T10:53+0200\",\"params\":{}}"
.norgesspill.com/	1970-01-20 05:14:27	Name: _gcl_au Value: 1.1.1653580920.1652691200
.norgesspill.com/	1970-01-20 20:36:03	Name: _ga Value: GA1.2.1415533959.1652691201
.norgesspill.com/	1970-01-20 03:06:17	Name: _gid Value: GA1.2.792244381.1652691201
.norgesspill.com/	1970-01-20 03:04:51	Name: _gat_UA-81872348-1 Value: 1
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: c8500ee860330042
.creative-serving.com/	1970-01-20 12:26:27	Name: tuuid Value: 20415792-85d4-49ee-ad91-5550dca2fb74
.adform.net/	1970-01-20 03:49:29	Name: C Value: 1
.norgesspill.com/	1970-01-20 11:50:27	Name: _hjSessionUser_2934924 Value: eyJpZCI6IjVlMzFkMjY5LWI0NDAtNTc1MC05Y2Q0LTRjOTAyOTFhZjVkZCIsImNyZWF0ZWQiOjE2NTI2OTEyMDA5MDgsImV4aXN0aW5nIjpmYWxzZX0=
.norgesspill.com/	1970-01-20 03:04:53	Name: _hjFirstSeen Value: 1
www.norgesspill.com/	1970-01-20 03:04:51	Name: _hjIncludedInSessionSample Value: 0
.norgesspill.com/	1970-01-20 03:04:53	Name: _hjSession_2934924 Value: eyJpZCI6IjU2ZGQ4NTU1LTAxOWItNGU2YS1hOTQxLWIwOTBhNDU1ZDUxZSIsImNyZWF0ZWQiOjE2NTI2OTEyMDEyNTIsImluU2FtcGxlIjpmYWxzZX0=
.norgesspill.com/	1970-01-20 03:04:53	Name: _hjAbsoluteSessionInProgress Value: 0
.adform.net/	1970-01-20 04:31:15	Name: uid Value: 1723412384327977977
members.bet365.com/	1969-12-31 23:59:59	Name: session Value: processform=0
.bet365.com/	1970-01-20 04:09:39	Name: Affiliates Value: Code=365_01122412%2f134626041905&prd=Sports
.bet365.com/	1969-12-31 23:59:59	Name: pstk Value: 9D19D136A08D401A975D8411A815A494000003
.bet365.com/	1970-01-20 03:04:53	Name: __cf_bm Value: PoSy9haKOvefsimYKn3E30rwetma2481pAGHHHZfGCM-1652691202-0-AUs/s9Zl6p6DbKdMhy4g4LZ2NJloJBiv1R89gzwQNx2vVLzOpI0i52ZJ+yq3VZYqeBQWIhCDf0OE5BlWRitEE8g=
.data.adnuntius.com/	1970-01-20 03:48:03	Name: browserId Value: zv1vh95cmqrjrrl6r9tx2qvw
.creative-serving.com/	1970-01-20 12:26:27	Name: c Value: 1652691204
.creative-serving.com/	1970-01-20 12:26:27	Name: tuuid_lu Value: 1652691204
.id5-sync.com/	1970-01-20 03:04:51	Name: cf Value:
.id5-sync.com/	1970-01-20 03:04:51	Name: cip Value:
.id5-sync.com/	1970-01-20 03:04:51	Name: cnac Value:
.id5-sync.com/	1970-01-20 03:04:51	Name: car Value:
.id5-sync.com/	1970-01-20 03:04:51	Name: gdpr Value:
.id5-sync.com/	1970-01-20 03:04:51	Name: callback Value:
.doubleclick.net/	1970-01-20 12:26:27	Name: IDE Value: AHWqTUlG-Qql28BdCRUMDYPDXCH42G822okcd3GtS-N0yaL--QURp56aG5lIz6SgWmg
.agkn.com/	1970-01-20 11:50:27	Name: ab Value: 0001%3A%2F98VCcx14F0ELPFuuD9XSw6AqmoQKSdf
.demdex.net/	1970-01-20 07:24:03	Name: demdex Value: 50843338717380121390914274656765203933
.dpm.demdex.net/	1970-01-20 07:24:03	Name: dpm Value: 50843338717380121390914274656765203933
.bidswitch.net/	1970-01-20 11:50:27	Name: c Value: 1652691204
.bidswitch.net/	1970-01-20 11:50:27	Name: tuuid_lu Value: 1652691204
.bidswitch.net/	1970-01-20 11:50:27	Name: tuuid Value: 118204ea-bff6-472a-bc50-8f6dd719ad09

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .casinomodule.com .playngonetwork.com;
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9905434.fls.doubleclick.net
a1.adform.net
aa.agkn.com
ads.creative-serving.com
ads.norgesspill.com
adservice.google.com
adservice.google.de
bam.nr-data.net
cdn.adnuntius.com
cdn.jsdelivr.net
cm.g.doubleclick.net
d3eg6wi5fpm57g.cloudfront.net
d3j4vz29nirhst.cloudfront.net
data.adnuntius.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
id5-sync.com
js-agent.newrelic.com
members.bet365.com
pixel.rubiconproject.com
products.admaxium.com
s2.adform.net
script.hotjar.com
scripts.prdredir.com
static.hotjar.com
static2.creative-serving.com
stats.g.doubleclick.net
sync.1rx.io
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.norgesspill.com
www.radurlaub-mallorca.eu
x.bidswitch.net
104.18.84.10
141.95.98.64
142.250.184.198
142.250.185.98
143.204.215.118
151.101.130.137
151.139.128.11
162.247.242.32
213.19.147.45
2600:9000:2057:1c00:b:5e2c:3740:21
2600:9000:2057:8600:f:dcfa:3700:21
2606:4700:3031::6815:2a29
2606:4700:3036::ac43:af7f
2606:4700::6810:5514
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c0d::9b
2a02:6ea0:c700::2
2a06:98c1:3121::a
35.178.150.13
35.211.178.172
37.157.3.28
37.157.5.72
5.226.179.10
54.208.143.141
65.9.63.3
69.173.144.165
79.125.102.158
85.202.161.148
99.86.7.16
016785c0449cbb5eb099b530a4a7f3e8f943a7b4723cfc67020341d5c7a50fcc
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
068bcb2fcf331a2df691da3da4511a341285101d980a2b3863946fb148978770
0927e530068da309ff4f2d1ed70af0f3540792b6420c354723fd9d342a44d777
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0c9d6e7bee7dbb8d6391703a2b1faa00ed2b186bd2e16a3700b354fb605158de
0ced2a7159b787b2d3e535f04b9d6ee1a08a2d6df01e2ddc2fa487eb2d158939
0d93cd2e5beb2d9856e7f9746dc1b69281101528fca341cb187bacfa5b0c2e1a
0dd21b5091d1c13ef35ba0e5332f54b844a93fad16f9983e45ee0f7ca487242d
14ae5bc28dba7477abed075e1be71f8e69ee2e54d3a7e9f4f7a9c9bec1fa016b
17ab18efb06d6e99214141753b3d058c23239473ac62acdbe307faba26c88c82
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
23adce2a2569d2c7f0d6842305f780c2c90afcb9a4b6f46c0bd63f675009ec50
24a3a92cabe3fd942c13c6ac2aeb776be6e0ebdcdf1e5c0e26096d3c7fcb24e5
25a94e85f5a54acedae7980d782bb7711482309a4cdc0f3475bfffd52849fb7e
2a2c2fb1650693ee52b0d75a924231b71d2bfa6d6de32eb415d9a833e41decac
2a89858ae3a5e3549ddf80d3cddf2a785d1852bc3226e266a1805839bd5f2395
2e7da08109661789b2f17f5f532a245b7e1f7550348c64d41d82a7c12192df65
32a0a6db65ee81653e3d8f6d2b4b751f26ac67ee4bf69f807401e76f55c0a470
37072a42526245f257b725698d7e70dfab281bfd00d38f1112dafd36a6e04176
38c284337f2466294b0aba7154d5ef6cb9285ce7b57cb47ee62e9838f16e4c07
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e45e2ee38d323f42849669a11df8c79c87bdf2436937bdf1a497a8290009afe
419e1eb777d604386aae1525160cd937df4a0db019692dafb95943985eca1b37
41c7e8f571935abc4986a6386ab01ae624881d7a65acc4b8556b2fc93dd7876b
41deb04ce35f307c480143859a34436c530c717706ae7bec9699284120ea71fa
423da8631ba1344684bd6adadcd25f2932e128a8f656f80aea6beac58a0ef579
42b30a386c47d429855b88e0c42e8114610c64c21c6521b4b2ff11dc729b1fda
432506113909f5522a25bbc5e027af5fd9ae3162793156cf5d1a37a552cc7f96
5270a7d11ef45144be00d2e3240473bc363086e76eba6fe741d8ecdff8057ea4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
555cc18c3e2c6c593c880f7ce79ff34b3f95a1f3b6c03faa1bb02d27b8e595c8
58e372d0e469f27aafae4ce89b9f79e89803bf2393144f8510edcaf7cf9645df
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
626d166e6895f5fd4cabe875c0c68bd3f9753b175ea2d0b8d92a63f4bd4b1097
62a4fa1b2bd0721ff039eee62ccb5e07c44f26fea7fb3b6a731356013c02d0cd
658d6fc454b70445755b22290fd607ba58910c1c8d9b770e16d76683f386f105
662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba
66804ac250ff7adf342defc676fc6afe04a656e8dd63a25c37303328a3cea130
6e8de143c928cf093b58105fb9df8f71caeed4eea737d1a0b964f6c7fdba0e65
748f3663dfe4d56052a494f4fa5515e5b865e2827893e682f25385134d2a5910
79ce997b357b93ea7898fa3a0bcf92885a79308c0a5ef2253d94b96e39531411
7d2e6a63c1f26b6228721ed02c5602423383d53da1b3f3df1e270e4b0da7d7e2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859b949015ceebdf3da7f74a7d5c27183e84f6ae1f0d75063be5ae117eb649ac
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8ab2b0a458dd3f88ece740d56dfe957afc154cb8a0f268d30fc4c7410d5c5614
8c0f512725926659d02acad116ff5154da95c6025004d965059fa51d44515717
8c8bf310a839f41a6fc94400c137ce248c08cf316f796a58dfb494706dbbe61d
8d506aada244996e20388925d9a42e6a813b81b4efdc7cf4b6aea2fb31d23ffe
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
99964759114293196848fdb6d6b7b2e21c6be0b6039f0ff04af07dbd9c2e420e
9af8860b38bf2fb321dbc510dd508d80513b53c7e1f05141b293cd9a52b5fc0b
9bbde4e879f5cc6d8e98b1e5605898a933825190f867b66285b084bc3ee785e9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d29ede22f84cca61c3f2af6f91a3ead7d9ee9e3ef3deded1c2bf252f87b7d6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a590d48390719a5e1faa8d8f3fbd3a439728eb241562df9f238c5199d9953243
a777aa2ffec858497b52203d65f1f3f5c0441658c6b1624ada28bc0a33e40a6f
a99910187453e7f4abbf6ef41cc51259a53613e9a3bf2b8fdaf735dbdcac14b2
ae7a9b7df070a11585d13c9f86df502dbae5ffb88cea286f757bf7f9e60239f6
b36bf51377f9b0789bbceb4eae55c7b69da314ac7ddcbc258ef949c8916e4fb9
b674677a3d59fffef6b9292aae3ab4843389076a5cc3882bf032dab450497f2d
b9f590b71a56c0601f7977e5fb4a4126964a8324cae426e43d454ee92978f8eb
bb5f798232d8b7a4f0520dc9ef0cbb3ef27c2cfb970cc339b48a8e89f6afad24
bbd92d743f3928c514b32681eb8383d412b4b28bdea812fbf06d078cb3ea210d
c0429145ff637ac79111f2e81dff4c6458b545ca90ca0b1d013b3680a60c0f35
c1978776eaae423741d6f0b02a67d4e0a81535ddbd1c718fb15c5cd0a76fad79
c34b0ff1476010960b120a816b00ecd82f2e84036b99c449766aee324ea5ac9c
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c76b2c2a82ce5a1fa43d854e2db76cb369c3830e229190e1f47273d4610a11d6
c9ba6ac3eb304c7d73fc58193f42cb357d74aed65a1e3dfdb49e2d55412cd4cf
cba99a67786611cd77f2dbb04b91582ab9a2cafc770e24c2ebf6ce0050dd0b17
cf175edb68ee39b906ccdba201ef439a2f5a8a936cbb9849ab29a4c65c6eac6d
d5a1329758f412bb2c40a2d13d41e02653b58e510353165da2e9546098b85542
d78ad3d64d55841a9adf772d81635ec078a97e4a2f53fe57bb76a0792cf90afd
d85463850645b1efd6d78bd24d32a1c99a368d505ac2b01e0e05d0e22eb700f1
d9b59282ae078162f30156eb1e0e2f26383ab30043d236eac45b07fed0f62b57
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df16ae2f3f4c003e55aa93796b78c0ab73e0155ae32bea72cee59d1e0832f92d
df6c68cec967b79760a43f31a090cb1db3a9309181a54d0ffcf64d392180d1e0
e0ba3cbcf8412d8a4562804a1854d15178d0296f2e7aa4d7ffa390f17f270183
e2686d1245000570ac793349a1e85b90c3c097af7ae1cbc15471b83cffbfc270
e32e1812cba803f9d3901527d0f0fbcfb7a20ec93173624fbc57b1811df8328c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80a5bf86d3d027ba9579ffa4548530efc67bd0533533d3408e23e4665e2a790
e83592be89e810c6ac0d38501f0437d2f7dcf548061a6e8491a6e802a47948af
e926c1646537f6e4eb23513f857f719a6b7f977cf8f14c994f2a99022418dd92
ee53fd56a5e524f710d86c53037a9442e90c71a541c624dd30e04757a25980a4
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12263d9799b70e11201f3b0637b29cf0ad78edd091ba78cbe2737477af0c5ff
f4075f6c93b51ff81c4290cb471b81844a2e27a629dcb22bc691a98f5ebb1a94
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f873b498184e9cb7e7aa8448b5593872ed64979cf326fd4bc516935083cdafaa
fa7920b7523b344741a6ac15a3144ac2c96baecac1bccfa35cc52194fa2cb7f2
fc44665cde905b9012e5c4a5499020f0365bddc5f2202efa6d45d41a12989017
fcbdee2ed7bc27bc88e0bf1b774a0923aad00dba55c203ed0f632a2e3ff5557f
fdf4747e5b6808599d393f4792bbe58471514f7cdb0270b8e5b8f8b70be4eff1
fe231ec04161955602c6630d39f324f48441afcacaebdb10c3adc581fcb59794

www.norgesspill.com Open in urlscan Pro 104.18.84.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

113 Requests

92 %HTTPS

46 %IPv6

26 Domains

38 Subdomains

35 IPs

10 Countries

1662 kBTransfer

4700 kBSize

41 Cookies

5 Outgoing links

Page URL History

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.norgesspill.com Open in urlscan Pro
104.18.84.10 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

92 %
HTTPS

46 %
IPv6

26
Domains

38
Subdomains

35
IPs

10
Countries

1662 kB
Transfer

4700 kB
Size

41
Cookies

113 HTTP transactions
1 data transactions