urlscan.io logo urlscan.io
SecurityTrails logo

club.spond.com Open in urlscan Pro
172.67.37.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fotballskolen.ellingsrud.no/
Effective URL: https://club.spond.com/landing/signup/eil
Submission: On April 30 via api from US — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 172.67.37.3, located in United States and belongs to CLOUDFLARENET, US. The main domain is club.spond.com.
TLS certificate: Issued by E1 on April 19th 2024. Valid for: 3 months.
This is the only time club.spond.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 194.242.11.166 34989 (SERVETHEW...)
12 172.67.37.3 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 172.217.18.10 15169 (GOOGLE)
2 35.186.247.156 15169 (GOOGLE)
2 13.35.58.22 16509 (AMAZON-02)
20 5
1    194.242.11.166 (Norway)

ASN34989 (SERVETHEWORLD-AS, NO)
PTR: plesk1.wp1.dynavee.net
fotballskolen.ellingsrud.no
12    172.67.37.3 (United States)

ASN13335 (CLOUDFLARENET, US)
club.spond.com
api.spond.com
3    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f10.1e100.net
maps.googleapis.com
2    35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com
sentry.io
2    13.35.58.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-22.fra60.r.cloudfront.net
js.stripe.com
Apex Domain
Subdomains		 Transfer
12 spond.com
club.spond.com
api.spond.com — Cisco Umbrella Rank: 64851
2 MB
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 362
191 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1162
148 KB
2 sentry.io
sentry.io — Cisco Umbrella Rank: 154
423 B
1 ellingsrud.no
fotballskolen.ellingsrud.no
130 B
20 5
Domain Requested by
10 club.spond.com club.spond.com
4 maps.googleapis.com club.spond.com
maps.googleapis.com
2 api.spond.com club.spond.com
2 js.stripe.com club.spond.com
js.stripe.com
2 sentry.io club.spond.com
1 fotballskolen.ellingsrud.no 1 redirects
20 6

This site contains no links.

Subject Issuer Validity Valid
spond.com
E1		 2024-04-19 -
2024-07-18		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2024-09-07		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-03-27 -
2024-06-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://club.spond.com/landing/signup/eil
Frame ID: 5F92CD04336ED80C6EE7C3142B05C664
Requests: 18 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: D1BB77B67562BD6B5775626A6A7D974A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign up form for Ellingsrud IL (EIL)

Page URL History Show full URLs

  1. https://fotballskolen.ellingsrud.no/ HTTP 301
    https://club.spond.com/landing/signup/eil Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Page Statistics

20
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

2312 kB
Transfer

10280 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fotballskolen.ellingsrud.no/ HTTP 301
    https://club.spond.com/landing/signup/eil Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request eil
club.spond.com/landing/signup/
Redirect Chain
  • https://fotballskolen.ellingsrud.no/
  • https://club.spond.com/landing/signup/eil
1 KB
795 B 		Document
General
Check archive.org
Download Go to
Full URL
https://club.spond.com/landing/signup/eil
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.37.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57d3e4cf2461d7be1ce9c452836f88468dbdd4c64ae0021dc427c45215cb37d

Request headers

Accept-Language
no-NO,no;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
87caf6ff393d56b9-OSL
content-encoding
br
content-type
text/html
date
Tue, 30 Apr 2024 22:28:26 GMT
last-modified
Tue, 30 Apr 2024 11:49:35 GMT
server
cloudflare
x-envoy-upstream-service-time
2

Redirect headers

content-length
249
content-type
text/html; charset=iso-8859-1
date
Tue, 30 Apr 2024 22:28:26 GMT
location
https://club.spond.com/landing/signup/eil
server
nginx
x-powered-by
PleskLin
redactor.min.css
club.spond.com/vendor/redactor-3_1_7/ 		41 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://club.spond.com/vendor/redactor-3_1_7/redactor.min.css
Requested by
Host: club.spond.com
URL: https://club.spond.com/landing/signup/eil
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.37.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1894f5db4dead4501f5ff18e458356c78e4823304a1c93d7fae43bbb68594c8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://club.spond.com/landing/signup/eil
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:28:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 Apr 2024 11:49:31 GMT
server
cloudflare
age
6548
etag
W/"6630dacb-a2f7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
x-envoy-upstream-service-time
1
cf-ray
87caf7006a1056b9-OSL
alt-svc
h3=":443"; ma=86400
redactor.min.js
club.spond.com/vendor/redactor-3_1_7/ 		251 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://club.spond.com/vendor/redactor-3_1_7/redactor.min.js
Requested by
Host: club.spond.com
URL: https://club.spond.com/landing/signup/eil
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.37.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26238ca739bb8683dcb11ef13fd782b2f3bbd8b8735d02d743522131814291bb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://club.spond.com/landing/signup/eil
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:28:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 Apr 2024 11:49:31 GMT
server
cloudflare
age
551
etag
W/"6630dacb-3edbd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
x-envoy-upstream-service-time
1
cf-ray
87caf7006a1156b9-OSL
alt-svc
h3=":443"; ma=86400
no.js
club.spond.com/vendor/redactor-3_1_7/langs/ 		2 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://club.spond.com/vendor/redactor-3_1_7/langs/no.js
Requested by
Host: club.spond.com
URL: https://club.spond.com/landing/signup/eil
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.37.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2753384e824bc29ae4c6668fced23b0ba389827a91b4b829e39889da7a729d9d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://club.spond.com/landing/signup/eil
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:28:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 Apr 2024 11:49:31 GMT
server
cloudflare
age
3626
etag
W/"6630dacb-83a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
x-envoy-upstream-service-time
1
cf-ray
87caf7006a1356b9-OSL
alt-svc
h3=":443"; ma=86400
js
maps.googleapis.com/maps/api/ 		243 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyBdUTo9Zk5h46Q167B6h5pfJN9YLupp5kE&libraries=places
Requested by
Host: club.spond.com
URL: https://club.spond.com/landing/signup/eil
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
1653313f7e69526e00772f36c156c7153c5cfc60bc8edcf2d7395d6ef492c836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://club.spond.com/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:28:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80690
x-xss-protection
0
runtime-env.js
club.spond.com/ 		1 KB
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://club.spond.com/runtime-env.js?v2
Requested by
Host: club.spond.com
URL: https://club.spond.com/landing/signup/eil
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.37.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b99de69db70b70eeb8f7b0e0fa50c2dec4cc3cacba2ca72e92acd77eae2d6fae

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://club.spond.com/landing/signup/eil
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:28:26 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Tue, 30 Apr 2024 12:36:34 GMT
server
cloudflare
etag
W/"6630e5d2-40d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store
x-envoy-upstream-service-time
1
cf-ray
87caf7006a1556b9-OSL
alt-svc
h3=":443"; ma=86400
index-aa28896f.js
club.spond.com/assets/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://club.spond.com/assets/index-aa28896f.js
Requested by
Host: club.spond.com
URL: https://club.spond.com/landing/signup/eil
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.37.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb8c74c7da0a61f6ee9f2c3ff47d7a323381a75624def0f83049ac5fd5d44d73

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://club.spond.com/landing/signup/eil
Origin
https://club.spond.com
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:28:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 Apr 2024 11:49:36 GMT
server
cloudflare
age
6548
etag
W/"6630dad0-4cc5e9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
x-envoy-upstream-service-time
2
cf-ray
87caf7006a1756b9-OSL
alt-svc
h3=":443"; ma=86400
vendor-5dd26f6a.js
club.spond.com/assets/ 		4 MB
843 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://club.spond.com/assets/vendor-5dd26f6a.js
Requested by
Host: club.spond.com
URL: https://club.spond.com/landing/signup/eil
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.37.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9fe7a2616bee31e08291df0f70bc4a8bd2dff12cbf8b549fc8f45bfe05794f8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://club.spond.com/landing/signup/eil
Origin
https://club.spond.com
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:28:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 Apr 2024 11:49:35 GMT
server
cloudflare
age
842
etag
W/"6630dacf-3a47df"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
x-envoy-upstream-service-time
4
cf-ray
87caf7006a1856b9-OSL
alt-svc
h3=":443"; ma=86400
vendor-2708b91e.css
club.spond.com/assets/ 		33 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://club.spond.com/assets/vendor-2708b91e.css
Requested by
Host: club.spond.com
URL: https://club.spond.com/landing/signup/eil
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.37.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2708b91e73058e837975a77891514e8829b1a5a8ea4cdbe562ebebc54497f58f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://club.spond.com/landing/signup/eil
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:28:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 Apr 2024 11:49:35 GMT
server
cloudflare
age
843
etag
W/"6630dacf-824f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
x-envoy-upstream-service-time
1
cf-ray
87caf7006a1b56b9-OSL
alt-svc
h3=":443"; ma=86400
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBdUTo9Zk5h46Q167B6h5pfJN9YLupp5kE&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://club.spond.com/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:28:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://club.spond.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
/
sentry.io/api/1417396/envelope/ 		2 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1417396/envelope/?sentry_key=a7e2873230bd473d985eb6d8c894ecdd&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.103.0
Requested by
Host: club.spond.com
URL: https://club.spond.com/assets/vendor-5dd26f6a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://club.spond.com/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 30 Apr 2024 22:28:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
v3
js.stripe.com/ 		602 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: club.spond.com
URL: https://club.spond.com/assets/vendor-5dd26f6a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-22.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a960f7bc548115a971849f5e4fad2b1a8859194c970dd5c0b6c07d34d89b7029
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://club.spond.com/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:27:56 GMT
content-encoding
br
via
1.1 3de687dde9ccf524586562826ee53358.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
32
x-amz-cf-pop
FRA60-P10
x-cache
Hit from cloudfront
last-modified
Tue, 30 Apr 2024 20:41:31 GMT
server
Cloudfront
etag
W/"a35d2c08b19a3fd0dfbfcfe08bac6c2c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
NFJqR1fBTAJxobedyUZY_8DggyGJC_gJyJ63D3BnyOKz1AHtj6Xx7A==
spond-logo-colors-acc38658.svg
club.spond.com/assets/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://club.spond.com/assets/spond-logo-colors-acc38658.svg
Requested by
Host: club.spond.com
URL: https://club.spond.com/landing/signup/eil
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.37.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acc38658052c2781d4d8560e7fbc7d09a07cf257b0c754fd24f03ef0ebb28f70

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://club.spond.com/landing/signup/eil
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:28:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 Apr 2024 11:49:35 GMT
server
cloudflare
age
841
etag
W/"6630dacf-2491"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=14400
x-envoy-upstream-service-time
2
cf-ray
87caf7056ddc56b9-OSL
alt-svc
h3=":443"; ma=86400
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame D1BB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-22.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
no-NO,no;q=0.9;q=0.9
Referer
https://club.spond.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
166
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 30 Apr 2024 22:25:41 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Thu, 25 Apr 2024 20:09:44 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b58f4c458263fcafb0c4b2b684d9bc50.cloudfront.net (CloudFront)
x-amz-cf-id
_ngb5ALq0suqEsRrTqKnIwiBmkQZuUBEKTY4tYQeq97E2w51ATNEUA==
x-amz-cf-pop
FRA60-P10
x-cache
Hit from cloudfront
x-content-type-options
nosniff
eil
api.spond.com/club/v1/signupForms/forClub/ 		14 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.spond.com/club/v1/signupForms/forClub/eil?
Requested by
Host: club.spond.com
URL: https://club.spond.com/assets/vendor-5dd26f6a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.37.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ea85b62be7dd948b706e9c2c629dab62fe3ef63a425c615af0066ddb7ed9be0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Spond-MembershipAuth
undefined
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://club.spond.com/
X-Spond-ClubId
[object Object]
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:28:28 GMT
content-encoding
br
x-spond-requestid
S-90919d4853d67e2cc923ba55994b4180
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://club.spond.com
cache-control
no-cache
x-envoy-upstream-service-time
49
access-control-allow-credentials
true
cf-ray
87caf70f1d91b4eb-OSL
alt-svc
h3=":443"; ma=86400
eil
api.spond.com/club/v1/signupForms/forClub/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.spond.com/club/v1/signupForms/forClub/eil?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.37.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-spond-clubid,x-spond-membershipauth
Access-Control-Request-Method
GET
Origin
https://club.spond.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Auth,Api-Level,Content-Type,X-Spond-ClubId,X-Spond-MembershipAuth,X-Spond-MembershipType,X-Spond-SendUpdate,X-Spond-ClearResponses,If-None-Match,X-club-domain
access-control-allow-methods
GET,POST,PATCH,OPTIONS,PUT,DELETE
access-control-allow-origin
https://club.spond.com
access-control-max-age
7200
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87caf70e7cafb4eb-OSL
date
Tue, 30 Apr 2024 22:28:28 GMT
server
cloudflare
favicon.ico
club.spond.com/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://club.spond.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.37.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cb646de216abb95d1689b770b8aa866dcfd297a0cde38cbc38c6c65852f0f93

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://club.spond.com/landing/signup/eil
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:28:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 Apr 2024 11:49:31 GMT
server
cloudflare
age
841
etag
W/"6630dacb-9c5"
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
cache-control
max-age=14400
x-envoy-upstream-service-time
2
cf-ray
87caf711c83656b9-OSL
alt-svc
h3=":443"; ma=86400
/
sentry.io/api/1417396/envelope/ 		41 B
99 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1417396/envelope/?sentry_key=a7e2873230bd473d985eb6d8c894ecdd&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.103.0
Requested by
Host: club.spond.com
URL: https://club.spond.com/assets/vendor-5dd26f6a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a5b31e37461239a0a550bb57f05cdacac706c6b188ee5211421036ca077f009c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://club.spond.com/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 30 Apr 2024 22:28:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
common.js
maps.googleapis.com/maps-api-v3/api/js/56/10/intl/no_ALL/ 		256 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/56/10/intl/no_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBdUTo9Zk5h46Q167B6h5pfJN9YLupp5kE&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7ea300590cfc4925724c4febc0ca149de023616e031e2fb4d273c0726cfb2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://club.spond.com/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 07:55:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
52359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57141
x-xss-protection
0
last-modified
Tue, 23 Apr 2024 20:46:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Apr 2025 07:55:52 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/56/10/intl/no_ALL/ 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/56/10/intl/no_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBdUTo9Zk5h46Q167B6h5pfJN9YLupp5kE&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7269789bba50505b3bf271d13687464b49b880f55edc109ba021e9d624cc65c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://club.spond.com/
Accept-Language
no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 07:50:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
52677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56957
x-xss-protection
0
last-modified
Tue, 23 Apr 2024 20:46:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Apr 2025 07:50:34 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $R function| Redactor object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| __RUNTIME_CONFIG__ function| clearImmediate function| setImmediate object| regeneratorRuntime object| __SENTRY__ object| webpackChunkStripeJSouter function| noop function| Stripe

3 Cookies

Domain/Path Name / Value
m.stripe.com/ Name: m
Value: aff0a28a-6a24-4942-a94f-35d8a1675e1d026fff
.club.spond.com/ Name: __stripe_mid
Value: 79eb86d4-bc82-4e56-a7e0-44dd15538fc5b30a50
.club.spond.com/ Name: __stripe_sid
Value: 8609b208-b89d-4f1e-a28e-09059df9d9a8e2c2c4

1 Console Messages

Source Level URL
Text
other warning URL: https://club.spond.com/landing/signup/eil
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.spond.com
club.spond.com
fotballskolen.ellingsrud.no
js.stripe.com
maps.googleapis.com
sentry.io
13.35.58.22
172.217.18.10
172.67.37.3
194.242.11.166
2a00:1450:4001:812::200a
35.186.247.156
1653313f7e69526e00772f36c156c7153c5cfc60bc8edcf2d7395d6ef492c836
26238ca739bb8683dcb11ef13fd782b2f3bbd8b8735d02d743522131814291bb
2708b91e73058e837975a77891514e8829b1a5a8ea4cdbe562ebebc54497f58f
2753384e824bc29ae4c6668fced23b0ba389827a91b4b829e39889da7a729d9d
2cb646de216abb95d1689b770b8aa866dcfd297a0cde38cbc38c6c65852f0f93
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4ea85b62be7dd948b706e9c2c629dab62fe3ef63a425c615af0066ddb7ed9be0
a5b31e37461239a0a550bb57f05cdacac706c6b188ee5211421036ca077f009c
a960f7bc548115a971849f5e4fad2b1a8859194c970dd5c0b6c07d34d89b7029
acc38658052c2781d4d8560e7fbc7d09a07cf257b0c754fd24f03ef0ebb28f70
b1894f5db4dead4501f5ff18e458356c78e4823304a1c93d7fae43bbb68594c8
b57d3e4cf2461d7be1ce9c452836f88468dbdd4c64ae0021dc427c45215cb37d
b99de69db70b70eeb8f7b0e0fa50c2dec4cc3cacba2ca72e92acd77eae2d6fae
b9fe7a2616bee31e08291df0f70bc4a8bd2dff12cbf8b549fc8f45bfe05794f8
c7269789bba50505b3bf271d13687464b49b880f55edc109ba021e9d624cc65c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb8c74c7da0a61f6ee9f2c3ff47d7a323381a75624def0f83049ac5fd5d44d73
e7ea300590cfc4925724c4febc0ca149de023616e031e2fb4d273c0726cfb2c3