www.norgesspill.com Open in urlscan Pro
104.18.83.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.villairene.eu/mail/index.php/campaigns/ow0302xozo1f3/track-url/dv0100e5ms527/c854c424202e23950c647abd00b9343c5...
Effective URL:
https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b
Submission: On April 13 via api (April 13th 2021, 5:44:47 am UTC) from IE

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 28 HTTP transactions. The main IP is 104.18.83.10, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.norgesspill.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 18th 2020. Valid for: a year.

This is the only time www.norgesspill.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::6815:403c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 12	104.18.83.10 104.18.83.10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	104.18.140.3 104.18.140.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
1 2	18.158.167.137 18.158.167.137	16509 (AMAZON-02) (AMAZON-02)
4	54.216.48.107 54.216.48.107	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
28	14

1 2606:4700:3035::6815:403c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.villairene.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.83.10 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ads.norgesspill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.norgesspill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.140.3 (United States)

ASN13335 (CLOUDFLARENET, US)

frontapi.cherrytech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)

o271098.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.167.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.216.48.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

9905434.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	norgesspill.com 1 redirects ads.norgesspill.com www.norgesspill.com	815 KB
4	iesnare.com mpsnare.iesnare.com	25 KB
3	doubleclick.net 1 redirects 9905434.fls.doubleclick.net stats.g.doubleclick.net	2 KB
2	google.de www.google.de adservice.google.de	498 B
2	google.com www.google.com adservice.google.com	814 B
2	google-analytics.com www.google-analytics.com	19 KB
2	creative-serving.com 1 redirects ads.creative-serving.com	1 KB
2	sentry.io o271098.ingest.sentry.io	942 B
1	cherrytech.com frontapi.cherrytech.com	606 B
1	googletagmanager.com www.googletagmanager.com	39 KB
1	villairene.eu 1 redirects www.villairene.eu	912 B
28	11

	Domain	Requested by
11	www.norgesspill.com	www.norgesspill.com
4	mpsnare.iesnare.com	www.norgesspill.com mpsnare.iesnare.com
2	9905434.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.norgesspill.com
2	ads.creative-serving.com	1 redirects www.norgesspill.com
2	o271098.ingest.sentry.io	www.norgesspill.com
1	adservice.google.de	adservice.google.com
1	adservice.google.com	9905434.fls.doubleclick.net
1	www.google.de
1	www.google.com
1	stats.g.doubleclick.net	www.norgesspill.com
1	frontapi.cherrytech.com	www.norgesspill.com
1	www.googletagmanager.com	www.norgesspill.com
1	ads.norgesspill.com	1 redirects
1	www.villairene.eu	1 redirects
28	15

This site contains no links.

Subject Issuer	Validity	Valid
*.norgesspill.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.cherrytech.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.ingest.sentry.io R3	`2021-02-26` - `2021-05-27`	3 months	crt.sh
*.creative-serving.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-23` - `2022-04-03`	a year	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2020-04-08` - `2021-05-25`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b
Frame ID: FB7827A2570575DEBBA7B574D7E049D1
Requests: 26 HTTP requests in this frame

Frame: https://9905434.fls.doubleclick.net/activityi;dc_pre=CMrTv_7B-u8CFRqMdwodaTsEMg;src=9905434;type=ros0;cat=norge0;ord=6580631493955;gtm=2wg3v0;auiddc=1893956386.1618292671;u2=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b
Frame ID: C23F5D8E6CCDE76AE9080471D9CBF05A
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMrTv_7B-u8CFRqMdwodaTsEMg;src=9905434;type=ros0;cat=norge0;ord=6580631493955;gtm=2wg3v0;auiddc=1893956386.1618292671;u2=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b
Frame ID: 5A7C643CD5F68D5B34CB9A7A25B32C3D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CMrTv_7B-u8CFRqMdwodaTsEMg;src=9905434;type=ros0;cat=norge0;ord=6580631493955;gtm=2wg3v0;auiddc=1893956386.1618292671;u2=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b
Frame ID: CFB8F83889984B05DFCC9C724D5AFC68
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.villairene.eu/mail/index.php/campaigns/ow0302xozo1f3/track-url/dv0100e5ms527/c854c424202e2... HTTP 301
https://ads.norgesspill.com/tracking.php?tracking_code&aid=105856&mid=906&sid=349268&pid=95 HTTP 302
https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a5... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

28
Requests

100 %
HTTPS

57 %
IPv6

11
Domains

15
Subdomains

14
IPs

4
Countries

902 kB
Transfer

3360 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.villairene.eu/mail/index.php/campaigns/ow0302xozo1f3/track-url/dv0100e5ms527/c854c424202e23950c647abd00b9343c55652a88 HTTP 301
https://ads.norgesspill.com/tracking.php?tracking_code&aid=105856&mid=906&sid=349268&pid=95 HTTP 302
https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://ads.creative-serving.com/pixel?id=3152619&gtmcb=336554938 HTTP 302
https://ads.creative-serving.com/ul_cb/pixel?id=3152619&gtmcb=336554938

Request Chain 21

https://9905434.fls.doubleclick.net/activityi;src=9905434;type=ros0;cat=norge0;ord=6580631493955;gtm=2wg3v0;auiddc=1893956386.1618292671;u2=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b HTTP 302
https://9905434.fls.doubleclick.net/activityi;dc_pre=CMrTv_7B-u8CFRqMdwodaTsEMg;src=9905434;type=ros0;cat=norge0;ord=6580631493955;gtm=2wg3v0;auiddc=1893956386.1618292671;u2=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b

28 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request (modal:register) Show response
www.norgesspill.com/nb/
Redirect Chain

https://www.villairene.eu/mail/index.php/campaigns/ow0302xozo1f3/track-url/dv0100e5ms527/c854c424202e23950c647abd00b9343c55652a88
https://ads.norgesspill.com/tracking.php?tracking_code&aid=105856&mid=906&sid=349268&pid=95
https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b

3 KB
3 KB

267ms
255ms

Document
text/html

104.18.83.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.83.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3b92d74898d06e0b1d9604da7dad06b1530f9b3737dfe210294376b360c5cd15

Request headers

:method: GET
:authority: www.norgesspill.com
:scheme: https
:path: /nb/(modal:register)?aff=105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d02e19e90ebff3946808478afc8b1d66f1618292669
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 05:44:29 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
cache-control: no-cache
link: </nb/styles.a69eeefa4180ec8c3ada.css>; rel=preload; as=style </nb/./assets/icons/norgesspill.svg>; rel=preload; as=image </nb/runtime.effb0ce4e98a243bca4b.js>; rel=preload; as=script </nb/polyfills-es5.645fbd1207389d5ee860.js>; rel=preload; as=script </nb/polyfills.231cda70add01557908a.js>; rel=preload; as=script </nb/main.a1f197ad178c0272e0bd.js>; rel=preload; as=script
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 096b5b94ce0000d11d24858000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63f26201484ad11d-TXL
content-encoding: gzip
cf-h2-pushed: </nb/styles.a69eeefa4180ec8c3ada.css>,</nb/./assets/icons/norgesspill.svg>,</nb/runtime.effb0ce4e98a243bca4b.js>,</nb/polyfills-es5.645fbd1207389d5ee860.js>,</nb/polyfills.231cda70add01557908a.js>,</nb/main.a1f197ad178c0272e0bd.js>

Redirect headers

date: Tue, 13 Apr 2021 05:44:29 GMT
content-type: text/plain; charset=utf-8
content-length: 0
set-cookie: __cfduid=d02e19e90ebff3946808478afc8b1d66f1618292669; expires=Thu, 13-May-21 05:44:29 GMT; path=/; domain=.norgesspill.com; HttpOnly; SameSite=Lax
location: https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b
cf-cache-status: DYNAMIC
cf-request-id: 096b5b93f60000d11d173ec000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63f261ffee34d11d-TXL

GET
H2 200 styles.a69eeefa4180ec8c3ada.css
www.norgesspill.com/nb/ 165 KB
32 KB 67ms
0ms Stylesheet
text/css 104.18.83.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.norgesspill.com/nb/styles.a69eeefa4180ec8c3ada.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.83.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1c7d0b0036329bfc3f56e39e6ed9c7362371b421a607ef9bf9db685bb75bccd8

Request headers

Referer: https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 05:44:29 GMT
content-encoding: gzip
etag: W/"2942b-178b053d7a0"
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 07:13:08 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 63f26202cac5d11d-TXL
cf-request-id: 096b5b95bc0000d11d2a197000000001
expires: Wed, 14 Apr 2021 05:44:29 GMT

GET
H2 200 norgesspill.svg
www.norgesspill.com/nb/assets/icons/ 20 KB
9 KB 28ms
0ms Image
image/svg+xml 104.18.83.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.norgesspill.com/nb/assets/icons/norgesspill.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.83.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 28b3cd1a674875784ceab6326c599fa5de4cb54a318f65935a2cf400511c6484

Request headers

Referer: https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 05:44:29 GMT
content-encoding: gzip
etag: W/"50b8-178b053d7a0"
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 07:13:08 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 63f26202cac6d11d-TXL
cf-request-id: 096b5b95bd0000d11d802f3000000001
expires: Wed, 14 Apr 2021 05:44:29 GMT

GET
H2 200 runtime.effb0ce4e98a243bca4b.js Show response
www.norgesspill.com/nb/ 3 KB
2 KB 31ms
0ms Script
application/javascript 104.18.83.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.norgesspill.com/nb/runtime.effb0ce4e98a243bca4b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.83.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: aada73303764c0375824230c8f9d6fe2818f94504bccfa716657010b341da7c5

Request headers

Referer: https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 05:44:29 GMT
content-encoding: gzip
etag: W/"c01-178b053d7a0"
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 07:13:08 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 63f26202cac7d11d-TXL
cf-request-id: 096b5b95bd0000d11d54032000000001
expires: Wed, 14 Apr 2021 05:44:29 GMT

GET
H2 200 polyfills-es5.645fbd1207389d5ee860.js Show response
www.norgesspill.com/nb/ 151 KB
51 KB 50ms
0ms Script
application/javascript 104.18.83.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.norgesspill.com/nb/polyfills-es5.645fbd1207389d5ee860.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.83.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1a9da01c2511eb9397022f14b0b9ad952ebeb464535d6dd74199311d0728da16

Request headers

Referer: https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 05:44:29 GMT
content-encoding: gzip
etag: W/"25b19-178b053d7a0"
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 07:13:08 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 63f26202cac8d11d-TXL
cf-request-id: 096b5b95bd0000d11d21313000000001
expires: Wed, 14 Apr 2021 05:44:29 GMT

GET
H2 200 polyfills.231cda70add01557908a.js Show response
www.norgesspill.com/nb/ 68 KB
23 KB 32ms
0ms Script
application/javascript 104.18.83.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.norgesspill.com/nb/polyfills.231cda70add01557908a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.83.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 48c09dfa92f9f673231d471d24cc4e5794d9920a25060a201d4b8483726bbf69

Request headers

Referer: https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 05:44:29 GMT
content-encoding: gzip
etag: W/"10f54-178b053d7a0"
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 07:13:08 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 63f26202cac9d11d-TXL
cf-request-id: 096b5b95bd0000d11d5b201000000001
expires: Wed, 14 Apr 2021 05:44:29 GMT

GET
H2 200 main.a1f197ad178c0272e0bd.js Show response
www.norgesspill.com/nb/ 3 MB
631 KB 73ms
0ms Script
application/javascript 104.18.83.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.norgesspill.com/nb/main.a1f197ad178c0272e0bd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.83.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e72d909cb805a1cd0300ddd9e106c7a9fb331b55147fe710b16fd9b87fd20eee

Request headers

Referer: https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 05:44:29 GMT
content-encoding: gzip
etag: W/"292a94-178b053d7a0"
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 07:13:08 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 63f26202cacbd11d-TXL
cf-request-id: 096b5b95bd0000d11d0a005000000001
expires: Wed, 14 Apr 2021 05:44:29 GMT

GET
DATA 200
OK truncated
/ 383 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 888f730da676563eef2e15b854fc9ce996a7baf8a13654fac565e50794ed031e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 OpenSans-Regular.woff2
www.norgesspill.com/nb/assets/fonts/ 43 KB
44 KB 56ms
55ms Font
application/font-woff2 104.18.83.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.norgesspill.com/nb/assets/fonts/OpenSans-Regular.woff2
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/nb/styles.a69eeefa4180ec8c3ada.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.83.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 464da49bb91e07b05858a444a3729c0ce5a34d1c5ce97dc6b05f9fd71246cb66

Request headers

Origin: https://www.norgesspill.com
Referer: https://www.norgesspill.com/nb/styles.a69eeefa4180ec8c3ada.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 05:44:30 GMT
etag: W/"ad48-178b053d7a0"
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 07:13:08 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 63f262037c41d11d-TXL
content-length: 44360
cf-request-id: 096b5b962a0000d11d2818e000000001
expires: Wed, 14 Apr 2021 05:44:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 122 KB
39 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-54234LZ

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

06aa00a0e2db2fe8cfe5cc54635061f511d30545a972e340799e90d75efa211c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 05:44:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39905
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Apr 2021 05:44:30 GMT

GET
H2 200 iovation-loader-static.min.js Show response
www.norgesspill.com/nb/ 47 KB
18 KB 49ms
49ms Script
application/javascript 104.18.83.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.norgesspill.com/nb/iovation-loader-static.min.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/nb/main.a1f197ad178c0272e0bd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.83.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f21675a0aa06483ec88e0f0278b494ab51c9fc5c9f79533bc0c0c583b1d0a58f

Request headers

Referer: https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 05:44:30 GMT
content-encoding: gzip
etag: W/"bc1c-178b053d7a0"
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 07:13:08 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 63f26204feb1d11d-TXL
cf-request-id: 096b5b971d0000d11d54051000000001
expires: Wed, 14 Apr 2021 05:44:30 GMT

GET
H2 200 location Show response
frontapi.cherrytech.com/ 204 B
606 B 421ms
370ms XHR
application/json 104.18.140.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://frontapi.cherrytech.com/location?locale=nb&brand=spilleautomater.desktop
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/nb/polyfills.231cda70add01557908a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.140.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b784d704b7b68eaf4abf9e14c028eb7d40c113e82c15b9e41732c774b8807b64

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 05:44:30 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.norgesspill.com
access-control-expose-headers
cache-control: must-revalidate, no-cache, no-store
cf-ray: 63f26205dfedd11d-TXL
cf-request-id: 096b5b97a80000d11d65a2f000000001

POST
H/1.1 403
Forbidden / Show response
o271098.ingest.sentry.io/api/2235718/store/ 56 B
471 B 879ms
135ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o271098.ingest.sentry.io/api/2235718/store/?sentry_key=612f0adbc099481f8056263ed907ef48&sentry_version=7

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/nb/polyfills.231cda70add01557908a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

7c1e2d0f6a27b6701cbfc14d4b2c6863a2de1753603e0eafaf1a1c42a4e22b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 13 Apr 2021 05:44:31 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://www.norgesspill.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 56

GET
H/1.1

200
OK

pixel
ads.creative-serving.com/ul_cb/
Redirect Chain

https://ads.creative-serving.com/pixel?id=3152619&gtmcb=336554938
https://ads.creative-serving.com/ul_cb/pixel?id=3152619&gtmcb=336554938

43 B
509 B

28ms
28ms

Image
image/gif

18.158.167.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.creative-serving.com/ul_cb/pixel?id=3152619&gtmcb=336554938
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.167.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 05:44:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://ads.creative-serving.com/ul_cb/pixel?id=3152619&gtmcb=336554938
Date: Tue, 13 Apr 2021 05:44:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 dyn_wdp.js Show response
www.norgesspill.com/iojs/5.2.2/ 2 KB
2 KB 124ms
123ms Script
text/javascript 104.18.83.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norgesspill.com/iojs/5.2.2/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/nb/iovation-loader-static.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.83.10 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2f49e0987d46b2312f64715f2328b8ae19972a530f6e3279d808cfb4f77112d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

Referer: https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 63f26205e808d11d-TXL
pragma: no-cache
date: Tue, 13 Apr 2021 05:44:30 GMT
content-encoding: gzip
cf-cache-status: MISS
accept-ch: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NON DSP COR CURa"
cache-control: no-cache, private
strict-transport-security: max-age=31536000, max-age=31536000
content-type: text/javascript; charset=utf-8
cf-request-id: 096b5b97b60000d11d3999f000000001
server: cloudflare
expires: 0

GET
H/1.1 200
OK wdp.js Show response
mpsnare.iesnare.com/5.2.2/ 49 KB
22 KB 685ms
85ms Script
text/javascript 54.216.48.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.2.2/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/nb/iovation-loader-static.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.48.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

047e3d11a0e1a6981a251747582c70978dc8df1943fe7cd31b9c46998e8f44d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 05:44:31 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: 0

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
880 B 540ms
50ms Media
audio/mpeg 54.216.48.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.04671970694854033

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.48.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6ec1fae6ed9211bf3808374c69f796f129c0b71fe0633924ebd300fd06b778a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.norgesspill.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Tue, 13 Apr 2021 05:44:31 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 logo.js Show response
www.norgesspill.com/iojs/5.2.2/ 477 B
562 B 94ms
94ms Script
text/javascript 104.18.83.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norgesspill.com/iojs/5.2.2/logo.js

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/nb/iovation-loader-static.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.83.10 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38502dd2d4e5519cc276a9b13328e52bd7403eca9ab3f5da01ade3845dcec8a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

Referer: https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 63f26206b956d11d-TXL
date: Tue, 13 Apr 2021 05:44:30 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 06 May 2014 00:01:40 GMT
accept-ch: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NON DSP COR CURa"
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000, max-age=31536000
content-type: text/javascript; charset=utf-8
cf-request-id: 096b5b98350000d11d7b310000000001
server: cloudflare
expires: Wed, 13 Apr 2022 05:44:30 GMT

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.2.2/ 477 B
909 B 52ms
52ms Script
text/javascript 54.216.48.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.2.2/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/5.2.2/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.48.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c6956ca97fc85a6ea652ddecbed297bf3eb893e1690dd6ca29044ec8f6259ee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 05:44:31 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Server: nginx
Expires: Wed, 13 Apr 2022 05:44:31 GMT

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
880 B 51ms
50ms Media
audio/mpeg 54.216.48.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.3131370468947954

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/nb/(modal:register)?aff=105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.48.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6ec1fae6ed9211bf3808374c69f796f129c0b71fe0633924ebd300fd06b778a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.norgesspill.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Tue, 13 Apr 2021 05:44:31 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 1 Jan 1970 00:00:00 GMT

POST
H/1.1 403
Forbidden / Show response
o271098.ingest.sentry.io/api/2235718/envelope/ 56 B
471 B 207ms
134ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o271098.ingest.sentry.io/api/2235718/envelope/?sentry_key=612f0adbc099481f8056263ed907ef48&sentry_version=7

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/nb/polyfills.231cda70add01557908a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

7c1e2d0f6a27b6701cbfc14d4b2c6863a2de1753603e0eafaf1a1c42a4e22b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 13 Apr 2021 05:44:31 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://www.norgesspill.com
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 56

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54234LZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 6775
date: Tue, 13 Apr 2021 03:51:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Tue, 13 Apr 2021 05:51:36 GMT

GET
H3-Q050

200

activityi;dc_pre=CMrTv_7B-u8CFRqMdwodaTsEMg;src=9905434;type=ros0;cat=norge0;ord=6580631493955;gtm=2wg3v0;auiddc=1893956386.1618292671;u2=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)... Show response
9905434.fls.doubleclick.net/ Frame C23F
Redirect Chain

https://9905434.fls.doubleclick.net/activityi;src=9905434;type=ros0;cat=norge0;ord=6580631493955;gtm=2wg3v0;auiddc=1893956386.1618292671;u2=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregiste...
https://9905434.fls.doubleclick.net/activityi;dc_pre=CMrTv_7B-u8CFRqMdwodaTsEMg;src=9905434;type=ros0;cat=norge0;ord=6580631493955;gtm=2wg3v0;auiddc=1893956386.1618292671;u2=https%3A%2F%2Fwww.norge...

717 B
1 KB

87ms
52ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9905434.fls.doubleclick.net/activityi;dc_pre=CMrTv_7B-u8CFRqMdwodaTsEMg;src=9905434;type=ros0;cat=norge0;ord=6580631493955;gtm=2wg3v0;auiddc=1893956386.1618292671;u2=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54234LZ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

16c4bdc2b9a9b0f02521ef966447c8b8f7eb35ecde5e74166daf811832cdc267

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9905434.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CMrTv_7B-u8CFRqMdwodaTsEMg;src=9905434;type=ros0;cat=norge0;ord=6580631493955;gtm=2wg3v0;auiddc=1893956386.1618292671;u2=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.norgesspill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Apr 2021 05:44:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 465
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 13-Apr-2021 05:59:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Apr 2021 05:44:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9905434.fls.doubleclick.net/activityi;dc_pre=CMrTv_7B-u8CFRqMdwodaTsEMg;src=9905434;type=ros0;cat=norge0;ord=6580631493955;gtm=2wg3v0;auiddc=1893956386.1618292671;u2=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
129 B 13ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&aip=1&a=356459320&t=pageview&_s=1&dl=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b&ul=en-us&de=UTF-8&dt=NorgesSpill&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=833431716&gjid=1156090560&cid=1995164951.1618292671&tid=UA-81872348-1&_gid=2017249882.1618292671&_r=1&gtm=2wg3v054234LZ&cd2=Not%20logged-in&cd8=function(a)%7Ba.set(%22dimension%22%2Bb%2Ca.get(%22clientId%22))%7D&cd11=105856&cd23=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd25=&cd26=24&cd27=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b&cd5=1995164951.1618292671&z=270507357

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/nb/polyfills.231cda70add01557908a.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 05:44:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.norgesspill.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-81872348-1&cid=1995164951.1618292671&jid=833431716&gjid=1156090560&_gid=2017249882.1618292671&_u=YEBAAEAAAAAAAC~&z=196612094

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/nb/polyfills.231cda70add01557908a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 13 Apr 2021 05:44:31 GMT
content-type: text/plain
access-control-allow-origin: https://www.norgesspill.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
116 B 17ms
17ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-81872348-1&cid=1995164951.1618292671&jid=833431716&_u=YEBAAEAAAAAAAC~&z=321053369

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 05:44:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-81872348-1&cid=1995164951.1618292671&jid=833431716&_u=YEBAAEAAAAAAAC~&z=321053369

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 05:44:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CMrTv_7B-u8CFRqMdwodaTsEMg;src=9905434;type=ros0;cat=norge0;ord=6580631493955;gtm=2wg3v0;auiddc=1893956386.1618292671;u2=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D1... Show response
adservice.google.com/ddm/fls/i/ Frame 5A7C 716 B
698 B 43ms
43ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CMrTv_7B-u8CFRqMdwodaTsEMg;src=9905434;type=ros0;cat=norge0;ord=6580631493955;gtm=2wg3v0;auiddc=1893956386.1618292671;u2=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b

Requested by

Host: 9905434.fls.doubleclick.net
URL: https://9905434.fls.doubleclick.net/activityi;dc_pre=CMrTv_7B-u8CFRqMdwodaTsEMg;src=9905434;type=ros0;cat=norge0;ord=6580631493955;gtm=2wg3v0;auiddc=1893956386.1618292671;u2=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dd65aa82497746e7e8acd60727b7c6b7b31eb27eeb26c203ef5379110901f66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CMrTv_7B-u8CFRqMdwodaTsEMg;src=9905434;type=ros0;cat=norge0;ord=6580631493955;gtm=2wg3v0;auiddc=1893956386.1618292671;u2=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9905434.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://9905434.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Apr 2021 05:44:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 465
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CMrTv_7B-u8CFRqMdwodaTsEMg;src=9905434;type=ros0;cat=norge0;ord=6580631493955;gtm=2wg3v0;auiddc=1893956386.1618292671;u2=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D1... Show response
adservice.google.de/ddm/fls/i/ Frame CFB8 194 B
391 B 16ms
16ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CMrTv_7B-u8CFRqMdwodaTsEMg;src=9905434;type=ros0;cat=norge0;ord=6580631493955;gtm=2wg3v0;auiddc=1893956386.1618292671;u2=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMrTv_7B-u8CFRqMdwodaTsEMg;src=9905434;type=ros0;cat=norge0;ord=6580631493955;gtm=2wg3v0;auiddc=1893956386.1618292671;u2=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CMrTv_7B-u8CFRqMdwodaTsEMg;src=9905434;type=ros0;cat=norge0;ord=6580631493955;gtm=2wg3v0;auiddc=1893956386.1618292671;u2=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fnb%2F(modal%3Aregister)%3Faff%3D105856_W1cBmOAhBABA20210413ef2b394786af4ad3b9eda15a58482e7b
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Apr 2021 05:44:31 GMT
expires: Tue, 13 Apr 2021 05:44:31 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.norgesspill.com/	1970-01-19 18:14:44	Name: __cfduid Value: d02e19e90ebff3946808478afc8b1d66f1618292669

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.norgesspill.com/nb/main.a1f197ad178c0272e0bd.js(Line 2) Message: Sentry is sending exception number 032a307e285f4389b1704039c61f2625. Include this number when reporting a technical issue. [object Object]
console-api	log	URL: https://www.norgesspill.com/nb/main.a1f197ad178c0272e0bd.js(Line 2) Message: %cCacheStorage was empty at init. Caching latest version now... background: #0f0; color: #000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9905434.fls.doubleclick.net
ads.creative-serving.com
ads.norgesspill.com
adservice.google.com
adservice.google.de
frontapi.cherrytech.com
mpsnare.iesnare.com
o271098.ingest.sentry.io
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.norgesspill.com
www.villairene.eu
104.18.140.3
104.18.83.10
142.250.74.198
18.158.167.137
2606:4700:3035::6815:403c
2a00:1450:4001:801::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:400c:c0b::9d
35.188.42.15
54.216.48.107
047e3d11a0e1a6981a251747582c70978dc8df1943fe7cd31b9c46998e8f44d4
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06aa00a0e2db2fe8cfe5cc54635061f511d30545a972e340799e90d75efa211c
0dd65aa82497746e7e8acd60727b7c6b7b31eb27eeb26c203ef5379110901f66
16c4bdc2b9a9b0f02521ef966447c8b8f7eb35ecde5e74166daf811832cdc267
1a9da01c2511eb9397022f14b0b9ad952ebeb464535d6dd74199311d0728da16
1c7d0b0036329bfc3f56e39e6ed9c7362371b421a607ef9bf9db685bb75bccd8
28b3cd1a674875784ceab6326c599fa5de4cb54a318f65935a2cf400511c6484
38502dd2d4e5519cc276a9b13328e52bd7403eca9ab3f5da01ade3845dcec8a9
3b92d74898d06e0b1d9604da7dad06b1530f9b3737dfe210294376b360c5cd15
464da49bb91e07b05858a444a3729c0ce5a34d1c5ce97dc6b05f9fd71246cb66
48c09dfa92f9f673231d471d24cc4e5794d9920a25060a201d4b8483726bbf69
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6ec1fae6ed9211bf3808374c69f796f129c0b71fe0633924ebd300fd06b778a0
7c1e2d0f6a27b6701cbfc14d4b2c6863a2de1753603e0eafaf1a1c42a4e22b65
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
888f730da676563eef2e15b854fc9ce996a7baf8a13654fac565e50794ed031e
aada73303764c0375824230c8f9d6fe2818f94504bccfa716657010b341da7c5
b784d704b7b68eaf4abf9e14c028eb7d40c113e82c15b9e41732c774b8807b64
c6956ca97fc85a6ea652ddecbed297bf3eb893e1690dd6ca29044ec8f6259ee6
d2f49e0987d46b2312f64715f2328b8ae19972a530f6e3279d808cfb4f77112d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e72d909cb805a1cd0300ddd9e106c7a9fb331b55147fe710b16fd9b87fd20eee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f21675a0aa06483ec88e0f0278b494ab51c9fc5c9f79533bc0c0c583b1d0a58f
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

www.norgesspill.com Open in urlscan Pro 104.18.83.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

57 %IPv6

11 Domains

15 Subdomains

14 IPs

4 Countries

902 kBTransfer

3360 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.norgesspill.com Open in urlscan Pro
104.18.83.10 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

57 %
IPv6

11
Domains

15
Subdomains

14
IPs

4
Countries

902 kB
Transfer

3360 kB
Size

1
Cookies

28 HTTP transactions
1 data transactions