fyllhjelmen.baneservice.no Open in urlscan Pro
52.17.119.105 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fyllhjelmen.baneservice.no/
Submission: On July 03 via automatic, source certstream-suspicious (July 3rd 2024, 8:09:22 pm UTC) — Scanned from NO

Summary HTTP 50 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 15 domains to perform 50 HTTP transactions. The main IP is 52.17.119.105, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is fyllhjelmen.baneservice.no.
TLS certificate: Issued by R11 on July 1st 2024. Valid for: 3 months.

This is the only time fyllhjelmen.baneservice.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.17.119.105 52.17.119.105	16509 (AMAZON-02) (AMAZON-02)
14	2600:9000:20d... 2600:9000:20dc:9400:11:3b84:d200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	146.185.171.17 146.185.171.17	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
3	2606:4700:21:... 2606:4700:21::681b:c358	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.232.39 52.222.232.39	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20a... 2600:9000:20ab:a800:13:dbe1:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	52.210.165.66 52.210.165.66	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
50	18

1 52.17.119.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-119-105.eu-west-1.compute.amazonaws.com

fyllhjelmen.baneservice.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:20dc:9400:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.185.171.17 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:21::681b:c358 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.plyr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.232.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-39.fra56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20ab:a800:13:dbe1:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.ontame.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.165.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-165-66.eu-west-1.compute.amazonaws.com

collector.ontame.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	website-files.com assets.website-files.com — Cisco Umbrella Rank: 15598	2 MB
6	gstatic.com fonts.gstatic.com	48 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 268	61 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	17 KB
3	ontame.io cdn.ontame.io collector.ontame.io — Cisco Umbrella Rank: 676490	28 KB
3	plyr.io cdn.plyr.io — Cisco Umbrella Rank: 12911	42 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	71 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	176 KB
2	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 2181	12 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 469 fonts.googleapis.com — Cisco Umbrella Rank: 83	7 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2355
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	30 KB
1	cookie-script.com cdn.cookie-script.com — Cisco Umbrella Rank: 24176	20 KB
1	baneservice.no fyllhjelmen.baneservice.no	24 KB
50	15

	Domain	Requested by
14	assets.website-files.com	fyllhjelmen.baneservice.no assets.website-files.com
6	fonts.gstatic.com	fonts.googleapis.com
4	cdnjs.cloudflare.com	fyllhjelmen.baneservice.no
4	cdn.jsdelivr.net	fyllhjelmen.baneservice.no
3	cdn.plyr.io	fyllhjelmen.baneservice.no cdn.plyr.io
2	www.facebook.com	fyllhjelmen.baneservice.no
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	cdn.ontame.io	fyllhjelmen.baneservice.no cdn.ontame.io
2	www.googletagmanager.com	fyllhjelmen.baneservice.no www.googletagmanager.com
2	player.vimeo.com	fyllhjelmen.baneservice.no cdn.plyr.io
1	collector.ontame.io	fyllhjelmen.baneservice.no
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	ajax.googleapis.com
1	d3e54v103j8qbb.cloudfront.net	fyllhjelmen.baneservice.no
1	cdn.cookie-script.com	fyllhjelmen.baneservice.no
1	ajax.googleapis.com	fyllhjelmen.baneservice.no
1	fyllhjelmen.baneservice.no
50	17

This site contains links to these domains. Also see Links.

Domain
www.baneservice.no

Subject Issuer	Validity	Valid
fyllhjelmen.baneservice.no R11	`2024-07-01` - `2024-09-29`	3 months	crt.sh
*.website-files.com Amazon RSA 2048 M03	`2023-09-11` - `2024-10-08`	a year	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.cookie-script.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-11` - `2024-07-25`	10 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
cdn.plyr.io Cloudflare Inc ECC CA-3	`2024-03-11` - `2024-12-31`	10 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
player.vimeo.com E1	`2024-05-27` - `2024-08-25`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
cdn.ontame.io Amazon RSA 2048 M01	`2023-08-13` - `2024-09-10`	a year	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-12` - `2024-07-11`	3 months	crt.sh
ontame.io Amazon RSA 2048 M03	`2024-04-29` - `2025-05-27`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://fyllhjelmen.baneservice.no/
Frame ID: 8F91C6CF4B86AAFAEB8ED3BB470E2AF3
Requests: 47 HTTP requests in this frame

Frame: https://player.vimeo.com/video/856322423?loop=true&byline=false&portrait=false&title=false&speed=true&transparent=0&gesture=media
Frame ID: F6556684ECDCFAC785E1862BF0BA4BEF
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/856322423?loop=true&byline=false&portrait=false&title=false&speed=true&transparent=0&gesture=media
Frame ID: 48A17CE2FE5ADC1FAE2A1D3C6E71A7EC
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/856322423?loop=true&autoplay=false&muted=false&gesture=media&playsinline=true&byline=false&portrait=false&title=false&speed=true&transparent=false&customControls=true
Frame ID: 2450EE5C0EB5CE703C2C72E10C86446E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Baneservice

Detected technologies

Plyr (Video players) Expand

Overall confidence: 100%
Detected patterns

https://cdn\.plyr\.io/([0-9.]+)/.+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

50
Requests

96 %
HTTPS

71 %
IPv6

15
Domains

17
Subdomains

18
IPs

5
Countries

2227 kB
Transfer

3879 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.baneservice.no/karriere
Title: Fyll hjelmen

Search URL Search Domain Scan URL

URL: https://www.baneservice.no/om-oss
Title: Om Baneservice

Search URL Search Domain Scan URL

URL: https://www.baneservice.no/personvern
Title: Personvernerklæring

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fyllhjelmen.baneservice.no/ 71 KB
24 KB 840ms
538ms Document
text/html 52.17.119.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fyllhjelmen.baneservice.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.17.119.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-119-105.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d1bb5caa6371674cb648131a48d8c679c3f62377e6469642351c20f2334047b6

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 0
content-encoding: gzip
content-length: 24768
content-type: text/html
date: Wed, 03 Jul 2024 20:09:14 GMT
vary: x-wf-forwarded-proto, Accept-Encoding
x-cache: MISS
x-cache-hits: 0
x-cluster-name: eu-west-1-prod-hosting-red
x-lambda-id: 808a64ce-0598-421d-953f-4ba4e32ec70a
x-served-by: cache-dub4322-DUB
x-timer: S1720037355.576736,VS0,VE388

GET
H2 200 baneservice-staging.9b7a1d269.css
assets.website-files.com/64ddecc85fae501866dc419e/css/ 62 KB
13 KB 767ms
539ms Stylesheet
text/css 2600:9000:20dc:9400:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/64ddecc85fae501866dc419e/css/baneservice-staging.9b7a1d269.css
Requested by: Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20dc:9400:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85e97e492f82a7a300570ad13e8771c2b2477284df635d5433b86ef382c3d233

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:16 GMT
content-encoding: gzip
via: 1.1 ec8f33e5a3517538e3358f9bcc47d868.cloudfront.net (CloudFront)
x-amz-version-id: sdDSytO.uQ5O.wrlHT6PtcN_migFT5Ky
x-amz-cf-pop: MXP64-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 12669
last-modified: Tue, 26 Sep 2023 13:51:47 GMT
server: AmazonS3
etag: "c993e7444549e4a6bfa90dc3f1b279b5"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: aebLCQSm9w2vBwRmdTi1BtGOw5tiPRLWTBO1UZNCQ_nvJs7629uZeQ==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 231ms
70ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 09:54:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 09:54:20 GMT

GET
H2 200 a5e4f18128bf329fa85148337f8c2976.js Show response
cdn.cookie-script.com/s/ 109 KB
20 KB 450ms
279ms Script
application/javascript 146.185.171.17
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookie-script.com/s/a5e4f18128bf329fa85148337f8c2976.js
Requested by: Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.171.17 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 467c0e234d5119373069c2c4b4f76e479e0e78d6d3616cfb03a3206113d49607

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:15 GMT
content-encoding: gzip
last-modified: Thu, 24 Aug 2023 11:39:57 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"c4f66cfc1ef8544771132dfecd53e3a4"
x-cache-status: MISS
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *

GET
H2 200 slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 2 KB
1 KB 154ms
47ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css

Requested by

Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 03 Jul 2024 20:09:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11376690
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 590
x-served-by: cache-fra-eddf8230085-FRA, cache-bma1666-BMA
x-jsd-version-type: version
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 plyr.css
cdn.plyr.io/3.7.8/ 32 KB
6 KB 209ms
82ms Stylesheet
text/css 2606:4700:21::681b:c358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.7.8/plyr.css
Requested by: Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c06593065d525cac7ffb626221f4edad2e94791edd7c71bb8573c3600567cb19

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5447352
cf-polished: origSize=32564
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 20 Apr 2023 10:33:44 GMT
server: cloudflare
etag: W/"411acf0fd5fe4d42c580db72f82077fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MtFMoxDvZ9wPpuFTy3R%2B0ai8rzdBYCK801x1xBha%2Frpe4CutdG0NRw%2BQZuaiamlHHXMBao3pZmlwcxJz5y9VnXTDaOJJIY1oRR%2B6qdxjMvxI9FMImF9g4tc55Lhw3zlnVER5uYXIQFMw"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 89d9831e3a338d8c-HEL

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
30 KB 219ms
72ms Script
application/javascript 52.222.232.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=64ddecc85fae501866dc419e
Requested by: Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Origin: https://fyllhjelmen.baneservice.no
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 21:14:35 GMT
content-encoding: br
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 82481
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: jvMAmLKLI3bmkL9ipUeq32N2QqOJxxO3ZQSJJ55Of5xLT6v20Hfk5Q==

GET
H2 200 baneservice-staging.f6f3749c0.js Show response
assets.website-files.com/64ddecc85fae501866dc419e/js/ 248 KB
68 KB 736ms
510ms Script
text/javascript 2600:9000:20dc:9400:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/64ddecc85fae501866dc419e/js/baneservice-staging.f6f3749c0.js
Requested by: Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20dc:9400:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e79975da8024f223d8b84bcedab6d460601f62315a5bea3e53f44bb4d777ae7b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:16 GMT
content-encoding: gzip
via: 1.1 ec8f33e5a3517538e3358f9bcc47d868.cloudfront.net (CloudFront)
x-amz-version-id: sovx30TS4uWW.TxnxfSwNzYFWj.ixQ0n
x-amz-cf-pop: MXP64-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 69194
last-modified: Tue, 26 Sep 2023 13:51:47 GMT
server: AmazonS3
etag: "39009c0ec90114a4c2af2a272136bf01"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: Ph8M7tHmdNWVHK5ms7Up5LMUDLxfoxxo3RVA3Gkn0mqZlPdIY_sdag==

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 82 KB
27 KB 210ms
75ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1284825
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26660
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14983"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oa45qeTM4g%2B58QBHXxMIYas65IKHkJeG1EhzPkk%2BR9HAPzrKHRzPlw3kjfeAJOkiq%2BNGA2TwdBBkL3qxuPIjqW0l9xtmn5qJt9pIY6It6rhuGRxKuERS4QzkE4Brjr7BFYEHdWUCUe9giwEb3wnVhIjy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89d9831e39db5f0a-ARN
expires: Mon, 23 Jun 2025 20:09:15 GMT

GET
H2 200 waypoints.min.js Show response
cdnjs.cloudflare.com/ajax/libs/waypoints/2.0.3/ 8 KB
3 KB 262ms
127ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/waypoints/2.0.3/waypoints.min.js

Requested by

Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1131102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2331
last-modified: Mon, 04 May 2020 16:17:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0402f-1f6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DU5nyRZbjxrDOb2xCCo4aRlU4ZAw7jqVxvHNWho4yq8imKfupobi4ENYubb6jfMps8l1nr5aEdhhg%2Fxe960VEbdZt8VWXKEBuv%2FH2ewE8pe1DMi6bHR47Dl0NGVqIZA%2B3sJidWiUpQehCG0WBzNOAYhU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89d9831e39e35f0a-ARN
expires: Mon, 23 Jun 2025 20:09:15 GMT

GET
H2 200 jquery.counterup.min.js Show response
cdn.jsdelivr.net/jquery.counterup/1.0/ 1 KB
698 B 155ms
51ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.counterup/1.0/jquery.counterup.min.js

Requested by

Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

603e3b6061c49f8c02f07e5152c5d7381defba10c8fe73f95090e19a78de0397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 03 Jul 2024 20:09:15 GMT
age: 7579255
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 584
x-served-by: cache-fra-eddf8230145-FRA, cache-bma1666-BMA
etag: W/"42f-YzteFSlsJJhNsZKJU944+r1/DPU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
11 KB 154ms
50ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 03 Jul 2024 20:09:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 8515478
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11325
x-served-by: cache-fra-eddf8230159-FRA, cache-bma1666-BMA
x-jsd-version-type: version
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/ 62 KB
22 KB 211ms
77ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/gsap.min.js

Requested by

Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 32740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 22641
last-modified: Wed, 29 Sep 2021 08:04:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61541e28-5871"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Thr%2Bdrd%2FeAlge9cLaA2qEa0gCQ7P1Cdv%2B13Hda71mqQGAqzOTbaVnH5MefFMn0OL38j59UynVQuy2pzpsCMI9IYE5nZCeE0UmJkHYNT%2BH%2F%2BH6wUGO8hiHesIOdd1EzFT91laHoDMMQd%2BmSudb%2BSevm7v"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89d9831e39e55f0a-ARN
expires: Mon, 23 Jun 2025 20:09:15 GMT

GET
H2 200 ScrollTrigger.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/ 24 KB
10 KB 210ms
76ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/ScrollTrigger.min.js

Requested by

Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50961ba8f1fafc64850f103db72aaa87b3da323e915f2f50c3fa48cc85a6b053

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9466
last-modified: Wed, 29 Sep 2021 08:04:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61541e28-24fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rSxKOeBmSmck8bD89jsAOOFd%2BxGWr3ZEpIGAFKOvoOiLnnK9%2BOUmAWV0F7Oc5Q52l4v%2BgzXg%2BMsrqNkOwyxW%2Fd39m2sNpYak%2B7WfB1qf2h%2BQcUB5CDKQX26tCIvXPeOUwwSiqwOQvzc95EuyeH90l5pd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89d9831e39e95f0a-ARN
expires: Mon, 23 Jun 2025 20:09:15 GMT

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 37 KB
12 KB 211ms
89ms Script
application/javascript 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b26ea722a2121ee02d8ca9c23460c5ff6cb75f840ff9e0c1ee79ecaedc7ad8f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 03 Jul 2024 16:22:44 GMT
Date: Wed, 03 Jul 2024 20:09:15 GMT
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
via: 1.1 varnish
Age: 991
x-cache: HIT
Connection: keep-alive
x-backend-server: player-backend-edge-entry
Content-Length: 11390
x-served-by: cache-bma1674-BMA
x-player-backend: g
Server: cloudflare
x-timer: S1720037355.255814,VS0,VE0
vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
access-control-allow-origin: *
Cache-Control: max-age=1800
x-bapp-server
accept-ranges: bytes
CF-RAY: 89d9831e2cf115ec-ARN
x-cache-hits: 572

GET
H2 200 plyr.js Show response
cdn.plyr.io/3.7.8/ 110 KB
33 KB 206ms
83ms Script
application/javascript 2606:4700:21::681b:c358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.7.8/plyr.js
Requested by: Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bdc4c42a18797aaabe38f455613328f0b27fc5279a907b0fac82c6ab2bcc67a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5458943
cf-polished: origSize=113183
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 20 Apr 2023 10:33:44 GMT
server: cloudflare
etag: W/"714122a0383a143c50c9629e2bcb7e1f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=90SSdsEdEM5K17hOfrtR61NTFk4fXjlSvhh3umDN6JPgWROHyE6%2FyzrpjRQg0aoA8PQYmFVVTaVyIGqRDt%2BTB0md8FvzA7%2FKgfbB%2Fsh0nE1IEmDDCHVbUvCHrWXuJSQ8iEAd%2Bcvpemtj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 89d9831e3a368d8c-HEL

GET
H2 200 lenis.min.js Show response
cdn.jsdelivr.net/gh/studio-freight/lenis@1/bundled/ 12 KB
4 KB 154ms
52ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/studio-freight/lenis@1/bundled/lenis.min.js

Requested by

Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0ef869066c4bbe6153c34c5ba7308c826b4fa2f12796cc02bef6e9aa7ee26cf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 03 Jul 2024 20:09:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7591
x-jsd-version: 1.0.29
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4120
x-served-by: cache-fra-eddf8230139-FRA, cache-bma1666-BMA
x-jsd-version-type: version
etag: W/"31af-0j/CZInGJ+zT4ZU29sro9JLyIgA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css
fonts.googleapis.com/ 4 KB
904 B 260ms
93ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:regular,italic,500,600,700,800

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8cfc261e681fe6d1d9ffa63ff02c58324789f786b3d98f878091277dfa180e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Jul 2024 20:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Jul 2024 20:09:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Jul 2024 20:09:16 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 211 KB
74 KB 261ms
102ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KR2VMDM9

Requested by

Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c40f70ee8b1df91f553b2fd032f31a8b0c45250884621188a91de5623b874dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75726
x-xss-protection: 0
last-modified: Wed, 03 Jul 2024 19:50:59 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Jul 2024 20:09:16 GMT

GET
H2 200 baneservice.js Show response
cdn.ontame.io/ 3 KB
2 KB 302ms
81ms Script
application/javascript 2600:9000:20ab:a800:13:dbe1:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ontame.io/baneservice.js
Requested by: Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:a800:13:dbe1:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3df4601ea482834e53b474fbad8dcbf8a1e2536c7005d059a22dc4a283bcc70

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 5lip_YGThdDa3_LSP9GJZKj4e31PqsAb
content-encoding: gzip
via: 1.1 a43889f6531338b6dd9d3a4339de949a.cloudfront.net (CloudFront)
date: Wed, 03 Jul 2024 13:02:37 GMT
last-modified: Tue, 19 Mar 2024 13:17:37 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 25600
x-amz-server-side-encryption: AES256
etag: W/"b6b1fd2b421ec1b5afb6e8fa4c88b49a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: xeXoUCdJ73YnNtbfTKQWw653y-KdtE96FK8jMsGWPksPIX_Y3cJPkA==

GET 856322423
player.vimeo.com/video/ Frame F655 0
0

GET
H2 200 64ddecc85fae501866dc41a5_Group%204185.webp
assets.website-files.com/64ddecc85fae501866dc419e/ 5 KB
5 KB 482ms
482ms Image
image/webp 2600:9000:20dc:9400:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/64ddecc85fae501866dc419e/64ddecc85fae501866dc41a5_Group%204185.webp
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/64ddecc85fae501866dc419e/css/baneservice-staging.9b7a1d269.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20dc:9400:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f338b75a65d6a7fbffdcc61ac58bef4d383d0da5013cc31005ac7712c1bbff6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://assets.website-files.com/64ddecc85fae501866dc419e/css/baneservice-staging.9b7a1d269.css
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:17 GMT
x-amz-version-id: KqDrTEK_DOMElfNii7sZ6CIg5hH6sQVY
via: 1.1 ec8f33e5a3517538e3358f9bcc47d868.cloudfront.net (CloudFront)
last-modified: Thu, 17 Aug 2023 09:47:53 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C1
etag: "72613da0d825050355c63107fd69aad7"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
content-length: 5110
x-amz-cf-id: ru-1htODm9umGZ9tWTsewH6dNJgkoLB8ns0wgPD1sNKNHBiSV4wj5w==

GET
H2 200 64e8657432280818ecf5deea_Mer%20enn%20dyktig%20fagfolk%2016x9_web_2-poster-00001.jpg
assets.website-files.com/64ddecc85fae501866dc419e/ 87 KB
88 KB 661ms
660ms Image
image/jpeg 2600:9000:20dc:9400:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/64ddecc85fae501866dc419e/64e8657432280818ecf5deea_Mer%20enn%20dyktig%20fagfolk%2016x9_web_2-poster-00001.jpg
Requested by: Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20dc:9400:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4964cf60c24777b90761c9db66e74c07701d11608fa997e46b7c45ed3dce09d9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:17 GMT
x-amz-version-id: X7vZhWOAv474I1mRjtx7T6zy9_GXfI8g
via: 1.1 ec8f33e5a3517538e3358f9bcc47d868.cloudfront.net (CloudFront)
last-modified: Fri, 25 Aug 2023 08:25:40 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C1
etag: "cad6d5f4a36b9062192dd8f263c08dce"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 89464
x-amz-cf-id: L4A05vAb4C9pSyE022PpgQmOS7xBx0JElBRA6ECMZ6qW8XkR0fak-g==

GET
H2 200 64ddecc85fae501866dc41b2_Poppins-Regular.ttf
assets.website-files.com/64ddecc85fae501866dc419e/ 155 KB
66 KB 756ms
609ms Font
application/x-font-ttf 2600:9000:20dc:9400:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/64ddecc85fae501866dc419e/64ddecc85fae501866dc41b2_Poppins-Regular.ttf
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/64ddecc85fae501866dc419e/css/baneservice-staging.9b7a1d269.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20dc:9400:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://assets.website-files.com/64ddecc85fae501866dc419e/css/baneservice-staging.9b7a1d269.css
Origin: https://fyllhjelmen.baneservice.no
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:17 GMT
x-amz-version-id: asT6TIRs1XkWwID3JByHJnDHY0IECSg9
content-encoding: br
via: 1.1 a492d514787de63e7daf0f07b0c799fe.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Thu, 17 Aug 2023 09:47:53 GMT
server: AmazonS3
etag: W/"093ee89be9ede30383f39a899c485a82"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: 94iC9Y9xFKWPSffjiKGi1AZD-w5clIP6znZz9ogm8puJvwFzcSzpBA==

GET
H2 200 64ddecc85fae501866dc41b3_Poppins-Medium.ttf
assets.website-files.com/64ddecc85fae501866dc419e/ 153 KB
65 KB 715ms
568ms Font
application/x-font-ttf 2600:9000:20dc:9400:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/64ddecc85fae501866dc419e/64ddecc85fae501866dc41b3_Poppins-Medium.ttf
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/64ddecc85fae501866dc419e/css/baneservice-staging.9b7a1d269.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20dc:9400:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d909883de81344e0fbcfef30e931872e92d9aeecdf85b6dcf6e0b28c078e98e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://assets.website-files.com/64ddecc85fae501866dc419e/css/baneservice-staging.9b7a1d269.css
Origin: https://fyllhjelmen.baneservice.no
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:17 GMT
x-amz-version-id: fdwleRLTFQXJ1.qEet6BzNpiDakXcopi
content-encoding: br
via: 1.1 a492d514787de63e7daf0f07b0c799fe.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Thu, 17 Aug 2023 09:47:53 GMT
server: AmazonS3
etag: W/"bf59c687bc6d3a70204d3944082c5cc0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: dmAz6GWvHGtZSFWjCgSCalOsCV78-YhIA0jhOYvYhSl6eEBWAZJOKg==

GET
H2 200 64ddecc85fae501866dc41b5_Poppins-SemiBold.ttf
assets.website-files.com/64ddecc85fae501866dc419e/ 152 KB
66 KB 714ms
567ms Font
application/x-font-ttf 2600:9000:20dc:9400:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/64ddecc85fae501866dc419e/64ddecc85fae501866dc41b5_Poppins-SemiBold.ttf
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/64ddecc85fae501866dc419e/css/baneservice-staging.9b7a1d269.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20dc:9400:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 248c0244b350ec68880996aa6be6d7796274b49992d5fcbbefe251906aa4ea36

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://assets.website-files.com/64ddecc85fae501866dc419e/css/baneservice-staging.9b7a1d269.css
Origin: https://fyllhjelmen.baneservice.no
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:17 GMT
x-amz-version-id: 0hCgdBEOvQXY.Qr_riT4QSD0c4MhJB8h
content-encoding: br
via: 1.1 a492d514787de63e7daf0f07b0c799fe.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Thu, 17 Aug 2023 09:47:53 GMT
server: AmazonS3
etag: W/"6f1520d107205975713ba09df778f93f"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: NQ8zoZksKuWQBkayf7_3yMfMxSR2GwhhZhX5Mr2AKhJek640S5sbrQ==

GET
H2 200 64e34dad93cc742996e26683_Layer%201%203-p-500.png
assets.website-files.com/64ddecc85fae501866dc419e/ 73 KB
73 KB 647ms
646ms Image
image/png 2600:9000:20dc:9400:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/64ddecc85fae501866dc419e/64e34dad93cc742996e26683_Layer%201%203-p-500.png
Requested by: Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20dc:9400:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b01ec68b5fb7ee8552310d36fb53be1626bc8192d8a1d9c260b3715a9906d03

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:17 GMT
x-amz-version-id: dfvDxREhrtL6f7LO9hgFLNwbI71LJswe
via: 1.1 ec8f33e5a3517538e3358f9bcc47d868.cloudfront.net (CloudFront)
last-modified: Mon, 21 Aug 2023 11:42:42 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C1
etag: "ba8764784a5072c28a7c1ec7a7b5735b"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 74482
x-amz-cf-id: LSziITNK-azfnGa0Lv59UzFy-NtpydAPbIh6G3vrrLCDZdd8AhJ1Bw==

GET
H2 200 6512c506b87b8aa3def1dad4_Baneservice%201R0A8856%20(3)%20%E2%80%93%20middels.png
assets.website-files.com/64ddecc85fae501866dc419e/ 298 KB
299 KB 595ms
594ms Image
image/png 2600:9000:20dc:9400:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/64ddecc85fae501866dc419e/6512c506b87b8aa3def1dad4_Baneservice%201R0A8856%20(3)%20%E2%80%93%20middels.png
Requested by: Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20dc:9400:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 057372cd1a0a0706641cc7d742185fc230765f7a2aa92f31113bf4a43fe0ed0d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:17 GMT
x-amz-version-id: rWjOWKZoWZjg1qIx4aVTHT3GKB2XO22.
via: 1.1 ec8f33e5a3517538e3358f9bcc47d868.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 305466
last-modified: Tue, 26 Sep 2023 11:48:24 GMT
server: AmazonS3
etag: "f3fdceeebdf9bebaea7affcd9a2f1f0b"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: JStVtYKr0ot0L_-PHYU3Z-ZGtRz1Rph4k1RbEHZfyzCFVX6awMoSrA==

GET
H2 206 64e8657432280818ecf5deea_Mer%20enn%20dyktig%20fagfolk%2016x9_web_2-transcode.mp4
assets.website-files.com/64ddecc85fae501866dc419e/ 416 KB
417 KB 570ms
569ms Media
video/mp4 2600:9000:20dc:9400:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/64ddecc85fae501866dc419e/64e8657432280818ecf5deea_Mer%20enn%20dyktig%20fagfolk%2016x9_web_2-transcode.mp4
Requested by: Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20dc:9400:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec3b8bea965efacd473b15f54f8fdc300ee57715bebfc0c4df8aace791068211

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://fyllhjelmen.baneservice.no/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:17 GMT
x-amz-version-id: baj8zXTGAiWWg.USoFnMuFcx_L_P8hEz
via: 1.1 ec8f33e5a3517538e3358f9bcc47d868.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
Content-Range: bytes 0-426218/426219
Content-Length: 426219
last-modified: Fri, 25 Aug 2023 08:25:31 GMT
server: AmazonS3
etag: "028f7831a5c9e5b68337d8710dfae705"
content-type: video/mp4
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 5WcsiuZz-BNVFPOkapr-_Yvf9bYrAjChw2UhbPHoVdWswY8qYbt-RA==

GET
H2 206 64f979b1d96adea1448c2eb7_Mobile_Animation_new-transcode.mp4
assets.website-files.com/64ddecc85fae501866dc419e/ 290 KB
291 KB 601ms
600ms Media
video/mp4 2600:9000:20dc:9400:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/64ddecc85fae501866dc419e/64f979b1d96adea1448c2eb7_Mobile_Animation_new-transcode.mp4
Requested by: Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20dc:9400:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87643d845d3ca6f2b26b0e4c3b0ccde1ed82c866c4cf8efb9a2c9c2a6edbd038

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://fyllhjelmen.baneservice.no/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:17 GMT
x-amz-version-id: eog9TJeQfXt9qeVoM3k6lm3xczbXOI0v
via: 1.1 ec8f33e5a3517538e3358f9bcc47d868.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
Content-Range: bytes 0-297195/297196
Content-Length: 297196
last-modified: Thu, 07 Sep 2023 07:20:31 GMT
server: AmazonS3
etag: "92d4c6001fa2c41eda0668614e986598"
content-type: video/mp4
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: eJgNgTiOIL6623zsFqOLlyBDwktHmSTMV88r8uKbZCdX_zDLpS443g==

GET
H2 200 64ddecc85fae501866dc41ac_bg%20(2).webp
assets.website-files.com/64ddecc85fae501866dc419e/ 168 KB
169 KB 565ms
565ms Image
image/webp 2600:9000:20dc:9400:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/64ddecc85fae501866dc419e/64ddecc85fae501866dc41ac_bg%20(2).webp
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/64ddecc85fae501866dc419e/css/baneservice-staging.9b7a1d269.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20dc:9400:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ad02de1ad26271ab94233b4475179ea43bac16935502a5d5fc6df22ab783206

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://assets.website-files.com/64ddecc85fae501866dc419e/css/baneservice-staging.9b7a1d269.css
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:17 GMT
x-amz-version-id: eGAJcox0Ba7j0On6dZG8p0pxeXvVRr9e
via: 1.1 ec8f33e5a3517538e3358f9bcc47d868.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 172356
last-modified: Thu, 17 Aug 2023 09:47:54 GMT
server: AmazonS3
etag: "2c1a5726b454a4b64b4eb528192e5a4b"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: AkQPhDX4l6-vuDWvlqywZmvcuXuS3EI5D_xXBepYikBPH7UJBBCJuQ==

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 310ms
141ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:regular,italic,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://fyllhjelmen.baneservice.no
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 14:48:44 GMT
x-content-type-options: nosniff
age: 105632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 14:48:44 GMT

GET
H2 200 pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
9 KB 260ms
91ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiGyp8kv8JHgFVrJJLucHtA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:regular,italic,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://fyllhjelmen.baneservice.no
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:00:04 GMT
x-content-type-options: nosniff
age: 104952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8668
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 15:00:04 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 325ms
158ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:regular,italic,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://fyllhjelmen.baneservice.no
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:11:45 GMT
x-content-type-options: nosniff
age: 104251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 15:11:45 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 333ms
166ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:regular,italic,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://fyllhjelmen.baneservice.no
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 17:07:09 GMT
x-content-type-options: nosniff
age: 529327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 17:07:09 GMT

GET
H2 200 64ddecc85fae501866dc41af_Poppins-ExtraBold.ttf
assets.website-files.com/64ddecc85fae501866dc419e/ 149 KB
65 KB 743ms
742ms Font
application/x-font-ttf 2600:9000:20dc:9400:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/64ddecc85fae501866dc419e/64ddecc85fae501866dc41af_Poppins-ExtraBold.ttf
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/64ddecc85fae501866dc419e/css/baneservice-staging.9b7a1d269.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20dc:9400:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94a215f88fbde9099cb3bd1431b8142aba26af36f8771effec56a94bc3aad1fd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://assets.website-files.com/64ddecc85fae501866dc419e/css/baneservice-staging.9b7a1d269.css
Origin: https://fyllhjelmen.baneservice.no
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:17 GMT
x-amz-version-id: oi.EldGLUu.OJSLebF1iCrMP67zxExvB
content-encoding: br
via: 1.1 a492d514787de63e7daf0f07b0c799fe.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Thu, 17 Aug 2023 09:47:53 GMT
server: AmazonS3
etag: W/"d45bdbc2d4a98c1ecb17821a1dbbd3a4"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: 67JGRBrCt2DgreocEOrkJDhPJ7tH3hSYqIeU5wEBojfCiAdESqEnBQ==

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 187ms
81ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:regular,italic,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://fyllhjelmen.baneservice.no
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:03:16 GMT
x-content-type-options: nosniff
age: 104760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 15:03:16 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 178ms
72ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:regular,italic,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://fyllhjelmen.baneservice.no
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 10:39:29 GMT
x-content-type-options: nosniff
age: 552587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7824
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 10:39:29 GMT

GET 856322423
player.vimeo.com/video/ Frame 48A1 0
0

GET
H/1.1 200
OK 856322423
player.vimeo.com/video/ Frame 2450 0
0 483ms
385ms Document
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/856322423?loop=true&autoplay=false&muted=false&gesture=media&playsinline=true&byline=false&portrait=false&title=false&speed=true&transparent=false&customControls=true

Requested by

Host: cdn.plyr.io
URL: https://cdn.plyr.io/3.7.8/plyr.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer: https://fyllhjelmen.baneservice.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

CF-Cache-Status: DYNAMIC
CF-Ray: 89d983251c579936-ARN
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 03 Jul 2024 20:09:16 GMT
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin, <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin
Server: cloudflare
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-574c66b95d-zp5c8
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-host: player-backend-574c66b95d-zp5c8
x-player-backend: g
x-served-by: cache-bma1620-BMA
x-timer: S1720037356.360860,VS0,VE304
x-xss-protection: 1; mode=block

GET
H2 200 plyr.svg Show response
cdn.plyr.io/3.7.8/ 6 KB
2 KB 481ms
375ms XHR
image/svg+xml 2606:4700:21::681b:c358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.7.8/plyr.svg
Requested by: Host: cdn.plyr.io
URL: https://cdn.plyr.io/3.7.8/plyr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 20 Apr 2023 10:33:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3a727a9b7eef825081d78cc6e48aaadf"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gwdlkizkQR4Imxz2vQd0UAxs17Tk8JDAo8TYDTRLstH1rDMbBKgmA7h7IzD4KPEsFKs3yD%2BFi8khmAJLvltoay5gsBeE8Rk2ozUCb4Zr6%2BWyq5Yv0xPAzi%2FetrfnFq5lSHodVCizlzhK"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 89d983255abb4e13-HEL
alt-svc: h3=":443"; ma=86400

GET
H2 200 bij9ahH4.js Show response
cdn.ontame.io/2.8.2/ 72 KB
25 KB 376ms
236ms Script
application/javascript 2600:9000:20ab:a800:13:dbe1:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ontame.io/2.8.2/bij9ahH4.js?v=v1.3.1
Requested by: Host: cdn.ontame.io
URL: https://cdn.ontame.io/baneservice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:a800:13:dbe1:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7fca061feddaf37bd7364832186d65c3ac771e10882abf7dfa2627663e7d24d9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Origin: https://fyllhjelmen.baneservice.no
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:17 GMT
x-amz-version-id: 9mKqswX7djn_05qHlrSEN2_4dprYr0YU
content-encoding: gzip
last-modified: Tue, 12 Sep 2017 14:10:42 GMT
server: AmazonS3
via: 1.1 0a3248cb2729105e64fb474faf90e3b2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
etag: W/"556e6219c7bfeceebf08624744009b28"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
vary: Accept-Encoding,Origin
x-amz-cf-id: Qs4-NIYd1mz_yHzzmLiwfrVRMh335Yh-gZu4nhu3YTXQ8SBidxTASg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 307 KB
102 KB 112ms
106ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y3TWKL5X26&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR2VMDM9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

86e07791311e6fc9e334fcbf0d1600c2a68a2a345ee8984fd2ef307087b16c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104080
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 Jul 2024 20:09:16 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 222 KB
59 KB 194ms
60ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR2VMDM9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 03 Jul 2024 20:09:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58293
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=58, rtx=0, c=12, mss=1297, tbw=2791, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: dJTq2BFSOe5cngEbLouBBFRRTKVsBdv/NID5Ymo0UKHBD0enfoFzwW4S/U80+dpSJqtBApXGYxKBz+wPinh8jg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 223ms
63ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Y3TWKL5X26&gtm=45je4710v9163994267z89163969498za200zb9163969498&_p=1720037355882&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1612310937.1720037357&ul=no-no&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720037356&sct=1&seg=0&dl=https%3A%2F%2Ffyllhjelmen.baneservice.no%2F&dt=Baneservice&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2364&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y3TWKL5X26&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 20:09:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fyllhjelmen.baneservice.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1033383131441949 Show response
connect.facebook.net/signals/config/ 58 KB
12 KB 287ms
241ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1033383131441949?v=2.9.160&r=stable&domain=fyllhjelmen.baneservice.no&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6fb211608ac91b26830f02bf060246c147adc899dfc33d72e8c6033a0f0c5ba6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 03 Jul 2024 20:09:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=61, rtx=0, c=66, mss=1297, tbw=63835, tp=-1, tpl=-1, uplat=186, ullat=0
pragma: public
x-fb-debug: 35sTM9KE0TgZhnfLuEdcXJtBTIP8WILoW1tg3G2388YHgvOE9U2wSDLBDNrrULpOCpIeZU4wIcyKNGdSziawhw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 i
collector.ontame.io/ 43 B
386 B 282ms
71ms Image
image/gif 52.210.165.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.ontame.io/i?stm=1720037356827&e=pv&url=https%3A%2F%2Ffyllhjelmen.baneservice.no%2F&page=Baneservice&tv=js-2.8.2&tna=clj&aid=447eda08-355b-4700-ac32-2ee86537e41c&p=web&tz=Europe%2FBerlin&lang=no-NO&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=67286a62-c424-4f77-80f1-9f30d49d2a58&dtm=1720037356825&vp=1600x1200&ds=1600x11601&vid=1&sid=21128339-7198-43f4-a1f8-6f822728c4eb&duid=1970b2b1-76ec-4864-8fd3-78ee3fa2932d&fp=3554096492
Requested by: Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.165.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-165-66.eu-west-1.compute.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:17 GMT
server: akka-http/10.2.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

GET
H2 200 /
www.facebook.com/tr/ 0
269 B 210ms
62ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1033383131441949&ev=PageView&dl=https%3A%2F%2Ffyllhjelmen.baneservice.no%2F&rl=&if=false&ts=1720037357092&sw=1600&sh=1200&v=2.9.160&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1720037357090.139345033898592631&ler=empty&cdl=API_unavailable&it=1720037356699&coo=false&tm=1&rqm=GET

Requested by

Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=62, rtx=0, c=10, mss=1297, tbw=2818, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 03 Jul 2024 20:09:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 391ms
244ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1033383131441949&ev=PageView&dl=https%3A%2F%2Ffyllhjelmen.baneservice.no%2F&rl=&if=false&ts=1720037357092&sw=1600&sh=1200&v=2.9.160&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1720037357090.139345033898592631&ler=empty&cdl=API_unavailable&it=1720037356699&coo=false&tm=1&rqm=FGET

Requested by

Host: fyllhjelmen.baneservice.no
URL: https://fyllhjelmen.baneservice.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9fade80c94ec8781","source_keys":["1","2"]},{"key_piece":"0x59fa409219cb115c","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 03 Jul 2024 20:09:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387504198208349401", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=59, rtx=0, c=14, mss=1297, tbw=3131, tp=-1, tpl=-1, uplat=182, ullat=0
pragma: no-cache
x-fb-debug: f7Frx/JgTUV+cQWq11F27EzpPXfRVeqIaKqEJSYC8CIAcPTO+h9rkYsRDsY007+wvpNgP4rWQNYbD8VlbXkpeQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387504198208349401"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 64ddecc85fae501866dc41b7_Group%204185.png
assets.website-files.com/64ddecc85fae501866dc419e/ 748 B
1 KB 508ms
507ms Other
image/png 2600:9000:20dc:9400:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/64ddecc85fae501866dc419e/64ddecc85fae501866dc41b7_Group%204185.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20dc:9400:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e72a46e10629687016992b30d9bca18aa9008eab7a50c05cbf40a4de47d6f009

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fyllhjelmen.baneservice.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 20:09:18 GMT
x-amz-version-id: I2t7PgRMI1fPGGyV3lHeS3ZR.rqtjrnd
via: 1.1 ec8f33e5a3517538e3358f9bcc47d868.cloudfront.net (CloudFront)
last-modified: Thu, 17 Aug 2023 09:47:54 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C1
etag: "1a01ea20f43734bb21dfff315f2bc11b"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 748
x-amz-cf-id: jwvkG8V0KzHJghXzVodeH0EMVIZiTNrJWNmcFh21zcRXujqYip0fRg==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: player.vimeo.com
URL: https://player.vimeo.com/video/856322423?loop=true&byline=false&portrait=false&title=false&speed=true&transparent=0&gesture=media

Domain: player.vimeo.com
URL: https://player.vimeo.com/video/856322423?loop=true&byline=false&portrait=false&title=false&speed=true&transparent=0&gesture=media

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ontame.io/	1970-01-21 06:32:53	Name: sp Value: 29225659-db8c-4c34-bf9d-fa6e74fa8505
.vimeo.com/	1970-01-21 07:23:17	Name: vuid Value: pl618777851.986702358
.vimeo.com/	1970-01-20 21:47:19	Name: __cf_bm Value: IKxfWoe6olI3Y1lTwd.e9wZscrBDqdzutp1D4nf_.VU-1720037357-1.0.1.1-.8fceZ5g3gVmn6wzRcLp.12wgM0c464jmkUcclSktv6yqY.z32IliQWA.YV9fi8ErDM0mGBv2xnvsicZPIZQLg
.vimeo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: b.YylNbM7PM0BB_lZE9E8nBxumTC2AEuEQjW.DFRtWA-1720037357599-0.0.1.1-604800000

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.plyr.io/3.7.8/plyr.js Message: Allow attribute will take precedence over 'allowfullscreen'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.website-files.com
cdn.cookie-script.com
cdn.jsdelivr.net
cdn.ontame.io
cdn.plyr.io
cdnjs.cloudflare.com
collector.ontame.io
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
fyllhjelmen.baneservice.no
player.vimeo.com
region1.google-analytics.com
www.facebook.com
www.googletagmanager.com
player.vimeo.com
146.185.171.17
162.159.138.60
2001:4860:4802:32::36
2600:9000:20ab:a800:13:dbe1:a6c0:93a1
2600:9000:20dc:9400:11:3b84:d200:93a1
2606:4700:21::681b:c358
2606:4700::6811:180e
2a00:1450:4001:801::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::200a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42::485
52.17.119.105
52.210.165.66
52.222.232.39
057372cd1a0a0706641cc7d742185fc230765f7a2aa92f31113bf4a43fe0ed0d
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0ef869066c4bbe6153c34c5ba7308c826b4fa2f12796cc02bef6e9aa7ee26cf8
1b26ea722a2121ee02d8ca9c23460c5ff6cb75f840ff9e0c1ee79ecaedc7ad8f
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
248c0244b350ec68880996aa6be6d7796274b49992d5fcbbefe251906aa4ea36
467c0e234d5119373069c2c4b4f76e479e0e78d6d3616cfb03a3206113d49607
4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7
4964cf60c24777b90761c9db66e74c07701d11608fa997e46b7c45ed3dce09d9
4bdc4c42a18797aaabe38f455613328f0b27fc5279a907b0fac82c6ab2bcc67a
50961ba8f1fafc64850f103db72aaa87b3da323e915f2f50c3fa48cc85a6b053
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
603e3b6061c49f8c02f07e5152c5d7381defba10c8fe73f95090e19a78de0397
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
6fb211608ac91b26830f02bf060246c147adc899dfc33d72e8c6033a0f0c5ba6
707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7fca061feddaf37bd7364832186d65c3ac771e10882abf7dfa2627663e7d24d9
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
85e97e492f82a7a300570ad13e8771c2b2477284df635d5433b86ef382c3d233
86e07791311e6fc9e334fcbf0d1600c2a68a2a345ee8984fd2ef307087b16c3c
87643d845d3ca6f2b26b0e4c3b0ccde1ed82c866c4cf8efb9a2c9c2a6edbd038
8b01ec68b5fb7ee8552310d36fb53be1626bc8192d8a1d9c260b3715a9906d03
8cfc261e681fe6d1d9ffa63ff02c58324789f786b3d98f878091277dfa180e13
8d909883de81344e0fbcfef30e931872e92d9aeecdf85b6dcf6e0b28c078e98e
8f338b75a65d6a7fbffdcc61ac58bef4d383d0da5013cc31005ac7712c1bbff6
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94a215f88fbde9099cb3bd1431b8142aba26af36f8771effec56a94bc3aad1fd
9ad02de1ad26271ab94233b4475179ea43bac16935502a5d5fc6df22ab783206
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c06593065d525cac7ffb626221f4edad2e94791edd7c71bb8573c3600567cb19
c3df4601ea482834e53b474fbad8dcbf8a1e2536c7005d059a22dc4a283bcc70
c40f70ee8b1df91f553b2fd032f31a8b0c45250884621188a91de5623b874dd8
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d1bb5caa6371674cb648131a48d8c679c3f62377e6469642351c20f2334047b6
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72a46e10629687016992b30d9bca18aa9008eab7a50c05cbf40a4de47d6f009
e79975da8024f223d8b84bcedab6d460601f62315a5bea3e53f44bb4d777ae7b
ec3b8bea965efacd473b15f54f8fdc300ee57715bebfc0c4df8aace791068211
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

fyllhjelmen.baneservice.no Open in urlscan Pro 52.17.119.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

96 %HTTPS

71 %IPv6

15 Domains

17 Subdomains

18 IPs

5 Countries

2227 kBTransfer

3879 kBSize

4 Cookies

3 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fyllhjelmen.baneservice.no Open in urlscan Pro
52.17.119.105 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

96 %
HTTPS

71 %
IPv6

15
Domains

17
Subdomains

18
IPs

5
Countries

2227 kB
Transfer

3879 kB
Size

4
Cookies

50 HTTP transactions
0 data transactions