www.norgesspill.com Open in urlscan Pro
2606:4700::6810:e551 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://norgesspill.com/
Effective URL:
https://www.norgesspill.com/no
Submission: On March 18 via api (March 18th 2023, 1:13:28 am UTC) from US — Scanned from DE

Summary HTTP 90 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 35 IPs in 8 countries across 26 domains to perform 90 HTTP transactions. The main IP is 2606:4700::6810:e551, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.norgesspill.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 28th 2022. Valid for: a year.

This is the only time www.norgesspill.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	2606:4700::68... 2606:4700::6810:e551	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	2600:9000:225... 2600:9000:2251:4e00:f:dcfa:3700:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	18.64.79.63 18.64.79.63	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	52.18.10.144 52.18.10.144	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	2600:9000:225... 2600:9000:225e:e00:b:5e2c:3740:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
2 3	37.157.5.141 37.157.5.141	198622 (ADFORM) (ADFORM)
1	37.157.6.236 37.157.6.236	198622 (ADFORM) (ADFORM)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
3	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700:e2:... 2606:4700:e2::ac40:8721	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	116.202.161.76 116.202.161.76	24940 (HETZNER-AS) (HETZNER-AS)
1 3	3.126.176.168 3.126.176.168	16509 (AMAZON-02) (AMAZON-02)
2	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
6 6	18.195.198.1 18.195.198.1	16509 (AMAZON-02) (AMAZON-02)
4 6	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	34.249.230.115 34.249.230.115	16509 (AMAZON-02) (AMAZON-02)
1	18.185.37.222 18.185.37.222	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
90	35

6 2606:4700::6810:e551 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

norgesspill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.norgesspill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2600:9000:2251:4e00:f:dcfa:3700:21 (United States)

ASN16509 (AMAZON-02, US)

d3eg6wi5fpm57g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.79.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-63.txl50.r.cloudfront.net

cdn.graphyte.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.10.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-10-144.eu-west-1.compute.amazonaws.com

api.graphyte.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:e00:b:5e2c:3740:21 (United States)

ASN16509 (AMAZON-02, US)

d3j4vz29nirhst.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

9905434.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.5.141 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.adnuntius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

static2.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8721 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.202.161.76 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.76.161.202.116.clients.your-server.de

data.adnuntius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.176.168 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-176-168.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.195.198.1 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-198-1.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.147.44 (Castricum, Netherlands) 4 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.230.115 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-230-115.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.37.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-37-222.eu-central-1.compute.amazonaws.com

match.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	cloudfront.net d3eg6wi5fpm57g.cloudfront.net d3j4vz29nirhst.cloudfront.net	636 KB
6	bidswitch.net 6 redirects x.bidswitch.net — Cisco Umbrella Rank: 285	3 KB
6	creative-serving.com 1 redirects static2.creative-serving.com — Cisco Umbrella Rank: 79664 ads.creative-serving.com — Cisco Umbrella Rank: 4067	15 KB
6	norgesspill.com 1 redirects norgesspill.com www.norgesspill.com	45 KB
4	1rx.io 4 redirects sync.1rx.io — Cisco Umbrella Rank: 497	1 KB
4	adform.net 2 redirects a1.adform.net — Cisco Umbrella Rank: 12764 s2.adform.net — Cisco Umbrella Rank: 5785	32 KB
4	doubleclick.net 2 redirects 9905434.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 76 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	2 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2388 www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
3	adnuntius.com cdn.adnuntius.com — Cisco Umbrella Rank: 57208 data.adnuntius.com	30 KB
3	graphyte.ai cdn.graphyte.ai — Cisco Umbrella Rank: 361960 api.graphyte.ai — Cisco Umbrella Rank: 331119	37 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 201	2 KB
2	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1068	755 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 408	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6069 adservice.google.de — Cisco Umbrella Rank: 8720	923 B
2	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 68	1 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 231	837 B
2	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 1874 rs.fullstory.com — Cisco Umbrella Rank: 1956	68 KB
2	prdredir.com scripts.prdredir.com — Cisco Umbrella Rank: 46343	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	147 KB
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 676	473 B
1	justpremium.com match.justpremium.com — Cisco Umbrella Rank: 3396	324 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 420	273 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 341	14 KB
1	gstatic.com fonts.gstatic.com	17 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 337	6 KB
90	26

	Domain	Requested by
41	d3eg6wi5fpm57g.cloudfront.net	www.norgesspill.com
6	x.bidswitch.net	6 redirects
5	www.norgesspill.com	www.norgesspill.com
4	sync.1rx.io	4 redirects
3	ads.creative-serving.com	1 redirects www.norgesspill.com
3	static2.creative-serving.com	www.norgesspill.com
3	a1.adform.net	2 redirects
2	dpm.demdex.net	1 redirects
2	sync.targeting.unrulymedia.com
2	id5-sync.com	www.norgesspill.com
2	data.adnuntius.com	www.norgesspill.com
2	bam.nr-data.net	www.norgesspill.com
2	scripts.prdredir.com	www.norgesspill.com
2	9905434.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.norgesspill.com
2	region1.google-analytics.com	www.googletagmanager.com
2	api.graphyte.ai	www.norgesspill.com
2	www.googletagmanager.com	www.norgesspill.com
1	cm.g.doubleclick.net	1 redirects
1	simage2.pubmatic.com
1	match.justpremium.com
1	us-u.openx.net
1	adservice.google.de	adservice.google.com
1	adservice.google.com	9905434.fls.doubleclick.net
1	www.google.de
1	www.google.com
1	rs.fullstory.com	www.norgesspill.com
1	stats.g.doubleclick.net	www.norgesspill.com
1	edge.fullstory.com	www.norgesspill.com
1	cdn.adnuntius.com	www.norgesspill.com
1	s2.adform.net
1	d3j4vz29nirhst.cloudfront.net
1	js-agent.newrelic.com	www.norgesspill.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.norgesspill.com
1	cdn.graphyte.ai	www.norgesspill.com
1	cdn.jsdelivr.net	www.norgesspill.com
1	norgesspill.com	1 redirects
90	38

This site contains links to these domains. Also see Links.

Domain
www.comeonconnect.com
authorisation.mga.org.mt

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-28` - `2023-05-28`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.graphyte.ai Amazon RSA 2048 M01	`2023-02-22` - `2023-05-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
api.graphyte.ai Amazon RSA 2048 M01	`2023-02-10` - `2023-12-04`	10 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
1548354739.rsc.cdn77.org R3	`2023-02-16` - `2023-05-17`	3 months	crt.sh
static2.creative-serving.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-13` - `2023-10-13`	a year	crt.sh
*.prdredir.com GTS CA 1P5	`2023-03-10` - `2023-06-08`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2023-01-31` - `2023-05-01`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.fullstory.com R3	`2023-02-09` - `2023-05-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
data.adnuntius.com R3	`2023-03-13` - `2023-06-11`	3 months	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.creative-serving.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-25` - `2023-04-03`	a year	crt.sh
tracking.justpremium.com Amazon RSA 2048 M01	`2023-02-14` - `2024-01-29`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.norgesspill.com/no
Frame ID: B0138EFD827C2AE03ED68B94131CD0B7
Requests: 86 HTTP requests in this frame

Frame: https://9905434.fls.doubleclick.net/activityi;dc_pre=CIPWkrOm5P0CFUXL1QodrhQNVQ;src=9905434;type=ros0;cat=norge0;ord=325641575696;gtm=45He33f0;auiddc=1086070678.1679102002;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno
Frame ID: 94CCCB00254D00E347F7C3B18CA0E19D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIPWkrOm5P0CFUXL1QodrhQNVQ;src=9905434;type=ros0;cat=norge0;ord=325641575696;gtm=45He33f0;auiddc=1086070678.1679102002;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno
Frame ID: 748BB33AEB464DBE521CB4878C9943B4
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CIPWkrOm5P0CFUXL1QodrhQNVQ;src=9905434;type=ros0;cat=norge0;ord=325641575696;gtm=45He33f0;auiddc=1086070678.1679102002;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno
Frame ID: 036FFA3C37D7B13340A49103CE4ADF34
Requests: 1 HTTP requests in this frame

Frame: https://scripts.prdredir.com/safeframe
Frame ID: B710F119538803A2122D1703A3BF5761
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Norgesspill Nettcasino - Norges Prisvinnende Nettcasino

Page URL History Show full URLs

https://norgesspill.com/ HTTP 301
https://www.norgesspill.com/no Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

90
Requests

91 %
HTTPS

44 %
IPv6

26
Domains

38
Subdomains

35
IPs

8
Countries

1077 kB
Transfer

3248 kB
Size

40
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.comeonconnect.com/
Title: Bli en Affiliate

Search URL Search Domain Scan URL

URL: https://authorisation.mga.org.mt/verification.aspx?lang=EN&company=6c5e26b8-5931-4f47-9c00-84bed44c9b42&details=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://norgesspill.com/ HTTP 301
https://www.norgesspill.com/no Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://9905434.fls.doubleclick.net/activityi;src=9905434;type=ros0;cat=norge0;ord=325641575696;gtm=45He33f0;auiddc=1086070678.1679102002;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno HTTP 302
https://9905434.fls.doubleclick.net/activityi;dc_pre=CIPWkrOm5P0CFUXL1QodrhQNVQ;src=9905434;type=ros0;cat=norge0;ord=325641575696;gtm=45He33f0;auiddc=1086070678.1679102002;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno

Request Chain 59

https://a1.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 75

https://ads.creative-serving.com/cm?redir=https%3A%2F%2Fdata.adnuntius.com%2Fsync%3FbrowserId%3Dm9bt8c02zwt1hyvmpg70mkrp%26folderId%3D000000000017def0%26externalSystemType%3DP161%26externalSystemUserId%3D%24%7BUUID%7D HTTP 302
https://data.adnuntius.com/sync?browserId=m9bt8c02zwt1hyvmpg70mkrp&folderId=000000000017def0&externalSystemType=P161&externalSystemUserId=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c

Request Chain 77

https://a1.adform.net/Serving/TrackPoint/?pm=2033710&ADFPageName=Norgesspill%20undefined%20-%20Home&ADFdivider=%7C&ord=108403881551&ADFtpmode=2&itm=eyJzdjIiOiJodHRwczovL3d3dy5ub3JnZXNzcGlsbC5jb20vbm8iLCJzdjQiOiJ1bmRlZmluZWQifQ&loc=https%3A%2F%2Fwww.norgesspill.com%2Fno&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2033710&ADFPageName=Norgesspill%20undefined%20-%20Home&ADFdivider=%7C&ord=108403881551&ADFtpmode=2&itm=eyJzdjIiOiJodHRwczovL3d3dy5ub3JnZXNzcGlsbC5jb20vbm8iLCJzdjQiOiJ1bmRlZmluZWQifQ&loc=https%3A%2F%2Fwww.norgesspill.com%2Fno&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 81

https://x.bidswitch.net/sync?dsp_id=4&user_id=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c&ssp=&expires=30&user_group=2&cb=339 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c&ssp=&expires=30&user_group=2&cb=339 HTTP 302
https://sync.1rx.io/usersync/bidswitch/6d93b44f-7435-4653-bc28-07625dd45851?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/6d93b44f-7435-4653-bc28-07625dd45851?zcc=1&cb=1679102004857 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8fcfeffc-b519-40d4-8f2d-2c7f9c8efede-003

Request Chain 82

https://x.bidswitch.net/sync?dsp_id=4&user_id=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c&ssp=&expires=30&user_group=2&cb=740 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c&ssp=&expires=30&user_group=2&cb=740 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=6d93b44f-7435-4653-bc28-07625dd45851&gdpr=&gdpr_consent=&us_privacy=

Request Chain 83

https://x.bidswitch.net/sync?dsp_id=4&user_id=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c&ssp=&expires=30&user_group=2&cb=351 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c&ssp=&expires=30&user_group=2&cb=351 HTTP 302
https://sync.1rx.io/usersync/bidswitch/6d93b44f-7435-4653-bc28-07625dd45851?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/6d93b44f-7435-4653-bc28-07625dd45851?zcc=1&cb=1679102004857 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8fcfeffc-b519-40d4-8f2d-2c7f9c8efede-003

Request Chain 85

https://dpm.demdex.net/ibs:dpid=393426&dpuuid=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c

Request Chain 88

https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm&google_sc HTTP 302
https://ads.creative-serving.com/gcm?google_gid=CAESEGjO0FGVv8ptUOVnUY-1hYo&google_cver=1

90 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request no Show response
www.norgesspill.com/
Redirect Chain

https://norgesspill.com/
https://www.norgesspill.com/no

53 KB
19 KB

251ms
233ms

Document
text/html

2606:4700::6810:e551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e551 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b49b7c8fa94d85a9bc8d1ced22a0acf1e1d24dce33336f6744ceb32da02fb8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .casinomodule.com .playngonetwork.com;
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: *
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7a999cd4adad3a7e-FRA
content-encoding: gzip
content-security-policy: frame-ancestors 'self' *.casinomodule.com *.playngonetwork.com;
content-type: text/html;charset=UTF-8
date: Sat, 18 Mar 2023 01:13:21 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

Redirect headers

cf-ray: 7a999cd46d823a7e-FRA
content-length: 0
date: Sat, 18 Mar 2023 01:13:21 GMT
location: https://www.norgesspill.com/no
server: cloudflare
vary: Accept-Encoding

GET
H2 200 translations Show response
www.norgesspill.com/preload/17/67/no-NO/ 97 KB
25 KB 26ms
25ms Script
application/javascript 2606:4700::6810:e551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norgesspill.com/preload/17/67/no-NO/translations?hash=v2_5df3a336a523118f48985141ce1e76e2

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e551 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d624f6ad96a94b3d3225d930bf8715c2f0d4a90c343ee6f7d8cdc927da724032

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .casinomodule.com .playngonetwork.com;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 01:13:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 07:09:11 GMT
server: cloudflare
content-security-policy: frame-ancestors 'self' *.casinomodule.com *.playngonetwork.com;
age: 65050
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: *
cf-ray: 7a999cd65ecb3a7e-FRA
x-xss-protection: 1; mode=block
expires: Sun, 17 Mar 2024 01:13:21 GMT

GET
H2 200 app.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/ 228 KB
75 KB 63ms
10ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/app.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bc66b7d6daee16166bbc49997b1a9539f7d3acf52c1a8ed74f62899c81a86c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:34 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:36 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"934d09b69254e97fbd0b31ea3f0dde48"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141708
x-amz-cf-id: MO_zhQ-lWU5aybVdLVCc9-vswrRLe86OjVHpLQjWWqk7xNSGzjVaEw==

GET
H2 200 mobile-core-assets.css
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/css/ 109 KB
20 KB 61ms
9ms Stylesheet
text/css 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/css/mobile-core-assets.css
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a179c6b00651da9f9ac8447f6ded25d7226db526f65bebe39dadd8fc9d7bde9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:34 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:36 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"3d6b4bcbddb49b419d85d5ea244fb010"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public,max-age=31536000
age: 141708
x-amz-cf-id: b7HsVzGcHqCJvQYUrECqB0eFq63pB7K88DzMLgLQeiRZNsx2yd753A==

GET
H2 200 norgesspill.css
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/css/ 80 KB
12 KB 77ms
25ms Stylesheet
text/css 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/css/norgesspill.css
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ccb5a548baa05d92af609a249b9b1fa34461ab697e25296f66db3f9d677d1a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:54:11 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 16 Mar 2023 09:46:36 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"c68bbf0c2f5c1aefc57ff541bacf2052"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public,max-age=31536000
age: 141551
x-amz-cf-id: TRpQtVSyQAA3S3nEJN75kABLtM5lf-A1NOsJrRkFd0KaMif37SsvWA==

GET
H2 200 webfontloader.min.js Show response
cdn.jsdelivr.net/npm/webfontloader@1.6.28/ 12 KB
6 KB 37ms
15ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/webfontloader@1.6.28/webfontloader.min.js

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2686d1245000570ac793349a1e85b90c3c097af7ae1cbc15471b83cffbfc270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 01:13:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2047179
x-jsd-version: 1.6.28
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230053-FRA, cache-yyz4537-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"31b0-vG/+nA2LMoVWRhmkRcbKV1650PU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JyGFvEDMebzSoufiDnTm9VUtuG3%2BNup5GwjTR%2FUJZ%2BzXW6NinLYZw%2FsnbeWM%2BZp1fyRxxm5oBWpTGpK%2FUA1bxFQv4QfRtdhjEfV5sCT%2BJsGZG38NhCpyc4jtrDiJiD9di71Ax6VjPw3YzxpJQrI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7a999cd67e119a18-FRA

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 255 KB
78 KB 58ms
33ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-54234LZ

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25851eb36ddcbcc1fbe5898ab6deedcf66bb19e3599c3d3e3a67f209b0fbc6f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 01:13:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79840
x-xss-protection: 0
last-modified: Sat, 18 Mar 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Mar 2023 01:13:21 GMT

GET
H2 200 graphyte.min.js Show response
cdn.graphyte.ai/ 124 KB
37 KB 69ms
15ms Script
application/javascript 18.64.79.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.graphyte.ai/graphyte.min.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-63.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 528b5543f835b536569b86a869855e5305c6c1b1ce3720bd1f1b7554660c594f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
date: Fri, 17 Mar 2023 01:19:01 GMT
last-modified: Tue, 05 Apr 2022 06:44:55 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P2
age: 86062
etag: W/"6f7e21684db70f03323ebb92455f245e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: iCu49Vbt13X2OQ6GxIyzzVIU12qKRYMpW5NRj2u24mbNwBMvx9_b8w==

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 46ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:wght@400;700&display=swap

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd9216308f7433d319f912cfc029861f0176f0d0af13c57338d291f757fb01de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Mar 2023 01:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Mar 2023 01:13:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Mar 2023 01:13:21 GMT

GET
H2 200 227.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 37 KB
12 KB 9ms
8ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/227.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d74421d8026be370b8ca1fa9a0581cd605f1e7dad8297026625471d6d4195a1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:37 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"c2c8b670e382ab602e739873363bbab2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: JQItwSBMHBC7d5U0tIwqkj6360XcMpxpn8oR4V0bdk88TZE5EvRyaw==

GET
H2 200 7583.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 23 KB
10 KB 9ms
9ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/7583.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27536dc6d7793663e6324d7d78c1f76484e75b3ad7c996679fe5ab90d47a195a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:39 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"c349b3caa59590b3e7a5cbb04f95e6af"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: FcrVykuFSgGgAOq2BlZ-i_9EgWiPdbmx2D88wwl64jMcIVcDbqGmug==

GET
H2 200 2324.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 25 KB
9 KB 10ms
10ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/2324.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b524993eb6c0e21388b798f81e95608cb5f1e42fafd081462d98bc3fdabe89af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:37 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"5f5feb5b9f9a5980fcb5521ffbd2707c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: 7K4JHgC1XnDaS9BL_Dkvim517l6vmAa7166jXIyMUjD8xHTNr9T05Q==

GET
H2 200 6484.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 62 KB
20 KB 10ms
10ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/6484.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b0406c0ae32f73a0c2e6179d6ec8159436f724fdf3e130ed37faeefb582b1cf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:39 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"9810a48d72fdcd2df2a06d8d29ddf360"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: ZMzsjvkWLzNzv5oC4z1S58Bkh51rbUuWrFT6guq0RS0cD9UuVyzSFA==

GET
H2 200 2531.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 58 KB
18 KB 12ms
12ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/2531.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d85b848c01dfebb9c6b64d1ac7cb781b29c9c3e34ba20ae9704047a3cb464f8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:37 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"b58aaec8721776cb6695bc04f40673d2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: nU35QoK85ILsp5cl6ESXxn97PNtDTf6yZ4EbdhE4sO7RmxPYhf9Jbw==

GET
H2 200 312.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 45 KB
18 KB 11ms
11ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/312.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a00d94cfbd13eb7010477ca6250f38cbb430adcee5b4fee6410e14e24cd0aced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:37 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"de1975001e8d181e2a2b9ff81053ba3c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: UxvC7FrR-o1FLUbNiRQlKsspDJFdZF_9OiQt5mVB_dQI5BSEDZgXUA==

GET
H2 200 4551.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 40 KB
12 KB 14ms
14ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/4551.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1a2f1049d028b809280e51ee0fa376c48bcf5028662ea130fafc00cfc859d03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:41 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"8f549ad9217886bb5855240eb3996a3e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: VE9ptUKnDqW5F1PSWkkhJU6pjllF1wFdfKEmxpyMOt0OsAPg1bCpeg==

GET
H2 200 7047.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 42 KB
13 KB 16ms
16ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/7047.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 257c6970ade9c907995d414a54330dbab89590573b8d520e8d41010b3b3a260b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:39 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"4474f444b91614776999286724b1ffbd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: NfAYJmrlYCzo6I34bOP4ihBZUqr7qzRkjWQu2_zkNTD2U9bxhvHdwQ==

GET
H2 200 8713.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 58 KB
19 KB 15ms
15ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/8713.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2197102a9d41186a128f4bc97a3c2261e6cc3e1faf10a9f64987d2ba037609f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:40 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"b51a8a45cc77ab95b99eac0958ec2000"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: aPgXy9u5GrM_yHdoPZpwIJWKpemAMcgjKeo7IoOaNB_6bWmkX6Dajg==

GET
H2 200 2685.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 39 KB
12 KB 17ms
17ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/2685.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e9eb8c907f7e364fc51fe4909d94fb9ec3ac23d25d57aba0801185b0a2c0851

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:37 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"12d4f3cf711deab3f3eb036aab05f435"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: jvlSsIUuqR8ooZydTYSOSKzB4pvDAgk5KLU57QfPcUJ1qEtuCSc6xA==

GET
H2 200 1698.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 52 KB
16 KB 20ms
20ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/1698.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c874eb3e829966b68569ae4374e45ba8890850f529640bc05122f30d407964c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:37 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"96fefd5343475e7e280f53d63fcc7993"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: xFWEAJuS0fCX4nD4OJYCHohQAbEF-TvO6Nf_vHB-SjwlxvcOzLc0iA==

GET
H2 200 4748.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 56 KB
17 KB 20ms
19ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/4748.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b99d6314659c76c456a5307f76c58a53d0aa6c78d6af191321e19ef48eeace33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:38 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"f135fbf5b3ea49a58275a495f36b4a2a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: CEejh9rPP927DStX1Ar8FlwkIh1mNWvR8RURhy-r6LmDSN5JGAZuIQ==

GET
H2 200 5830.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 73 KB
22 KB 19ms
19ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/5830.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8445801e402119bfc3fcd7b0847a8b3f77724b5a3a836bbe131865fc24fc1abe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:38 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"9be559e370f53e36238cb48c4f6aa7e0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: K586rJh03-tP-to6GZfiEQGhOOWbeqqcAQdi8FNJ9UkTMWiWqvWhPQ==

GET
H2 200 9774.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 28 KB
9 KB 21ms
21ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/9774.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1722f0d9462bc632da853627416208d437faf74104d5f5f847590d660e8a97f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:40 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"40cf9e787a98fa8353cfb086a8bd9cf5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: Pc68duhlxe5sSSO2xZZE-grU0FVkN5T43YlXPXTQ0MQ_F-eb9jJ2ug==

GET
H2 200 6787.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 95 KB
34 KB 19ms
19ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/6787.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99dd763740bf142f5f76429118a2ca452802c21d02919adc1495a4a85df0cdf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:39 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"7715e14ee90da19b707abff37e24964a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: W1tPpwHhqHyLUzjBXFeRJDBjBjBQgm5tn8dyV5dZRQvWIRYAhZt37A==

GET
H2 200 7628.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 90 KB
29 KB 20ms
20ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/7628.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f29fb2d71a220db108d17f89081c3cd95696de08f78bad273d6875998b18081

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:39 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"511b41bc2a92e1c2594299aadf54ee7b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: Lc4aeNhV_Sdk8KYUyn7vQs-I8OsViTKY44M_b07t92EiOgVWQmRnQw==

GET
H2 200 1876.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 36 KB
12 KB 19ms
19ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/1876.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0107dbee9a0e85e54bd7f532036aa275460e5d46cd885ad4ce116c3c75abf5ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:37 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"1b53ca685a4cd29f8fba70377803c7f3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: crlG81-nR9er_68FX3PDS4tWD4Gj-_pjYgmkyHZb0FrJOlWu1CJDUw==

GET
H2 200 9860.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 11 KB
4 KB 25ms
25ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/9860.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a89bb58c3c893c306ccf105c374060d88d3aa141b01420dcd06c2a9e7d5337a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:40 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"58f308fe7d84efd95d848c3df2108774"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: y6QrwNbXN1jWxrf4eNJiiXGCnG-hR6WC1c-KpKapgY0VNZB0JqNL0Q==

GET
H2 200 7799.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 23 KB
8 KB 24ms
24ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/7799.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 161a726f1eaf3e63ce8b49661e676ae10ca8c518a8aebaf37affb3fb9879c3dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:39 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"acc01bd7dde743bd2d44f275db013ca8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: H24fWbQePBEEmSezWHDZyElQiORbmtHJhEhqIQ6mZNHrmH6r6wQTtQ==

GET
H2 200 5478.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 87 KB
26 KB 25ms
25ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/5478.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82e122e2c19d2dabd3829bcb7fdcb2230062340d559659807b6bfcaf417afcf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:38 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"81663e936f6e0e96bcd83836311b5cf5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: nn8TBU_m8jpw-Ats2O9rCWDCYASLZudpfmKFHbN_tFDpoq0CzNVLqw==

GET
H2 200 4753.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 86 KB
26 KB 28ms
27ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/4753.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74bfa187b47ab2daf63caf6871557d4185adc12f0d64e59695140abfe37f0109

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:38 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"d1d87ef39ea4558f2957fad1e0edc1e0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: 0JGl8uxNQhiUTrCrhflTlOAz2u8Syw9oVfWPXhuRsnillhEo6CVnUA==

GET
H2 200 856.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 24 KB
8 KB 26ms
26ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/856.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f97c8e96218976e75e1e51a10a76d894615b7ab3a6b54ad3dcd9f913c74cfa6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:40 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"f2f3d16d9d3814a877db0aea2d6fd68a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: SnJbqymzULZubuqu9f5dY7XjPeeMZHACEwOF1P6Rb3g_B7_LrljE_g==

GET
H2 200 947.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 83 KB
21 KB 27ms
26ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/947.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03c0e5a5ed85531c9d06a23d1da357facca2fbcd9f6f84c4908b6e2cefca05e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:40 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"7e8de1ab4f2e04b075febd6c2d0f51ae"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: nZzPjacp_qwCqxGWpi4LRb738bRRxhBQqODsTIAc7ihhuGZeiv-s9Q==

GET
H2 200 3150.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 35 KB
10 KB 25ms
25ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/3150.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 854caa9d66f7b0b13e36a8c68e79948a959aa0dd270f924d1aa51b1636997305

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:37 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"34419429dfed98fc8680fe3ef87feffe"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: 0ZReMwiPNVRPxH1LmGlLgdKzLleLxP3kbL1ArL4IA4TFtzvdF3YSKw==

POST
H2 200 p Show response
api.graphyte.ai/clickstream/v1/ 16 B
108 B 59ms
59ms XHR
application/json 52.18.10.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.graphyte.ai/clickstream/v1/p
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.10.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-10-144.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type: text/plain
Referer: https://www.norgesspill.com/
accept-language: de-DE,de;q=0.9
debug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
x-brand-key: 2a5efa7e-65e3-4ee9-9d8e-bcc08757967b
x-api-key: a4cZCtQxZ75w0xzHazNh629ZoP6YS1jU5DDvGGE9

Response headers

access-control-allow-origin: *
date: Sat, 18 Mar 2023 01:13:22 GMT
server: awselb/2.0
content-length: 16
content-type: application/json

OPTIONS
H2 200 p
api.graphyte.ai/clickstream/v1/ Frame 0
0 139ms
42ms Preflight
application/json 52.18.10.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.graphyte.ai/clickstream/v1/p
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.10.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-10-144.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: debug,x-api-key,x-brand-key
Access-Control-Request-Method: POST
Origin: https://www.norgesspill.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-brand-key,debug
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.norgesspill.com
access-control-max-age: 600
content-length: 16
content-type: application/json
date: Sat, 18 Mar 2023 01:13:21 GMT
server: awselb/2.0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
69 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X8F714134Y&l=dataLayer&cx=c

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f74cd929f1cc2aad68b524d4b74bff96282b4c3f73fe26796b48f2665c3fc6e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 01:13:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 70259
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 18 Mar 2023 01:13:21 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
17 KB 41ms
12ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.norgesspill.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 22:56:53 GMT
x-content-type-options: nosniff
age: 94588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 22:56:53 GMT

GET
H2 200 845.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 38 KB
12 KB 10ms
9ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/845.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 364bd708aae5778c73c99ca13f14174a24deb4dab5c2d1c3b6f4639a6afbcca0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:40 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"5324eb3f5edfe91377b87b4e0f9fb252"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141708
x-amz-cf-id: hrl2O8TXkgV1dbKDnpfumCzl4cJyYnKWhu8akO1DERe-_L1NzavHgQ==

GET
H2 200 logo-gam-care.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 6 KB
3 KB 10ms
10ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/logo-gam-care.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8da52797f84f848e6a89b91de51c7c449ee6f228327a29ed10e5cdd1f435c447

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:35 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:42 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"4b5c40b29e93e6ea8d64ec914ae441d0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141708
x-amz-cf-id: LKvKzrbkE9wxtgw9us3Bdydn7rCvG2bvGVO1clDa1-Zi6YzZM8B6Xg==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 41ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X8F714134Y&gtm=45je33f0&_p=891070177&cid=1627038174.1679102002&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dr=&sid=1679102002&sct=1&seg=0&dl=https%3A%2F%2Fwww.norgesspill.com%2Fno&dt=Norgesspill%20Nettcasino%20-%20Norges%20Prisvinnende%20Nettcasino&en=fetch_client_id&_fv=1&_nsi=1&_ss=1&ep.client_id_ga=621196757.1679102002.&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.64%20Safari%2F537.36&ep.gtm_version=49&ep.original_page_url=https%3A%2F%2Fwww.norgesspill.com%2Fno&up.Client_ID_UCD=621196757.1679102002.
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X8F714134Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 01:13:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.norgesspill.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.norgesspill.com/tracking/ 623 B
407 B 194ms
192ms Fetch
application/json 2606:4700::6810:e551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norgesspill.com/tracking/?frame=site

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e551 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5685a4a9c31778e18f25a1b56e22b4a97ac94bef4261554dcb7a583bc63f77a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .casinomodule.com .playngonetwork.com;
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://www.norgesspill.com/no
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 01:13:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-security-policy: frame-ancestors 'self' *.casinomodule.com *.playngonetwork.com;
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: *
cf-ray: 7a999cd9088c3a7e-FRA
x-xss-protection: 1; mode=block

GET
H2 200 norgesspill-components-index-js.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 29 KB
13 KB 10ms
10ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/norgesspill-components-index-js.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44d653ad00cebaebb7a5a90a182c4446d1563ed0134623875b94a2afa24472c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:54:12 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 16 Mar 2023 09:46:43 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"0b8835efeb6fa20298b058278bd8f766"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141551
x-amz-cf-id: kMY6u70XBypvr7UtajV4eh9uG5ALircbs1Zmr_HD7XMN4d-Z1kxBJA==

GET
H2 200 galaxy-floating-support-button.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 6 KB
3 KB 9ms
8ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/galaxy-floating-support-button.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59c3979f321ed8b67348adbdebf4e9304fa3b6645dc3d2a88d2a9f867332610d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:36 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:41 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"29f527451ddca0bd7b0399f30ce605c6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: _1fQxcbD1Umdo-qa4iTFd5sP1JLSnmjScjAUw9qkjvh_lDwYShsAAA==

GET
H2 200 notifications.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 9 KB
4 KB 9ms
8ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/notifications.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 782a1e51c1723944d767558fdc87877ad5cce673a6ec81a6278cf8a140559c9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:36 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:43 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"c3684ce237d4ad66eea79117ee29d295"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: WWCogz_BMnPTh05pwpHQSIMrFXuzsRc_l2AI_tLY56d50OWjanskvA==

GET
H2 200 logo-mitid.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 8 KB
3 KB 12ms
11ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/logo-mitid.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e799252f3722bdbcc47428ce6f039af68b43cd2fe496a6913e21ac1ac5971b21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:36 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:42 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"7c77131965e39acbc2d34e2514acdfa7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: e8bZpdXn_vyucfinZjb0rBfatnszBSl2SXReiS5Z2KKTkn02PpUbcQ==

GET
H2 200 recaptcha.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 10 KB
4 KB 10ms
9ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/recaptcha.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ff21210b0702b9648b8ea001808da6dfb964471ad175f43fa626fb2d616a5a37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:36 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:43 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"3f1031e1df6e28bbe0b7d6bfba929711"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: _q-UfxqmUjL5QmCU4M3ypHrYZi0nsbHFz8eU-x4GIpl9GXL_sVAUbQ==

GET
H2 200 8176.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 24 KB
8 KB 12ms
12ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/8176.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8adb09b880a4206f6a32f21d14fd4715a16fc9a9b731ed7d1021c8677ea6b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 10:06:19 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:39 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"3a03033afbc79890f479f0dc6d1afe15"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 140824
x-amz-cf-id: JYoOciO1D2OhEGFw-ofi9RrBhd9nCi9Ua_rw1L4FkfZoZjCfQekvjg==

GET
H2 200 logo-gam-stop.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 15 KB
6 KB 11ms
10ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/logo-gam-stop.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68284053ac3ff6a5c82a4e69393d121482b7f4d08d2d615715e69d4d89b2d60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:54:16 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 16 Mar 2023 09:46:42 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"8b973f64a2d1cb2e5e3aa6f56e7f2968"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141547
x-amz-cf-id: 0GTGUdR9klxeel2eEqifjKyr65ZGfDtF8uEY5DlvEAey2zlV6kpn1g==

GET
H2 200 responsive-home.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 23 KB
8 KB 8ms
8ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/responsive-home.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a3922d5dba50d10a2413595d352b5e4e6517cb2ffde1e507084932536d3e6e10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:54:49 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 16 Mar 2023 09:46:43 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"82e7b3e30d4e15883b6c4f19fcce1221"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141514
x-amz-cf-id: o0K2MUyYDVT8WNqUbse42LXi-8Cx_N9aGEkHbjQZHB_NdTdN3Krh-g==

GET
H2 200 2341.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 55 KB
18 KB 12ms
11ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/2341.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63590439d0fac375a9890a2d9dd2693c4db2a3ce366a94433a5b8364d3b441cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:36 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:37 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"6c105fb85074b93107035946254e667f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: SKzKBYvQcR3R6ucs8aVqc9qI_UjX1Ix2oifdsGga99wSrMxtSCBVRg==

GET
H2 200 7111.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 6 KB
3 KB 11ms
10ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/7111.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc42e02f098a8cbf140a950004df7080952f481496131f7a87389b56738862cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:36 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:39 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"4056f42d6d602080b456c98515930b13"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: NIcT9xuEnBYJQATwoEtFk4wvQ7y_Ey6MZ8MimlNXw9LFtZ8xxWvjGA==

GET
H2 200 1557.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 18 KB
7 KB 12ms
12ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/1557.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c04446037c006580487ae15a926cce945483dad97ec5f0a5eb5f022582fc1aed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:36 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:37 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"c0d735b859a81d091b57222f6958783d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: PaJuRlyejMD0wdJEVm1l4AE8-Conl4KE12uCj3UQ4jM44NuExwR7Mg==

GET
H2 200 logo-mga.js Show response
d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/ 17 KB
7 KB 14ms
13ms Script
application/javascript 2600:9000:2251:4e00:f:dcfa:3700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@21529-17cd/js/chunk/logo-mga.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0402c508a3143969909fa6240ec3b432976b2b61c85b5a16ba86f1e7974cf92d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:51:36 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Thu, 16 Mar 2023 09:46:42 GMT
server: AmazonS3
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"359f365567ab0500d80750d257821675"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
age: 141707
x-amz-cf-id: avzPqUVYs_2y2WsN5ujFcpxhSOsxlQcrkeFxRimMj67N0b4SJXQ1xw==

GET
H2 200 nr-spa-1169.min.js Show response
js-agent.newrelic.com/ 37 KB
14 KB 48ms
13ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1169.min.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37072a42526245f257b725698d7e70dfab281bfd00d38f1112dafd36a6e04176

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Sat, 18 Mar 2023 01:13:22 GMT
x-amz-request-id: RJY7ARQASZTWZRQ8
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 13996
x-amz-id-2: xXO6JDs1ogdWX3kVSpgbyV37kggcgeHgVbgFY0RYs9B8kH1bknAgSi+u3UzIyX96maTuC6jFNLc=
x-served-by: cache-fra-eddf8230088-FRA
last-modified: Wed, 20 May 2020 21:16:17 GMT
server: AmazonS3
x-timer: S1679102002.278560,VS0,VE0
etag: "5e3590bffa49fddc4bc389e63736da42"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 99

POST
H2 200 textKey Show response
www.norgesspill.com/ 233 B
243 B 215ms
214ms Fetch
application/json 2606:4700::6810:e551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norgesspill.com/textKey

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e551 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3deb737c8d082280eadd1ceee09e6252ee2385e543c737f9a88b4fb039bc97ef

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .casinomodule.com .playngonetwork.com;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.norgesspill.com/no
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 18 Mar 2023 01:13:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-security-policy: frame-ancestors 'self' *.casinomodule.com *.playngonetwork.com;
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: *
cf-ray: 7a999cda09173a7e-FRA
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
www.norgesspill.com/tracking/ 624 B
374 B 193ms
192ms Fetch
application/json 2606:4700::6810:e551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.norgesspill.com/tracking/?frame=start

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e551 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3b16b6fc993feb30f5e97d2df47ae360bc36e1e090b7c7c060ad2cb499737a8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .casinomodule.com .playngonetwork.com;
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://www.norgesspill.com/no
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 01:13:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-security-policy: frame-ancestors 'self' *.casinomodule.com *.playngonetwork.com;
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: *
cf-ray: 7a999cda19263a7e-FRA
x-xss-protection: 1; mode=block

GET
H2 200 STARTPAGE.jpg
d3j4vz29nirhst.cloudfront.net/norgesspill/no_no/startpage/mobile/background/default/1080w/ 45 KB
46 KB 82ms
16ms Image
image/jpeg 2600:9000:225e:e00:b:5e2c:3740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4vz29nirhst.cloudfront.net/norgesspill/no_no/startpage/mobile/background/default/1080w/STARTPAGE.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e00:b:5e2c:3740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 954337af6bd7d73deb801494b56f7329aa9eb0a73e085550470ab967874abbc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 01:13:22 GMT
via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 14:34:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 53981
x-amz-server-side-encryption: AES256
etag: "73a7b848b54a294d85c3e2d0957ae607"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31540000
accept-ranges: bytes
content-length: 46405
x-amz-cf-id: izcdLEnqV2pHOBe7kGo09vKefaz_l79yByFsYH4_fUquofgnnxEjuQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 35ms
9ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Mar 2023 00:23:33 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2989
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 18 Mar 2023 02:23:33 GMT

GET
H2

200

activityi;dc_pre=CIPWkrOm5P0CFUXL1QodrhQNVQ;src=9905434;type=ros0;cat=norge0;ord=325641575696;gtm=45He33f0;auiddc=1086070678.1679102002;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=... Show response
9905434.fls.doubleclick.net/ Frame 94CC
Redirect Chain

https://9905434.fls.doubleclick.net/activityi;src=9905434;type=ros0;cat=norge0;ord=325641575696;gtm=45He33f0;auiddc=1086070678.1679102002;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~ore...
https://9905434.fls.doubleclick.net/activityi;dc_pre=CIPWkrOm5P0CFUXL1QodrhQNVQ;src=9905434;type=ros0;cat=norge0;ord=325641575696;gtm=45He33f0;auiddc=1086070678.1679102002;u2=https%3A%2F%2Fwww.norg...

540 B
454 B

21ms
20ms

Document
text/html

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9905434.fls.doubleclick.net/activityi;dc_pre=CIPWkrOm5P0CFUXL1QodrhQNVQ;src=9905434;type=ros0;cat=norge0;ord=325641575696;gtm=45He33f0;auiddc=1086070678.1679102002;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54234LZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

01c4cee75d90e103dc43f0a5dfa35a5bd4c6e44de7d410560fd73d7961001b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.norgesspill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 278
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 01:13:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 01:13:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9905434.fls.doubleclick.net/activityi;dc_pre=CIPWkrOm5P0CFUXL1QodrhQNVQ;src=9905434;type=ros0;cat=norge0;ord=325641575696;gtm=45He33f0;auiddc=1086070678.1679102002;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://a1.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

78 KB
30 KB

116ms
29ms

Script
application/javascript

37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Protocol: H2
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 01:13:23 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 10:23:25 GMT
server: nginx
x-amz-request-id: tx000004b52a83511f9122d-006385e0d4-32940f80-default
etag: W/"83eb5fafaa212c785f7393188ff817aa"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Sat, 18 Mar 2023 01:13:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html

GET
H2 200 adn.js Show response
cdn.adnuntius.com/ 98 KB
29 KB 773ms
9ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnuntius.com/adn.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 50f6da2c718d36a6bb089d4174d163f3f5401a30834dcf10e3781df573504123

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-77-nzt: AcO1rgUkeYn/RwAAAA
x-accel-expires: @1679102532
date: Sat, 18 Mar 2023 01:13:23 GMT
x-77-pop: frankfurtDE
content-encoding: gzip
last-modified: Thu, 29 Dec 2022 04:58:56 GMT
server: CDN77-Turbo
etag: W/"63ad1e90-189fa"
x-77-nzt-ray: 25b02131288d03863310156465fbb304
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-77-cache: HIT
x-age: 71

GET
H2 200 pixel_loader.js Show response
static2.creative-serving.com/ 527 B
693 B 87ms
15ms Script
text/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.creative-serving.com/pixel_loader.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: UploadServer /
Resource Hash: 9bbde4e879f5cc6d8e98b1e5605898a933825190f867b66285b084bc3ee785e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 01:13:22 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 21:32:00 GMT
server: UploadServer
age: 0
etag: "68faa1738e44f8aabb6f53cba51f29d3"
x-hw: 1679102002.cds248.fr8.hn,1679102002.cds290.fr8.c
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 320

GET
H2 200 k_norgesspill.js Show response
scripts.prdredir.com/scripts/ 800 B
841 B 153ms
114ms Script
text/javascript 2606:4700:e2::ac40:8721
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.prdredir.com/scripts/k_norgesspill.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8721 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95d838de11136e7964ca0eaa375bf294d19a0b15880a014338e0a5d9d8e05385

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-runtime: 0.005740
date: Sat, 18 Mar 2023 01:13:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"95d838de11136e7964ca0eaa375bf294"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fw%2FxFeZX6DhLtTeM4vLDhyl9ip9LLH%2FJKcgNb8Gz3kzTcGP30zx%2BhAsUJInDzocAcTjuYKPEnUg2nNXoRkggwDH%2BR8kSenKmn7QlLD5TewdferfzRvIuLCOeQDiX3ciKR3DjP4iqh3pO4LVoZG7U%2FfRx3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
status: 200 OK
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 7a999cdabd8291ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 03d4d7cb-f570-4d7d-8aa1-beb2983dad1d

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 255 KB
68 KB 55ms
9ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9fea1ab67f1bd0e3f77ad59fdbd990960015c74a8b35b02a5fd0cd622c6b6307

Request headers

Referer: https://www.norgesspill.com/
Origin: https://www.norgesspill.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 01:03:29 GMT
content-encoding: br
age: 593
x-guploader-uploadid: ADPycdvEP8jWtm2IyagMJxJIoLBVUaWfEazVgUv0PIDNulG2vUclvS-cVlh1PYivC698GJgqyswvZH-JMH1ZF7_m1vcs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68811
last-modified: Tue, 14 Mar 2023 13:52:03 GMT
server: UploadServer
etag: "1acc4ce43a8a4ef9e059eb78e9eef530"
vary: Accept-Encoding
x-goog-generation: 1678801923003123
x-goog-hash: crc32c=ga14Eg==, md5=GsxM5DqKTvngWet46e71MA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 68811
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 18 Mar 2023 02:03:29 GMT

GET
H/1.1 200
OK e4634a9f18 Show response
bam.nr-data.net/1/ 49 B
489 B 158ms
116ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/e4634a9f18?a=37177158&sa=1&v=1169.7b094c0&t=Unnamed%20Transaction&rst=1441&ck=1&ref=https://www.norgesspill.com/no&be=766&fe=1351&dc=775&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1679102000887,%22n%22:0,%22f%22:467,%22dn%22:467,%22dne%22:467,%22c%22:467,%22ce%22:467,%22rq%22:486,%22rp%22:719,%22rpe%22:760,%22dl%22:722,%22di%22:775,%22ds%22:775,%22de%22:775,%22dc%22:1351,%22l%22:1351,%22le%22:1352%7D,%22navigation%22:%7B%7D%7D&fp=887&fcp=1402&jsonp=NREUM.setToken
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 01:13:22 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 49
x-served-by: cache-hhn-etou8220062-HHN

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 17ms
16ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=891070177&t=pageview&_s=1&dl=https%3A%2F%2Fwww.norgesspill.com%2Fno&ul=en-us&de=UTF-8&dt=Norgesspill%20Nettcasino%20-%20Norges%20Prisvinnende%20Nettcasino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=1551389637&gjid=1193632845&cid=1627038174.1679102002&tid=UA-81872348-1&_gid=856642203.1679102002&_r=1&_slc=1&gtm=45He33f0n8154234LZ&cd2=Not%20logged-in&cd8=function(a)%7Ba.set(%22dimension%22%2Bb%2Ca.get(%22clientId%22))%7D&cd23=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.64%20Safari%2F537.36&cd25=&cd26=49&cd27=https%3A%2F%2Fwww.norgesspill.com%2Fno&cd5=1627038174.1679102002&z=898451963

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norgesspill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 01:13:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.norgesspill.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 62ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-81872348-1&cid=1627038174.1679102002&jid=1551389637&gjid=1193632845&_gid=856642203.1679102002&_u=YADAAEAAAAAAACAEK~&z=889776476

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norgesspill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 18 Mar 2023 01:13:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.norgesspill.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 page Show response
rs.fullstory.com/rec/ 88 B
298 B 168ms
124ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

c8a139179d7912e0f106a0b0b6152652f803ef8a97ed4c8fe3e08a952adb89d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.norgesspill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 18 Mar 2023 01:13:22 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.norgesspill.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 48ms
19ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-81872348-1&cid=1627038174.1679102002&jid=1551389637&_u=YADAAEAAAAAAACAEK~&z=650950825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 01:13:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 46ms
18ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-81872348-1&cid=1627038174.1679102002&jid=1551389637&_u=YADAAEAAAAAAACAEK~&z=650950825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 01:13:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CIPWkrOm5P0CFUXL1QodrhQNVQ;src=9905434;type=ros0;cat=norge0;ord=325641575696;gtm=45He33f0;auiddc=1086070678.1679102002;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2... Show response
adservice.google.com/ddm/fls/i/ Frame 748B 539 B
654 B 97ms
48ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIPWkrOm5P0CFUXL1QodrhQNVQ;src=9905434;type=ros0;cat=norge0;ord=325641575696;gtm=45He33f0;auiddc=1086070678.1679102002;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno

Requested by

Host: 9905434.fls.doubleclick.net
URL: https://9905434.fls.doubleclick.net/activityi;dc_pre=CIPWkrOm5P0CFUXL1QodrhQNVQ;src=9905434;type=ros0;cat=norge0;ord=325641575696;gtm=45He33f0;auiddc=1086070678.1679102002;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

301f0164c6fd660d832d67185318ba96c56212fe63c1a7c25c44f2c519124dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9905434.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 279
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 01:13:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CIPWkrOm5P0CFUXL1QodrhQNVQ;src=9905434;type=ros0;cat=norge0;ord=325641575696;gtm=45He33f0;auiddc=1086070678.1679102002;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2... Show response
adservice.google.de/ddm/fls/i/ Frame 036F 194 B
515 B 575ms
46ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CIPWkrOm5P0CFUXL1QodrhQNVQ;src=9905434;type=ros0;cat=norge0;ord=325641575696;gtm=45He33f0;auiddc=1086070678.1679102002;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIPWkrOm5P0CFUXL1QodrhQNVQ;src=9905434;type=ros0;cat=norge0;ord=325641575696;gtm=45He33f0;auiddc=1086070678.1679102002;u2=https%3A%2F%2Fwww.norgesspill.com%2Fno;u4=undefined;~oref=https%3A%2F%2Fwww.norgesspill.com%2Fno

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 01:13:23 GMT
expires: Sat, 18 Mar 2023 01:13:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel.js Show response
static2.creative-serving.com/ 4 KB
2 KB 14ms
14ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.creative-serving.com/pixel.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: UploadServer /
Resource Hash: df16ae2f3f4c003e55aa93796b78c0ab73e0155ae32bea72cee59d1e0832f92d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 01:13:23 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 21:32:00 GMT
server: UploadServer
etag: "ddebe66232ec2ff147a8664e2ecc6e4f"
x-hw: 1679102003.cds248.fr8.hn,1679102003.cds159.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1505

GET
H2 200 safeframe Show response
scripts.prdredir.com/ Frame B710 4 KB
2 KB 112ms
111ms Document
text/html 2606:4700:e2::ac40:8721
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.prdredir.com/safeframe

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8721 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

963b33b968ee14442d917bb14b6c8155b4bfa633a6ce3d00e89ff9f05d630828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.norgesspill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7a999cdf68ac91ef-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 18 Mar 2023 01:13:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZqIMjR5BivTTrXi9iJfCumeiJgi1y7xWGQxlp%2Fn%2FxEMiIYHwm7poevJAl2ovJjrB8FL4jhu0R%2FKRgX4eHRhiY2DwPyZNDefj8a9d12nbLKSNftHO8iSp6i86BGcKGsDDykVyEqjmgS2OyU0Ly2xhA4ODA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
status: 200 OK
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 1c3d2302-8d95-4c8a-a169-368565a31d9c
x-runtime: 0.001351
x-xss-protection: 1; mode=block

POST
H2 200 visitor Show response
data.adnuntius.com/ 0
411 B 62ms
11ms XHR
text/plain 116.202.161.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://data.adnuntius.com/visitor?tzo=0&folderId=000000000017def0&browserId=m9bt8c02zwt1hyvmpg70mkrp&sessionId=3ffmnxf5y67st2rrfmmzz9yd
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.161.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.161.202.116.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.norgesspill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 01:13:23 GMT
x-adn-diagnostic-request-id: aaa7b2cf8e41248c7b49a85a04880b74
access-control-allow-origin: https://www.norgesspill.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-adn-backend-server-id: fad6b3cf
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
data.adnuntius.com/
Redirect Chain

https://ads.creative-serving.com/cm?redir=https%3A%2F%2Fdata.adnuntius.com%2Fsync%3FbrowserId%3Dm9bt8c02zwt1hyvmpg70mkrp%26folderId%3D000000000017def0%26externalSystemType%3DP161%26externalSystemUs...
https://data.adnuntius.com/sync?browserId=m9bt8c02zwt1hyvmpg70mkrp&folderId=000000000017def0&externalSystemType=P161&externalSystemUserId=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c

0
302 B

11ms
10ms

Image
text/plain

116.202.161.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adnuntius.com/sync?browserId=m9bt8c02zwt1hyvmpg70mkrp&folderId=000000000017def0&externalSystemType=P161&externalSystemUserId=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c
Protocol: H2
Server: 116.202.161.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.161.202.116.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 01:13:23 GMT
vary: Accept-Encoding, User-Agent
x-adn-diagnostic-request-id: 7ae874cd4be9c503c650a5161b3e6fa1
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-adn-backend-server-id: f4528267
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://data.adnuntius.com/sync?browserId=m9bt8c02zwt1hyvmpg70mkrp&folderId=000000000017def0&externalSystemType=P161&externalSystemUserId=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c
Date: Sat, 18 Mar 2023 01:13:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK e4634a9f18 Show response
bam.nr-data.net/events/1/ 24 B
348 B 110ms
110ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/e4634a9f18?a=37177158&sa=1&v=1169.7b094c0&t=Unnamed%20Transaction&rst=2355&ck=1&ref=https://www.norgesspill.com/no
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.norgesspill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 18 Mar 2023 01:13:23 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.norgesspill.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-hhn-etou8220062-HHN

GET
H2

200

/ Show response
a1.adform.net/Serving/TrackPoint/
Redirect Chain

https://a1.adform.net/Serving/TrackPoint/?pm=2033710&ADFPageName=Norgesspill%20undefined%20-%20Home&ADFdivider=%7C&ord=108403881551&ADFtpmode=2&itm=eyJzdjIiOiJodHRwczovL3d3dy5ub3JnZXNzcGlsbC5jb20vb...
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2033710&ADFPageName=Norgesspill%20undefined%20-%20Home&ADFdivider=%7C&ord=108403881551&ADFtpmode=2&itm=eyJzdjIiOiJodHRwczovL3d3dy5ub3JnZXNzcGlsbC5j...

128 B
728 B

24ms
24ms

Script
text/javascript

37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2033710&ADFPageName=Norgesspill%20undefined%20-%20Home&ADFdivider=%7C&ord=108403881551&ADFtpmode=2&itm=eyJzdjIiOiJodHRwczovL3d3dy5ub3JnZXNzcGlsbC5jb20vbm8iLCJzdjQiOiJ1bmRlZmluZWQifQ&loc=https%3A%2F%2Fwww.norgesspill.com%2Fno&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2e7da08109661789b2f17f5f532a245b7e1f7550348c64d41d82a7c12192df65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 01:13:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 199
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 18 Mar 2023 01:13:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2033710&ADFPageName=Norgesspill%20undefined%20-%20Home&ADFdivider=%7C&ord=108403881551&ADFtpmode=2&itm=eyJzdjIiOiJodHRwczovL3d3dy5ub3JnZXNzcGlsbC5jb20vbm8iLCJzdjQiOiJ1bmRlZmluZWQifQ&loc=https%3A%2F%2Fwww.norgesspill.com%2Fno&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 id5-api-2.js Show response
static2.creative-serving.com/ 33 KB
10 KB 18ms
17ms Script
text/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.creative-serving.com/id5-api-2.js
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: UploadServer /
Resource Hash: b9f590b71a56c0601f7977e5fb4a4126964a8324cae426e43d454ee92978f8eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 01:13:24 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 19:23:14 GMT
server: UploadServer
age: 0
etag: "43e554f8c9787fa63a85955c07ba1918"
x-hw: 1679102004.cds248.fr8.hn,1679102004.cds208.fr8.c
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9982

POST
H/1.1 200 101.json Show response
id5-sync.com/g/v2/ 216 B
629 B 48ms
11ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/101.json

Requested by

Host: www.norgesspill.com
URL: https://www.norgesspill.com/no

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

7f13ea6118e9b1c0f0670cdecf68ecfb6e5406994dc0444aa0155cb506957a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.norgesspill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.norgesspill.com
date: Sat, 18 Mar 2023 01:13:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK pixel Show response
ads.creative-serving.com/ 953 B
2 KB 11ms
10ms Script
text/javascript 3.126.176.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.creative-serving.com/pixel?id=3161964&id5id=0&type=jsonp&cb=syncResponse
Requested by: Host: www.norgesspill.com
URL: https://www.norgesspill.com/no
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.176.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-176-168.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b750e0090966b5a376b5fa7e68a44ed4cebd9c6fab1cc38b994ed4dcd4acb138

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 01:13:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 953
Content-Type: text/javascript

GET
H2

200

RX-8fcfeffc-b519-40d4-8f2d-2c7f9c8efede-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c&ssp=&expires=30&user_group=2&cb=339
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c&ssp=&expires=30&user_group=2&cb=339
https://sync.1rx.io/usersync/bidswitch/6d93b44f-7435-4653-bc28-07625dd45851?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/6d93b44f-7435-4653-bc28-07625dd45851?zcc=1&cb=1679102004857
https://sync.targeting.unrulymedia.com/csync/RX-8fcfeffc-b519-40d4-8f2d-2c7f9c8efede-003

43 B
377 B

56ms
15ms

Image
image/gif

213.19.147.44
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-8fcfeffc-b519-40d4-8f2d-2c7f9c8efede-003
Protocol: H2
Server: 213.19.147.44 Castricum, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 01:13:24 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-8fcfeffc-b519-40d4-8f2d-2c7f9c8efede-003
pragma: no-cache
date: Sat, 18 Mar 2023 01:13:24 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c&ssp=&expires=30&user_group=2&cb=740
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c&ssp=&expires=30&user_group=2&cb=740
https://us-u.openx.net/w/1.0/sd?id=537072968&val=6d93b44f-7435-4653-bc28-07625dd45851&gdpr=&gdpr_consent=&us_privacy=

43 B
273 B

42ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=6d93b44f-7435-4653-bc28-07625dd45851&gdpr=&gdpr_consent=&us_privacy=
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 01:13:24 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=6d93b44f-7435-4653-bc28-07625dd45851&gdpr=&gdpr_consent=&us_privacy=
date: Sat, 18 Mar 2023 01:13:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

RX-8fcfeffc-b519-40d4-8f2d-2c7f9c8efede-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c&ssp=&expires=30&user_group=2&cb=351
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c&ssp=&expires=30&user_group=2&cb=351
https://sync.1rx.io/usersync/bidswitch/6d93b44f-7435-4653-bc28-07625dd45851?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/6d93b44f-7435-4653-bc28-07625dd45851?zcc=1&cb=1679102004857
https://sync.targeting.unrulymedia.com/csync/RX-8fcfeffc-b519-40d4-8f2d-2c7f9c8efede-003

43 B
378 B

55ms
14ms

Image
image/gif

213.19.147.44
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-8fcfeffc-b519-40d4-8f2d-2c7f9c8efede-003
Protocol: H2
Server: 213.19.147.44 Castricum, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 01:13:24 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-8fcfeffc-b519-40d4-8f2d-2c7f9c8efede-003
pragma: no-cache
date: Sat, 18 Mar 2023 01:13:24 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H/1.1 200 1.gif
id5-sync.com/s/101/7d426e66-e294-4d9e-8a6f-a09dd2f9c48c/ 43 B
1 KB 12ms
10ms Image
image/gif 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/101/7d426e66-e294-4d9e-8a6f-a09dd2f9c48c/1.gif

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 18 Mar 2023 01:13:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=393426&dpuuid=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c

42 B
942 B

33ms
33ms

Image
image/gif

34.249.230.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c

Protocol

HTTP/1.1

Server

34.249.230.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-230-115.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v046-095b292e2.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 4hagGHeBRY8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v046-06ec06aa6.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: grDWQYNASq0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 p161
match.justpremium.com/match/ 43 B
324 B 37ms
9ms Image
image/gif 18.185.37.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.justpremium.com/match/p161?ex_uid=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.37.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-37-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 01:13:24 GMT
content-length: 43
content-type: image/gif

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ 42 B
473 B 74ms
19ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=7d426e66-e294-4d9e-8a6f-a09dd2f9c48c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 18 Mar 2023 01:13:24 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

gcm
ads.creative-serving.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm&google_sc
https://ads.creative-serving.com/gcm?google_gid=CAESEGjO0FGVv8ptUOVnUY-1hYo&google_cver=1

43 B
220 B

9ms
9ms

Image
image/gif

3.126.176.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.creative-serving.com/gcm?google_gid=CAESEGjO0FGVv8ptUOVnUY-1hYo&google_cver=1
Protocol: HTTP/1.1
Server: 3.126.176.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-176-168.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 01:13:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 18 Mar 2023 01:13:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.creative-serving.com/gcm?google_gid=CAESEGjO0FGVv8ptUOVnUY-1hYo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 17ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X8F714134Y&gtm=45je33f0&_p=891070177&cid=1627038174.1679102002&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&dr=&sid=1679102002&sct=1&seg=1&dl=https%3A%2F%2Fwww.norgesspill.com%2Fno&dt=Norgesspill%20Nettcasino%20-%20Norges%20Prisvinnende%20Nettcasino&en=page_view&ep.client_id_ga=621196757.1679102002.&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.64%20Safari%2F537.36&ep.gtm_version=49&ep.original_page_url=https%3A%2F%2Fwww.norgesspill.com%2Fno&_et=6&up.User_Agent_UCD=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.64%20Safari%2F537.36
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X8F714134Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.norgesspill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 01:13:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.norgesspill.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.norgesspill.com/	1969-12-31 23:59:59	Name: franchise Value: 67
.norgesspill.com/	1969-12-31 23:59:59	Name: franchiseCode Value: NORWAY_NORGESSPILL
.norgesspill.com/	1969-12-31 23:59:59	Name: locale Value: no_NO
.norgesspill.com/	1969-12-31 23:59:59	Name: useMobile Value: true
.norgesspill.com/	1970-01-20 12:36:31	Name: showAppBanner Value: true
www.norgesspill.com/	1969-12-31 23:59:59	Name: CASINO_KEY Value: "{\"rqo\":{\"currency\":\"NOK\",\"siteCode\":\"norgesspill\",\"locale\":\"no_NO\"},\"isTestPlayer\":false,\"playerProvince\":\"DE_\",\"isMobile\":false}"
.norgesspill.com/	1970-01-20 19:10:38	Name: ajs_user_id Value: null
.norgesspill.com/	1970-01-20 19:10:38	Name: ajs_group_id Value: null
.norgesspill.com/	1970-01-20 19:10:38	Name: ajs_anonymous_id Value: %224ab2ee34-2e83-4b03-acc7-9c6576d3cda2%22
.norgesspill.com/	1970-01-20 12:34:38	Name: _gcl_au Value: 1.1.1086070678.1679102002
.norgesspill.com/	1970-01-20 11:08:14	Name: client_id_cookie Value: 621196757.1679102002
.norgesspill.com/	1970-01-20 20:01:02	Name: _ga_X8F714134Y Value: GS1.1.1679102002.1.1.1679102002.0.0.0
.norgesspill.com/	1970-01-20 20:01:02	Name: _ga Value: GA1.2.1627038174.1679102002
.norgesspill.com/	1970-01-20 10:26:28	Name: _gid Value: GA1.2.856642203.1679102002
.norgesspill.com/	1970-01-20 10:25:02	Name: _gat_UA-81872348-1 Value: 1
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 7e85f15e4280704
.data.adnuntius.com/	1970-01-20 11:08:14	Name: browserId Value: m9bt8c02zwt1hyvmpg70mkrp
.adform.net/	1970-01-20 11:09:36	Name: C Value: 1
.creative-serving.com/	1970-01-20 19:46:38	Name: tuuid Value: 7d426e66-e294-4d9e-8a6f-a09dd2f9c48c
.adform.net/	1970-01-20 11:51:22	Name: uid Value: 8085576848810232906
.creative-serving.com/	1970-01-20 19:46:38	Name: c Value: 1679102004
.creative-serving.com/	1970-01-20 19:46:38	Name: tuuid_lu Value: 1679102004
.id5-sync.com/	1970-01-20 10:25:02	Name: cf Value:
.id5-sync.com/	1970-01-20 10:25:02	Name: cip Value:
.id5-sync.com/	1970-01-20 10:25:02	Name: cnac Value:
.id5-sync.com/	1970-01-20 10:25:02	Name: car Value:
.id5-sync.com/	1970-01-20 10:25:02	Name: gdpr Value:
.id5-sync.com/	1970-01-20 10:25:02	Name: callback Value:
.justpremium.com/	1970-01-20 11:09:40	Name: jpxumaster Value: um-83f97ceb-a070-46b8-9169-d1f2de7eaec8-1679102004
.justpremium.com/	1970-01-20 10:26:28	Name: jpxumatched Value: p161
.doubleclick.net/	1970-01-20 19:46:38	Name: IDE Value: AHWqTUnzvEYOfi8yIQvVXRlYYGS2lHBPL3d1fxvcPTz7U4_CYo5YnqrQ9VqShc9YktQ
.bidswitch.net/	1970-01-20 19:10:38	Name: c Value: 1679102004
.bidswitch.net/	1970-01-20 19:10:38	Name: tuuid_lu Value: 1679102004
.bidswitch.net/	1970-01-20 19:10:38	Name: tuuid Value: 6d93b44f-7435-4653-bc28-07625dd45851
.pubmatic.com/	1970-01-20 10:45:11	Name: KRTBCOOKIE_1282 Value: 23359-7d426e66-e294-4d9e-8a6f-a09dd2f9c48c&KRTB&23440-7d426e66-e294-4d9e-8a6f-a09dd2f9c48c
.pubmatic.com/	1970-01-20 11:08:14	Name: PugT Value: 1679102004
.1rx.io/	1970-01-20 19:10:38	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-8fcfeffc-b519-40d4-8f2d-2c7f9c8efede-003%22%7D
.demdex.net/	1970-01-20 14:44:14	Name: demdex Value: 79545907593222733171787313505941439894
.dpm.demdex.net/	1970-01-20 14:44:14	Name: dpm Value: 79545907593222733171787313505941439894
.targeting.unrulymedia.com/	1970-01-20 19:10:38	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-8fcfeffc-b519-40d4-8f2d-2c7f9c8efede-003%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .casinomodule.com .playngonetwork.com;
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9905434.fls.doubleclick.net
a1.adform.net
ads.creative-serving.com
adservice.google.com
adservice.google.de
api.graphyte.ai
bam.nr-data.net
cdn.adnuntius.com
cdn.graphyte.ai
cdn.jsdelivr.net
cm.g.doubleclick.net
d3eg6wi5fpm57g.cloudfront.net
d3j4vz29nirhst.cloudfront.net
data.adnuntius.com
dpm.demdex.net
edge.fullstory.com
fonts.googleapis.com
fonts.gstatic.com
id5-sync.com
js-agent.newrelic.com
match.justpremium.com
norgesspill.com
region1.google-analytics.com
rs.fullstory.com
s2.adform.net
scripts.prdredir.com
simage2.pubmatic.com
static2.creative-serving.com
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.norgesspill.com
x.bidswitch.net
116.202.161.76
142.250.181.230
142.250.185.162
151.101.2.137
151.139.128.10
162.19.138.116
162.247.243.29
18.185.37.222
18.195.198.1
18.64.79.63
185.64.190.80
2001:4860:4802:32::36
213.19.147.44
2600:9000:2251:4e00:f:dcfa:3700:21
2600:9000:225e:e00:b:5e2c:3740:21
2606:4700::6810:5714
2606:4700::6810:e551
2606:4700:e2::ac40:8721
2a00:1450:4001:801::2003
2a00:1450:4001:806::2004
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2002
2a00:1450:400c:c00::9d
2a02:6ea0:c700::11
3.126.176.168
34.249.230.115
35.186.194.58
35.201.112.186
35.244.159.8
37.157.5.141
37.157.6.236
52.18.10.144
0107dbee9a0e85e54bd7f532036aa275460e5d46cd885ad4ce116c3c75abf5ef
01c4cee75d90e103dc43f0a5dfa35a5bd4c6e44de7d410560fd73d7961001b1c
03c0e5a5ed85531c9d06a23d1da357facca2fbcd9f6f84c4908b6e2cefca05e3
0402c508a3143969909fa6240ec3b432976b2b61c85b5a16ba86f1e7974cf92d
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
161a726f1eaf3e63ce8b49661e676ae10ca8c518a8aebaf37affb3fb9879c3dc
1722f0d9462bc632da853627416208d437faf74104d5f5f847590d660e8a97f5
2197102a9d41186a128f4bc97a3c2261e6cc3e1faf10a9f64987d2ba037609f6
257c6970ade9c907995d414a54330dbab89590573b8d520e8d41010b3b3a260b
25851eb36ddcbcc1fbe5898ab6deedcf66bb19e3599c3d3e3a67f209b0fbc6f7
27536dc6d7793663e6324d7d78c1f76484e75b3ad7c996679fe5ab90d47a195a
2bc66b7d6daee16166bbc49997b1a9539f7d3acf52c1a8ed74f62899c81a86c5
2e7da08109661789b2f17f5f532a245b7e1f7550348c64d41d82a7c12192df65
301f0164c6fd660d832d67185318ba96c56212fe63c1a7c25c44f2c519124dc9
364bd708aae5778c73c99ca13f14174a24deb4dab5c2d1c3b6f4639a6afbcca0
37072a42526245f257b725698d7e70dfab281bfd00d38f1112dafd36a6e04176
3deb737c8d082280eadd1ceee09e6252ee2385e543c737f9a88b4fb039bc97ef
44d653ad00cebaebb7a5a90a182c4446d1563ed0134623875b94a2afa24472c5
45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50f6da2c718d36a6bb089d4174d163f3f5401a30834dcf10e3781df573504123
528b5543f835b536569b86a869855e5305c6c1b1ce3720bd1f1b7554660c594f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59c3979f321ed8b67348adbdebf4e9304fa3b6645dc3d2a88d2a9f867332610d
63590439d0fac375a9890a2d9dd2693c4db2a3ce366a94433a5b8364d3b441cf
6f29fb2d71a220db108d17f89081c3cd95696de08f78bad273d6875998b18081
74bfa187b47ab2daf63caf6871557d4185adc12f0d64e59695140abfe37f0109
782a1e51c1723944d767558fdc87877ad5cce673a6ec81a6278cf8a140559c9f
7c874eb3e829966b68569ae4374e45ba8890850f529640bc05122f30d407964c
7e9eb8c907f7e364fc51fe4909d94fb9ec3ac23d25d57aba0801185b0a2c0851
7f13ea6118e9b1c0f0670cdecf68ecfb6e5406994dc0444aa0155cb506957a48
82e122e2c19d2dabd3829bcb7fdcb2230062340d559659807b6bfcaf417afcf4
8445801e402119bfc3fcd7b0847a8b3f77724b5a3a836bbe131865fc24fc1abe
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854caa9d66f7b0b13e36a8c68e79948a959aa0dd270f924d1aa51b1636997305
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8adb09b880a4206f6a32f21d14fd4715a16fc9a9b731ed7d1021c8677ea6b812
8da52797f84f848e6a89b91de51c7c449ee6f228327a29ed10e5cdd1f435c447
954337af6bd7d73deb801494b56f7329aa9eb0a73e085550470ab967874abbc3
95d838de11136e7964ca0eaa375bf294d19a0b15880a014338e0a5d9d8e05385
963b33b968ee14442d917bb14b6c8155b4bfa633a6ce3d00e89ff9f05d630828
99dd763740bf142f5f76429118a2ca452802c21d02919adc1495a4a85df0cdf0
9bbde4e879f5cc6d8e98b1e5605898a933825190f867b66285b084bc3ee785e9
9fea1ab67f1bd0e3f77ad59fdbd990960015c74a8b35b02a5fd0cd622c6b6307
a00d94cfbd13eb7010477ca6250f38cbb430adcee5b4fee6410e14e24cd0aced
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a179c6b00651da9f9ac8447f6ded25d7226db526f65bebe39dadd8fc9d7bde9a
a3922d5dba50d10a2413595d352b5e4e6517cb2ffde1e507084932536d3e6e10
a89bb58c3c893c306ccf105c374060d88d3aa141b01420dcd06c2a9e7d5337a8
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0406c0ae32f73a0c2e6179d6ec8159436f724fdf3e130ed37faeefb582b1cf1
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b524993eb6c0e21388b798f81e95608cb5f1e42fafd081462d98bc3fdabe89af
b750e0090966b5a376b5fa7e68a44ed4cebd9c6fab1cc38b994ed4dcd4acb138
b99d6314659c76c456a5307f76c58a53d0aa6c78d6af191321e19ef48eeace33
b9f590b71a56c0601f7977e5fb4a4126964a8324cae426e43d454ee92978f8eb
bc42e02f098a8cbf140a950004df7080952f481496131f7a87389b56738862cf
c04446037c006580487ae15a926cce945483dad97ec5f0a5eb5f022582fc1aed
c8a139179d7912e0f106a0b0b6152652f803ef8a97ed4c8fe3e08a952adb89d8
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ccb5a548baa05d92af609a249b9b1fa34461ab697e25296f66db3f9d677d1a6a
cd9216308f7433d319f912cfc029861f0176f0d0af13c57338d291f757fb01de
d1a2f1049d028b809280e51ee0fa376c48bcf5028662ea130fafc00cfc859d03
d3b16b6fc993feb30f5e97d2df47ae360bc36e1e090b7c7c060ad2cb499737a8
d624f6ad96a94b3d3225d930bf8715c2f0d4a90c343ee6f7d8cdc927da724032
d74421d8026be370b8ca1fa9a0581cd605f1e7dad8297026625471d6d4195a1c
d85b848c01dfebb9c6b64d1ac7cb781b29c9c3e34ba20ae9704047a3cb464f8d
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df16ae2f3f4c003e55aa93796b78c0ab73e0155ae32bea72cee59d1e0832f92d
e2686d1245000570ac793349a1e85b90c3c097af7ae1cbc15471b83cffbfc270
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5685a4a9c31778e18f25a1b56e22b4a97ac94bef4261554dcb7a583bc63f77a
e799252f3722bdbcc47428ce6f039af68b43cd2fe496a6913e21ac1ac5971b21
e7b49b7c8fa94d85a9bc8d1ced22a0acf1e1d24dce33336f6744ceb32da02fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f68284053ac3ff6a5c82a4e69393d121482b7f4d08d2d615715e69d4d89b2d60
f74cd929f1cc2aad68b524d4b74bff96282b4c3f73fe26796b48f2665c3fc6e9
f97c8e96218976e75e1e51a10a76d894615b7ab3a6b54ad3dcd9f913c74cfa6d
ff21210b0702b9648b8ea001808da6dfb964471ad175f43fa626fb2d616a5a37

www.norgesspill.com Open in urlscan Pro 2606:4700::6810:e551 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

90 Requests

91 %HTTPS

44 %IPv6

26 Domains

38 Subdomains

35 IPs

8 Countries

1077 kBTransfer

3248 kBSize

40 Cookies

2 Outgoing links

Page URL History

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.norgesspill.com Open in urlscan Pro
2606:4700::6810:e551 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

91 %
HTTPS

44 %
IPv6

26
Domains

38
Subdomains

35
IPs

8
Countries

1077 kB
Transfer

3248 kB
Size

40
Cookies

90 HTTP transactions
1 data transactions