norsecorp.com Open in urlscan Pro
2606:4700:3031::ac43:a8b9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://map.norsecorp.com/
Effective URL:
https://norsecorp.com/
Submission Tags: falconsandbox
Submission: On January 29 via api (January 29th 2021, 7:42:39 pm UTC) from US

Summary HTTP 52 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 11 domains to perform 52 HTTP transactions. The main IP is 2606:4700:3031::ac43:a8b9, located in United States and belongs to CLOUDFLARENET, US. The main domain is norsecorp.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 31st 2020. Valid for: a year.

This is the only time norsecorp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 24	2606:4700:303... 2606:4700:3031::ac43:a8b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
1 3	2.19.34.195 2.19.34.195	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
52	8

24 2606:4700:3031::ac43:a8b9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

map.norsecorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
norsecorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.34.195 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-34-195.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	norsecorp.com 1 redirects map.norsecorp.com norsecorp.com	719 KB
8	doubleclick.net googleads.g.doubleclick.net
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	196 KB
4	gstatic.com fonts.gstatic.com	82 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	taboola.com cdn.taboola.com	133 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	803 B
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	644 B
1	googleapis.com fonts.googleapis.com	2 KB
52	11

	Domain	Requested by
23	norsecorp.com	norsecorp.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
6	pagead2.googlesyndication.com	norsecorp.com pagead2.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com norsecorp.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	cdn.taboola.com	norsecorp.com cdn.taboola.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	norsecorp.com
1	map.norsecorp.com	1 redirects
52	13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-31` - `2021-08-31`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://norsecorp.com/
Frame ID: D0CA93603A60C52F3A1FFA77792F043A
Requests: 42 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/gen_204?id=rmvasftr&type=false
Frame ID: 5CFB66060BCC4019477FE48DC76A3F7E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/zrt_lookup.html
Frame ID: B5DE063BD335942961AC401C08A4AEA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7681034087578164&output=html&adk=1812271804&adf=3025194257&lmt=1611922826&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnorsecorp.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1611949334443&bpp=13&bdt=677&idt=111&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=901371079050&frm=20&pv=2&ga_vid=53191884.1611949335&ga_sid=1611949335&ga_hid=1114644162&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068769%2C21068893%2C21068945&oid=3&pvsid=601515392857483&pem=290&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=140
Frame ID: 52F8CA78466CCD2199F37B2A68AB484B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7681034087578164&output=html&h=280&adk=481566491&adf=3570269362&pi=t.aa~a.2841124947~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1611922826&rafmt=1&to=qs&pwprc=1947573281&psa=0&format=375x280&url=https%3A%2F%2Fnorsecorp.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611949334911&bpp=4&bdt=1145&idt=-M&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee9269f951fafc83-228bb6eab8b900d0%3AT%3D1611949334%3ART%3D1611949334%3AS%3DALNI_Mb43mBxWAwcYb_XWT5E6PjPeoSrQg&prev_fmts=0x0&nras=1&correlator=901371079050&frm=20&pv=1&ga_vid=53191884.1611949335&ga_sid=1611949335&ga_hid=1114644162&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=1376&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068769%2C21068893%2C21068945&oid=3&pvsid=601515392857483&pem=290&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=VjL1WOxrIl&p=https%3A//norsecorp.com&dtd=21
Frame ID: D835ABBCA20BFB29930B7A7D7FC0777B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7681034087578164&output=html&h=280&adk=481566491&adf=2069136634&pi=t.aa~a.2841140234~rp.2&w=375&fwrn=4&fwrnh=100&lmt=1611922826&rafmt=1&to=qs&pwprc=1947573281&psa=0&format=375x280&url=https%3A%2F%2Fnorsecorp.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611949334911&bpp=2&bdt=1145&idt=-M&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee9269f951fafc83-228bb6eab8b900d0%3AT%3D1611949334%3ART%3D1611949334%3AS%3DALNI_Mb43mBxWAwcYb_XWT5E6PjPeoSrQg&prev_fmts=0x0%2C375x280&nras=1&correlator=901371079050&frm=20&pv=1&ga_vid=53191884.1611949335&ga_sid=1611949335&ga_hid=1114644162&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068769%2C21068893%2C21068945&oid=3&pvsid=601515392857483&pem=290&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=we6V0f7XpF&p=https%3A//norsecorp.com&dtd=28
Frame ID: 21094D3ABF1FEB1B9DDA1E46CAF5CB35
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7681034087578164&output=html&h=280&adk=745301159&adf=858150773&pi=t.aa~a.1899083157~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1611922826&rafmt=1&to=qs&pwprc=1947573281&psa=0&format=340x280&url=https%3A%2F%2Fnorsecorp.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611949334911&bpp=1&bdt=1146&idt=-M&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee9269f951fafc83-228bb6eab8b900d0%3AT%3D1611949334%3ART%3D1611949334%3AS%3DALNI_Mb43mBxWAwcYb_XWT5E6PjPeoSrQg&prev_fmts=0x0%2C375x280%2C375x280&nras=1&correlator=901371079050&frm=20&pv=1&ga_vid=53191884.1611949335&ga_sid=1611949335&ga_hid=1114644162&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068769%2C21068893%2C21068945&oid=3&pvsid=601515392857483&pem=290&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=OrUb23G2h9&p=https%3A//norsecorp.com&dtd=33
Frame ID: 58F71B2872EB48CDBA76FB0FF133A8A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7681034087578164&output=html&h=280&adk=481566491&adf=3728608869&pi=t.aa~a.2841135585~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1611922826&rafmt=1&to=qs&pwprc=1947573281&psa=0&format=375x280&url=https%3A%2F%2Fnorsecorp.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611949334911&bpp=2&bdt=1145&idt=-M&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee9269f951fafc83-228bb6eab8b900d0%3AT%3D1611949334%3ART%3D1611949334%3AS%3DALNI_Mb43mBxWAwcYb_XWT5E6PjPeoSrQg&prev_fmts=0x0%2C375x280%2C375x280%2C340x280&nras=1&correlator=901371079050&frm=20&pv=1&ga_vid=53191884.1611949335&ga_sid=1611949335&ga_hid=1114644162&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=2204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068769%2C21068893%2C21068945&oid=3&pvsid=601515392857483&pem=290&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=4&fsb=1&xpc=MD6HnrdjP5&p=https%3A//norsecorp.com&dtd=38
Frame ID: 0730CD08FCCAD91208612733C6F42897
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7681034087578164&output=html&h=100&adk=1504134120&adf=296286514&pi=t.aa~a.2841125912~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1611922826&rafmt=1&to=qs&pwprc=1947573281&psa=0&format=375x100&url=https%3A%2F%2Fnorsecorp.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611949334911&bpp=2&bdt=1145&idt=2&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee9269f951fafc83-228bb6eab8b900d0%3AT%3D1611949334%3ART%3D1611949334%3AS%3DALNI_Mb43mBxWAwcYb_XWT5E6PjPeoSrQg&prev_fmts=0x0%2C375x280%2C375x280%2C340x280%2C375x280&nras=1&correlator=901371079050&frm=20&pv=1&ga_vid=53191884.1611949335&ga_sid=1611949335&ga_hid=1114644162&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=3031&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068769%2C21068893%2C21068945&oid=3&pvsid=601515392857483&pem=290&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=5&fsb=1&xpc=gsQtY5LA7E&p=https%3A//norsecorp.com&dtd=44
Frame ID: 65857F07EC70FDFA00CE798F6B358078
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/zrt_lookup.html?fsb=1
Frame ID: CD77E4091C6146545C982628AE42D69A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 3A727D7A65571D3339C244FC6CA8F49F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://map.norsecorp.com/ HTTP 301
https://norsecorp.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /react.*\.js/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

52
Requests

100 %
HTTPS

63 %
IPv6

11
Domains

13
Subdomains

8
IPs

3
Countries

1162 kB
Transfer

3201 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/PenciDesign

Search URL Search Domain Scan URL

URL: https://twitter.com/PenciDesign

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://map.norsecorp.com/ HTTP 301
https://norsecorp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1611949334660&ns_c=UTF-8&cv=3.5&c8=NorseCorp%20-%20NorseCorp.com&c7=https%3A%2F%2Fnorsecorp.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1611949334660&ns_c=UTF-8&cv=3.5&c8=NorseCorp%20-%20NorseCorp.com&c7=https%3A%2F%2Fnorsecorp.com%2F&c9=&cs_ak_ss=1

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
norsecorp.com/
Redirect Chain

http://map.norsecorp.com/
https://norsecorp.com/

66 KB
11 KB

183ms
154ms

Document
text/html

2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://norsecorp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c70cfb5e109c5e471b731517dff32174aacf8603a048f2b3a197ac06122238aa

Request headers

:method: GET
:authority: norsecorp.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d9d18e7f93ceb14e2f78ceca3fa8dce561611949333
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:13 GMT
content-type: text/html; charset=UTF-8
last-modified: Fri, 29 Jan 2021 12:20:26 GMT
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
x-powered-by: PleskLin
cf-cache-status: DYNAMIC
cf-request-id: 07f143f3c60000c28668276000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GLjFfkCXZZEaSpO8ObxVL%2B4IZ7mxnRvsWoULCTowaddxXHOCunJEuKqIATbomEB5L3lGRgynRhjcGuy8wKEqQoDkp7XRBm8gT%2FvrMKkI2pUWBpw0dH4qAK4m"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 61956f660fc4c286-FRA
content-encoding: br

Redirect headers

Date: Fri, 29 Jan 2021 19:42:13 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d9d18e7f93ceb14e2f78ceca3fa8dce561611949333; expires=Sun, 28-Feb-21 19:42:13 GMT; path=/; domain=.norsecorp.com; HttpOnly; SameSite=Lax
Location: https://norsecorp.com/
X-Powered-By: PleskLin
CF-Cache-Status: DYNAMIC
cf-request-id: 07f143f34d00002b7dc027e000000001
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9z1nMmBD4RfwVevymkDrzqGNySOGla78oYupq3dOSdQCBPmaxxApWH64Voz%2Bwei5wxVfoyj2NJut%2F0EaiRu%2BP8PKwQ2AcmC%2BrEUDuxLPgVZ%2FeuwPXIegDTh445Rgbw%3D%3D"}]}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 61956f654acf2b7d-FRA

GET
H2 200 ikud.css
norsecorp.com/wp-content/cache/wpfc-minified/2cbzuyb0/ 58 KB
9 KB 17ms
15ms Stylesheet
text/css 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://norsecorp.com/wp-content/cache/wpfc-minified/2cbzuyb0/ikud.css
Requested by: Host: norsecorp.com
URL: https://norsecorp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 95a52b774426a28046f8c20265051da6d8267ffb47eaaf34ad40e48344a13ed0

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3890029
x-powered-by: PleskLin
cf-request-id: 07f143f50d0000c286e026f000000001
last-modified: Tue, 15 Dec 2020 18:58:31 GMT
server: cloudflare
etag: W/"5fd90757-e835"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B4Pz2nCJ%2BfKs7iAZI32PAsUlS%2B89aVODOLR7oEexTxJiL6mlEDwEdZCUxzOPtP9IP2csaT%2BQhUueqsv4TIfjgSKwlIVo90kIFXrhMeOyWsUQGCxknVTfPFFV"}]}
content-type: text/css
cache-control: max-age=10368000
cf-ray: 61956f681be6c286-FRA
expires: max-age=A10368000, public

GET
H2 200 css
fonts.googleapis.com/ 45 KB
2 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPT+Serif%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair+Display+SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap&ver=1.0

Requested by

Host: norsecorp.com
URL: https://norsecorp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7cb35a334053128d7722a916265248416835d0dd0b21aee3f3e20ba916a19992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Jan 2021 19:42:13 GMT
server: ESF
date: Fri, 29 Jan 2021 19:42:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Jan 2021 19:42:13 GMT

GET
H2 200 ikud.css
norsecorp.com/wp-content/cache/wpfc-minified/7801im8h/ 777 KB
94 KB 42ms
41ms Stylesheet
text/css 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://norsecorp.com/wp-content/cache/wpfc-minified/7801im8h/ikud.css
Requested by: Host: norsecorp.com
URL: https://norsecorp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c3cea3e217543f18e52266d74a9cb0fc874e251a07bf42e79da1118058c5da4b

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3889464
x-powered-by: PleskLin
cf-request-id: 07f143f50d0000c286889b9000000001
last-modified: Tue, 15 Dec 2020 18:58:31 GMT
server: cloudflare
etag: W/"5fd90757-c23aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E9HrvQzSVZX%2B60UxcH2Fq6nndzU6Io5m5xM1dzHL%2FbBlu63PPU63pTRnZ4WnO8U1WUtvij2ffyErqfjjrLwmohkzMhpkxoe5cCtnCZ6s2o9r34JiQqbodHDz"}]}
content-type: text/css
cache-control: max-age=10368000
cf-ray: 61956f681beac286-FRA
expires: max-age=A10368000, public

GET
H2 200 ikud.js Show response
norsecorp.com/wp-content/cache/wpfc-minified/fs9qtpgi/ 196 KB
64 KB 34ms
33ms Script
application/javascript 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://norsecorp.com/wp-content/cache/wpfc-minified/fs9qtpgi/ikud.js
Requested by: Host: norsecorp.com
URL: https://norsecorp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 504404c931f3dd4f46dccadad792be16e0ec62b6c1af29e5e54a5086e2857036

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3889464
x-powered-by: PleskLin
cf-request-id: 07f143f5100000c2865cb48000000001
last-modified: Tue, 15 Dec 2020 18:58:31 GMT
server: cloudflare
etag: W/"5fd90757-30e69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9ASk1WWQvRfLLFyZj24Z8Nn0ucVS0hDQZNjdY2HJZs3VQNuIL34R4c41HqzD9m6wzPp77SWhu7AZrEcX5Nnw0kjWnNjU2uA2kLoutqYHm27AREPRPpdtXZT3"}]}
content-type: application/javascript
cache-control: max-age=10368000
cf-ray: 61956f681beec286-FRA
expires: max-age=A10368000, public

GET
H2 200 ikud.js Show response
norsecorp.com/wp-content/cache/wpfc-minified/lm4tlhxv/ 2 KB
1 KB 49ms
49ms Script
application/javascript 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://norsecorp.com/wp-content/cache/wpfc-minified/lm4tlhxv/ikud.js
Requested by: Host: norsecorp.com
URL: https://norsecorp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 24028bad6cedb0ed34f1db3d070548f6b0130759e67e93ea02cac1b7d629745d

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3890043
x-powered-by: PleskLin
cf-request-id: 07f143f50f0000c28677be5000000001
last-modified: Tue, 15 Dec 2020 18:58:31 GMT
server: cloudflare
etag: W/"5fd90757-789"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Lj5gpFz7HTLOpG6sAPPQltT%2F1pYPCE9d8DyNBr7ZkxZRpj6gwj3YXskh8N4%2BIYkQaKi3i%2BvpaQAKb4jBoX2XFMH9xnf4vcxfpOLcYgqRunTfFIgBgYGhYDCb"}]}
content-type: application/javascript
cache-control: max-age=10368000
cf-ray: 61956f681bf0c286-FRA
expires: max-age=A10368000, public

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 66ms
36ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: norsecorp.com
URL: https://norsecorp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd374a674ce41da6211c3e39344a5faf6eda6152d5d3a683c7c202c542452bbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47540
x-xss-protection: 0
server: cafe
etag: 5153562350519774024
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 29 Jan 2021 19:42:13 GMT

GET
H2 200 penci-holder.png
norsecorp.com/wp-content/themes/soledad/images/ 125 B
462 B 15ms
14ms Image
image/png 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://norsecorp.com/wp-content/themes/soledad/images/penci-holder.png
Requested by: Host: norsecorp.com
URL: https://norsecorp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:13 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5335891
x-powered-by: PleskLin
cf-request-id: 07f143f5a70000c2869c1cf000000001
last-modified: Sat, 21 Nov 2020 15:02:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s8wIyjX37QbQyF37OY7bwqHVJZc%2Fu9m%2FBHB3zQ0IqqnHQbPOBD9FY09KfQcYghhvxUwglINrBMvNxXa%2Bc2Ek9c8DkSsmWNfq6HnTTk%2F5vY30wq5h6an4DFOY"}]}
content-type: image/png
x-accel-version: 0.01
cache-control: max-age=10368000
cf-ray: 61956f690e10c286-FRA
expires: max-age=A10368000, public

GET
H2 200 corp.png
norsecorp.com/wp-content/uploads/2019/05/ 31 KB
32 KB 23ms
22ms Image
image/png 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://norsecorp.com/wp-content/uploads/2019/05/corp.png
Requested by: Host: norsecorp.com
URL: https://norsecorp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0cf9e58c49d76b610a84582e4543793bbcf1e540f05d7da0a4c2423204826429

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:13 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1967245
x-powered-by: PleskLin
content-length: 32132
cf-request-id: 07f143f5ab0000c2865b28a000000001
last-modified: Sun, 15 Dec 2019 23:22:43 GMT
server: cloudflare
etag: "5df6c043-7d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F1MW5o%2BmsnFvNdkASVBk4qtwQskyOokbx4TBCIHVRjvlnUnpg0xx%2Fta%2F%2BKVdV7Y5RjHvY7o4SJJ3xRjXHs1STR5a0Qd8kZe9ilC3xEtc0Q4Jc5S6ZzDiCaFD"}]}
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 61956f690e12c286-FRA
expires: max-age=A10368000, public

GET
H2 200 front.min.js Show response
norsecorp.com/wp-content/plugins/cookie-notice/js/ 9 KB
2 KB 15ms
14ms Script
application/javascript 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://norsecorp.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=1.3.2
Requested by: Host: norsecorp.com
URL: https://norsecorp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7207661
x-powered-by: PleskLin
cf-request-id: 07f143f5450000c286ae277000000001
last-modified: Thu, 28 May 2020 13:03:48 GMT
server: cloudflare
etag: W/"5ecfb6b4-2474"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tYOtN8AYdqZFXN%2BsItZJ5MlVH0lnQ1L4Fqp1Ucv8RyXYqws1cRbWieZoGhsV8nydec3%2Fx5TA9%2FZalqiE4%2FYajvgBZfeZYk0qVrvgXNL1zSfXsYz2Mci009dz"}]}
content-type: application/javascript
cache-control: max-age=10368000
cf-ray: 61956f686ccfc286-FRA
expires: max-age=A10368000, public

GET
H2 200 libs-script.min.js Show response
norsecorp.com/wp-content/themes/soledad/js/ 168 KB
45 KB 29ms
29ms Script
application/javascript 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://norsecorp.com/wp-content/themes/soledad/js/libs-script.min.js?ver=7.6.0
Requested by: Host: norsecorp.com
URL: https://norsecorp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5b444403a3fac8a93bdf78f7aefdc9e8bc79fb14901b8c9a6d51c032841c9840

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3887277
x-powered-by: PleskLin
cf-request-id: 07f143f5470000c286a72eb000000001
last-modified: Tue, 15 Dec 2020 18:56:24 GMT
server: cloudflare
etag: W/"5fd906d8-2a1bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BabbE00ChPMHBAOgLK7o0FNHbhlAT79P3Ox2zchduQOnxm7wFlN0R%2FZZRt80%2FoDswyb4HcSe42T5ZyCrrPiVYYRfOPWaxWK1%2BCAvk%2BWWezWL9ufP1o2NXTRr"}]}
content-type: application/javascript
cache-control: max-age=10368000
cf-ray: 61956f686cd2c286-FRA
expires: max-age=A10368000, public

GET
H2 200 main.js Show response
norsecorp.com/wp-content/themes/soledad/js/ 44 KB
9 KB 16ms
15ms Script
application/javascript 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://norsecorp.com/wp-content/themes/soledad/js/main.js?ver=7.6.0
Requested by: Host: norsecorp.com
URL: https://norsecorp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c3489de75b5f0c4c280294907911596850c49d58e2d07cf8972dff5249a2f300

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 764606
x-powered-by: PleskLin
cf-request-id: 07f143f5a30000c28677bf0000000001
last-modified: Tue, 15 Dec 2020 18:56:24 GMT
server: cloudflare
etag: W/"5fd906d8-aec7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0kYwes8wKOyos1tiGDxdYx1OsW3Dhq%2BuPooHv%2B9J3KB4ZuyBbo%2BKefmLp1tU5wdBrGwL0kQEkTws4TV5BEDrIZpC3jdoOTjhWhIr%2FyxcL8VfzVZvfuuS%2Fpdn"}]}
content-type: application/javascript
cache-control: max-age=10368000
cf-ray: 61956f690e00c286-FRA
expires: max-age=A10368000, public

GET
H2 200 post-like.js Show response
norsecorp.com/wp-content/themes/soledad/js/ 1 KB
688 B 21ms
21ms Script
application/javascript 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://norsecorp.com/wp-content/themes/soledad/js/post-like.js?ver=7.6.0
Requested by: Host: norsecorp.com
URL: https://norsecorp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 012f916c0da7df9f2f60c07ecac0fb5112fca218ae271b22f976aeb4ae811d02

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3756664
x-powered-by: PleskLin
cf-request-id: 07f143f5a40000c2862629e000000001
last-modified: Tue, 15 Dec 2020 18:56:24 GMT
server: cloudflare
etag: W/"5fd906d8-459"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Wl8AjsG9OEreasu%2F86gya6Kfohp5FLVZ9WMr%2FwkMwUHCEOqm2%2BcBND6zd%2BTZdzxtV5N3NNbB5tKme28e1HbjCeHq9mhDRqa4UrQtvQlX4X7janYOMeqb3RiQ"}]}
content-type: application/javascript
cache-control: max-age=10368000
cf-ray: 61956f690e04c286-FRA
expires: max-age=A10368000, public

GET
H2 200 scripts.min.js Show response
norsecorp.com/wp-content/plugins/aawp/public/assets/js/ 6 KB
2 KB 15ms
15ms Script
application/javascript 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://norsecorp.com/wp-content/plugins/aawp/public/assets/js/scripts.min.js?ver=3.14.3
Requested by: Host: norsecorp.com
URL: https://norsecorp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: fc6179b45b754a04795ab061e15795e529d2cf6ab7c8875be016442193a06094

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6348001
x-powered-by: PleskLin
cf-request-id: 07f143f5a50000c286bf0fe000000001
last-modified: Mon, 16 Nov 2020 19:36:23 GMT
server: cloudflare
etag: W/"5fb2d4b7-1689"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hiOxgF5LkKJQmXDywKaNJb1SS3iKl%2FDcxmNhcZpzd75SeTQJKMX3VhEWmojE%2BADW4nwu0dayhsu%2BKJ%2BsFY232ZF%2BK%2F8zk3lqnWnCzemsNmdzAUW48sEC0PG0"}]}
content-type: application/javascript
cache-control: max-age=10368000
cf-ray: 61956f690e07c286-FRA
expires: max-age=A10368000, public

GET
H2 200 wp-embed.min.js Show response
norsecorp.com/wp-includes/js/ 1 KB
998 B 15ms
13ms Script
application/javascript 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://norsecorp.com/wp-includes/js/wp-embed.min.js?ver=5.6
Requested by: Host: norsecorp.com
URL: https://norsecorp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4377804
x-powered-by: PleskLin
cf-request-id: 07f143f5a70000c28638857000000001
last-modified: Tue, 07 Apr 2020 09:11:09 GMT
server: cloudflare
etag: W/"5e8c43ad-59a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i4TV3bMOMCzh0E09mDJVw%2FlO3WCDdLd8ltF0h10cCtN3%2BqZc%2FmJPx1acTkgBdPc0R0%2FROI%2F6SbRwA3eyaq7OOZkAHC%2Fbv1apkZdyqpubBe97%2FPiOyDDOCukc"}]}
content-type: application/javascript
cache-control: max-age=10368000
cf-ray: 61956f690e0dc286-FRA
expires: max-age=A10368000, public

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/shantel-network/ 212 KB
27 KB 156ms
58ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/shantel-network/loader.js
Requested by: Host: norsecorp.com
URL: https://norsecorp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1fea41d6db0590dad2bc80dd961282879a0830b3af9d654b5e0aef2c1ffeb541

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 4oRCQ.QGMUKvDA3.wKDf0uiA0u9b_Dmm
content-encoding: gzip
etag: "8596ac4bd47c4d71677812b144ac2a85"
age: 62
x-cache: HIT
content-length: 26734
x-amz-id-2: vEqnCqhnN5ZyAC0HpHuy2KvtnUpOIFjmvD5KUqA9rKcJig7Jos9ZU8+VoFweSjkwZ85iA0QhEok=
x-served-by: cache-fra19137-FRA
last-modified: Thu, 28 Jan 2021 08:39:45 GMT
server: AmazonS3
x-timer: S1611949334.056941,VS0,VE1
date: Fri, 29 Jan 2021 19:42:14 GMT
vary: Accept-Encoding
x-amz-request-id: DC6BE90FA4641930
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 40
x-cache-hits: 1

GET
H2 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v18/ 41 KB
42 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v18/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPT+Serif%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair+Display+SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap&ver=1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://norsecorp.com
Referer: https://fonts.googleapis.com/css?family=Raleway%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPT+Serif%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair+Display+SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap&ver=1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:15:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Sep 2020 20:45:21 GMT
server: sffe
age: 185196
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42444
x-xss-protection: 0
expires: Thu, 27 Jan 2022 16:15:37 GMT

GET
H2 200 fontawesome-webfont.woff2
norsecorp.com/wp-content/themes/soledad/fonts/ 75 KB
76 KB 20ms
19ms Font
application/font-woff2 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://norsecorp.com/wp-content/themes/soledad/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: norsecorp.com
URL: https://norsecorp.com/wp-content/cache/wpfc-minified/7801im8h/ikud.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://norsecorp.com
Referer: https://norsecorp.com/wp-content/cache/wpfc-minified/7801im8h/ikud.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:13 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5289129
x-powered-by: PleskLin
content-length: 77160
cf-request-id: 07f143f5cf0000c286a72f5000000001
last-modified: Sat, 21 Nov 2020 15:02:44 GMT
server: cloudflare
etag: "5fb92c14-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=frkccmw2P%2BGtO1cOKtCnqGdLVs2UkhjX5r%2FYcejk8yeMIyeXjJ4hB34A8ChwR0UzhVHcp24dO4vg9Ae62hKOAeS68Pq%2F4cJSlbl%2Bx7ymtq32Y0HzHHlQbxIQ"}]}
content-type: application/font-woff2
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 61956f694e89c286-FRA
expires: max-age=A10368000, public

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
fonts.gstatic.com/s/ptserif/v12/ 13 KB
13 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://norsecorp.com
Referer: https://fonts.googleapis.com/css?family=Raleway%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPT+Serif%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair+Display+SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap&ver=1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 08:42:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:05:28 GMT
server: sffe
age: 212406
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13280
x-xss-protection: 0
expires: Thu, 27 Jan 2022 08:42:07 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVyvVp8NA.woff2
fonts.gstatic.com/s/ptserif/v12/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v12/EJRSQgYoZZY2vCFuvAnt66qSVyvVp8NA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a75a7bf10f415b7c91f0b959177f3f1779e78cbf735601e41fb982c2b1cf4be2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://norsecorp.com
Referer: https://fonts.googleapis.com/css?family=Raleway%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPT+Serif%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair+Display+SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap&ver=1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 05:56:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:06:26 GMT
server: sffe
age: 222359
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13372
x-xss-protection: 0
expires: Thu, 27 Jan 2022 05:56:14 GMT

GET
H2 200 EJRTQgYoZZY2vCFuvAFT_r21cgT9rcs.woff2
fonts.gstatic.com/s/ptserif/v12/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v12/EJRTQgYoZZY2vCFuvAFT_r21cgT9rcs.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3b9ac60281114eb252c949187818336066886576d5fc78f31cc8c4c2d94531f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://norsecorp.com
Referer: https://fonts.googleapis.com/css?family=Raleway%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPT+Serif%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair+Display+SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap&ver=1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:15:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:09:19 GMT
server: sffe
age: 185195
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14020
x-xss-protection: 0
expires: Thu, 27 Jan 2022 16:15:38 GMT

GET
H2 200 impl.20210128-2-RELEASE.js Show response
cdn.taboola.com/libtrc/ 460 KB
106 KB 62ms
61ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210128-2-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/shantel-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 21a1ae8207ef29f2d3af3fbf96468cfe06dc48c3e03966f579e785b9490b179e

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: YGQlEX8c_orNPZftSYlNKPHVEojdz9Wc
content-encoding: br
etag: "068dffce5d526a63df260528e94ec56e"
age: 12112
x-cache: HIT
content-length: 108267
x-amz-id-2: xAKt0J0IN/culwsLdI+pXITeKAxBLKLdoh09HQRvIUTRZBlpvbU8S9B+gzPRpXnXw3hewdJp8vk=
x-served-by: cache-fra19137-FRA
last-modified: Thu, 28 Jan 2021 08:20:02 GMT
server: AmazonS3-br
x-timer: S1611949334.453235,VS0,VE0
date: Fri, 29 Jan 2021 19:42:14 GMT
vary: Accept-Encoding
x-amz-request-id: 9691D94D6B9F7513
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 75
x-cache-hits: 65829

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 197ms
67ms Script
application/x-javascript 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/shantel-network/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 29 Jan 2021 19:42:14 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Sat, 30 Jan 2021 19:42:14 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CFB 0
0 69ms
54ms Document
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rmvasftr&type=false

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/gen_204?id=rmvasftr&type=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://norsecorp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://norsecorp.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 29 Jan 2021 19:42:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/ 225 KB
84 KB 69ms
56ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7681034087578164&plah=norsecorp.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc80da78178921df9cdd68a7655c798beaa9563ff6a8d91a0beb1b35629e4865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 86256
x-xss-protection: 0
server: cafe
etag: 4662181343856805724
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 29 Jan 2021 19:42:14 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/ Frame B5DE 0
0 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210127/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://norsecorp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://norsecorp.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 29 Jan 2021 00:57:55 GMT
expires: Fri, 12 Feb 2021 00:57:55 GMT
content-type: text/html; charset=UTF-8
etag: 6748560809430760793
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4784
x-xss-protection: 0
age: 67459
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
644 B 231ms
92ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=norsecorp.com&callback=_gfp_s_&client=ca-pub-7681034087578164

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7681034087578164&plah=norsecorp.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

94d93f654e3bfba06a4fa5e533abf1f37cf326b6a935705ba3ef895eec2ce5ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 50ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=norsecorp.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Jan 2021 19:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 50ms
29ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=norsecorp.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Jan 2021 19:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 52F8 0
0 248ms
247ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7681034087578164&output=html&adk=1812271804&adf=3025194257&lmt=1611922826&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnorsecorp.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1611949334443&bpp=13&bdt=677&idt=111&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=901371079050&frm=20&pv=2&ga_vid=53191884.1611949335&ga_sid=1611949335&ga_hid=1114644162&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068769%2C21068893%2C21068945&oid=3&pvsid=601515392857483&pem=290&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=140

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7681034087578164&output=html&adk=1812271804&adf=3025194257&lmt=1611922826&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnorsecorp.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1611949334443&bpp=13&bdt=677&idt=111&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=901371079050&frm=20&pv=2&ga_vid=53191884.1611949335&ga_sid=1611949335&ga_hid=1114644162&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068769%2C21068893%2C21068945&oid=3&pvsid=601515392857483&pem=290&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=140
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://norsecorp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://norsecorp.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 29 Jan 2021 19:42:14 GMT
server: cafe
content-length: 39109
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 29-Jan-2021 19:57:14 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 29 Jan 2021 19:42:14 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c36a34cc0d1fba1f6684e46a84e23f1b3138df20e59d8f99679cd40588ed14e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611791148528130"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28336
x-xss-protection: 0
expires: Fri, 29 Jan 2021 19:42:14 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1611949334660&ns_c=UTF-8&cv=3.5&c8=NorseCorp%20-%20NorseCorp.com&c7=https%3A%2F%2Fnorsecorp.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1611949334660&ns_c=UTF-8&cv=3.5&c8=NorseCorp%20-%20NorseCorp.com&c7=https%3A%2F%2Fnorsecorp.com%2F&c9=&cs_ak_ss=1

0
399 B

60ms
59ms

Image
text/plain

2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1611949334660&ns_c=UTF-8&cv=3.5&c8=NorseCorp%20-%20NorseCorp.com&c7=https%3A%2F%2Fnorsecorp.com%2F&c9=&cs_ak_ss=1
Requested by: Host: norsecorp.com
URL: https://norsecorp.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Jan 2021 19:42:14 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1611949334660&ns_c=UTF-8&cv=3.5&c8=NorseCorp%20-%20NorseCorp.com&c7=https%3A%2F%2Fnorsecorp.com%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Fri, 29 Jan 2021 19:42:14 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/ 142 KB
51 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/reactive_library_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b610af5760be130959cb2fa1bb3210c35ea7fc93cc2fd09ebeadcdd130f2f192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 52097
x-xss-protection: 0
server: cafe
etag: 15838340550375950805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Jan 2021 19:42:14 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame D835 0
0 399ms
398ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7681034087578164&output=html&h=280&adk=481566491&adf=3570269362&pi=t.aa~a.2841124947~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1611922826&rafmt=1&to=qs&pwprc=1947573281&psa=0&format=375x280&url=https%3A%2F%2Fnorsecorp.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611949334911&bpp=4&bdt=1145&idt=-M&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee9269f951fafc83-228bb6eab8b900d0%3AT%3D1611949334%3ART%3D1611949334%3AS%3DALNI_Mb43mBxWAwcYb_XWT5E6PjPeoSrQg&prev_fmts=0x0&nras=1&correlator=901371079050&frm=20&pv=1&ga_vid=53191884.1611949335&ga_sid=1611949335&ga_hid=1114644162&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=1376&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068769%2C21068893%2C21068945&oid=3&pvsid=601515392857483&pem=290&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=VjL1WOxrIl&p=https%3A//norsecorp.com&dtd=21

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7681034087578164&output=html&h=280&adk=481566491&adf=3570269362&pi=t.aa~a.2841124947~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1611922826&rafmt=1&to=qs&pwprc=1947573281&psa=0&format=375x280&url=https%3A%2F%2Fnorsecorp.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611949334911&bpp=4&bdt=1145&idt=-M&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee9269f951fafc83-228bb6eab8b900d0%3AT%3D1611949334%3ART%3D1611949334%3AS%3DALNI_Mb43mBxWAwcYb_XWT5E6PjPeoSrQg&prev_fmts=0x0&nras=1&correlator=901371079050&frm=20&pv=1&ga_vid=53191884.1611949335&ga_sid=1611949335&ga_hid=1114644162&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=1376&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068769%2C21068893%2C21068945&oid=3&pvsid=601515392857483&pem=290&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=VjL1WOxrIl&p=https%3A//norsecorp.com&dtd=21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://norsecorp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://norsecorp.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 29 Jan 2021 19:42:15 GMT
server: cafe
content-length: 27679
x-xss-protection: 0
set-cookie: IDE=AHWqTUkAkE8Z1SdbMa2HirmBCqxmMx6WPIcXhLwQkEoEbABUuEfmMlJ4Jf_XUd99; expires=Wed, 23-Feb-2022 19:42:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 29 Jan 2021 19:42:15 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2109 0
0 375ms
374ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7681034087578164&output=html&h=280&adk=481566491&adf=2069136634&pi=t.aa~a.2841140234~rp.2&w=375&fwrn=4&fwrnh=100&lmt=1611922826&rafmt=1&to=qs&pwprc=1947573281&psa=0&format=375x280&url=https%3A%2F%2Fnorsecorp.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611949334911&bpp=2&bdt=1145&idt=-M&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee9269f951fafc83-228bb6eab8b900d0%3AT%3D1611949334%3ART%3D1611949334%3AS%3DALNI_Mb43mBxWAwcYb_XWT5E6PjPeoSrQg&prev_fmts=0x0%2C375x280&nras=1&correlator=901371079050&frm=20&pv=1&ga_vid=53191884.1611949335&ga_sid=1611949335&ga_hid=1114644162&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068769%2C21068893%2C21068945&oid=3&pvsid=601515392857483&pem=290&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=we6V0f7XpF&p=https%3A//norsecorp.com&dtd=28

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12745673616984896280/300x250/300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12745673616984896280/300x250/300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIndhpzzwe4CFcpWFQgd-GUJEQ&gqi=FmUUYPCwOrfI1fAPw4KV6AI&layout=/sadbundle/%24csp%253Der3%24/12745673616984896280/300x250/300x250.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7681034087578164&output=html&h=280&adk=481566491&adf=2069136634&pi=t.aa~a.2841140234~rp.2&w=375&fwrn=4&fwrnh=100&lmt=1611922826&rafmt=1&to=qs&pwprc=1947573281&psa=0&format=375x280&url=https%3A%2F%2Fnorsecorp.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611949334911&bpp=2&bdt=1145&idt=-M&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee9269f951fafc83-228bb6eab8b900d0%3AT%3D1611949334%3ART%3D1611949334%3AS%3DALNI_Mb43mBxWAwcYb_XWT5E6PjPeoSrQg&prev_fmts=0x0%2C375x280&nras=1&correlator=901371079050&frm=20&pv=1&ga_vid=53191884.1611949335&ga_sid=1611949335&ga_hid=1114644162&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068769%2C21068893%2C21068945&oid=3&pvsid=601515392857483&pem=290&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=we6V0f7XpF&p=https%3A//norsecorp.com&dtd=28
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://norsecorp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://norsecorp.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12745673616984896280/300x250/300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12745673616984896280/300x250/300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIndhpzzwe4CFcpWFQgd-GUJEQ&gqi=FmUUYPCwOrfI1fAPw4KV6AI&layout=/sadbundle/%24csp%253Der3%24/12745673616984896280/300x250/300x250.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 29 Jan 2021 19:42:15 GMT
server: cafe
content-length: 39180
x-xss-protection: 0
set-cookie: IDE=AHWqTUk__5hA-XCXD-52wIpvf0-SGkZbfqZGkZ7fSXyEAGkqTrPRO9L2ishVPRrt; expires=Wed, 23-Feb-2022 19:42:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 29 Jan 2021 19:42:15 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 58F7 0
0 324ms
324ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7681034087578164&output=html&h=280&adk=745301159&adf=858150773&pi=t.aa~a.1899083157~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1611922826&rafmt=1&to=qs&pwprc=1947573281&psa=0&format=340x280&url=https%3A%2F%2Fnorsecorp.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611949334911&bpp=1&bdt=1146&idt=-M&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee9269f951fafc83-228bb6eab8b900d0%3AT%3D1611949334%3ART%3D1611949334%3AS%3DALNI_Mb43mBxWAwcYb_XWT5E6PjPeoSrQg&prev_fmts=0x0%2C375x280%2C375x280&nras=1&correlator=901371079050&frm=20&pv=1&ga_vid=53191884.1611949335&ga_sid=1611949335&ga_hid=1114644162&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068769%2C21068893%2C21068945&oid=3&pvsid=601515392857483&pem=290&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=OrUb23G2h9&p=https%3A//norsecorp.com&dtd=33

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7681034087578164&output=html&h=280&adk=745301159&adf=858150773&pi=t.aa~a.1899083157~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1611922826&rafmt=1&to=qs&pwprc=1947573281&psa=0&format=340x280&url=https%3A%2F%2Fnorsecorp.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611949334911&bpp=1&bdt=1146&idt=-M&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee9269f951fafc83-228bb6eab8b900d0%3AT%3D1611949334%3ART%3D1611949334%3AS%3DALNI_Mb43mBxWAwcYb_XWT5E6PjPeoSrQg&prev_fmts=0x0%2C375x280%2C375x280&nras=1&correlator=901371079050&frm=20&pv=1&ga_vid=53191884.1611949335&ga_sid=1611949335&ga_hid=1114644162&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068769%2C21068893%2C21068945&oid=3&pvsid=601515392857483&pem=290&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=OrUb23G2h9&p=https%3A//norsecorp.com&dtd=33
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://norsecorp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://norsecorp.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 29 Jan 2021 19:42:15 GMT
server: cafe
content-length: 27692
x-xss-protection: 0
set-cookie: IDE=AHWqTUmGDLTzFHkmUFj0_w94DFkM__tM6_Uu58Mwx3007v-qfquYrwsME8bm7AjN; expires=Wed, 23-Feb-2022 19:42:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 29 Jan 2021 19:42:15 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0730 0
0 310ms
309ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7681034087578164&output=html&h=280&adk=481566491&adf=3728608869&pi=t.aa~a.2841135585~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1611922826&rafmt=1&to=qs&pwprc=1947573281&psa=0&format=375x280&url=https%3A%2F%2Fnorsecorp.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611949334911&bpp=2&bdt=1145&idt=-M&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee9269f951fafc83-228bb6eab8b900d0%3AT%3D1611949334%3ART%3D1611949334%3AS%3DALNI_Mb43mBxWAwcYb_XWT5E6PjPeoSrQg&prev_fmts=0x0%2C375x280%2C375x280%2C340x280&nras=1&correlator=901371079050&frm=20&pv=1&ga_vid=53191884.1611949335&ga_sid=1611949335&ga_hid=1114644162&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=2204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068769%2C21068893%2C21068945&oid=3&pvsid=601515392857483&pem=290&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=4&fsb=1&xpc=MD6HnrdjP5&p=https%3A//norsecorp.com&dtd=38

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7681034087578164&output=html&h=280&adk=481566491&adf=3728608869&pi=t.aa~a.2841135585~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1611922826&rafmt=1&to=qs&pwprc=1947573281&psa=0&format=375x280&url=https%3A%2F%2Fnorsecorp.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611949334911&bpp=2&bdt=1145&idt=-M&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee9269f951fafc83-228bb6eab8b900d0%3AT%3D1611949334%3ART%3D1611949334%3AS%3DALNI_Mb43mBxWAwcYb_XWT5E6PjPeoSrQg&prev_fmts=0x0%2C375x280%2C375x280%2C340x280&nras=1&correlator=901371079050&frm=20&pv=1&ga_vid=53191884.1611949335&ga_sid=1611949335&ga_hid=1114644162&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=620&ady=2204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068769%2C21068893%2C21068945&oid=3&pvsid=601515392857483&pem=290&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=4&fsb=1&xpc=MD6HnrdjP5&p=https%3A//norsecorp.com&dtd=38
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://norsecorp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://norsecorp.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 29 Jan 2021 19:42:15 GMT
server: cafe
content-length: 24795
x-xss-protection: 0
set-cookie: IDE=AHWqTUllnHWOMqAoyhvV-ul49ZzsdWrefSGMPd_CZHVusRl8uzGQ6BiSbdooNLOnA7U; expires=Wed, 23-Feb-2022 19:42:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 29 Jan 2021 19:42:15 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6585 0
0 380ms
379ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7681034087578164&output=html&h=100&adk=1504134120&adf=296286514&pi=t.aa~a.2841125912~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1611922826&rafmt=1&to=qs&pwprc=1947573281&psa=0&format=375x100&url=https%3A%2F%2Fnorsecorp.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611949334911&bpp=2&bdt=1145&idt=2&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee9269f951fafc83-228bb6eab8b900d0%3AT%3D1611949334%3ART%3D1611949334%3AS%3DALNI_Mb43mBxWAwcYb_XWT5E6PjPeoSrQg&prev_fmts=0x0%2C375x280%2C375x280%2C340x280%2C375x280&nras=1&correlator=901371079050&frm=20&pv=1&ga_vid=53191884.1611949335&ga_sid=1611949335&ga_hid=1114644162&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=3031&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068769%2C21068893%2C21068945&oid=3&pvsid=601515392857483&pem=290&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=5&fsb=1&xpc=gsQtY5LA7E&p=https%3A//norsecorp.com&dtd=44

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7681034087578164&output=html&h=100&adk=1504134120&adf=296286514&pi=t.aa~a.2841125912~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1611922826&rafmt=1&to=qs&pwprc=1947573281&psa=0&format=375x100&url=https%3A%2F%2Fnorsecorp.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611949334911&bpp=2&bdt=1145&idt=2&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee9269f951fafc83-228bb6eab8b900d0%3AT%3D1611949334%3ART%3D1611949334%3AS%3DALNI_Mb43mBxWAwcYb_XWT5E6PjPeoSrQg&prev_fmts=0x0%2C375x280%2C375x280%2C340x280%2C375x280&nras=1&correlator=901371079050&frm=20&pv=1&ga_vid=53191884.1611949335&ga_sid=1611949335&ga_hid=1114644162&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=3031&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068769%2C21068893%2C21068945&oid=3&pvsid=601515392857483&pem=290&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=5&fsb=1&xpc=gsQtY5LA7E&p=https%3A//norsecorp.com&dtd=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://norsecorp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://norsecorp.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 29 Jan 2021 19:42:15 GMT
server: cafe
content-length: 27379
x-xss-protection: 0
set-cookie: IDE=AHWqTUm6FWLtyat_xJ80dOZnM_ULiWe2JYiPFFpdvHI7S-qNaaxx_s5MEStzj3mg; expires=Wed, 23-Feb-2022 19:42:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 29 Jan 2021 19:42:15 GMT
cache-control: private

GET
H3-Q050 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/ Frame CD77 0
0 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/zrt_lookup.html?fsb=1

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210127/r20190131/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://norsecorp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://norsecorp.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 29 Jan 2021 11:39:30 GMT
expires: Fri, 12 Feb 2021 11:39:30 GMT
content-type: text/html; charset=UTF-8
etag: 6748560809430760793
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4784
x-xss-protection: 0
age: 28965
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bike-585x390.jpg
norsecorp.com/wp-content/uploads/2020/01/ 54 KB
55 KB 15ms
14ms Image
image/jpeg 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://norsecorp.com/wp-content/uploads/2020/01/bike-585x390.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4c1b5bfe304e533dde9e41c9fced374a72ae25df8cbd7c8f2364a852d297f7ae

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:16 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 101112
x-powered-by: PleskLin
content-length: 55712
cf-request-id: 07f14400050000c28654325000000001
last-modified: Fri, 31 Jan 2020 13:45:08 GMT
server: cloudflare
etag: "5e342f64-d9a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V6PF3M3zKbxgoJTbowKX8B%2FWirvjUU%2Bv%2F2w9n%2Fzn7cdJuSXKwx5tzYBLLxVVuEI3ty0d6cIvWKfDgYG6V68pqUo2WVW6HCzHV%2FcFnhN7P1mthxHRH8qIUlVh"}]}
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 61956f79aed3c286-FRA
expires: max-age=A10368000, public

GET
H2 200 women-on-laptop-585x390.jpg
norsecorp.com/wp-content/uploads/2020/01/ 45 KB
45 KB 16ms
16ms Image
image/jpeg 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://norsecorp.com/wp-content/uploads/2020/01/women-on-laptop-585x390.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 24b5249794a492eca00b5f12fab6998b954a0fdcb232417a7fa5c783ec7a0e90

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:16 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 101865
x-powered-by: PleskLin
content-length: 46164
cf-request-id: 07f14400060000c2864e344000000001
last-modified: Fri, 31 Jan 2020 11:11:02 GMT
server: cloudflare
etag: "5e340b46-b454"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IhlY2csfTAwJJjreZJ2oET%2FwWIPz6uhaLCmsq6ml7wrBlC2P8o0oYXrarzHCYYQ%2F1ccGXNrO7hgBSbBZNWNf89I9EaIXUXS7KByDDm%2BtYaq85xQXReXMKEEL"}]}
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 61956f79aed4c286-FRA
expires: max-age=A10368000, public

GET
H2 200 stands-585x390.jpg
norsecorp.com/wp-content/uploads/2019/05/ 23 KB
23 KB 18ms
17ms Image
image/jpeg 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://norsecorp.com/wp-content/uploads/2019/05/stands-585x390.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: daaef3234a1e287bde657c187007657f4fec78c3977d49887252a9c8309114a1

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:16 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 101865
x-powered-by: PleskLin
content-length: 23366
cf-request-id: 07f14400060000c28679813000000001
last-modified: Fri, 31 May 2019 08:26:30 GMT
server: cloudflare
etag: "5cf0e536-5b46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p0R2%2FDDZmeSlzwITOjUxCmHdYvGEnKXW%2BSchDgbuzeidYnwLjRgigHPlwayLWNz4XxWqVGZ6b3ki6%2FATmnSDvWyRmpx9VqW6OU3VVrBe4ynjrtqSQR7qm%2FQw"}]}
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 61956f79aed5c286-FRA
expires: max-age=A10368000, public

GET
H2 200 the-preston-laptop-bag-1-585x390.jpg
norsecorp.com/wp-content/uploads/2019/05/ 46 KB
46 KB 20ms
19ms Image
image/jpeg 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://norsecorp.com/wp-content/uploads/2019/05/the-preston-laptop-bag-1-585x390.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a0706d023c0e9d3864b087322730eb66a674cd51e90a731a538c0c73b93e3db8

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:16 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 55543
x-powered-by: PleskLin
content-length: 46683
cf-request-id: 07f14400060000c286cb9e9000000001
last-modified: Fri, 31 May 2019 08:00:44 GMT
server: cloudflare
etag: "5cf0df2c-b65b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cltHk9Ir0Lr2sWLM%2BvyrVzDRd6ASoKHw3R8ndirSsxdGBh1zzcMWwEZNIRIUDeKwOVzzJm41YMKXfL31ngT0AXKScBYiaeTDMEVzZfEyUiHTIoAKnEV%2BIIXS"}]}
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 61956f79aed6c286-FRA
expires: max-age=A10368000, public

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 33ms
32ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210127&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4323f04a5a8c838851c833641c5e44763b886c825760fcf4b7f95bc0d5424ceb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Jan 2021 19:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6726
x-xss-protection: 0

GET
H2 200 corp.png
norsecorp.com/wp-content/uploads/2019/05/ 31 KB
32 KB 16ms
16ms Image
image/png 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://norsecorp.com/wp-content/uploads/2019/05/corp.png
Requested by: Host: norsecorp.com
URL: https://norsecorp.com/wp-content/cache/wpfc-minified/fs9qtpgi/ikud.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0cf9e58c49d76b610a84582e4543793bbcf1e540f05d7da0a4c2423204826429

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:16 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1967248
x-powered-by: PleskLin
content-length: 32132
cf-request-id: 07f14400080000c286f5a14000000001
last-modified: Sun, 15 Dec 2019 23:22:43 GMT
server: cloudflare
etag: "5df6c043-7d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WLAf2zh1OjT4ETo9pdh4rUsM21dVQoPoEx9MZw7KGq2YCVFd7NW0787r1bCPV%2F0x%2B31mBKdGqy9ecGhEhYXYowr4eBhTzjxNYJF0yoS43bcPWwcpZaYAhx9w"}]}
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 61956f79aed9c286-FRA
expires: max-age=A10368000, public

GET
H2 200 bike-585x390.jpg
norsecorp.com/wp-content/uploads/2020/01/ 54 KB
55 KB 20ms
18ms Image
image/jpeg 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://norsecorp.com/wp-content/uploads/2020/01/bike-585x390.jpg
Requested by: Host: norsecorp.com
URL: https://norsecorp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4c1b5bfe304e533dde9e41c9fced374a72ae25df8cbd7c8f2364a852d297f7ae

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:16 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 101112
x-powered-by: PleskLin
content-length: 55712
cf-request-id: 07f14400180000c28679814000000001
last-modified: Fri, 31 Jan 2020 13:45:08 GMT
server: cloudflare
etag: "5e342f64-d9a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KKpcIZOUl2XYyiuIsETTX%2FCfNgBNkng72Y0jXf8%2B5PhO%2Ft1PCUbJ0lMNgJBDOZgM%2F24JHO%2BfpThnXbemL32u19TH4%2BZ%2FfmaHnySPduKqnsBPMfTS3JTloHu%2F"}]}
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 61956f79bf00c286-FRA
expires: max-age=A10368000, public

GET
H2 200 stands-585x390.jpg
norsecorp.com/wp-content/uploads/2019/05/ 23 KB
23 KB 13ms
13ms Image
image/jpeg 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://norsecorp.com/wp-content/uploads/2019/05/stands-585x390.jpg
Requested by: Host: norsecorp.com
URL: https://norsecorp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: daaef3234a1e287bde657c187007657f4fec78c3977d49887252a9c8309114a1

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:16 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 101865
x-powered-by: PleskLin
content-length: 23366
cf-request-id: 07f144001a0000c2863ca96000000001
last-modified: Fri, 31 May 2019 08:26:30 GMT
server: cloudflare
etag: "5cf0e536-5b46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2flgFZYlml5UlKHIV5h0lo%2FG5T2qzan6qGZXGNfQ8Isacqq8TPMNa8v81aOiQ4FD%2B0vzyavy93r0La7qbut69Tj%2B7Vbhvws%2FizgRZxe%2FGmOAvu5GJXN2Gur5"}]}
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 61956f79cf09c286-FRA
expires: max-age=A10368000, public

GET
H2 200 women-on-laptop-585x390.jpg
norsecorp.com/wp-content/uploads/2020/01/ 45 KB
46 KB 14ms
13ms Image
image/jpeg 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://norsecorp.com/wp-content/uploads/2020/01/women-on-laptop-585x390.jpg
Requested by: Host: norsecorp.com
URL: https://norsecorp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 24b5249794a492eca00b5f12fab6998b954a0fdcb232417a7fa5c783ec7a0e90

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:16 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 101865
x-powered-by: PleskLin
content-length: 46164
cf-request-id: 07f144001b0000c2868b2f3000000001
last-modified: Fri, 31 Jan 2020 11:11:02 GMT
server: cloudflare
etag: "5e340b46-b454"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QBFP96jGttQNBUFCj1Mszxpz8J2NeGUFnOmSAXrnV6%2F0ccIZxEHrjvk%2F8rEO10GygJsTVvmsHhQQm8GurDusJdSljxKW%2BUdf8mRx7p7%2B7xMOGzx154FbrnQf"}]}
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 61956f79cf0bc286-FRA
expires: max-age=A10368000, public

GET
H2 200 the-preston-laptop-bag-1-585x390.jpg
norsecorp.com/wp-content/uploads/2019/05/ 46 KB
46 KB 13ms
13ms Image
image/jpeg 2606:4700:3031::ac43:a8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://norsecorp.com/wp-content/uploads/2019/05/the-preston-laptop-bag-1-585x390.jpg
Requested by: Host: norsecorp.com
URL: https://norsecorp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a0706d023c0e9d3864b087322730eb66a674cd51e90a731a538c0c73b93e3db8

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:16 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 55543
x-powered-by: PleskLin
content-length: 46683
cf-request-id: 07f144001d0000c286a107a000000001
last-modified: Fri, 31 May 2019 08:00:44 GMT
server: cloudflare
etag: "5cf0df2c-b65b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MGi1Sh%2FCocck5fYu5tK7ZyoDxKcTS4jQ5j3Iq2LqyyYy5CCBwUDfbe%2FW4w4jgyZgtmEAMP4TAhSuPBkHXXdexz4wGcpfoMo5gVjD3sUPgT7ZasCaBUIMbSmV"}]}
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 61956f79cf10c286-FRA
expires: max-age=A10368000, public

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 29 Jan 2021 19:42:16 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 3A72 0
0 8ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://norsecorp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://norsecorp.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 29 Jan 2021 15:33:46 GMT
expires: Sat, 29 Jan 2022 15:33:46 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14910
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
96 B 41ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210127&jk=601515392857483&bg=!ICOlI2DNAAXyQKAs8jsAKQB2-DxaqPBFmokcB5dwkKDavdRmI6DEXyXKOBMMCKXxb1WB37hHVNYBAgAAAOJSAAAAHmgBBwoAoJF9ZvkkX5FxqtfxnGoegymSBRjZY78G3ZKe4dQi9qvjhvPStCrm9Sc515tnMAtKOAwmL0zxgsp_dWwe81ICzHXtOxNKpZ0myHeLvIllmsR4yhvntWsPlAhrXl6gl25LxFOXKZuOOOKSbV4n_qBJPV_1OjMzs6L9LXMsmQagrE75O4VsuLO7-qJRRyxOFwci7AkBBfIVTxL9u9EOJWKV6uqZAdTbz0Q4PhbxP3rDq3wPYKpVEqK_pyPqKyVkY_AG_1-8eKGopgM1rvAoTxnlEO_IWBTqVRaoFRhOvFQ_xUKAkoyJ0Ofsbof6mOeRFud-hYvE6wRVnl5yQKMWbe0ZRNnTJ2DwjYJJq_KBFWixIxk5_vJ2CSRas014qyig6HbAusuAW2GoV6SFO7XQ_L0bt_OmbunvWlXwi87_Gn87x0R2ECCOv7xkkSepo0AXz5uyGs3n63TkeC8hTZvvfIQ3Gjxge2-rAETcLWyS4ow2hVAes2zEmc8fCpX1N6_2MlQO0mep1Oo7Mk0Cn3XB5ZnFAdj-zBbcMmx9j76YViOuM_gaDk_A13Dg9LkgEF6RF7nZl3ec1hF8sCd5HxV-9bKIR90BF-7jCVmhWjzXpvydNF9oii99NFN2QFCHx7fxX3hWrD9pTORoUXIvEoRqW26qzJudQLuOicXIDrVJroXW89249MPhYTrn93y8QUllM163U6bkgWAio1AHL7E7IvqJMc3BVGmqzKOThUuCp6mne3W-JhXqQQ9L0jBTmvT_8afTwZjZ6Qb9EqtU4btkPKI-1gaGugV8uO3sPtKi-hHEPyR0KzRlP34KMWbOMfAylfC3u34yWV-JXxM

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://norsecorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jan 2021 19:42:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 15:45:52	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 01:07:25	Name: IDE Value: AHWqTUm6FWLtyat_xJ80dOZnM_ULiWe2JYiPFFpdvHI7S-qNaaxx_s5MEStzj3mg
.norsecorp.com/	1970-01-20 01:07:25	Name: __gads Value: ID=ee9269f951fafc83-228bb6eab8b900d0:T=1611949334:RT=1611949334:S=ALNI_Mb43mBxWAwcYb_XWT5E6PjPeoSrQg
.norsecorp.com/	1970-01-19 16:29:01	Name: __cfduid Value: d9d18e7f93ceb14e2f78ceca3fa8dce561611949333

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://norsecorp.com/wp-content/cache/wpfc-minified/fs9qtpgi/ikud.js(Line 7) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.taboola.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
map.norsecorp.com
norsecorp.com
pagead2.googlesyndication.com
partner.googleadservices.com
sb.scorecardresearch.com
tpc.googlesyndication.com
www.googletagservices.com
142.250.185.194
151.101.13.44
2.19.34.195
2606:4700:3031::ac43:a8b9
2a00:1450:4001:803::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:813::2002
2a00:1450:4001:817::2003
012f916c0da7df9f2f60c07ecac0fb5112fca218ae271b22f976aeb4ae811d02
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0cf9e58c49d76b610a84582e4543793bbcf1e540f05d7da0a4c2423204826429
1fea41d6db0590dad2bc80dd961282879a0830b3af9d654b5e0aef2c1ffeb541
21a1ae8207ef29f2d3af3fbf96468cfe06dc48c3e03966f579e785b9490b179e
24028bad6cedb0ed34f1db3d070548f6b0130759e67e93ea02cac1b7d629745d
24b5249794a492eca00b5f12fab6998b954a0fdcb232417a7fa5c783ec7a0e90
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
4323f04a5a8c838851c833641c5e44763b886c825760fcf4b7f95bc0d5424ceb
4c1b5bfe304e533dde9e41c9fced374a72ae25df8cbd7c8f2364a852d297f7ae
504404c931f3dd4f46dccadad792be16e0ec62b6c1af29e5e54a5086e2857036
5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2
5b444403a3fac8a93bdf78f7aefdc9e8bc79fb14901b8c9a6d51c032841c9840
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7cb35a334053128d7722a916265248416835d0dd0b21aee3f3e20ba916a19992
94d93f654e3bfba06a4fa5e533abf1f37cf326b6a935705ba3ef895eec2ce5ef
95a52b774426a28046f8c20265051da6d8267ffb47eaaf34ad40e48344a13ed0
a0706d023c0e9d3864b087322730eb66a674cd51e90a731a538c0c73b93e3db8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a75a7bf10f415b7c91f0b959177f3f1779e78cbf735601e41fb982c2b1cf4be2
b610af5760be130959cb2fa1bb3210c35ea7fc93cc2fd09ebeadcdd130f2f192
bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755
bd374a674ce41da6211c3e39344a5faf6eda6152d5d3a683c7c202c542452bbc
c3489de75b5f0c4c280294907911596850c49d58e2d07cf8972dff5249a2f300
c36a34cc0d1fba1f6684e46a84e23f1b3138df20e59d8f99679cd40588ed14e2
c3cea3e217543f18e52266d74a9cb0fc874e251a07bf42e79da1118058c5da4b
c70cfb5e109c5e471b731517dff32174aacf8603a048f2b3a197ac06122238aa
cc80da78178921df9cdd68a7655c798beaa9563ff6a8d91a0beb1b35629e4865
d3b9ac60281114eb252c949187818336066886576d5fc78f31cc8c4c2d94531f
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
daaef3234a1e287bde657c187007657f4fec78c3977d49887252a9c8309114a1
dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc6179b45b754a04795ab061e15795e529d2cf6ab7c8875be016442193a06094

norsecorp.com Open in urlscan Pro 2606:4700:3031::ac43:a8b9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

100 %HTTPS

63 %IPv6

11 Domains

13 Subdomains

8 IPs

3 Countries

1162 kBTransfer

3201 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

norsecorp.com Open in urlscan Pro
2606:4700:3031::ac43:a8b9 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

100 %
HTTPS

63 %
IPv6

11
Domains

13
Subdomains

8
IPs

3
Countries

1162 kB
Transfer

3201 kB
Size

4
Cookies

52 HTTP transactions
0 data transactions