norvegus.ru Open in urlscan Pro
2a0c:680:0:9838::1 Public Scan

URL:
http://norvegus.ru/
Submission: On April 28 via manual (April 28th 2021, 3:53:43 pm UTC) from GB

Summary HTTP 148 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 29 domains to perform 148 HTTP transactions. The main IP is 2a0c:680:0:9838::1, located in Ukraine and belongs to THEFIRST-AS, RU. The main domain is norvegus.ru.

This is the only time norvegus.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	2a0c:680:0:98... 2a0c:680:0:9838::1	29182 (THEFIRST-AS) (THEFIRST-AS)
1	23.105.252.234 23.105.252.234	7979 (SERVERS-COM) (SERVERS-COM)
11	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	52.216.139.101 52.216.139.101	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1 2	95.213.162.139 95.213.162.139	49505 (SELECTEL) (SELECTEL)
1 3	81.19.89.18 81.19.89.18	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
3 5	212.109.216.124 212.109.216.124	29182 (THEFIRST-AS) (THEFIRST-AS)
5	139.162.151.130 139.162.151.130	63949 (LINODE-AP...) (LINODE-AP Linode)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	85.14.248.72 85.14.248.72	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2 3	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
5 6	89.208.236.251 89.208.236.251	12695 (DINET-AS) (DINET-AS)
2 2	185.15.175.131 185.15.175.131	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2 2	95.216.101.186 95.216.101.186	24940 (HETZNER-AS) (HETZNER-AS)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
2 3	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
3	138.201.187.103 138.201.187.103	24940 (HETZNER-AS) (HETZNER-AS)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
3	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
148	33

45 2a0c:680:0:9838::1 (Ukraine)

ASN29182 (THEFIRST-AS, RU)

norvegus.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.252.234 (Russian Federation)

ASN7979 (SERVERS-COM, US)

nano.aviasales.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.139.101 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.213.162.139 (Russian Federation) 1 redirects

ASN49505 (SELECTEL, RU)

www.calend.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 81.19.89.18 (Moscow, Russian Federation) 1 redirects

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

counter.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 212.109.216.124 (Russian Federation) 3 redirects

ASN29182 (THEFIRST-AS, RU)
PTR: intergid.ru

www.intergid.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.162.151.130 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)

reformal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.reformal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.14.248.72 (Krefeld, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.69.133.145 (Russian Federation) 2 redirects

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

d0.cc.bf.a1.top.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 89.208.236.251 (Reutov, Russian Federation) 5 redirects

ASN12695 (DINET-AS, RU)

hit39.hotlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.131 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.216.101.186 (Helsinki, Finland) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.186.101.216.95.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.216 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.187.103 (Germany)

ASN24940 (HETZNER-AS, DE)

openstat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	norvegus.ru norvegus.ru	2 MB
26	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	244 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	161 KB
11	doubleclick.net googleads.g.doubleclick.net	72 KB
9	googleapis.com fonts.googleapis.com translate.googleapis.com	102 KB
6	hotlog.ru 5 redirects hit39.hotlog.ru	2 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
5	reformal.ru reformal.ru log.reformal.ru	8 KB
5	intergid.ru 3 redirects www.intergid.ru	1 KB
5	google.com 1 redirects translate.google.com adservice.google.com www.google.com	3 KB
4	bigmir.net c.bigmir.net i.bigmir.net	2 KB
4	google-analytics.com www.google-analytics.com	36 KB
4	googletagservices.com www.googletagservices.com	133 KB
3	openstat.net openstat.net	10 KB
3	yadro.ru 2 redirects counter.yadro.ru	2 KB
3	mail.ru 2 redirects d0.cc.bf.a1.top.mail.ru top-fwz1.mail.ru	4 KB
3	rambler.ru 1 redirects counter.rambler.ru kraken.rambler.ru	75 KB
2	yandex.ru 1 redirects mc.yandex.ru	44 KB
2	1dmp.io 2 redirects sync.1dmp.io	935 B
2	digitaltarget.ru 2 redirects dmg.digitaltarget.ru	1 KB
2	exactag.com m.exactag.com	2 KB
2	google.de adservice.google.de	330 B
2	calend.ru 1 redirects www.calend.ru	5 KB
1	googleadservices.com partner.googleadservices.com	640 B
1	amazonaws.com s3.amazonaws.com
1	aviasales.ru nano.aviasales.ru
0	ws.md Failed b31x31c.ws.md Failed
0	weatherandtime.net Failed weatherandtime.net Failed
0	piclens.com Failed lite.piclens.com Failed
148	29

	Domain	Requested by
45	norvegus.ru	norvegus.ru
17	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	norvegus.ru pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
6	hit39.hotlog.ru	5 redirects norvegus.ru
6	translate.googleapis.com	translate.google.com translate.googleapis.com srcdoc norvegus.ru
6	fonts.gstatic.com	fonts.googleapis.com
5	mc.yandex.com	2 redirects norvegus.ru
5	www.gstatic.com	googleads.g.doubleclick.net translate.googleapis.com norvegus.ru
5	www.intergid.ru	3 redirects norvegus.ru
4	www.google-analytics.com	norvegus.ru www.google-analytics.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	reformal.ru	norvegus.ru
3	i.bigmir.net	norvegus.ru
3	openstat.net	norvegus.ru
3	counter.yadro.ru	2 redirects norvegus.ru
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	mc.yandex.ru	1 redirects norvegus.ru
2	sync.1dmp.io	2 redirects
2	dmg.digitaltarget.ru	2 redirects
2	top-fwz1.mail.ru	1 redirects norvegus.ru
2	www.google.com	1 redirects norvegus.ru
2	m.exactag.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	counter.rambler.ru	1 redirects norvegus.ru
2	www.calend.ru	1 redirects norvegus.ru
1	log.reformal.ru	norvegus.ru
1	c.bigmir.net	norvegus.ru
1	kraken.rambler.ru	norvegus.ru
1	d0.cc.bf.a1.top.mail.ru	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	translate.google.com	norvegus.ru
1	s3.amazonaws.com	norvegus.ru
1	nano.aviasales.ru	norvegus.ru
0	b31x31c.ws.md Failed	norvegus.ru
0	weatherandtime.net Failed	norvegus.ru
0	lite.piclens.com Failed	norvegus.ru
148	38

This site contains links to these domains. Also see Links.

Domain
welco.pw
weatherandtime.net
www.calend.ru
top.mail.ru
top100.rambler.ru
click.hotlog.ru
www.bigmir.net
www.liveinternet.ru
ws.md
rating.openstat.ru
www.intergid.ru
reformal.ru

Subject Issuer	Validity	Valid
calend.ru R3	`2021-03-11` - `2021-06-09`	3 months	crt.sh
*.rambler.ru RapidSSL RSA CA 2018	`2019-04-15` - `2021-06-13`	2 years	crt.sh
www.intergid.ru Sectigo RSA Domain Validation Secure Server CA	`2021-01-26` - `2022-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2019-08-28` - `2021-09-13`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.hotlog.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-09-24` - `2021-10-25`	a year	crt.sh
counter.yadro.ru R3	`2021-03-22` - `2021-06-20`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh

This page contains 13 frames:

Primary Page: http://norvegus.ru/
Frame ID: 307B28DF91F4A2427FC75CB285701EFE
Requests: 98 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210426/r20190131/zrt_lookup.html
Frame ID: D9CD6AA1240B78C3E0523AAC8B275FF9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3790188951452722&output=html&h=90&slotname=2209446860&adk=2257577908&adf=1788969431&pi=t.ma~as.2209446860&w=728&lmt=1619625193&psa=0&format=728x90&url=http%3A%2F%2Fnorvegus.ru%2F&flash=0&wgl=1&dt=1619625193193&bpp=26&bdt=468&idt=77&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1194733360476&frm=20&pv=2&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=1502&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1995537329768029&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=7x4uFqLKYN&p=http%3A//norvegus.ru&dtd=94
Frame ID: 532AE59573F158BE08F3CAB61788E84C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3790188951452722&output=html&h=90&slotname=5662440862&adk=2470702163&adf=1800634481&pi=t.ma~as.5662440862&w=728&lmt=1619625193&psa=0&format=728x90&url=http%3A%2F%2Fnorvegus.ru%2F&flash=0&wgl=1&dt=1619625193219&bpp=3&bdt=494&idt=76&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=1194733360476&frm=20&pv=1&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=4453&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1995537329768029&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=iD661R00aX&p=http%3A//norvegus.ru&dtd=79
Frame ID: A5994E8B75FB18D02F68F4100D7EC477
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3790188951452722&output=html&h=600&slotname=6669999269&adk=3377193940&adf=2660268872&pi=t.ma~as.6669999269&w=208&fwrn=4&fwrnh=100&lmt=1619625193&rafmt=1&psa=0&format=208x600&url=http%3A%2F%2Fnorvegus.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1619625193223&bpp=2&bdt=497&idt=80&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=1194733360476&frm=20&pv=1&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1068&ady=573&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1995537329768029&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=8NyZMHZkyx&p=http%3A//norvegus.ru&dtd=83
Frame ID: E3C7053A9672CBC232675222C2E5172F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3790188951452722&output=html&h=600&slotname=8469633264&adk=2261697747&adf=1032041062&pi=t.ma~as.8469633264&w=208&fwrn=4&fwrnh=100&lmt=1619625193&rafmt=1&psa=0&format=208x600&url=http%3A%2F%2Fnorvegus.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1619625193226&bpp=1&bdt=501&idt=84&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C208x600&correlator=1194733360476&frm=20&pv=1&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1068&ady=1194&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1995537329768029&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WuMf3siRvO&p=http%3A//norvegus.ru&dtd=87
Frame ID: 73E0AFF4399F0FF59BC93DDAA3F53482
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js
Frame ID: 15AEAD98F3D12C190EFD562184D5DDBD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 77B50E43FE18A983E86D9F08BB9AD723
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js
Frame ID: A21C58607EFD21A14A99EBAD0BDD1F6B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3790188951452722&output=html&adk=84980950&adf=198458457&lmt=1619625204&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fnorvegus.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1619625204985&bpp=2&bdt=12260&idt=3&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C208x600%2C208x600&nras=1&correlator=1194733360476&frm=20&pv=1&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H_52xwqca7jus6zXoPWptn1I2vKs4gcL00ZY6w45KOihaN-9B9Pk2X71W4JIqqOn5vgkNs1vV40G6MQ7A%2CAGkb-H_fGpZs2F7C8xWc92guM7HVzF6RwehIC4Ay4fzgKkdc_GWucm520qYYaTkBNRhnPy5f_-2f3shQ8IBhew%2CAGkb-H9m3mcmG2wLjy5m1Vy2yQd5yurrSKPLkvRbElvx87BNi9UMQw41IqDyZLsRryOM7S_vF35XiblIocRlRw&pvsid=1995537329768029&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&dtd=12
Frame ID: 4D7A60EFB10D055F6DB86C36E1DB2373
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: C53606859FDD5D44686F762BF5FA1329
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 65C1AF58615EC5A759DE9F35BE90CC9B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 8D076FAC8EB53CFF520B237ECA8D4978
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

148
Requests

56 %
HTTPS

53 %
IPv6

29
Domains

38
Subdomains

33
IPs

5
Countries

3117 kB
Transfer

4434 kB
Size

8
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://welco.pw/tracking202/redirect/rtr.php?t202id=8152&t202kw=

Search URL Search Domain Scan URL

URL: http://weatherandtime.net/ru/Europe/Norway/Oslo-time.html
Title: Текущее время:

Search URL Search Domain Scan URL

URL: http://www.calend.ru/holidays/norway/

Search URL Search Domain Scan URL

URL: http://top.mail.ru/jump?from=2080859

Search URL Search Domain Scan URL

URL: https://top100.rambler.ru/home?id=2527607

Search URL Search Domain Scan URL

URL: http://click.hotlog.ru/?2169947

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/
Title: bigmir)net

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: http://ws.md/in/405/

Search URL Search Domain Scan URL

URL: http://rating.openstat.ru/?cid=2199860

Search URL Search Domain Scan URL

URL: http://www.intergid.ru/

Search URL Search Domain Scan URL

URL: http://reformal.ru/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

http://www.calend.ru/img/export/informer_39.png HTTP 301
https://www.calend.ru/img/export/informer_39.png

Request Chain 41

http://counter.rambler.ru/top100.jcn?2527607 HTTP 307
https://counter.rambler.ru/top100.jcn?2527607

Request Chain 43

http://www.intergid.ru/buttons/counter.gif HTTP 301
https://www.intergid.ru/buttons/counter.gif

Request Chain 106

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 111

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 112

http://d0.cc.bf.a1.top.mail.ru/counter?id=2080859;t=231;js=13;r=;j=false;s=1600*1200;d=24;rand=0.31831038767529485 HTTP 302
https://top-fwz1.mail.ru/counter?id=2080859;t=231;js=13;r=;j=false;s=1600*1200;d=24;rand=0.31831038767529485 HTTP 302
https://top-fwz1.mail.ru/counter2?id=2080859;t=231;js=13;r=;j=false;s=1600*1200;d=24;rand=0.31831038767529485

Request Chain 114

http://hit39.hotlog.ru/cgi-bin/hotlog/count?0.9850708903574896&s=2169947&im=453&r=&pg=http%3A//norvegus.ru/&j=N&wh=1600x1200&px=24&js=1.3 HTTP 302
http://hit39.hotlog.ru/cgi-bin/hotlog/count?0.9850708903574896&s=2169947&im=453&r=&pg=http%3A//norvegus.ru/&j=N&wh=1600x1200&px=24&js=1.3&hl_ignore=Y HTTP 302
https://dmg.digitaltarget.ru/1/19/i/i?a=19&e=51ee8c7df23ff380d49ef77dfe8199c&i=618135007&r=https://hit39.hotlog.ru/cgi-bin/hotlog/count?s%3D2169947%26im%3D453%26hl_hitback%3DY HTTP 307
https://dmg.digitaltarget.ru/awg/custom/19/i/i?call_source=awg&a=19&e=51ee8c7df23ff380d49ef77dfe8199c&i=618135007&r=https://hit39.hotlog.ru/cgi-bin/hotlog/count?s%3D2169947%26im%3D453%26hl_hitback%3DY HTTP 307
https://hit39.hotlog.ru/cgi-bin/hotlog/count?s=2169947&im=453&hl_hitback=Y HTTP 302
https://hit39.hotlog.ru/cgi-bin/hotlog/count?s=2169947&im=453&hl_hitback=Y&hl_ignore=Y HTTP 302
https://sync.1dmp.io/pixel.gif?cid=3dc39d61-7763-4229-855c-5bb89c069683&pid=w&uid=51ee8c7df23ff380d49ef77dfe8199c&ru=https://hit39.hotlog.ru/cgi-bin/hotlog/count?s%3D2169947%26im%3D453%26hl_hitback%3D2 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=3dc39d61-7763-4229-855c-5bb89c069683&pid=w&uid=51ee8c7df23ff380d49ef77dfe8199c&ru=https://hit39.hotlog.ru/cgi-bin/hotlog/count?s%3D2169947%26im%3D453%26hl_hitback%3D2&cs=1 HTTP 302
https://hit39.hotlog.ru/cgi-bin/hotlog/count?s=2169947&im=453&hl_hitback=2 HTTP 302
https://hit39.hotlog.ru/cgi-bin/hotlog/count?s=2169947&im=453&hl_hitback=2&hl_ignore=Y

Request Chain 116

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=736543106&utmhn=norvegus.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%B0%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%83%D1%8E&utmhid=299863043&utmr=-&utmp=%2F&utmht=1619625204859&utmac=UA-2387902-27&utmcc=__utma%3D165377952.1505289123.1619625193.1619625193.1619625193.1%3B%2B__utmz%3D165377952.1619625205.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1426769425&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=736543106&utmhn=norvegus.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%B0%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%83%D1%8E&utmhid=299863043&utmr=-&utmp=%2F&utmht=1619625204859&utmac=UA-2387902-27&utmcc=__utma%3D165377952.1505289123.1619625193.1619625193.1619625193.1%3B%2B__utmz%3D165377952.1619625205.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1426769425&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~

Request Chain 118

http://counter.yadro.ru/hit?t14.3;r;s1600*1200*24;uhttp%3A//norvegus.ru/;0.7525084591151259 HTTP 302
https://counter.yadro.ru/hit?t14.3;r;s1600*1200*24;uhttp%3A//norvegus.ru/;0.7525084591151259 HTTP 302
https://counter.yadro.ru/hit?q;t14.3;r;s1600*1200*24;uhttp%3A//norvegus.ru/;0.7525084591151259

Request Chain 120

http://www.intergid.ru/cnt?cid=75413&rnd=0.9766521740891945&referrer=&page=http%3A//norvegus.ru/&c=1&frames=0&j=0&wh=1600x1200&px=24&js=1.3 HTTP 301
https://www.intergid.ru/cnt?cid=75413&rnd=0.9766521740891945&referrer=&page=http%3A//norvegus.ru/&c=1&frames=0&j=0&wh=1600x1200&px=24&js=1.3 HTTP 301
http://www.intergid.ru/cnt/?cid=75413&rnd=0.9766521740891945&referrer=&page=http%3A//norvegus.ru/&c=1&frames=0&j=0&wh=1600x1200&px=24&js=1.3 HTTP 307
https://www.intergid.ru/cnt/?cid=75413&rnd=0.9766521740891945&referrer=&page=http%3A//norvegus.ru/&c=1&frames=0&j=0&wh=1600x1200&px=24&js=1.3

Request Chain 137

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9257.e-nUPwYJ6ROf65p3sdOIhSEmcve2m7o7vrcb7vgTjsjQ7k2ZuAuufBP1GoZjTqbq.8LVac33v0sOqq0z4zlXlptX3TRk%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9257._s06t-hu_e5y5cvII4JADiwCztvtDB-PI8Qlq88LFWsoc_fTzvnq7tg0XouyEma9F6yZNUyc9TS8gwkI4peWew%2C%2C.T0gcbakixWxyT-wMwViOsYLxrqU%2C

Request Chain 144

https://mc.yandex.com/watch/36945200?wmode=7&page-url=http%3A%2F%2Fnorvegus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A717%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A503%3Acn%3A1%3Adp%3A0%3Als%3A1497886297181%3Ahid%3A221531087%3Az%3A120%3Ai%3A20210428175325%3Aet%3A1619625205%3Ac%3A1%3Arn%3A340414533%3Au%3A1619625205179747752%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1619625192460%3Ads%3A0%2C42%2C221%2C42%2C0%2C0%2C%2C12259%2C16%2C%2C%2C%2C12525%3Adsn%3A1%2C42%2C220%2C42%2C0%2C0%2C%2C12219%2C16%2C%2C%2C%2C12525%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1619625205%3At%3A%D0%9D%D0%B0%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%83%D1%8E HTTP 302
https://mc.yandex.com/watch/36945200/1?wmode=7&page-url=http%3A%2F%2Fnorvegus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A717%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A503%3Acn%3A1%3Adp%3A0%3Als%3A1497886297181%3Ahid%3A221531087%3Az%3A120%3Ai%3A20210428175325%3Aet%3A1619625205%3Ac%3A1%3Arn%3A340414533%3Au%3A1619625205179747752%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1619625192460%3Ads%3A0%2C42%2C221%2C42%2C0%2C0%2C%2C12259%2C16%2C%2C%2C%2C12525%3Adsn%3A1%2C42%2C220%2C42%2C0%2C0%2C%2C12219%2C16%2C%2C%2C%2C12525%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1619625205%3At%3A%D0%9D%D0%B0%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%83%D1%8E

148 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
norvegus.ru/ 70 KB
19 KB 264ms
221ms Document
text/html 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 99e3cbc3e2db4ece0e5fbf0caada6c5ae2e59903f747b697f65585ee31cc94f2

Request headers

Host: norvegus.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Wed, 28 Apr 2021 15:53:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Set-Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4; path=/
x-ray: wn15398:0.180/wa15398:D=174512
Content-Encoding: gzip

GET
H/1.1 404
Not Found init.css
nano.aviasales.ru/assets/widgets/partners/ 0
0 127ms
86ms Stylesheet
text/css 23.105.252.234
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://nano.aviasales.ru/assets/widgets/partners/init.css
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 23.105.252.234 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 15:53:12 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 12
Content-Type: text/css

GET
H/1.1 200
OK base.css
norvegus.ru/templates/jblank/css/ 5 KB
2 KB 336ms
298ms Stylesheet
text/css 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://norvegus.ru/templates/jblank/css/base.css?1458848534
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6de55ace34a7df36f031919d821b7c37dbac5770b6924d122c21256db8e379c1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Content-Encoding: gzip
Last-Modified: Thu, 24 Mar 2016 19:42:14 GMT
Server: nginx
ETag: W/"56f44316-13c9"
Transfer-Encoding: chunked
Content-Type: text/css
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive

GET
H/1.1 200
OK grid.css
norvegus.ru/templates/jblank/css/ 6 KB
2 KB 336ms
293ms Stylesheet
text/css 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://norvegus.ru/templates/jblank/css/grid.css?1458848534
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2937baab83048cff5b7465ca79e614b72578a119c64122571625f2bf40eee1ee

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Content-Encoding: gzip
Last-Modified: Thu, 24 Mar 2016 19:42:14 GMT
Server: nginx
ETag: W/"56f44316-1912"
Transfer-Encoding: chunked
Content-Type: text/css
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive

GET
H/1.1 200
OK _styles.css
norvegus.ru/templates/jblank/css/ 24 KB
6 KB 336ms
293ms Stylesheet
text/css 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://norvegus.ru/templates/jblank/css/_styles.css?1458848534
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6463a387875d5e1d6690cdec4013fb3b549b3cf76ae457bab207143843dbba5c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Content-Encoding: gzip
Last-Modified: Thu, 24 Mar 2016 19:42:14 GMT
Server: nginx
ETag: W/"56f44316-6070"
Transfer-Encoding: chunked
Content-Type: text/css
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive

GET
H/1.1 200
OK typo.css
norvegus.ru/templates/jblank/css/ 6 KB
2 KB 335ms
292ms Stylesheet
text/css 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://norvegus.ru/templates/jblank/css/typo.css?1458848534
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: fbf9f74096b5037dedf9eda78d71e05d57aaf871eccad834663aa0d900acce3c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Content-Encoding: gzip
Last-Modified: Thu, 24 Mar 2016 19:42:14 GMT
Server: nginx
ETag: W/"56f44316-173d"
Transfer-Encoding: chunked
Content-Type: text/css
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive

GET
H/1.1 200
OK jstyle.css
norvegus.ru/modules/mod_lofarticlesslideshow/assets/ 7 KB
2 KB 336ms
293ms Stylesheet
text/css 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/jstyle.css
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: d16422823d21851de3257ec598413ec59857b8959b73391d1d851df01aefc8b0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Content-Encoding: gzip
Last-Modified: Thu, 24 Mar 2016 19:41:23 GMT
Server: nginx
ETag: W/"56f442e3-1c39"
Transfer-Encoding: chunked
Content-Type: text/css
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive

GET
H/1.1 200
OK mootools-core.js Show response
norvegus.ru/media/system/js/ 94 KB
31 KB 338ms
295ms Script
application/javascript 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://norvegus.ru/media/system/js/mootools-core.js
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6be70110418f9738ca23c6d61d73ce3c0cb01087843c96de5ced119c5ab882c6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Content-Encoding: gzip
Last-Modified: Thu, 24 Mar 2016 19:39:57 GMT
Server: nginx
ETag: W/"56f4428d-1786a"
Transfer-Encoding: chunked
Content-Type: application/javascript
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive

GET
H/1.1 200
OK core.js Show response
norvegus.ru/media/system/js/ 5 KB
2 KB 380ms
42ms Script
application/javascript 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://norvegus.ru/media/system/js/core.js
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ed8f120343683850762fc8fb5e8ee8dc3586a2ad7da5c12ca31ef125628cb15b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Content-Encoding: gzip
Last-Modified: Thu, 24 Mar 2016 19:39:56 GMT
Server: nginx
ETag: W/"56f4428c-12b0"
Transfer-Encoding: chunked
Content-Type: application/javascript
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive

GET
H/1.1 200
OK caption.js Show response
norvegus.ru/media/system/js/ 729 B
996 B 380ms
42ms Script
application/javascript 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://norvegus.ru/media/system/js/caption.js
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5fe084328c9d2b7612b6e7c739946752c5326ece5a1566a41531f3efff175321

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:39:56 GMT
Server: nginx
ETag: "56f4428c-2d9"
Content-Type: application/javascript
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET piclens.js
lite.piclens.com/current/ 0
0

GET
H/1.1 200
OK jscript.js Show response
norvegus.ru/modules/mod_lofarticlesslideshow/assets/ 13 KB
4 KB 380ms
43ms Script
application/javascript 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/jscript.js
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: befa61beb93ec4ff1c7b8c6f2f464ec6acef63f8ac4b664901bfef0e347209d1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Content-Encoding: gzip
Last-Modified: Thu, 24 Mar 2016 19:41:23 GMT
Server: nginx
ETag: W/"56f442e3-3280"
Transfer-Encoding: chunked
Content-Type: application/javascript
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive

GET
H/1.1 200
OK share42.js Show response
norvegus.ru/templates/jblank/js/ 4 KB
2 KB 380ms
42ms Script
application/javascript 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://norvegus.ru/templates/jblank/js/share42.js
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 555a15deb340eba4bb734c99f86e933f608d7ebb7b556442e6f9d3ab43df6d87

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Content-Encoding: gzip
Last-Modified: Thu, 24 Mar 2016 19:42:20 GMT
Server: nginx
ETag: W/"56f4431c-10e5"
Transfer-Encoding: chunked
Content-Type: application/javascript
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive

GET
H/1.1 200
OK 650x300-park-skulptur-vigelanda-v-oslo.jpg
norvegus.ru/cache/lofthumbs/ 172 KB
172 KB 44ms
43ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/cache/lofthumbs/650x300-park-skulptur-vigelanda-v-oslo.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 42e79813103d0cb6cb5aae999bcf816d67135f70e8f37a3f33ddfa018ad5a279

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Wed, 11 May 2016 08:57:22 GMT
Server: nginx
ETag: "5732f3f2-2aed8"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 175832

GET
H/1.1 200
OK 650x300-dostoprimechatelnosti-oslo-krepost-akerskhus-5.jpg
norvegus.ru/cache/lofthumbs/ 175 KB
175 KB 43ms
42ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/cache/lofthumbs/650x300-dostoprimechatelnosti-oslo-krepost-akerskhus-5.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 338db5f08af18657fe4cc1a762d942e74860d723ae3281dda77ba59ff5bafaf7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Fri, 22 Apr 2016 10:51:55 GMT
Server: nginx
ETag: "571a024b-2bbb7"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 179127

GET
H/1.1 200
OK 650x300-vygodno-li-priobretat-nedvizhimost-v-oslo.jpg
norvegus.ru/cache/lofthumbs/ 229 KB
229 KB 44ms
42ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/cache/lofthumbs/650x300-vygodno-li-priobretat-nedvizhimost-v-oslo.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 1f256ace3b3833faf082207fce8e3ee00b97a0af8ab026ff4923c06a2a1eb74b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Fri, 15 Apr 2016 11:38:42 GMT
Server: nginx
ETag: "5710d2c2-39385"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 234373

GET
H/1.1 200
OK 650x300-oslo.jpg
norvegus.ru/cache/lofthumbs/ 218 KB
218 KB 44ms
42ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/cache/lofthumbs/650x300-oslo.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: f1a7b3753495b2d7e78e4c1da2fb3c1d1f65c371aeff5906f890fc62107e8ac9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 31 Mar 2016 13:31:31 GMT
Server: nginx
ETag: "56fd26b3-36695"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 222869

GET
H/1.1 200
OK 650x300-hafjell-norway.jpg
norvegus.ru/cache/lofthumbs/ 183 KB
183 KB 44ms
43ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/cache/lofthumbs/650x300-hafjell-norway.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4aaca63f5e3435fe5211494a7c7eacb3708ce1f68fb8a382b1690b3ac990f9c6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 31 Mar 2016 12:29:54 GMT
Server: nginx
ETag: "56fd1842-2dc29"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 187433

GET
H/1.1 200
OK 650x300-Lofoten%20islands3.jpg
norvegus.ru/cache/lofthumbs/ 149 KB
149 KB 44ms
43ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/cache/lofthumbs/650x300-Lofoten%20islands3.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: f40211594cbb0ea5d1a0928cd611059feecd816e00ce0e0012e8f79d4e424e15

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:36:06 GMT
Server: nginx
ETag: "56f441a6-25469"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 152681

GET
H/1.1 200
OK 650x300-Ribalka.jpg
norvegus.ru/cache/lofthumbs/ 128 KB
128 KB 212ms
42ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/cache/lofthumbs/650x300-Ribalka.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 35bdead3bf301c78c55f3b2c78ee4002b9f3ada88040fb4a527a8963053cc682

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:36:07 GMT
Server: nginx
ETag: "56f441a7-1ffe0"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 131040

GET
H/1.1 200
OK 650x300-botanicgarden.JPG
norvegus.ru/cache/lofthumbs/ 247 KB
248 KB 253ms
42ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/cache/lofthumbs/650x300-botanicgarden.JPG
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 04653180fc14a9d7c0fcd1c9ae5b0402b4f8052d38565a2aa9ad70ef2fbb46b0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:36:05 GMT
Server: nginx
ETag: "56f441a5-3dd4b"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 253259

GET
H/1.1 200
OK 650x300-oil.jpg
norvegus.ru/cache/lofthumbs/ 200 KB
200 KB 213ms
42ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/cache/lofthumbs/650x300-oil.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4e820f7c7a2bf3bac28df16ffe8eeb675c8a19e3e798d3dbf333b239ac412cb7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:36:06 GMT
Server: nginx
ETag: "56f441a6-31fb1"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 204721

GET
H/1.1 200
OK 650x300-norway3.jpg
norvegus.ru/cache/lofthumbs/ 101 KB
101 KB 167ms
42ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/cache/lofthumbs/650x300-norway3.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4062cdddcf37cdbfdadff32db92735892becd4591a3975082595d4c433fcdb7a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:36:06 GMT
Server: nginx
ETag: "56f441a6-193be"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103358

GET
H/1.1 200
OK 60x60-park-skulptur-vigelanda-v-oslo.jpg
norvegus.ru/cache/lofthumbs/ 5 KB
5 KB 127ms
42ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/cache/lofthumbs/60x60-park-skulptur-vigelanda-v-oslo.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6c80173dc0fb0da0c7818a024051709d053f6c261b0caded3caa9d80e75ed81c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Wed, 11 May 2016 08:57:22 GMT
Server: nginx
ETag: "5732f3f2-1405"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5125

GET
H/1.1 200
OK 60x60-dostoprimechatelnosti-oslo-krepost-akerskhus-5.jpg
norvegus.ru/cache/lofthumbs/ 5 KB
5 KB 257ms
42ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/cache/lofthumbs/60x60-dostoprimechatelnosti-oslo-krepost-akerskhus-5.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4792e08463db34e7477fdc40c276ce77487c0f1dc241c61293e4a16bd4073ac1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Fri, 22 Apr 2016 10:51:55 GMT
Server: nginx
ETag: "571a024b-1488"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5256

GET
H/1.1 200
OK 60x60-vygodno-li-priobretat-nedvizhimost-v-oslo.jpg
norvegus.ru/cache/lofthumbs/ 6 KB
6 KB 250ms
42ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/cache/lofthumbs/60x60-vygodno-li-priobretat-nedvizhimost-v-oslo.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 1e6bf8bb9809db4d24854b2b346006f79aa600f943ebf6fc336f0b9358504f79

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Fri, 15 Apr 2016 11:38:42 GMT
Server: nginx
ETag: "5710d2c2-176d"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5997

GET
H/1.1 200
OK 60x60-oslo.jpg
norvegus.ru/cache/lofthumbs/ 6 KB
6 KB 171ms
42ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/cache/lofthumbs/60x60-oslo.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 47f057685399f7e84184744130841250c124669e305ec0bc0a68819da7aee6d6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 31 Mar 2016 13:31:31 GMT
Server: nginx
ETag: "56fd26b3-172c"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5932

GET
H/1.1 200
OK 60x60-hafjell-norway.jpg
norvegus.ru/cache/lofthumbs/ 5 KB
5 KB 171ms
42ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/cache/lofthumbs/60x60-hafjell-norway.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 71f545828f51983f457ba4b8783f078935dd6a133b2cc420261c201b1a85cf15

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 31 Mar 2016 12:29:54 GMT
Server: nginx
ETag: "56fd1842-14bf"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5311

GET
H/1.1 200
OK 60x60-Lofoten%20islands3.jpg
norvegus.ru/cache/lofthumbs/ 5 KB
5 KB 213ms
42ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/cache/lofthumbs/60x60-Lofoten%20islands3.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: c8cfedbeb066c2681d885d89dd54e8f0460e6eef93b1dbe6d6b2ea4aa6c0f64d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:36:04 GMT
Server: nginx
ETag: "56f441a4-1454"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5204

GET
H/1.1 200
OK 60x60-Ribalka.jpg
norvegus.ru/cache/lofthumbs/ 5 KB
5 KB 257ms
42ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/cache/lofthumbs/60x60-Ribalka.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: d3ac007d6b68ee37b7f3558c8b8dd0d28bf8fe4f0875637fc2deedadfea9299d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:36:04 GMT
Server: nginx
ETag: "56f441a4-1408"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5128

GET
H/1.1 200
OK 60x60-botanicgarden.JPG
norvegus.ru/cache/lofthumbs/ 7 KB
7 KB 208ms
42ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/cache/lofthumbs/60x60-botanicgarden.JPG
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: c2f6c457ae284b04338ea0840597c6cd3c361d854a9f186e42df1ccf2813e5b8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:36:03 GMT
Server: nginx
ETag: "56f441a3-1c87"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7303

GET
H/1.1 200
OK 60x60-oil.jpg
norvegus.ru/cache/lofthumbs/ 6 KB
6 KB 257ms
42ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/cache/lofthumbs/60x60-oil.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4c7395ccfd966ac894aeaafe6ba23aab8d0cb100268c8a5b5c3a782d8373dafd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:36:04 GMT
Server: nginx
ETag: "56f441a4-1624"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5668

GET
H/1.1 200
OK 60x60-norway3.jpg
norvegus.ru/cache/lofthumbs/ 4 KB
4 KB 211ms
42ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/cache/lofthumbs/60x60-norway3.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 29a6397140ba9a3a632d424cf9814d6544c5e7c9c2430f457a8c9b98173ac8f3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:36:04 GMT
Server: nginx
ETag: "56f441a4-ff4"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4084

GET
H/1.1 200
OK norvegia%20(www.norvegus.ru).jpg
norvegus.ru/images/stories/ 184 KB
184 KB 276ms
42ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/images/stories/norvegia%20(www.norvegus.ru).jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: f72a495f58ffd37b3b62fc476c38d8b4584076002e99c55590858f26090cbc1e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:37:30 GMT
Server: nginx
ETag: "56f441fa-2de2e"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 187950

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
48 KB 29ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: norvegus.ru
URL: http://norvegus.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c04a02dd0d70981f422b592b1d6fb494bbdcc9c38f3b96831624d2f0fc128109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 28 Apr 2021 15:53:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 17965746228782486622
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 48340
X-XSS-Protection: 0
Expires: Wed, 28 Apr 2021 15:53:12 GMT

GET
H/1.1 200
OK transport-norvegii.jpg
norvegus.ru/images/stories/ 31 KB
31 KB 43ms
42ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/images/stories/transport-norvegii.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: b92b04e5d7e694a32780334c1bc5c37e171a9c7a8602311a27325a9b2d317045

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:37:33 GMT
Server: nginx
ETag: "56f441fd-7cba"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31930

GET
H/1.1 200
OK trolli-zhiteli-fiordov.jpg
norvegus.ru/images/stories/ 20 KB
21 KB 43ms
42ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/images/stories/trolli-zhiteli-fiordov.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0c4dbf002d57f00601a99ec9589cae9bb49d75516cf51b733ef120e440a7fe0a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:37:33 GMT
Server: nginx
ETag: "56f441fd-513a"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20794

GET
H/1.1 200
OK borgunt-cerkov.jpg
norvegus.ru/images/stories/ 29 KB
30 KB 43ms
42ms Image
image/jpeg 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/images/stories/borgunt-cerkov.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: fbdd33cafac58bc1319f9cabe62541790ed359e83a4cd2fa177946e867b9562f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:37:26 GMT
Server: nginx
ETag: "56f441f6-75a3"
Content-Type: image/jpeg
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30115

GET
H/1.1 403
Forbidden original.gif
s3.amazonaws.com/salesdoubler/banner_creatives/banners/27886/ 0
0 254ms
222ms Image
application/xml 52.216.139.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s3.amazonaws.com/salesdoubler/banner_creatives/banners/27886/original.gif?1458908905
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 52.216.139.101 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET swfobject.js
weatherandtime.net/ 0
0

GET
H/1.1 200
OK element.js Show response
translate.google.com/translate_a/ 4 KB
2 KB 24ms
15ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: norvegus.ru
URL: http://norvegus.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

90958b9774bcfcadfaaa3d00822bda9fd29e5d117869f154e39e394c6d4fecf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Apr 2021 15:53:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: HTTP server (unknown)
Content-Language: en
Cache-Control: no-cache, must-revalidate
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 1875
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

informer_39.png
www.calend.ru/img/export/
Redirect Chain

http://www.calend.ru/img/export/informer_39.png
https://www.calend.ru/img/export/informer_39.png

4 KB
5 KB

303ms
75ms

Image
image/png

95.213.162.139
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.calend.ru/img/export/informer_39.png

Requested by

Host: norvegus.ru
URL: http://norvegus.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.213.162.139 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

a0636ba0b78f5c775e843962f3ab414e4b74ea703446cabb5c44c6ca07ee13b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 15:53:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 27 Apr 2021 21:01:12 GMT
Server: nginx
ETag: "60887b98-1144"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4420
X-XSS-Protection: 1; mode=block
Expires: Thu, 29 Apr 2021 15:53:13 GMT

Redirect headers

Date: Wed, 28 Apr 2021 15:53:12 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: text/html
Location: https://www.calend.ru/img/export/informer_39.png
Connection: keep-alive
Content-Length: 162
X-XSS-Protection: 1; mode=block

GET
H2

200

top100.jcn Show response
counter.rambler.ru/
Redirect Chain

http://counter.rambler.ru/top100.jcn?2527607
https://counter.rambler.ru/top100.jcn?2527607

73 KB
74 KB

254ms
111ms

Script
application/javascript

81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.rambler.ru/top100.jcn?2527607
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.8 /
Resource Hash: b5ffc5fb2d777c92891154255f475de5dac0da649985dccb97c9878f28ebaf81

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:53:13 GMT
server: nginx/1.19.8
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-type: application/octet-stream, application/javascript

Redirect headers

Date: Wed, 28 Apr 2021 15:53:12 GMT
Server: nginx/1.19.8
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Location: https://counter.rambler.ru/top100.jcn?2527607
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html
Access-Control-Allow-Headers: content-type
Content-Length: 171

GET c.png
b31x31c.ws.md/ 0
0

GET
H/1.1

404
Not Found

counter.gif
www.intergid.ru/buttons/
Redirect Chain

http://www.intergid.ru/buttons/counter.gif
https://www.intergid.ru/buttons/counter.gif

0
161 B

258ms
87ms

Image
text/html

212.109.216.124
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.intergid.ru/buttons/counter.gif
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.109.216.124 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: intergid.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 15:53:13 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8

Redirect headers

Location: https://www.intergid.ru/buttons/counter.gif
Date: Wed, 28 Apr 2021 15:53:12 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK tab6.js Show response
reformal.ru/ 14 KB
5 KB 88ms
57ms Script
application/x-javascript 139.162.151.130
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://reformal.ru/tab6.js?charset=utf-8
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 139.162.151.130 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 5e9f6ef0051b14e78eb6f79d74fe0b65c0a6fd03e16d1434e220f031c7280a35

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 15:53:12 GMT
Content-Encoding: gzip
Server: nginx/1.16.1
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8

GET
H/1.1 200
OK load-indicator.gif
norvegus.ru/modules/mod_lofarticlesslideshow/assets/images/ 1 KB
2 KB 213ms
42ms Image
image/gif 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/images/load-indicator.gif
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/jstyle.css
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5b968ff4525d27e0f40fb36b65da91cab8a6362dc0a77026cdf730ef25cf0e51

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/jstyle.css
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/jstyle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:41:29 GMT
Server: nginx
ETag: "56f442e9-5b0"
Content-Type: image/gif
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1456

GET
H/1.1 200
OK transparent_bg.png
norvegus.ru/modules/mod_lofarticlesslideshow/assets/images/ 146 B
399 B 170ms
42ms Image
image/png 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/images/transparent_bg.png
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/jstyle.css
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3101dc80b0ca644d216c5f12525425e24af2e77a49a1016139bb9c1ebf481e47

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/jstyle.css
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/jstyle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:41:29 GMT
Server: nginx
ETag: "56f442e9-92"
Content-Type: image/png
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 146

GET
H/1.1 200
OK previous.png
norvegus.ru/modules/mod_lofarticlesslideshow/assets/images/ 916 B
1 KB 170ms
42ms Image
image/png 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/images/previous.png
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/jstyle.css
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6815741fca3b2d1d0cbbc28c41ab76b057ec239cc29b30557f07329bcb02d4e8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/jstyle.css
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/jstyle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:41:29 GMT
Server: nginx
ETag: "56f442e9-394"
Content-Type: image/png
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 916

GET
H/1.1 200
OK next.png
norvegus.ru/modules/mod_lofarticlesslideshow/assets/images/ 904 B
1 KB 124ms
42ms Image
image/png 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/images/next.png
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/jstyle.css
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e9e763770b358c70e6d4d8b4cc2293d162b414fc08adcf657c5048c3202473c9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/jstyle.css
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/jstyle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:41:29 GMT
Server: nginx
ETag: "56f442e9-388"
Content-Type: image/png
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 904

GET
H/1.1 200
OK grad-bg.png
norvegus.ru/modules/mod_lofarticlesslideshow/assets/images/blue/ 3 KB
3 KB 279ms
42ms Image
image/png 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/images/blue/grad-bg.png
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/jstyle.css
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4ecb25b24fa3a822dd3ce75caa3a23185b163137780263b4a0baa25ac448ce6c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/jstyle.css
Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=sk5frnpo5065e2hvv77fcp3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/modules/mod_lofarticlesslideshow/assets/jstyle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:41:30 GMT
Server: nginx
ETag: "56f442ea-b49"
Content-Type: image/png
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2889

GET
H/1.1 404
Not Found Cookie set undefined
norvegus.ru/ 2 KB
2 KB 109ms
109ms Image
text/html 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/undefined
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3f771587cdb45ea53ec8681cfcd9c49550eff50746cc24bf5988eefeb3bef899

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
x-ray: wn15398:0.070/wa15398:D=66317
Content-Encoding: gzip
Server: nginx
Date: Wed, 28 Apr 2021 15:53:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Set-Cookie: 6b9fe9ab05e2fab2cdf5b534e9cbbc07=uja35lqb50j9u7pv6m8k4flun3; path=/
Content-Type: text/html; charset=utf-8

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/ 223 KB
83 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3790188951452722&plah=norvegus.ru&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5d13a315184e4cc69d5c495682f8e5539478b0f7331165dc63e9aa4f224add0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 5298758904806933499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 15:53:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210426/r20190131/ Frame D9CD 10 KB
5 KB 5ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210426/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210426/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://norvegus.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://norvegus.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 28 Apr 2021 01:17:22 GMT
expires: Wed, 12 May 2021 01:17:22 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 52551
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK h3-bg.gif
norvegus.ru/templates/jblank/images/ 471 B
725 B 42ms
42ms Image
image/gif 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/templates/jblank/images/h3-bg.gif
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/templates/jblank/css/_styles.css?1458848534
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e7a38cc1a5c8f49083b2e0da92bf7f25ffc133c528cf0ea7f1dc1277a5601b94

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/templates/jblank/css/_styles.css?1458848534
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/templates/jblank/css/_styles.css?1458848534
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:42:17 GMT
Server: nginx
ETag: "56f44319-1d7"
Content-Type: image/gif
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 471

GET
H/1.1 200
OK dot.gif
norvegus.ru/templates/jblank/images/ 45 B
297 B 42ms
42ms Image
image/gif 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/templates/jblank/images/dot.gif
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/templates/jblank/css/_styles.css?1458848534
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ab690b1f452efeab260cb8749a955729e9de719852249722a908bfd359fb7020

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/templates/jblank/css/_styles.css?1458848534
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/templates/jblank/css/_styles.css?1458848534
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:42:16 GMT
Server: nginx
ETag: "56f44318-2d"
Content-Type: image/gif
Date: Wed, 28 Apr 2021 15:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
640 B 228ms
91ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=norvegus.ru&callback=_gfp_s_&client=ca-pub-3790188951452722

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3790188951452722&plah=norvegus.ru&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

2de032778a0160c0ea744377373f816bf9eba8b06f80dc8113140c55b14941f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=norvegus.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 15:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=norvegus.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 15:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 532A 399 B
220 B 318ms
317ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3790188951452722&output=html&h=90&slotname=2209446860&adk=2257577908&adf=1788969431&pi=t.ma~as.2209446860&w=728&lmt=1619625193&psa=0&format=728x90&url=http%3A%2F%2Fnorvegus.ru%2F&flash=0&wgl=1&dt=1619625193193&bpp=26&bdt=468&idt=77&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1194733360476&frm=20&pv=2&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=1502&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1995537329768029&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=7x4uFqLKYN&p=http%3A//norvegus.ru&dtd=94

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb2c942b50e09931b27431acbe8e87bce0426ba51ae54b0242182ddcdfbee681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3790188951452722&output=html&h=90&slotname=2209446860&adk=2257577908&adf=1788969431&pi=t.ma~as.2209446860&w=728&lmt=1619625193&psa=0&format=728x90&url=http%3A%2F%2Fnorvegus.ru%2F&flash=0&wgl=1&dt=1619625193193&bpp=26&bdt=468&idt=77&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1194733360476&frm=20&pv=2&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=1502&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1995537329768029&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=7x4uFqLKYN&p=http%3A//norvegus.ru&dtd=94
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://norvegus.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://norvegus.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 28 Apr 2021 15:53:13 GMT
server: cafe
content-length: 197
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Apr-2021 16:08:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Apr 2021 15:53:13 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188783439141"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28201
x-xss-protection: 0
expires: Wed, 28 Apr 2021 15:53:13 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A599 74 KB
25 KB 516ms
515ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3790188951452722&output=html&h=90&slotname=5662440862&adk=2470702163&adf=1800634481&pi=t.ma~as.5662440862&w=728&lmt=1619625193&psa=0&format=728x90&url=http%3A%2F%2Fnorvegus.ru%2F&flash=0&wgl=1&dt=1619625193219&bpp=3&bdt=494&idt=76&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=1194733360476&frm=20&pv=1&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=4453&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1995537329768029&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=iD661R00aX&p=http%3A//norvegus.ru&dtd=79

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8731cdbcfb47bac1d3f240a403682919587dfeba20ceb661a201e6ebc76adf90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3790188951452722&output=html&h=90&slotname=5662440862&adk=2470702163&adf=1800634481&pi=t.ma~as.5662440862&w=728&lmt=1619625193&psa=0&format=728x90&url=http%3A%2F%2Fnorvegus.ru%2F&flash=0&wgl=1&dt=1619625193219&bpp=3&bdt=494&idt=76&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=1194733360476&frm=20&pv=1&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=4453&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1995537329768029&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=iD661R00aX&p=http%3A//norvegus.ru&dtd=79
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://norvegus.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://norvegus.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 28 Apr 2021 15:53:13 GMT
server: cafe
content-length: 25097
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Apr-2021 16:08:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Apr 2021 15:53:13 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E3C7 64 KB
17 KB 534ms
534ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3790188951452722&output=html&h=600&slotname=6669999269&adk=3377193940&adf=2660268872&pi=t.ma~as.6669999269&w=208&fwrn=4&fwrnh=100&lmt=1619625193&rafmt=1&psa=0&format=208x600&url=http%3A%2F%2Fnorvegus.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1619625193223&bpp=2&bdt=497&idt=80&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=1194733360476&frm=20&pv=1&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1068&ady=573&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1995537329768029&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=8NyZMHZkyx&p=http%3A//norvegus.ru&dtd=83

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4c593117bfecb4fd893d871e8f8e1e305fccce9135ca0e1d5d5ffe3588e0222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3790188951452722&output=html&h=600&slotname=6669999269&adk=3377193940&adf=2660268872&pi=t.ma~as.6669999269&w=208&fwrn=4&fwrnh=100&lmt=1619625193&rafmt=1&psa=0&format=208x600&url=http%3A%2F%2Fnorvegus.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1619625193223&bpp=2&bdt=497&idt=80&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=1194733360476&frm=20&pv=1&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1068&ady=573&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1995537329768029&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=8NyZMHZkyx&p=http%3A//norvegus.ru&dtd=83
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://norvegus.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://norvegus.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 28 Apr 2021 15:53:13 GMT
server: cafe
content-length: 17309
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Apr-2021 16:08:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Apr 2021 15:53:13 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 73E0 84 KB
26 KB 546ms
546ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3790188951452722&output=html&h=600&slotname=8469633264&adk=2261697747&adf=1032041062&pi=t.ma~as.8469633264&w=208&fwrn=4&fwrnh=100&lmt=1619625193&rafmt=1&psa=0&format=208x600&url=http%3A%2F%2Fnorvegus.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1619625193226&bpp=1&bdt=501&idt=84&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C208x600&correlator=1194733360476&frm=20&pv=1&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1068&ady=1194&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1995537329768029&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WuMf3siRvO&p=http%3A//norvegus.ru&dtd=87

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e78bdce36b4d48a69964183326bc0e37bb55bd3f4104883f1e23edf7601bd26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3790188951452722&output=html&h=600&slotname=8469633264&adk=2261697747&adf=1032041062&pi=t.ma~as.8469633264&w=208&fwrn=4&fwrnh=100&lmt=1619625193&rafmt=1&psa=0&format=208x600&url=http%3A%2F%2Fnorvegus.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1619625193226&bpp=1&bdt=501&idt=84&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C208x600&correlator=1194733360476&frm=20&pv=1&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1068&ady=1194&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1995537329768029&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WuMf3siRvO&p=http%3A//norvegus.ru&dtd=87
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://norvegus.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://norvegus.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 28 Apr 2021 15:53:13 GMT
server: cafe
content-length: 26167
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Apr-2021 16:08:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Apr 2021 15:53:13 GMT
cache-control: private

GET
H2 200 css
fonts.googleapis.com/ Frame A599 3 KB
674 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3790188951452722&output=html&h=90&slotname=5662440862&adk=2470702163&adf=1800634481&pi=t.ma~as.5662440862&w=728&lmt=1619625193&psa=0&format=728x90&url=http%3A%2F%2Fnorvegus.ru%2F&flash=0&wgl=1&dt=1619625193219&bpp=3&bdt=494&idt=76&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=1194733360476&frm=20&pv=1&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=4453&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1995537329768029&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=iD661R00aX&p=http%3A//norvegus.ru&dtd=79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 15:06:25 GMT
server: ESF
date: Wed, 28 Apr 2021 15:53:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Apr 2021 15:53:13 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame A599 1 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 15:49:25 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/ Frame A599 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 12352184217982932987
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 15:48:40 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame A599 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:48:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 15:48:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A599 116 KB
35 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188777539687"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36031
x-xss-protection: 0
expires: Wed, 28 Apr 2021 15:53:13 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame A599 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 15:50:32 GMT

GET
H2 200 95e6c1f88e21b7366c50a3f905bff199.js Show response
www.gstatic.com/mysidia/ Frame A599 25 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/95e6c1f88e21b7366c50a3f905bff199.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 13:01:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 00:12:13 GMT
server: sffe
age: 10287
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0
expires: Tue, 27 Jul 2021 13:01:46 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5472953507826475334/ Frame A599 6 KB
6 KB 22ms
20ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5472953507826475334/downsize_200k_v1?w=195&h=102

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973766985aa550284dc3001f74297e9697084aacde7fc72cb1c0eddbc087b329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 10:34:15 GMT
x-content-type-options: nosniff
age: 537538
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6119
x-xss-protection: 0
last-modified: Wed, 30 Sep 2020 15:20:29 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 10:34:15 GMT

GET
DATA 200
OK truncated
/ Frame A599 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cc7088b335b30f7b1fa0903bc8aa143b11cb8408032d62d28d5ab768cc68c88

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame A599 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRi8G6YSJYOidE87G7_UPzpOz8AmjtPe_Yt_9x4egDoj54NmDHRABIJ_T4A5glYq4gsgHoAHO6_DRAsgBCakC-sfwg_dAtD6oAwHIA8sEqgS1AU_QlEBlYWem9CWWOCGoLvTqC4giuxUeCVT5bDJF2tJ4ETMcFTTiugshDyeK6XsCQr8TST0pUwVxnYN4Mr6n3oqgB_HcKL-CbbPQoY6ogUOJ_3TW44CAMDIP87gUMsu9vhOAarHP2OuVZ382DO4XqTNGtkuN58w-yXX7gqyzrCEO_4RHVPIVXgrMdU19ciDuOo_iddtIAk1f4UvTYDPwc7dHzhldg4QttI349dJpjGmQx83KvK7ABKK5me_BA5IFBAgEGAGSBQQIBRgEoAYugAealI-uAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBC0tgPSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMNshcaChgIABIUcHViLTM3OTAxODg5NTE0NTI3MjI&sigh=DHIOGaRzhSg&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3790188951452722&output=html&h=90&slotname=5662440862&adk=2470702163&adf=1800634481&pi=t.ma~as.5662440862&w=728&lmt=1619625193&psa=0&format=728x90&url=http%3A%2F%2Fnorvegus.ru%2F&flash=0&wgl=1&dt=1619625193219&bpp=3&bdt=494&idt=76&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=1194733360476&frm=20&pv=1&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=4453&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1995537329768029&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=iD661R00aX&p=http%3A//norvegus.ru&dtd=79
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 28 Apr 2021 15:53:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Apr 2021 15:53:13 GMT

GET
DATA 200
OK truncated
/ Frame A599 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3bd1b633f00e899217e1171ce740b4a10b12c3b1caf2b868619c104a4323f45b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 css
fonts.googleapis.com/ Frame E3C7 3 KB
578 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3790188951452722&output=html&h=600&slotname=6669999269&adk=3377193940&adf=2660268872&pi=t.ma~as.6669999269&w=208&fwrn=4&fwrnh=100&lmt=1619625193&rafmt=1&psa=0&format=208x600&url=http%3A%2F%2Fnorvegus.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1619625193223&bpp=2&bdt=497&idt=80&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=1194733360476&frm=20&pv=1&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1068&ady=573&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1995537329768029&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=8NyZMHZkyx&p=http%3A//norvegus.ru&dtd=83

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 14:58:35 GMT
server: ESF
date: Wed, 28 Apr 2021 15:53:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Apr 2021 15:53:13 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame A599 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 280175
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Mon, 25 Apr 2022 10:03:38 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame A599 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 568211
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 22 Apr 2022 02:03:02 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame E3C7 1 KB
909 B 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 15:49:25 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/ Frame E3C7 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 12352184217982932987
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 15:48:40 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame E3C7 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:48:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 15:48:57 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E3C7 116 KB
35 KB 29ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188777539687"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36031
x-xss-protection: 0
expires: Wed, 28 Apr 2021 15:53:13 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame E3C7 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 15:50:32 GMT

GET
H3-29 200 95e6c1f88e21b7366c50a3f905bff199.js Show response
www.gstatic.com/mysidia/ Frame E3C7 25 KB
10 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/95e6c1f88e21b7366c50a3f905bff199.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 13:01:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 00:12:13 GMT
server: sffe
age: 10287
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0
expires: Tue, 27 Jul 2021 13:01:46 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3200160035678753905/ Frame E3C7 5 KB
5 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3200160035678753905/downsize_200k_v1?w=300&h=300

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b62d945b5c0e379c0edce8d106220c5ffb2d03d4c0b3c5b1a483926d60b04835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 15:36:07 GMT
x-content-type-options: nosniff
age: 519426
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5274
x-xss-protection: 0
last-modified: Fri, 26 Feb 2021 13:21:57 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 15:36:07 GMT

GET
H/1.1 200
OK ai.aspx Show response
m.exactag.com/ Frame E3C7 43 B
1 KB 206ms
55ms Fetch
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.exactag.com/ai.aspx?extProvId=5&extPu=eurowings-gaw-search&extLi=12421296657&rnd=288701876

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Krefeld, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Mi, 28 Apr 2021 03:53:14 GMT
Server: Microsoft-IIS/8.5
Date: Wed, 28 Apr 2021 15:53:13 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 977
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame E3C7 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJ4r86YSJYOT3E5Hh7_UPgomMyAn0ueWnYunV7caDDunZ3ZGWDhABIJ_T4A5glYq4gsgHoAHfm_LFAcgBAakC-sfwg_dAtD6oAwGqBLMBT9Avt96WYZpyWHIonuQcPqd9AVbtX2jaC3EeVQCcI_XjUHKLXUn5vLpiDd-t4KWSr7r3IN_jezRnt43tIIMnXw4rL1N3bv7bYRYhsLU4nbjoli6UjePTW6zf1UdJYLlQ5STwEkXGeL_dy-nb0KMuHIYjKq2CL-AwaUdtcnGE3M70tcxhWQmUAbflg2HBXyYHPD6ScTHJ0_G0sy5l4CMqce6bSrRIuTreFqixt8upKYkWcXHABP-Ewua1A5IFBAgEGAGSBQQIBRgEgAeJ5I26AqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDC4gTSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItMzc5MDE4ODk1MTQ1MjcyMg&sigh=WvaygPeoPMM&template_id=5001

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3790188951452722&output=html&h=600&slotname=6669999269&adk=3377193940&adf=2660268872&pi=t.ma~as.6669999269&w=208&fwrn=4&fwrnh=100&lmt=1619625193&rafmt=1&psa=0&format=208x600&url=http%3A%2F%2Fnorvegus.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1619625193223&bpp=2&bdt=497&idt=80&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=1194733360476&frm=20&pv=1&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1068&ady=573&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1995537329768029&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=8NyZMHZkyx&p=http%3A//norvegus.ru&dtd=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 28 Apr 2021 15:53:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 css
fonts.googleapis.com/ Frame 73E0 3 KB
578 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3790188951452722&output=html&h=600&slotname=8469633264&adk=2261697747&adf=1032041062&pi=t.ma~as.8469633264&w=208&fwrn=4&fwrnh=100&lmt=1619625193&rafmt=1&psa=0&format=208x600&url=http%3A%2F%2Fnorvegus.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1619625193226&bpp=1&bdt=501&idt=84&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C208x600&correlator=1194733360476&frm=20&pv=1&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1068&ady=1194&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1995537329768029&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WuMf3siRvO&p=http%3A//norvegus.ru&dtd=87

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 15:06:18 GMT
server: ESF
date: Wed, 28 Apr 2021 15:53:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Apr 2021 15:53:14 GMT

GET
H2 200 kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js Show response
pagead2.googlesyndication.com/bg/ Frame 15AE 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

903464b17d96c387bfc4d0a5032201b780d3b4c2f80c6920cf39036acd4dee01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 2890
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5651
x-xss-protection: 0
expires: Thu, 28 Apr 2022 15:05:04 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 73E0 1 KB
909 B 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 15:49:25 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/ Frame 73E0 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 12352184217982932987
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 15:48:40 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 73E0 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:48:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 15:48:57 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 73E0 116 KB
35 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188777539687"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36031
x-xss-protection: 0
expires: Wed, 28 Apr 2021 15:53:14 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 73E0 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 15:50:32 GMT

GET
H3-29 200 95e6c1f88e21b7366c50a3f905bff199.js Show response
www.gstatic.com/mysidia/ Frame 73E0 25 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/95e6c1f88e21b7366c50a3f905bff199.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 13:01:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 00:12:13 GMT
server: sffe
age: 10288
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0
expires: Tue, 27 Jul 2021 13:01:46 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 77B5 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3790188951452722&output=html&h=600&slotname=6669999269&adk=3377193940&adf=2660268872&pi=t.ma~as.6669999269&w=208&fwrn=4&fwrnh=100&lmt=1619625193&rafmt=1&psa=0&format=208x600&url=http%3A%2F%2Fnorvegus.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1619625193223&bpp=2&bdt=497&idt=80&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=1194733360476&frm=20&pv=1&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1068&ady=573&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1995537329768029&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=8NyZMHZkyx&p=http%3A//norvegus.ru&dtd=83
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmgpYrNrhrztHIilQOBoaJggrmBOQzxDBVCzc199iA6SdwBwOoahywZIXEPgOg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3790188951452722&output=html&h=600&slotname=6669999269&adk=3377193940&adf=2660268872&pi=t.ma~as.6669999269&w=208&fwrn=4&fwrnh=100&lmt=1619625193&rafmt=1&psa=0&format=208x600&url=http%3A%2F%2Fnorvegus.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1619625193223&bpp=2&bdt=497&idt=80&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=1194733360476&frm=20&pv=1&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1068&ady=573&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1995537329768029&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=8NyZMHZkyx&p=http%3A//norvegus.ru&dtd=83

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 28 Apr 2021 15:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1435
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E3C7 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92a499b6c4add62d1765aa921264c916a472ad022ec957c1f9912fa124f6fd0a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6765102216543443859/ Frame 73E0 22 KB
22 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6765102216543443859/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef73bb77ed3ce3b99d4cdb94ab199fd37775c15325057c1f8965e0081fe89c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 15:44:59 GMT
x-content-type-options: nosniff
age: 518895
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22827
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 09:31:20 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 15:44:59 GMT

GET
DATA 200
OK truncated
/ Frame 73E0 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK ai.aspx Show response
m.exactag.com/ Frame 73E0 43 B
1 KB 179ms
51ms Fetch
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.exactag.com/ai.aspx?extProvId=5&extPu=eurowings-gaw-search&extLi=12421296657&rnd=2190583677

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Krefeld, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Mi, 28 Apr 2021 03:53:14 GMT
Server: Microsoft-IIS/8.5
Date: Wed, 28 Apr 2021 15:53:13 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 977
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 73E0 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHfi16YSJYOGEFOLI7_UPmOu4-Af0ueWnYunV7caDDtDm07iRDhABIJ_T4A5glYq4gsgHoAHfm_LFAcgBCakC-sfwg_dAtD6oAwHIA8sEqgSzAU_QDy0Ag-mSGIAvA1ir-6cxz4ewmRqGO3wqhPw8hbLimm6NyWYKX3dcvzlSs7oX_a6N30aaTIyLhn7dwd2tnSdui1slVuoM17J_bDOYNSfUxm_BD-Zm2JU769UUZbMfHkMn-09pMwZU92BW7diXIJCfvcwGU_9Jbq6Y8y3V-4nw15zqgv-31cSH37lBPGKUFJio2gvr_1pcZvlzEj_GuN_5-BE4ne5ycNZQSbhsuROlg4VWwAT_hMLmtQOSBQQIBBgBkgUECAUYBKAGLoAHieSNugKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQgv0B0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTDbIXGgoYCAASFHB1Yi0zNzkwMTg4OTUxNDUyNzIy&sigh=cg8Gaz7Gmpw&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3790188951452722&output=html&h=600&slotname=8469633264&adk=2261697747&adf=1032041062&pi=t.ma~as.8469633264&w=208&fwrn=4&fwrnh=100&lmt=1619625193&rafmt=1&psa=0&format=208x600&url=http%3A%2F%2Fnorvegus.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1619625193226&bpp=1&bdt=501&idt=84&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C208x600&correlator=1194733360476&frm=20&pv=1&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1068&ady=1194&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1995537329768029&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WuMf3siRvO&p=http%3A//norvegus.ru&dtd=87
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 28 Apr 2021 15:53:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame E3C7 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 280176
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Mon, 25 Apr 2022 10:03:38 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame E3C7 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 568212
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 22 Apr 2022 02:03:02 GMT

GET
DATA 200
OK truncated
/ Frame 73E0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4cc5c97cd7777835337f8ad99d8970d3aa5ae940e226af31ca7a5e5a6a63a83

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 73E0 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 280176
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Mon, 25 Apr 2022 10:03:38 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 73E0 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 568212
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 22 Apr 2022 02:03:02 GMT

GET
H3-29 200 kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js Show response
pagead2.googlesyndication.com/bg/ Frame A21C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

903464b17d96c387bfc4d0a5032201b780d3b4c2f80c6920cf39036acd4dee01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 2890
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5651
x-xss-protection: 0
expires: Thu, 28 Apr 2022 15:05:04 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 77B5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

16ms
16ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmgpYrNrhrztHIilQOBoaJggrmBOQzxDBVCzc199iA6SdwBwOoahywZIXEPgOg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 28 Apr 2021 15:53:14 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 28-Apr-2021 16:53:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Apr 2021 15:53:14 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 28 Apr 2021 15:53:14 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E3C7 42 B
176 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8a2HqMFUFOwj6NG_V4xMvWoiVaQagn_xth9qQXguYoLJOS1pioP4tpy0Qt8cLpguuqBZjWYvL4oo13dO-0cGYlD1wZGeeUdTGVHGEFXnRTd7-Wxf3hutBIqCDHw&sai=AMfl-YSVaBCSNhqivoxNt1UcFZ3nMK6yHJ7LoMJ2YSqBnLGkrwVo7uqcanfel--03nY29OF9S8nFy9dIhtN-&sig=Cg0ArKJSzDDiEcnJQlydEAE&id=lidar2&mcvt=1000&p=573,1068,1173,1276&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210423&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3377193940&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619625193308&dlt=545&rpt=50&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 15:53:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
3 KB 27ms
5ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3271
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 28 Apr 2021 15:58:53 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 4 KB
2 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:58:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3269
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1673
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 22:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 28 Apr 2021 15:58:55 GMT

GET
H/1.1 200
OK bullet.gif
norvegus.ru/templates/jblank/images/ 94 B
346 B 42ms
42ms Image
image/gif 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/templates/jblank/images/bullet.gif
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/templates/jblank/css/_styles.css?1458848534
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 9604cabfc7b7292a789a99bf0ce0f4ae2c401df2626f8e8b300327d0a656ecfc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/templates/jblank/css/_styles.css?1458848534
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/templates/jblank/css/_styles.css?1458848534
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:42:16 GMT
Server: nginx
ETag: "56f44318-5e"
Content-Type: image/gif
Date: Wed, 28 Apr 2021 15:53:24 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 94

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: norvegus.ru
URL: http://norvegus.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3120
date: Wed, 28 Apr 2021 15:01:24 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 28 Apr 2021 17:01:24 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

counter2
top-fwz1.mail.ru/
Redirect Chain

http://d0.cc.bf.a1.top.mail.ru/counter?id=2080859;t=231;js=13;r=;j=false;s=1600*1200;d=24;rand=0.31831038767529485
https://top-fwz1.mail.ru/counter?id=2080859;t=231;js=13;r=;j=false;s=1600*1200;d=24;rand=0.31831038767529485
https://top-fwz1.mail.ru/counter2?id=2080859;t=231;js=13;r=;j=false;s=1600*1200;d=24;rand=0.31831038767529485

1007 B
2 KB

62ms
62ms

Image
image/gif

217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=2080859;t=231;js=13;r=;j=false;s=1600*1200;d=24;rand=0.31831038767529485

Requested by

Host: norvegus.ru
URL: http://norvegus.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

c57d35392e5a1fd0d6871cbcb447c97b44ba080c4e147a0f1ff3f4f10752790f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 15:53:25 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 1007
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: *
Keep-Alive: timeout=60

Redirect headers

Date: Wed, 28 Apr 2021 15:53:25 GMT
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Location: https://top-fwz1.mail.ru/counter2?id=2080859;t=231;js=13;r=;j=false;s=1600*1200;d=24;rand=0.31831038767529485
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: *
Keep-Alive: timeout=60

GET
H2 200 /
kraken.rambler.ru/cnt/ 595 B
1 KB 224ms
74ms Image
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pv&pid=2527607&rid=1619625204.834-572272509&tid=t1.-1.1021551660.1619625204834&v=1.18.1i&exp=exp_fip%2Csplit_b%2Cexp_ping%2Csplit_z&rn=510861109&bs=1600x1200&ce=1&rf&en=UTF-8&pt=%D0%9D%D0%B0%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%83%D1%8E&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=-120&fv&sv&lv&le=0&url=http%3A%2F%2Fnorvegus.ru%2F
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.8 /
Resource Hash: 164bb550f3cceb8f589edafb3d704da7043036de3b21d7fcd486dd62e96668fb

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:53:25 GMT
last-modified: Thu, 16 Jan 2020 17:49:32 GMT
server: nginx/1.19.8
etag: "5e20a22c-253"
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
access-control-allow-headers: content-type
content-length: 595

GET
H2

200

count
hit39.hotlog.ru/cgi-bin/hotlog/
Redirect Chain

http://hit39.hotlog.ru/cgi-bin/hotlog/count?0.9850708903574896&s=2169947&im=453&r=&pg=http%3A//norvegus.ru/&j=N&wh=1600x1200&px=24&js=1.3
http://hit39.hotlog.ru/cgi-bin/hotlog/count?0.9850708903574896&s=2169947&im=453&r=&pg=http%3A//norvegus.ru/&j=N&wh=1600x1200&px=24&js=1.3&hl_ignore=Y
https://dmg.digitaltarget.ru/1/19/i/i?a=19&e=51ee8c7df23ff380d49ef77dfe8199c&i=618135007&r=https://hit39.hotlog.ru/cgi-bin/hotlog/count?s%3D2169947%26im%3D453%26hl_hitback%3DY
https://dmg.digitaltarget.ru/awg/custom/19/i/i?call_source=awg&a=19&e=51ee8c7df23ff380d49ef77dfe8199c&i=618135007&r=https://hit39.hotlog.ru/cgi-bin/hotlog/count?s%3D2169947%26im%3D453%26hl_hitback%3DY
https://hit39.hotlog.ru/cgi-bin/hotlog/count?s=2169947&im=453&hl_hitback=Y
https://hit39.hotlog.ru/cgi-bin/hotlog/count?s=2169947&im=453&hl_hitback=Y&hl_ignore=Y
https://sync.1dmp.io/pixel.gif?cid=3dc39d61-7763-4229-855c-5bb89c069683&pid=w&uid=51ee8c7df23ff380d49ef77dfe8199c&ru=https://hit39.hotlog.ru/cgi-bin/hotlog/count?s%3D2169947%26im%3D453%26hl_hitback...
https://sync.1dmp.io/pixel.gif?cid=3dc39d61-7763-4229-855c-5bb89c069683&pid=w&uid=51ee8c7df23ff380d49ef77dfe8199c&ru=https://hit39.hotlog.ru/cgi-bin/hotlog/count?s%3D2169947%26im%3D453%26hl_hitback...
https://hit39.hotlog.ru/cgi-bin/hotlog/count?s=2169947&im=453&hl_hitback=2
https://hit39.hotlog.ru/cgi-bin/hotlog/count?s=2169947&im=453&hl_hitback=2&hl_ignore=Y

957 B
992 B

81ms
81ms

Image
image/gif

89.208.236.251
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hit39.hotlog.ru/cgi-bin/hotlog/count?s=2169947&im=453&hl_hitback=2&hl_ignore=Y
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.208.236.251 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: HotLog/1.2 /
Resource Hash: d69744850df8301dd2173892c6bec8178fe8b553541f0301305c214ef822ca19

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:53:26 GMT
server: HotLog/1.2
content-length: 957
content-type: image/gif

Redirect headers

location: /cgi-bin/hotlog/count?s=2169947&im=453&hl_hitback=2&hl_ignore=Y
date: Wed, 28 Apr 2021 15:53:26 GMT
server: HotLog/1.2
p3p: policyref="/p3p.xml", CP="NON ADM DEV TAI PSA PSD IVA OUR IND UNI COM NAV INT"
content-length: 0
content-type: text/plain

GET
H/1.1 200
OK / Show response
c.bigmir.net/ 132 B
423 B 137ms
105ms Script
application/x-javascript 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.bigmir.net/?o1&v16893469&s16891990&t0&c1&n459694&w0&y0&d24&r1600
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: fcc66d6387e4682b649af7001609930ccd88ff3e1a4c0f293ff81415e75a0c8f

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 28 Apr 2021 15:53:24 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H3-29

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=736543106&utmhn=norvegus.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=736543106&utmhn=norvegus.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0...

35 B
54 B

14ms
13ms

Image
image/gif

2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=736543106&utmhn=norvegus.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%B0%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%83%D1%8E&utmhid=299863043&utmr=-&utmp=%2F&utmht=1619625204859&utmac=UA-2387902-27&utmcc=__utma%3D165377952.1505289123.1619625193.1619625193.1619625193.1%3B%2B__utmz%3D165377952.1619625205.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1426769425&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~

Requested by

Host: norvegus.ru
URL: http://norvegus.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 15:53:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=736543106&utmhn=norvegus.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%B0%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%83%D1%8E&utmhid=299863043&utmr=-&utmp=%2F&utmht=1619625204859&utmac=UA-2387902-27&utmcc=__utma%3D165377952.1505289123.1619625193.1619625193.1619625193.1%3B%2B__utmz%3D165377952.1619625205.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1426769425&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~
Non-Authoritative-Reason: HSTS

GET
H3-29 200 element_main.js Show response
translate.googleapis.com/element/TE_20210224_00/e/js/element/ 250 KB
89 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3269
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91310
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 18:08:41 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Apr 2022 14:58:55 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t14.3;r;s1600*1200*24;uhttp%3A//norvegus.ru/;0.7525084591151259
https://counter.yadro.ru/hit?t14.3;r;s1600*1200*24;uhttp%3A//norvegus.ru/;0.7525084591151259
https://counter.yadro.ru/hit?q;t14.3;r;s1600*1200*24;uhttp%3A//norvegus.ru/;0.7525084591151259

231 B
685 B

88ms
88ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t14.3;r;s1600*1200*24;uhttp%3A//norvegus.ru/;0.7525084591151259

Requested by

Host: norvegus.ru
URL: http://norvegus.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

8bfede4458aed2ffc0287117183d2646773b4acce2579c51c2e623f399af63e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Apr 2021 15:53:25 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 231
Expires: Mon, 27 Apr 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Apr 2021 15:53:25 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t14.3;r;s1600*1200*24;uhttp%3A//norvegus.ru/;0.7525084591151259
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Mon, 27 Apr 2020 21:00:00 GMT

GET
H/1.1 200
OK cnt.js Show response
openstat.net/ 8 KB
8 KB 127ms
95ms Script
application/javascript 138.201.187.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://openstat.net/cnt.js
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 138.201.187.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 7331bfe5f1a8a8a23243c34e35b8d4ccdb6df86cfb3acfabaae9b03c4a67f872

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 15:53:25 GMT
Last-Modified: Wednesday, 28-Apr-2021 15:53:25 UTC
Server: nginx
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: close
Accept-Ranges: bytes
Content-Length: 7776

GET
H/1.1

404
Not Found

/
www.intergid.ru/cnt/
Redirect Chain

http://www.intergid.ru/cnt?cid=75413&rnd=0.9766521740891945&referrer=&page=http%3A//norvegus.ru/&c=1&frames=0&j=0&wh=1600x1200&px=24&js=1.3
https://www.intergid.ru/cnt?cid=75413&rnd=0.9766521740891945&referrer=&page=http%3A//norvegus.ru/&c=1&frames=0&j=0&wh=1600x1200&px=24&js=1.3
http://www.intergid.ru/cnt/?cid=75413&rnd=0.9766521740891945&referrer=&page=http%3A//norvegus.ru/&c=1&frames=0&j=0&wh=1600x1200&px=24&js=1.3
https://www.intergid.ru/cnt/?cid=75413&rnd=0.9766521740891945&referrer=&page=http%3A//norvegus.ru/&c=1&frames=0&j=0&wh=1600x1200&px=24&js=1.3

0
161 B

87ms
87ms

Image
text/html

212.109.216.124
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.intergid.ru/cnt/?cid=75413&rnd=0.9766521740891945&referrer=&page=http%3A//norvegus.ru/&c=1&frames=0&j=0&wh=1600x1200&px=24&js=1.3
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.109.216.124 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: intergid.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 15:53:25 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8

Redirect headers

Location: https://www.intergid.ru/cnt/?cid=75413&rnd=0.9766521740891945&referrer=&page=http%3A//norvegus.ru/&c=1&frames=0&j=0&wh=1600x1200&px=24&js=1.3
Non-Authoritative-Reason: HSTS

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 123 KB
44 KB 147ms
49ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: norvegus.ru
URL: http://norvegus.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

2ebf9e485acec2328b39df7ec3bd82407348d18c8e99d4de5c1db40b2fb2e11e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:53:25 GMT
content-encoding: br
last-modified: Wed, 28 Apr 2021 11:08:40 GMT
etag: "6087d5b3-ad16"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 44310
expires: Wed, 28 Apr 2021 16:53:25 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: norvegus.ru
URL: http://norvegus.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 771
date: Wed, 28 Apr 2021 15:40:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 28 Apr 2021 17:40:33 GMT

GET
H/1.1 200
OK 7688f5685f7701e97daa5497d3d9c745.png
reformal.ru/files/images/buttons/ 1 KB
1 KB 45ms
44ms Image
image/png 139.162.151.130
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://reformal.ru/files/images/buttons/7688f5685f7701e97daa5497d3d9c745.png
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 139.162.151.130 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: d50887ce55421ad85f04a5639e736e482849bce239ba532fd89e1c08cea55b15

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 15:53:25 GMT
Last-Modified: Fri, 31 Aug 2012 03:29:08 GMT
Server: nginx/1.16.1
ETag: "50402f84-4e5"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1253

GET
H/1.1 200
OK widget_logo.jpg
reformal.ru/tmpl/images/ 1 KB
1 KB 88ms
57ms Image
image/jpeg 139.162.151.130
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://reformal.ru/tmpl/images/widget_logo.jpg
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 139.162.151.130 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a5a359725c7a6a0414156e5d83c3b7e59307798ae63a99ad055bbe731fc2c577

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 15:53:25 GMT
Last-Modified: Fri, 20 Dec 2013 07:24:29 GMT
Server: nginx/1.16.1
ETag: "52b3f0ad-46f"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1135

GET
H/1.1 200
OK st.php
log.reformal.ru/ 43 B
209 B 90ms
58ms Image
image/gif 139.162.151.130
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://log.reformal.ru/st.php?w=tab6&domain=norvegus
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 139.162.151.130 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 15:53:25 GMT
Server: nginx/1.16.1
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK norvegus%7CaHR0cDovL25vcnZlZ3VzLnJ1Lw==%7C
reformal.ru/human_check/ 43 B
279 B 44ms
44ms Image
image/gif 139.162.151.130
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://reformal.ru/human_check/norvegus%7CaHR0cDovL25vcnZlZ3VzLnJ1Lw==%7C
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 139.162.151.130 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 15:53:25 GMT
Last-Modified: Fri, 20 Dec 2013 07:24:29 GMT
Server: nginx/1.16.1
ETag: "52b3f0ad-2b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H/1.1 200
OK b63_top.gif
i.bigmir.net/cnt/samples/diagonal/ 65 B
388 B 141ms
104ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.bigmir.net/cnt/samples/diagonal/b63_top.gif
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 474a75f56daf3caeb461155e3a5e1decc4c271c1cb3703cb3b12a7324352f922

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 15:53:25 GMT
Last-Modified: Tue, 23 Jan 2007 13:14:29 GMT
Server: nginx
ETag: "45b60a35-41"
Content-Type: image/gif
Cache-Control: max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 65
Expires: Sat, 01 May 2021 15:53:25 GMT

GET
H/1.1 200
OK b63_center.gif
i.bigmir.net/cnt/samples/diagonal/ 79 B
402 B 140ms
110ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.bigmir.net/cnt/samples/diagonal/b63_center.gif
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 2059f756997646c5b2bd6ecb3a6dbf2adf2abf5bb539ce85b70b7cfe3e3a875a

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 15:53:25 GMT
Last-Modified: Tue, 23 Jan 2007 13:14:29 GMT
Server: nginx
ETag: "45b60a35-4f"
Content-Type: image/gif
Cache-Control: max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 79
Expires: Sat, 01 May 2021 15:53:25 GMT

GET
H/1.1 200
OK b63_bottom.gif
i.bigmir.net/cnt/samples/diagonal/ 66 B
389 B 145ms
115ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.bigmir.net/cnt/samples/diagonal/b63_bottom.gif
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: ea48ff66aeaeae93967e366c01cbad544952d4c9fef193625bc89b536b1a9b1c

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 15:53:25 GMT
Last-Modified: Tue, 23 Jan 2007 13:14:29 GMT
Server: nginx
ETag: "45b60a35-42"
Content-Type: image/gif
Cache-Control: max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 66
Expires: Sat, 01 May 2021 15:53:25 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=norvegus.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 15:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=norvegus.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 15:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 39ms
38ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fnorvegus.ru%2F&tn=DIV&cls=furjbqy&ign=false

Requested by

Host: norvegus.ru
URL: http://norvegus.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Apr 2021 15:53:25 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4D7A 0
178 B 15ms
15ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3790188951452722&output=html&adk=84980950&adf=198458457&lmt=1619625204&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fnorvegus.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1619625204985&bpp=2&bdt=12260&idt=3&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C208x600%2C208x600&nras=1&correlator=1194733360476&frm=20&pv=1&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H_52xwqca7jus6zXoPWptn1I2vKs4gcL00ZY6w45KOihaN-9B9Pk2X71W4JIqqOn5vgkNs1vV40G6MQ7A%2CAGkb-H_fGpZs2F7C8xWc92guM7HVzF6RwehIC4Ay4fzgKkdc_GWucm520qYYaTkBNRhnPy5f_-2f3shQ8IBhew%2CAGkb-H9m3mcmG2wLjy5m1Vy2yQd5yurrSKPLkvRbElvx87BNi9UMQw41IqDyZLsRryOM7S_vF35XiblIocRlRw&pvsid=1995537329768029&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&dtd=12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3790188951452722&output=html&adk=84980950&adf=198458457&lmt=1619625204&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fnorvegus.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1619625204985&bpp=2&bdt=12260&idt=3&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C208x600%2C208x600&nras=1&correlator=1194733360476&frm=20&pv=1&ga_vid=1505289123.1619625193&ga_sid=1619625193&ga_hid=299863043&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H_52xwqca7jus6zXoPWptn1I2vKs4gcL00ZY6w45KOihaN-9B9Pk2X71W4JIqqOn5vgkNs1vV40G6MQ7A%2CAGkb-H_fGpZs2F7C8xWc92guM7HVzF6RwehIC4Ay4fzgKkdc_GWucm520qYYaTkBNRhnPy5f_-2f3shQ8IBhew%2CAGkb-H9m3mcmG2wLjy5m1Vy2yQd5yurrSKPLkvRbElvx87BNi9UMQw41IqDyZLsRryOM7S_vF35XiblIocRlRw&pvsid=1995537329768029&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&dtd=12
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://norvegus.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://norvegus.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 28 Apr 2021 15:53:25 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Apr-2021 16:08:25 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Apr 2021 15:53:25 GMT
cache-control: private

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=299863043&t=pageview&_s=1&dl=http%3A%2F%2Fnorvegus.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%B0%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%83%D1%8E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=407980606&gjid=2113213551&cid=1505289123.1619625193&tid=UA-76762335-1&_gid=1440750045.1619625205&_r=1&_slc=1&z=737206078

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 15:53:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://norvegus.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 digits
openstat.net/ 959 B
1 KB 127ms
96ms Image
image/png 138.201.187.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://openstat.net/digits?cid=2199860&ls=0&ln=5081&tc=458efc
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 138.201.187.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: aa54de7ec02b889ea84a0026fc642be6375f907c13440ccf6fdd6fb93e6700ab

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 15:53:25 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Last-Modified: Wednesday, 28-Apr-2021 15:53:25 UTC
Server: nginx
Connection: keep-alive
Content-Length: 959
Content-Type: image/png

GET
H/1.1 200 cnt
openstat.net/ 68 B
490 B 120ms
89ms Image
image/png 138.201.187.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://openstat.net/cnt?cid=2199860&c=1&fr=1&fl=&px=24&wh=1600x1200&j=N&t=-120&h5=110111&pg=http%3A%2F%2Fnorvegus.ru%2F&r=&title=%D0%9D%D0%B0%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%83%D1%8E&rn=0.7589089495736763
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 138.201.187.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 15:53:25 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Last-Modified: Wednesday, 28-Apr-2021 15:53:25 UTC
Server: nginx
Connection: keep-alive
Content-Length: 68
Content-Type: image/png

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9257.e-nUPwYJ6ROf65p3sdOIhSEmcve2m7o7vrcb7vgTjsjQ7k2ZuAuufBP1GoZjTqbq.8LVac33v0sOqq0z4zlXlptX3TRk%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9257._s06t-hu_e5y5cvII4JADiwCztvtDB-PI8Qlq88LFWsoc_fTzvnq7tg0XouyEma9F6yZNUyc9TS8gwkI4peWew%2C%2C.T0gcbakixWxyT-wMwViOsYLxrqU%2C

75 B
75 B

49ms
48ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9257._s06t-hu_e5y5cvII4JADiwCztvtDB-PI8Qlq88LFWsoc_fTzvnq7tg0XouyEma9F6yZNUyc9TS8gwkI4peWew%2C%2C.T0gcbakixWxyT-wMwViOsYLxrqU%2C

Requested by

Host: norvegus.ru
URL: http://norvegus.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:53:25 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9257._s06t-hu_e5y5cvII4JADiwCztvtDB-PI8Qlq88LFWsoc_fTzvnq7tg0XouyEma9F6yZNUyc9TS8gwkI4peWew%2C%2C.T0gcbakixWxyT-wMwViOsYLxrqU%2C
date: Wed, 28 Apr 2021 15:53:25 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 49ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: norvegus.ru
URL: http://norvegus.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:53:25 GMT
last-modified: Wed, 28 Apr 2021 11:08:40 GMT
etag: "6087d5b3-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Apr 2021 16:53:25 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 6ms
5ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 07:36:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 116205
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Wed, 27 Apr 2022 07:36:40 GMT

GET
H3-29 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame C536 18 KB
3 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3272
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 28 Apr 2021 15:58:53 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
914 B 7ms
7ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: norvegus.ru
URL: http://norvegus.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 17:21:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 81119
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Wed, 27 Apr 2022 17:21:26 GMT

GET
H2 200 cleardot.gif
www.google.com/images/ 43 B
134 B 13ms
13ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Requested by

Host: norvegus.ru
URL: http://norvegus.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 15:53:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 l Show response
translate.googleapis.com/translate_a/ Frame 65C1 3 KB
961 B 17ms
16ms Script
application/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WhEQAXpK+Xt5isVHpEEKtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-WhEQAXpK+Xt5isVHpEEKtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
date: Wed, 28 Apr 2021 15:53:25 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/36945200/
Redirect Chain

https://mc.yandex.com/watch/36945200?wmode=7&page-url=http%3A%2F%2Fnorvegus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A717%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%...
https://mc.yandex.com/watch/36945200/1?wmode=7&page-url=http%3A%2F%2Fnorvegus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A717%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U...

203 B
284 B

50ms
49ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/36945200/1?wmode=7&page-url=http%3A%2F%2Fnorvegus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A717%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A503%3Acn%3A1%3Adp%3A0%3Als%3A1497886297181%3Ahid%3A221531087%3Az%3A120%3Ai%3A20210428175325%3Aet%3A1619625205%3Ac%3A1%3Arn%3A340414533%3Au%3A1619625205179747752%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1619625192460%3Ads%3A0%2C42%2C221%2C42%2C0%2C0%2C%2C12259%2C16%2C%2C%2C%2C12525%3Adsn%3A1%2C42%2C220%2C42%2C0%2C0%2C%2C12219%2C16%2C%2C%2C%2C12525%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1619625205%3At%3A%D0%9D%D0%B0%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%83%D1%8E

Requested by

Host: norvegus.ru
URL: http://norvegus.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0f688e1c91406315c89d0137a4723fe12a4b3d988eac34ac7d6144e4cce5e913

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 15:53:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 28-Apr-2021 15:53:25 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://norvegus.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 203
x-xss-protection: 1; mode=block
expires: Wed, 28-Apr-2021 15:53:25 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Apr 2021 15:53:25 GMT
last-modified: Wed, 28-Apr-2021 15:53:25 GMT
location: /watch/36945200/1?wmode=7&page-url=http%3A%2F%2Fnorvegus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A717%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A503%3Acn%3A1%3Adp%3A0%3Als%3A1497886297181%3Ahid%3A221531087%3Az%3A120%3Ai%3A20210428175325%3Aet%3A1619625205%3Ac%3A1%3Arn%3A340414533%3Au%3A1619625205179747752%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1619625192460%3Ads%3A0%2C42%2C221%2C42%2C0%2C0%2C%2C12259%2C16%2C%2C%2C%2C12525%3Adsn%3A1%2C42%2C220%2C42%2C0%2C0%2C%2C12219%2C16%2C%2C%2C%2C12525%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1619625205%3At%3A%D0%9D%D0%B0%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%83%D1%8E
strict-transport-security: max-age=31536000
access-control-allow-origin: http://norvegus.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 28-Apr-2021 15:53:25 GMT

GET
H3-29 200 te_ctrl3.gif
translate.googleapis.com/translate_static/img/ 1 KB
1 KB 6ms
6ms Image
image/gif 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.googleapis.com/translate_static/img/te_ctrl3.gif

Requested by

Host: norvegus.ru
URL: http://norvegus.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 08:40:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 112377
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1412
x-xss-protection: 0
expires: Wed, 27 Apr 2022 08:40:28 GMT

GET
H/1.1 200
OK icons.png
norvegus.ru/templates/jblank/js/ 9 KB
9 KB 42ms
42ms Image
image/png 2a0c:680:0:9838::1
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://norvegus.ru/templates/jblank/js/icons.png
Requested by: Host: norvegus.ru
URL: http://norvegus.ru/
Protocol: HTTP/1.1
Server: 2a0c:680:0:9838::1 , Ukraine, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: a678d281c5bc44caf00d79beb9582a2b7f342f74c316b80b12f9db5593394273

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: norvegus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://norvegus.ru/
Cookie: www.intergid.ru=1; _ga=GA1.2.1505289123.1619625193; _gid=GA1.2.1440750045.1619625205; _gat=1; _ym_uid=1619625205179747752; _ym_d=1619625205; _ym_isad=2
Connection: keep-alive
Cache-Control: no-cache
Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: wn15398:0.000/
Last-Modified: Thu, 24 Mar 2016 19:42:20 GMT
Server: nginx
ETag: "56f4431c-22ec"
Content-Type: image/png
Date: Wed, 28 Apr 2021 15:53:26 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8940

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 17ms
17ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210426&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c8c8047c925450ea329128d7d2809e8600f222a28756ed9a638ef5f4aec0ad9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 15:53:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6928
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:53:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 28 Apr 2021 15:53:26 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 8D07 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://norvegus.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://norvegus.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 28 Apr 2021 15:39:32 GMT
expires: Thu, 28 Apr 2022 15:39:32 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 834
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D07 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

903464b17d96c387bfc4d0a5032201b780d3b4c2f80c6920cf39036acd4dee01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 2902
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5651
x-xss-protection: 0
expires: Thu, 28 Apr 2022 15:05:04 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210426&jk=1995537329768029&bg=!CwilCEzNAAZLnZBaS507ACkAdvg8WtvfaEheWwXpxkeOay5oDYLzDMSN4m1x3_QjEtIj4b6FOLfsLQIAAABTUgAAAAxoAQcKAA8r-rzp-fxAozVq8H01ZNaZAisr8XCYHNQgZ6AuRdjfvehGMRfEpUPSG_ik8XPoPyK4VjkJInikzKQQxD0P4BANjV9O3esbAa4MRl_jfovi9E6UXmUU7aZWkXTnQQCpHU8KB1dymZxZfFbn5NqDg3AsieZveHXQWtDDjG4aTLIA5SaqJjfYkuuFtNOVCCi56VLMVnuqyCgKr1LA_9TaRle1A69ZA5ZoSQX1Eb0HzPvkPOZRSlKJkTCeyZdaJbSqa6308lYj9EJtoCr7s5T0YdVOF-kKUjK9MaQOSwZro2REAJemOokqg9NA9aJlZN5nw2IfYkqbav5N0CW7klrOEaw_sGhCOuXJ86HREFzAarKnBNHXa81M8t1V3ZpuDFd4iDUZ8Rm8DZ10Md8Y0VHDgLyHcCJuRvU2qrk3yvbZpmLAaINAYb2wQehQY6IFW2OeqFgsC6-4XOuUwlCek9xcD4dZ6xdeXpugl40e4ex0Kne1Z4orveMAZvGLBIj2eVRTeAtOenmYj6er8VeA1xbRYjYcMhfiMgkng7Zb6uAVacZwc92wkEWuHJ62QDWX6gaBjQTwwxeQfDmKO9MRinsaqSrfVcA21wzs16vc_ESctRNjJRyRTHEwQkOP-lMoeZAwXMd0WHY2jTlz2YWf1s4qzRhyz0w8SGvwi2aeomCI05ZGYaQwBLy-3PAm8h0m1LlFEiiEyHjl0j2-f6j1JRUg-WV4JKxNJGdYu9Ancl6PVnzG5xUOs_zHgPVJGlbwpRs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://norvegus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 15:53:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lite.piclens.com
URL: http://lite.piclens.com/current/piclens.js

Domain: weatherandtime.net
URL: http://weatherandtime.net/swfobject.js

Domain: b31x31c.ws.md
URL: http://b31x31c.ws.md/c.png?i=405&p=13

Verdicts & Comments Add Verdict or Comment

233 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.norvegus.ru/	1970-01-19 17:54:57	Name: _ym_isad Value: 2
.norvegus.ru/	1970-01-20 02:39:21	Name: _ym_d Value: 1619625205
.norvegus.ru/	1970-01-20 02:39:21	Name: _ym_uid Value: 1619625205179747752
.norvegus.ru/	1970-01-19 17:53:45	Name: _gat Value: 1
.norvegus.ru/	1970-01-19 17:55:11	Name: _gid Value: GA1.2.1440750045.1619625205
.norvegus.ru/	1970-01-20 11:24:57	Name: _ga Value: GA1.2.1505289123.1619625193
.doubleclick.net/	1970-01-19 17:53:46	Name: test_cookie Value: CheckForPermission
norvegus.ru/	1969-12-31 23:59:59	Name: www.intergid.ru Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
b31x31c.ws.md
c.bigmir.net
counter.rambler.ru
counter.yadro.ru
d0.cc.bf.a1.top.mail.ru
dmg.digitaltarget.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hit39.hotlog.ru
i.bigmir.net
kraken.rambler.ru
lite.piclens.com
log.reformal.ru
m.exactag.com
mc.yandex.com
mc.yandex.ru
nano.aviasales.ru
norvegus.ru
openstat.net
pagead2.googlesyndication.com
partner.googleadservices.com
reformal.ru
s3.amazonaws.com
sync.1dmp.io
top-fwz1.mail.ru
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
weatherandtime.net
www.calend.ru
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.intergid.ru
b31x31c.ws.md
lite.piclens.com
weatherandtime.net
138.201.187.103
139.162.151.130
142.250.186.66
185.15.175.131
193.239.68.97
193.239.71.100
212.109.216.124
217.69.133.145
23.105.252.234
2a00:1450:4001:800::2004
2a00:1450:4001:801::2003
2a00:1450:4001:802::200a
2a00:1450:4001:802::200e
2a00:1450:4001:803::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a02:6b8::1:119
2a0c:680:0:9838::1
52.216.139.101
81.19.89.18
85.14.248.72
88.212.201.216
89.208.236.251
95.213.162.139
95.216.101.186
04653180fc14a9d7c0fcd1c9ae5b0402b4f8052d38565a2aa9ad70ef2fbb46b0
0c4dbf002d57f00601a99ec9589cae9bb49d75516cf51b733ef120e440a7fe0a
0cc7088b335b30f7b1fa0903bc8aa143b11cb8408032d62d28d5ab768cc68c88
0f688e1c91406315c89d0137a4723fe12a4b3d988eac34ac7d6144e4cce5e913
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
164bb550f3cceb8f589edafb3d704da7043036de3b21d7fcd486dd62e96668fb
173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1e6bf8bb9809db4d24854b2b346006f79aa600f943ebf6fc336f0b9358504f79
1f256ace3b3833faf082207fce8e3ee00b97a0af8ab026ff4923c06a2a1eb74b
2059f756997646c5b2bd6ecb3a6dbf2adf2abf5bb539ce85b70b7cfe3e3a875a
2937baab83048cff5b7465ca79e614b72578a119c64122571625f2bf40eee1ee
29a6397140ba9a3a632d424cf9814d6544c5e7c9c2430f457a8c9b98173ac8f3
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2de032778a0160c0ea744377373f816bf9eba8b06f80dc8113140c55b14941f6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ebf9e485acec2328b39df7ec3bd82407348d18c8e99d4de5c1db40b2fb2e11e
3101dc80b0ca644d216c5f12525425e24af2e77a49a1016139bb9c1ebf481e47
338db5f08af18657fe4cc1a762d942e74860d723ae3281dda77ba59ff5bafaf7
35bdead3bf301c78c55f3b2c78ee4002b9f3ada88040fb4a527a8963053cc682
3bd1b633f00e899217e1171ce740b4a10b12c3b1caf2b868619c104a4323f45b
3f771587cdb45ea53ec8681cfcd9c49550eff50746cc24bf5988eefeb3bef899
4062cdddcf37cdbfdadff32db92735892becd4591a3975082595d4c433fcdb7a
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42e79813103d0cb6cb5aae999bcf816d67135f70e8f37a3f33ddfa018ad5a279
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
474a75f56daf3caeb461155e3a5e1decc4c271c1cb3703cb3b12a7324352f922
4792e08463db34e7477fdc40c276ce77487c0f1dc241c61293e4a16bd4073ac1
47f057685399f7e84184744130841250c124669e305ec0bc0a68819da7aee6d6
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4aaca63f5e3435fe5211494a7c7eacb3708ce1f68fb8a382b1690b3ac990f9c6
4c7395ccfd966ac894aeaafe6ba23aab8d0cb100268c8a5b5c3a782d8373dafd
4e820f7c7a2bf3bac28df16ffe8eeb675c8a19e3e798d3dbf333b239ac412cb7
4ecb25b24fa3a822dd3ce75caa3a23185b163137780263b4a0baa25ac448ce6c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
555a15deb340eba4bb734c99f86e933f608d7ebb7b556442e6f9d3ab43df6d87
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5b968ff4525d27e0f40fb36b65da91cab8a6362dc0a77026cdf730ef25cf0e51
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5e9f6ef0051b14e78eb6f79d74fe0b65c0a6fd03e16d1434e220f031c7280a35
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
5fe084328c9d2b7612b6e7c739946752c5326ece5a1566a41531f3efff175321
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511
6463a387875d5e1d6690cdec4013fb3b549b3cf76ae457bab207143843dbba5c
6815741fca3b2d1d0cbbc28c41ab76b057ec239cc29b30557f07329bcb02d4e8
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6be70110418f9738ca23c6d61d73ce3c0cb01087843c96de5ced119c5ab882c6
6c80173dc0fb0da0c7818a024051709d053f6c261b0caded3caa9d80e75ed81c
6c8c8047c925450ea329128d7d2809e8600f222a28756ed9a638ef5f4aec0ad9
6de55ace34a7df36f031919d821b7c37dbac5770b6924d122c21256db8e379c1
71f545828f51983f457ba4b8783f078935dd6a133b2cc420261c201b1a85cf15
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7331bfe5f1a8a8a23243c34e35b8d4ccdb6df86cfb3acfabaae9b03c4a67f872
80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8731cdbcfb47bac1d3f240a403682919587dfeba20ceb661a201e6ebc76adf90
8bfede4458aed2ffc0287117183d2646773b4acce2579c51c2e623f399af63e0
8e78bdce36b4d48a69964183326bc0e37bb55bd3f4104883f1e23edf7601bd26
903464b17d96c387bfc4d0a5032201b780d3b4c2f80c6920cf39036acd4dee01
90958b9774bcfcadfaaa3d00822bda9fd29e5d117869f154e39e394c6d4fecf4
92a499b6c4add62d1765aa921264c916a472ad022ec957c1f9912fa124f6fd0a
9604cabfc7b7292a789a99bf0ce0f4ae2c401df2626f8e8b300327d0a656ecfc
973766985aa550284dc3001f74297e9697084aacde7fc72cb1c0eddbc087b329
99e3cbc3e2db4ece0e5fbf0caada6c5ae2e59903f747b697f65585ee31cc94f2
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0636ba0b78f5c775e843962f3ab414e4b74ea703446cabb5c44c6ca07ee13b0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a359725c7a6a0414156e5d83c3b7e59307798ae63a99ad055bbe731fc2c577
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a678d281c5bc44caf00d79beb9582a2b7f342f74c316b80b12f9db5593394273
aa54de7ec02b889ea84a0026fc642be6375f907c13440ccf6fdd6fb93e6700ab
ab690b1f452efeab260cb8749a955729e9de719852249722a908bfd359fb7020
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5ffc5fb2d777c92891154255f475de5dac0da649985dccb97c9878f28ebaf81
b62d945b5c0e379c0edce8d106220c5ffb2d03d4c0b3c5b1a483926d60b04835
b92b04e5d7e694a32780334c1bc5c37e171a9c7a8602311a27325a9b2d317045
befa61beb93ec4ff1c7b8c6f2f464ec6acef63f8ac4b664901bfef0e347209d1
c04a02dd0d70981f422b592b1d6fb494bbdcc9c38f3b96831624d2f0fc128109
c2f6c457ae284b04338ea0840597c6cd3c361d854a9f186e42df1ccf2813e5b8
c4cc5c97cd7777835337f8ad99d8970d3aa5ae940e226af31ca7a5e5a6a63a83
c57d35392e5a1fd0d6871cbcb447c97b44ba080c4e147a0f1ff3f4f10752790f
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c8cfedbeb066c2681d885d89dd54e8f0460e6eef93b1dbe6d6b2ea4aa6c0f64d
ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c
d16422823d21851de3257ec598413ec59857b8959b73391d1d851df01aefc8b0
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
d3ac007d6b68ee37b7f3558c8b8dd0d28bf8fe4f0875637fc2deedadfea9299d
d4c593117bfecb4fd893d871e8f8e1e305fccce9135ca0e1d5d5ffe3588e0222
d50887ce55421ad85f04a5639e736e482849bce239ba532fd89e1c08cea55b15
d69744850df8301dd2173892c6bec8178fe8b553541f0301305c214ef822ca19
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d13a315184e4cc69d5c495682f8e5539478b0f7331165dc63e9aa4f224add0
e7a38cc1a5c8f49083b2e0da92bf7f25ffc133c528cf0ea7f1dc1277a5601b94
e9e763770b358c70e6d4d8b4cc2293d162b414fc08adcf657c5048c3202473c9
ea48ff66aeaeae93967e366c01cbad544952d4c9fef193625bc89b536b1a9b1c
eb2c942b50e09931b27431acbe8e87bce0426ba51ae54b0242182ddcdfbee681
ed8f120343683850762fc8fb5e8ee8dc3586a2ad7da5c12ca31ef125628cb15b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef73bb77ed3ce3b99d4cdb94ab199fd37775c15325057c1f8965e0081fe89c53
f1a7b3753495b2d7e78e4c1da2fb3c1d1f65c371aeff5906f890fc62107e8ac9
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f40211594cbb0ea5d1a0928cd611059feecd816e00ce0e0012e8f79d4e424e15
f72a495f58ffd37b3b62fc476c38d8b4584076002e99c55590858f26090cbc1e
fbdd33cafac58bc1319f9cabe62541790ed359e83a4cd2fa177946e867b9562f
fbf9f74096b5037dedf9eda78d71e05d57aaf871eccad834663aa0d900acce3c
fcc66d6387e4682b649af7001609930ccd88ff3e1a4c0f293ff81415e75a0c8f

norvegus.ru Open in urlscan Pro 2a0c:680:0:9838::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

148 Requests

56 %HTTPS

53 %IPv6

29 Domains

38 Subdomains

33 IPs

5 Countries

3117 kBTransfer

4434 kBSize

8 Cookies

12 Outgoing links

Redirected requests

148 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

norvegus.ru Open in urlscan Pro
2a0c:680:0:9838::1 Public Scan

Screenshot
Live screenshot

Full Image

148
Requests

56 %
HTTPS

53 %
IPv6

29
Domains

38
Subdomains

33
IPs

5
Countries

3117 kB
Transfer

4434 kB
Size

8
Cookies

148 HTTP transactions
5 data transactions