urlscan.io logo urlscan.io
SecurityTrails logo

nordot.app Open in urlscan Pro
2001:4860:4802:32::15  Public Scan

Go To Rescan Add Verdict Report
URL: https://nordot.app/885617193202221056
Submission: On April 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 47 IPs in 6 countries across 37 domains to perform 129 HTTP transactions. The main IP is 2001:4860:4802:32::15, located in United States and belongs to GOOGLE, US. The main domain is nordot.app. The Cisco Umbrella rank of the primary domain is 248033.
TLS certificate: Issued by GTS CA 1D4 on February 14th 2022. Valid for: 3 months.
This is the only time nordot.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42:400... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
6 119.63.193.220 38627 (BAIDUJP B...)
3 35.190.62.199 15169 (GOOGLE)
7 142.250.185.226 15169 (GOOGLE)
7 65.9.66.173 16509 (AMAZON-02)
1 143.204.98.30 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.101.129.194 54113 (FASTLY)
1 23.35.236.201 16625 (AKAMAI-AS)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 216.52.2.19 30282 (AS-INAPCD...)
6 202.233.84.2 131957 (MICROAD M...)
4 37.252.172.123 29990 (ASN-APPNEX)
5 35.244.159.8 15169 (GOOGLE)
6 35.157.246.167 16509 (AMAZON-02)
4 204.237.133.116 62713 (AS-PUBMATIC)
4 119.63.198.143 38627 (BAIDUJP B...)
1 2a00:1450:401... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:224... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 141.95.99.211 16276 (OVH)
1 3.248.131.63 16509 (AMAZON-02)
1 52.10.19.115 16509 (AMAZON-02)
1 52.223.40.198 16509 (AMAZON-02)
2 119.63.198.176 38627 (BAIDUJP B...)
1 35.227.239.69 15169 (GOOGLE)
2 2620:116:800d... 16509 (AMAZON-02)
1 3 108.157.4.80 16509 (AMAZON-02)
1 2600:9000:231... 16509 (AMAZON-02)
1 2a03:2880:f02... 32934 (FACEBOOK)
2 52.200.232.80 14618 (AMAZON-AES)
5 119.63.198.188 38627 (BAIDUJP B...)
1 119.63.197.136 38627 (BAIDUJP B...)
2 3 192.82.242.208 62713 (AS-PUBMATIC)
1 1 142.250.185.130 15169 (GOOGLE)
1 1 185.64.189.110 62713 (AS-PUBMATIC)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
129 47
7    2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)
nordot.app
2    2a00:1450:4001:829::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
3    2a04:4e42:400::393 (United States)

ASN54113 (FASTLY, US)
nordot-res.cloudinary.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    2a00:1450:4001:82f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
log.nordot.jp
6    119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
api.popin.cc
3    35.190.62.199 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 199.62.190.35.bc.googleusercontent.com
ancientact.com
7    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
7    65.9.66.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-173.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    143.204.98.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-30.fra50.r.cloudfront.net
static.solutionshindsight.net
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    151.101.129.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
1    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
4    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
6    202.233.84.2 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
s-rtb-pb.send.microad.jp
4    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
didna-d.openx.net
u.openx.net
6    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
4    204.237.133.116 (West Chester, United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
log.popin.cc
1    2a00:1450:4014:80b::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fb147623433f69633503ad3e60be8353.safeframe.googlesyndication.com
tpc.googlesyndication.com
1    2600:9000:224a:6400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    141.95.99.211 (France)

ASN16276 (OVH, FR)
PTR: ns3213278.ip-141-95-99.eu
id5-sync.com
1    3.248.131.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-131-63.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    52.10.19.115 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-19-115.us-west-2.compute.amazonaws.com
id.sharedid.org
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    119.63.198.176 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
jp.popin.cc
1    35.227.239.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 69.239.227.35.bc.googleusercontent.com
storage.didna.io
2    2620:116:800d:21:fcb8:22d2:d390:5f1b (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
3    108.157.4.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-80.dus51.r.cloudfront.net
sb.scorecardresearch.com
1    2600:9000:2315:e000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a03:2880:f02d:e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
graph.facebook.com
2    52.200.232.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-232-80.compute-1.amazonaws.com
in.treasuredata.com
5    119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
r.popin.cc
rlog.popin.cc
1    119.63.197.136 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
inrecsys.popin.cc
3    192.82.242.208 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
4    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
18 popin.cc
api.popin.cc — Cisco Umbrella Rank: 22742
log.popin.cc — Cisco Umbrella Rank: 26673
jp.popin.cc — Cisco Umbrella Rank: 153609
r.popin.cc — Cisco Umbrella Rank: 25930
rlog.popin.cc — Cisco Umbrella Rank: 47803
inrecsys.popin.cc — Cisco Umbrella Rank: 27195
128 KB
9 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 461
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 457
image8.pubmatic.com — Cisco Umbrella Rank: 605
image2.pubmatic.com — Cisco Umbrella Rank: 898
57 KB
8 googlesyndication.com
fb147623433f69633503ad3e60be8353.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
tpc.googlesyndication.com — Cisco Umbrella Rank: 128
39 KB
8 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
155 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 302
41 KB
7 nordot.app
nordot.app — Cisco Umbrella Rank: 248033
36 KB
6 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 846
773 B
6 microad.jp
s-rtb-pb.send.microad.jp — Cisco Umbrella Rank: 83119
2 KB
6 nordot.jp
log.nordot.jp — Cisco Umbrella Rank: 428603
12 KB
5 openx.net
didna-d.openx.net — Cisco Umbrella Rank: 44791
u.openx.net — Cisco Umbrella Rank: 709
942 B
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 248
5 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 607
3 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 383
mug.criteo.com — Cisco Umbrella Rank: 2668
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 137
2 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 77
www.google.com — Cisco Umbrella Rank: 4
2 KB
3 ancientact.com
ancientact.com — Cisco Umbrella Rank: 293413
27 KB
3 cloudinary.com
nordot-res.cloudinary.com — Cisco Umbrella Rank: 273177
85 KB
3 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 492
ajax.googleapis.com — Cisco Umbrella Rank: 282
196 KB
2 treasuredata.com
in.treasuredata.com — Cisco Umbrella Rank: 4125
1 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 975
pixel.quantserve.com — Cisco Umbrella Rank: 423
10 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 7579
914 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1879
24 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1576
76 KB
1 facebook.com
graph.facebook.com — Cisco Umbrella Rank: 114
637 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 903
346 B
1 didna.io
storage.didna.io — Cisco Umbrella Rank: 71826
3 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 355
539 B
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 4517
210 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1709
334 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 699
527 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 565
483 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 436
2 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
1 solutionshindsight.net
static.solutionshindsight.net — Cisco Umbrella Rank: 27892
24 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 238
6 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
0 britepool.com Failed
px.britepool.com Failed
api.britepool.com Failed
129 37
Domain Requested by
7 c.amazon-adsystem.com storage.googleapis.com
c.amazon-adsystem.com
7 securepubads.g.doubleclick.net storage.googleapis.com
securepubads.g.doubleclick.net
7 nordot.app nordot.app
6 c2shb.ssp.yahoo.com storage.googleapis.com
6 s-rtb-pb.send.microad.jp storage.googleapis.com
6 api.popin.cc nordot.app
api.popin.cc
6 log.nordot.jp nordot.app
log.nordot.jp
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 rlog.popin.cc nordot.app
4 log.popin.cc nordot.app
4 hbopenbid.pubmatic.com storage.googleapis.com
4 didna-d.openx.net storage.googleapis.com
4 ib.adnxs.com storage.googleapis.com
4 ap.lijit.com storage.googleapis.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 image8.pubmatic.com 2 redirects nordot.app
3 sb.scorecardresearch.com 1 redirects storage.didna.io
3 ancientact.com nordot.app
ancientact.com
3 nordot-res.cloudinary.com nordot.app
2 in.treasuredata.com api.popin.cc
2 jp.popin.cc api.popin.cc
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 script.4dex.io storage.googleapis.com
script.4dex.io
2 mug.criteo.com nordot.app
2 gum.criteo.com 1 redirects
2 confiant-integrations.global.ssl.fastly.net nordot.app
confiant-integrations.global.ssl.fastly.net
2 storage.googleapis.com nordot.app
storage.googleapis.com
1 www.google.com tpc.googlesyndication.com
1 image2.pubmatic.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 u.openx.net nordot.app
1 inrecsys.popin.cc nordot.app
1 r.popin.cc nordot.app
1 graph.facebook.com api.popin.cc
1 pixel.quantserve.com storage.didna.io
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com storage.didna.io
1 storage.didna.io nordot.app
1 match.adsrvr.org ads.pubmatic.com
1 id.sharedid.org ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 static.adsafeprotected.com nordot.app
1 fb147623433f69633503ad3e60be8353.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net storage.googleapis.com
1 ads.pubmatic.com nordot.app
1 www.google-analytics.com nordot.app
1 static.solutionshindsight.net storage.googleapis.com
1 cdnjs.cloudflare.com nordot.app
1 ajax.googleapis.com nordot.app
0 api.rlcdn.com Failed ads.pubmatic.com
0 api.britepool.com Failed ads.pubmatic.com
0 px.britepool.com Failed nordot.app
129 54
Subject Issuer Validity Valid
nordot.app
GTS CA 1D4		 2022-02-14 -
2022-05-15		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2020-05-27 -
2022-06-22		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
log.nordot.jp
GTS CA 1D4		 2022-02-20 -
2022-05-21		 3 months crt.sh
*.popin.cc
DigiCert Secure Site Pro CN CA G3		 2021-10-22 -
2022-10-22		 a year crt.sh
ancientact.com
R3		 2022-04-04 -
2022-07-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
solutionshindsight.net
Amazon		 2022-01-20 -
2023-02-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2021-10-06 -
2022-11-07		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.google.de
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
id.sharedid.org
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
storage.didna.io
GTS CA 1D4		 2022-02-13 -
2022-05-14		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-04-18		 3 months crt.sh
*.treasuredata.com
Amazon		 2021-09-17 -
2022-10-16		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://nordot.app/885617193202221056
Frame ID: C6C2C1A9BF9D68EEB01E4938672C67FE
Requests: 114 HTTP requests in this frame

Frame: https://fb147623433f69633503ad3e60be8353.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DCBF84C4888E500D2E6B335B3DEF15DA
Requests: 1 HTTP requests in this frame

Frame: https://storage.didna.io/didna_trackers.html
Frame ID: 5F225A29C11C5E891B89582A36DFC114
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8A66A32172B5B7AE3BB10895F587B113
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7BCBF522762153F6420D61AFEDA9F1D1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ロシア、子ども12万人連れ去り ウクライナが主張 | 共同通信nordotLogo

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

129
Requests

93 %
HTTPS

42 %
IPv6

37
Domains

54
Subdomains

47
IPs

6
Countries

961 kB
Transfer

2939 kB
Size

27
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnordot.app%2F&domain=nordot.app&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=FGCYFHxNYm13QTVpQVZGbXlxWkdqRi95LzVMVGFNTGNEVHNQendlK3dxNklHWmlEQlhBNjJwQ3JxaDBEYm1FMzNXalI3amdFTm4ybGNNMEk0YWczK1BzNnp0Qk1yWURNMFZqZWFQaXFNdkNxNVNZN0lIbnpBYklyVlRGQjNUTGs0WmpxS1dsMXBKN3NWU01CakRueGU0ZUttOE0xN1JOMlE4S1lpckV4ZG5sc0NERmEzNHZhVDNXWmFuUm8yT09DRFV3bWZxdGVBUDA2U0xhdjk5L2xkSWlURVNSV0JmQkZWM0dCbERzNFVtMnYyRERrPXw&cppv=2
Request Chain 101
  • https://sb.scorecardresearch.com/b?c1=2&c2=27875916&ns__t=1649679220774&ns_c=UTF-8&ns_if=1&cv=3.5&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c9=https%3A%2F%2Fnordot.app%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=27875916&ns__t=1649679220774&ns_c=UTF-8&ns_if=1&cv=3.5&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c9=https%3A%2F%2Fnordot.app%2F
Request Chain 115
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159745 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159745&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDhCMDQ3RUYtRjdEOS00QkI0LTk1NDgtQTdFQzFCOUE4MTA5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

129 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 885617193202221056
nordot.app/ 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nordot.app/885617193202221056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c03a6775fa5c252225c265947633ff860ce3859f0a408af7e7871d471ab7e3c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
13327
content-type
text/html; charset=UTF-8
date
Mon, 11 Apr 2022 12:13:36 GMT
server
Google Frontend
vary
Accept-Encoding User-Agent
x-cloud-trace-context
4b493758942101843d119d47d0dac376
didna_config.js
storage.googleapis.com/didna_hb/nordot/nordot/ 		21 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b69a8e8537dd94ac9f5b31c30027378b8ce391b803766078bfb27121e9a3f137

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
x-guploader-uploadid
ADPycduGcyA0YbbuoOzNHBFoIMTahOzFL6z-hOpO4egNKu_fE4l423NMhox1QqIjYGQFyrUpXnYOEjpclv6krDqtu6XfXwCstgq3
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21627
last-modified
Wed, 23 Feb 2022 18:02:12 GMT
server
UploadServer
etag
"d171ca6685ec4dcf148b6926d5a5513f"
x-goog-hash
crc32c=GilxXg==, md5=0XHKZoXsTc8Ui2km1aVRPw==
x-goog-generation
1645639332612130
cache-control
no-store
x-goog-stored-content-length
21627
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 11 Apr 2023 12:13:37 GMT
posts_detail.css
nordot.app/images/newsnor/kiji/css/pc/ 		42 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nordot.app/images/newsnor/kiji/css/pc/posts_detail.css?1649391175
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
7f73ee585e817432c0d98736b26ed2301b1a13eaa60596380425554f15b171e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/885617193202221056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
content-encoding
gzip
server
Google Frontend
age
0
etag
"eW6GPA"
content-type
text/css
x-cloud-trace-context
7d50ae88c5606fdd42df4353d76f0397
cache-control
public, max-age=1
content-length
11076
expires
Mon, 11 Apr 2022 12:13:38 GMT
header_13.png
nordot-res.cloudinary.com/f_auto,q_auto:eco/ch/units/39166665832988672/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordot-res.cloudinary.com/f_auto,q_auto:eco/ch/units/39166665832988672/header_13.png
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
f10ab824acc419ad38dda5f5cd8f4b0156a181da4a113acc11ee820caff50140
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="header_13.webp"
server-timing
fastly;dur=1;cpu=0;start=2022-04-11T12:13:37.395Z;desc=hit,rtt;dur=6
vary
Accept,User-Agent
content-length
1820
last-modified
Mon, 06 Jul 2020 01:13:21 GMT
server
Cloudinary
etag
"e8082963543a54f53c2a0931b4d61483"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
origin_1.jpg
nordot-res.cloudinary.com/c_limit,w_800,f_auto,q_auto:eco/ch/images/885662442675257344/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordot-res.cloudinary.com/c_limit,w_800,f_auto,q_auto:eco/ch/images/885662442675257344/origin_1.jpg
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
ffee0be929b065731441d3ac6e956f41c9413a3df305f2e0a04507b6c490eea8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
x-content-type-options
nosniff
last-modified
Sat, 09 Apr 2022 23:06:37 GMT
server
Cloudinary
etag
"ecd703b52f1b810573d0a20206530047"
vary
Accept,User-Agent
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
server-timing
fastly;dur=1;cpu=0;start=2022-04-11T12:13:37.395Z;desc=hit,rtt;dur=6
strict-transport-security
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
content-length
82021
profile_7.png
nordot-res.cloudinary.com/c_limit,w_300,h_300,f_auto,q_auto:eco/ch/units/39166665832988672/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordot-res.cloudinary.com/c_limit,w_300,h_300,f_auto,q_auto:eco/ch/units/39166665832988672/profile_7.png
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
734688c48e3725752d393537165f0f316d63d474547aeb86c2feb3f29d406145
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="profile_7.webp"
server-timing
fastly;dur=1;cpu=0;start=2022-04-11T12:13:37.395Z;desc=hit,rtt;dur=6
vary
Accept,User-Agent
content-length
2700
last-modified
Thu, 17 Oct 2019 12:59:48 GMT
server
Cloudinary
etag
"4b8ffd701a2993d5198082f0d03a3697"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 20:50:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55382
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 10 Apr 2023 20:50:35 GMT
common.js
nordot.app/images/newsnor/kiji/js/pc/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordot.app/images/newsnor/kiji/js/pc/common.js?1649391175
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
a562056fa84fd667a864978c5ebed4269389c216c2577ce5295e3153b7c3fbac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/885617193202221056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
server
Google Frontend
age
0
etag
"eW6GPA"
content-type
application/javascript
x-cloud-trace-context
9495716a5e05cac2332e219f25c8f7be
cache-control
public, max-age=1
content-length
1662
expires
Mon, 11 Apr 2022 12:13:38 GMT
underscore-min.js
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/underscore-min.js
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3604656
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5303
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04015-4041"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjMq7E0UjLI%2BTy6w87x1wCux6ozAUcXYQPdv%2BhG7zChgxWTWErRymv8XH2sirRxg8VT3A8N4mrbeB4cnk%2F3rLoJV%2FsGNRXKvX8PdZnm1fcgLBqt98YN%2BRDgeoz6Aju8efIHEwIGMH6gE3IBmZRVYSvkU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6fa3a3244ab59125-FRA
expires
Sat, 01 Apr 2023 12:13:37 GMT
curatedBy.js
nordot.app/images/newsnor/kiji/js/pc/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordot.app/images/newsnor/kiji/js/pc/curatedBy.js?1649391175
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
7993a83292a6344fcf727c7035025f93fc8d0dbe6d2d7e7a12e765cab2ab4879

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/885617193202221056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
content-encoding
gzip
server
Google Frontend
age
0
etag
"eW6GPA"
content-type
application/javascript
x-cloud-trace-context
9495716a5e05cac2332e219f25c8f7be
cache-control
public, max-age=1
content-length
1723
expires
Mon, 11 Apr 2022 12:13:38 GMT
ready.js
nordot.app/images/newsnor/kiji/js/pc/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordot.app/images/newsnor/kiji/js/pc/ready.js?1649391175
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
20dae3bb473081bf9c5bbe7560565708d726e1db6791503d1bd97a0dba962f7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/885617193202221056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
server
Google Frontend
age
0
etag
"eW6GPA"
content-type
application/javascript
x-cloud-trace-context
9e4de8160d5c829447ed8add3e922c4e
cache-control
public, max-age=1
content-length
3594
expires
Mon, 11 Apr 2022 12:13:38 GMT
plugin.js
nordot.app/images/newsnor/kiji/js/pc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordot.app/images/newsnor/kiji/js/pc/plugin.js?1649391175
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
88f110fd4bd8b497292c95013d0efd1d3aac5cfbd5e42281f8839f6db1a3b787

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/885617193202221056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
content-encoding
gzip
server
Google Frontend
age
0
etag
"eW6GPA"
content-type
application/javascript
x-cloud-trace-context
9495716a5e05cac2332e219f25c8f7be
cache-control
public, max-age=1
content-length
4865
expires
Mon, 11 Apr 2022 12:13:38 GMT
beacon-1.1.0.js
log.nordot.jp/js/ 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
dcc45c991696d726863fbd33b7c423cb24056d250b818b2fa735dc193718dbb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:38 GMT
content-encoding
gzip
server
Google Frontend
age
0
etag
"GLle1Q"
content-type
application/javascript
x-cloud-trace-context
6755d928a88e573e7fcfa19d6f10e366
cache-control
public, max-age=1
content-length
10602
expires
Mon, 11 Apr 2022 12:13:39 GMT
ads.js
nordot.app/images/newsnor/kiji/js/pc/ 		22 B
111 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nordot.app/images/newsnor/kiji/js/pc/ads.js?1649391175
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
799e81b5d4ca1cfd0f7ef8de2f75c3a3f7b6250e190bd217a774a83e64fd6038

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/885617193202221056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
server
Google Frontend
age
0
etag
"eW6GPA"
content-type
application/javascript
x-cloud-trace-context
077f4cb5fd37b24e75ba50293210a3ca
cache-control
public, max-age=1
content-length
22
expires
Mon, 11 Apr 2022 12:13:38 GMT
this_kiji.js
api.popin.cc/searchbox/ 		53 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/searchbox/this_kiji.js
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8ab9fa103650046342de38f683571626ce9ee7a6bb345d93f72c0349fbbbeb34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 12:13:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Mar 2022 13:03:13 GMT
Server
nginx
ETag
W/"e039826e9eb6fa7fbe6dc250fcd5b565"
X-Cache-Status
HIT from 10.252.55.44
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
x-amz-version-id
Fl6l3DsA87.AmvXNk0Hd50dvkbDUW6du
Expires
Mon, 11 Apr 2022 13:13:38 GMT
v2gnp6T4I2RaHC6htBpJnb4Le1Yyo41UruGDrxJGN435l7JgxnHoIwKO_7z_20Imb
ancientact.com/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ancientact.com/v2gnp6T4I2RaHC6htBpJnb4Le1Yyo41UruGDrxJGN435l7JgxnHoIwKO_7z_20Imb
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.62.190.35.bc.googleusercontent.com
Software
/
Resource Hash
a6f948ba073710fc2c67dbc8b868468bf485bc9f1762c2e48780f22c4a230178
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"95d939232493458ce06d96019ba1e47ff398a83c7ae4f3eb09e73c9b85705ab4"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-97sw
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Mon, 11 Apr 2022 12:13:37 GMT
x-buildnumber
505852149
timing-allow-origin
*
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
a0dbeec4cc12d0406830bb508a6b9d6086c4fcc1aee5e3f7879d9240f9946bf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28396
x-xss-protection
0
server
sffe
etag
"1184 / 252 of 1000 / last-modified: 1649675379"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 11 Apr 2022 12:13:37 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:03:23 GMT
content-encoding
gzip
age
613
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
15YYM382J9SVKQ2QC98M
etag
4e3fad24a118a07cea7ce88b2721a583
vary
Accept-Encoding
x-amz-version-id
.7apL996dsR_ZFPBtTTtY5SRaPfBf8DJ
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
W_i4FdUTkkH1DY4FtH6NXls4jFoXIpkA01OqKj_2x-5cyLmIVOJVUA==
hindsightipads.min.js
static.solutionshindsight.net/hindsightipads/ 		77 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.solutionshindsight.net/hindsightipads/hindsightipads.min.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-30.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4319fedacfef8cb54f96287baf3357fef228da794298b305f66f10124fe0876

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 11:58:41 GMT
content-encoding
gzip
last-modified
Fri, 08 Apr 2022 18:43:11 GMT
server
AmazonS3
age
1316
etag
"450b605de61fd4f634242968dcf5d3a6"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
24131
x-amz-cf-id
SlRVjaVVGQL09yXyNOdTUb8UMqAGETse4PHxmOl5ArXvySZYrj58DA==
45a8420b-8e22-43ff-9b3e-be67b7eba544
https://nordot.app/ 		564 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nordot.app/45a8420b-8e22-43ff-9b3e-be67b7eba544
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
815ee379589e2686af0a423df3987810358aaa03ea11a46250de270ad307a383

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
564
Content-Type
text/javascript
config
c.amazon-adsystem.com/cdn/prod/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnordot.app&pubid=064ec1b7-1a66-4612-9d6d-24aff6801950
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 09:39:33 GMT
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
server
Server
age
9243
x-cache
Hit from cloudfront
access-control-allow-origin
https://nordot.app
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
62s3zzhOMgBK8pGqyBagopxDzczJHharLDHtTDvZdU5m7HcprHb9MA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
35241
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
date
Mon, 11 Apr 2022 03:10:19 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
wTZ54fYG9KSTjE_KtiO1qjXyjDBacR1mGQHuymxwzjlYi5nsqwbx-A==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6986
date
Mon, 11 Apr 2022 10:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 11 Apr 2022 12:17:11 GMT
pubads_impl_2022040501.js
securepubads.g.doubleclick.net/gpt/ 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
e8a56b7248517b052849b0d606b0c402c9a147d231cfba361af5dfb5794a3766
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:00:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
797
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128191
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 08:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 11 Apr 2023 12:00:20 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		106 B
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nordot.app
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
1a8d35142c8246a1dd7f90003343a8c951aedea43fd4ccc983718d76fdd39cf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 12:13:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82
x-xss-protection
0
expires
Mon, 11 Apr 2022 12:13:37 GMT
4e79a0a6-c9f5-4003-999d-53bccef9b883
https://nordot.app/ 		197 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://nordot.app/4e79a0a6-c9f5-4003-999d-53bccef9b883
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
503c7d7b547489f331708af7ba63a596423fea119d4d21d637737ce5aa2bfd75

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
201375
Content-Type
text/javascript
config.js
confiant-integrations.global.ssl.fastly.net/oTC_dK0_uiGo6IYHKbPDY6Sqd8s/gpt_and_prebid/ 		67 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/oTC_dK0_uiGo6IYHKbPDY6Sqd8s/gpt_and_prebid/config.js
Requested by
Host: nordot.app
URL: blob:https://nordot.app/4e79a0a6-c9f5-4003-999d-53bccef9b883
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6490abd6dd4d539356d314cc8bcf1dce7e5ff4afd9e325caddd8157d5e782be9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 12:13:37 GMT
Content-Encoding
gzip
Age
1552
X-Cache
HIT
Connection
keep-alive
Content-Length
14556
x-amz-id-2
wEort6upSaBsFcTorWh5FmYzLv6SvffcAI4rhd6BSWqoHHQbYafe4NqiMhAjNbBrtotUKc4s9uU=
X-Served-By
cache-hhn4058-HHN
Last-Modified
Mon, 11 Apr 2022 09:08:13 GMT
Server
AmazonS3
X-Timer
S1649679218.670623,VS0,VE0
ETag
"b0eec8a1b4fd4f8e713b802111e0491e"
x-amz-request-id
32W4N0B65AM7TSXA
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
13
pwt.js
ads.pubmatic.com/AdServer/js/pwt/159745/4535/ 		171 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Requested by
Host: nordot.app
URL: blob:https://nordot.app/4e79a0a6-c9f5-4003-999d-53bccef9b883
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
fad6f2e928efe7174fd7a7a658c140bccf686767ad3a8222b73e982a13896a21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
content-encoding
gzip
last-modified
Thu, 27 Jan 2022 17:11:59 GMT
server
Apache/2.2.15 (CentOS)
etag
"1520db4-2ab6a-5d6936a8a53ba"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=17395
accept-ranges
bytes
content-type
text/javascript
content-length
56064
expires
Mon, 11 Apr 2022 17:03:32 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnordot.app%2F885617193202221056&pid=aL4j07HrL0Mrq&cb=0&ws=1600x1200&v=7.74.0&t=2000&slots=%5B%7B%22sd%22%3A%22300x250_A%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F126379976%2F300x250_A%22%7D%5D&pubid=064ec1b7-1a66-4612-9d6d-24aff6801950&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
VJ1P6K6DYFE0ES9DV56S
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
jvdx5i49qSAo9z-U9SiUFC2PZXeiXfpNmyA_LNnYbbG-XRZaVhBOzQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnordot.app%2F885617193202221056&pid=aL4j07HrL0Mrq&cb=1&ws=1600x1200&v=7.74.0&t=2000&slots=%5B%7B%22sd%22%3A%22300x250_B%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F126379976%2F300x250_B%22%7D%5D&pubid=064ec1b7-1a66-4612-9d6d-24aff6801950&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
VJYZKQJ7F02YJF0BVCEP
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
UCbPApe3SgKut2BjGsLFPX95Ii0IF0xd2hCyV2-aDyOkhs91a6URJw==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnordot.app%2F885617193202221056&pid=aL4j07HrL0Mrq&cb=2&ws=1600x1200&v=7.74.0&t=2000&slots=%5B%7B%22sd%22%3A%22300x250_C%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F126379976%2F300x250_C%22%7D%5D&pubid=064ec1b7-1a66-4612-9d6d-24aff6801950&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
T8FV7N3FRYJEWGZBZ28A
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
skL_QFeERMNwjXxCk6GLx_SniJP0Y7FmfkTncD3ljKlr_XYY7SJUAQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnordot.app%2F885617193202221056&pid=aL4j07HrL0Mrq&cb=3&ws=1600x1200&v=7.74.0&t=2000&slots=%5B%7B%22sd%22%3A%22right_content_1%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F126379976%2Fright_content_1%22%7D%5D&pubid=064ec1b7-1a66-4612-9d6d-24aff6801950&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
4TRAJVFDDWG7X2T8KQYF
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
T3KuM_DjLMvzAHZmKxrC6N3sCevlBLEWqTPdJz8jZ6wl-buGEqHuUw==
didna_prebid.js.gz
storage.googleapis.com/didna-prod/latest/ 		473 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f761f9ff09a7397cd83f74d4363021c930e74a2737814771d7b92f0b54367b06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 11:18:42 GMT
content-encoding
gzip
age
3295
x-guploader-uploadid
ADPycdvmq5hY6TYD51Sr255MRVolaxYOT6wFXqhyt0-fYh325k9vKAoIbZPTqpSt066a-oRRWkZjoQ3rcxK7qDV9Pith
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144409
last-modified
Wed, 02 Mar 2022 20:21:42 GMT
server
UploadServer
etag
"2c9eb093bf825f1c4dfb25ac862d00e8"
vary
Accept-Encoding
x-goog-hash
crc32c=qDY3LQ==, md5=LJ6wk7+CXxxN+yWshi0A6A==
content-language
en
access-control-allow-origin
*
x-goog-generation
1646252502361104
access-control-expose-headers
Content-Type
cache-control
max-age=172800
x-goog-stored-content-length
144409
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 13 Apr 2022 11:18:42 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/ 		192 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/oTC_dK0_uiGo6IYHKbPDY6Sqd8s/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
217b9e539bd55ad03f86545c4afc436c1d61f04aa131a4679181a3d30bde9480

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 12:13:37 GMT
Content-Encoding
gzip
Age
881
X-Cache
HIT
Connection
keep-alive
Content-Length
62535
x-amz-id-2
Yk686UX3tf+sfw6s00j+izfI0JrqyGDELTeuED0o6vdJRolZ5EiShW+T+zVfuBcB3LCtNA9qHNs=
X-Served-By
cache-hhn4058-HHN
Last-Modified
Tue, 29 Mar 2022 15:47:05 GMT
Server
AmazonS3
X-Timer
S1649679218.687007,VS0,VE0
ETag
"52d00808545427ec106d5efaf477f68a"
x-amz-request-id
9PNTNSCKC5Z77DFH
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
3777
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnordot.app%2F&domain=nordot.app&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 11 Apr 2022 12:13:37 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1520
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnordot.app%2F&domain=nordot.app&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=FGCYFHxNYm13QTVpQVZGbXlxWkdqRi95LzVMVGFNTGNEVHNQendlK3dxNklHWmlEQlhBNjJwQ3JxaDBEYm1FMzNXalI3amdFTm4ybGNNMEk0YWczK1BzNnp0Qk1yWURNMFZqZWFQaXFNdkNxNVNZN0lIbnpBYklyVlRGQj...
364 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=FGCYFHxNYm13QTVpQVZGbXlxWkdqRi95LzVMVGFNTGNEVHNQendlK3dxNklHWmlEQlhBNjJwQ3JxaDBEYm1FMzNXalI3amdFTm4ybGNNMEk0YWczK1BzNnp0Qk1yWURNMFZqZWFQaXFNdkNxNVNZN0lIbnpBYklyVlRGQjNUTGs0WmpxS1dsMXBKN3NWU01CakRueGU0ZUttOE0xN1JOMlE4S1lpckV4ZG5sc0NERmEzNHZhVDNXWmFuUm8yT09DRFV3bWZxdGVBUDA2U0xhdjk5L2xkSWlURVNSV0JmQkZWM0dCbERzNFVtMnYyRERrPXw&cppv=2
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
85d66b12ddbfc2341a8022c9ebada3e1a8ba7558f4b0d80ed9f86c2bd4ce449d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 12:13:37 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2890
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 11 Apr 2022 12:13:37 GMT
location
https://mug.criteo.com/sid?cpp=FGCYFHxNYm13QTVpQVZGbXlxWkdqRi95LzVMVGFNTGNEVHNQendlK3dxNklHWmlEQlhBNjJwQ3JxaDBEYm1FMzNXalI3amdFTm4ybGNNMEk0YWczK1BzNnp0Qk1yWURNMFZqZWFQaXFNdkNxNVNZN0lIbnpBYklyVlRGQjNUTGs0WmpxS1dsMXBKN3NWU01CakRueGU0ZUttOE0xN1JOMlE4S1lpckV4ZG5sc0NERmEzNHZhVDNXWmFuUm8yT09DRFV3bWZxdGVBUDA2U0xhdjk5L2xkSWlURVNSV0JmQkZWM0dCbERzNFVtMnYyRERrPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1797
content-length
482
expires
0
new
px.britepool.com/ 		0
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=FGCYFHxNYm13QTVpQVZGbXlxWkdqRi95LzVMVGFNTGNEVHNQendlK3dxNklHWmlEQlhBNjJwQ3JxaDBEYm1FMzNXalI3amdFTm4ybGNNMEk0YWczK1BzNnp0Qk1yWURNMFZqZWFQaXFNdkNxNVNZN0lIbnpBYklyVlRGQjNUTGs0WmpxS1dsMXBKN3NWU01CakRueGU0ZUttOE0xN1JOMlE4S1lpckV4ZG5sc0NERmEzNHZhVDNXWmFuUm8yT09DRFV3bWZxdGVBUDA2U0xhdjk5L2xkSWlURVNSV0JmQkZWM0dCbERzNFVtMnYyRERrPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 11 Apr 2022 12:13:36 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
983
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220411
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae3c9b0b069cb086206a52c704de47c39b5b42be6f74eb746728b198d140e78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
33161
x-jsd-version
1.0.1307
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19152-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66a-qHf0KHjx+9JXsjsldpz0qbkTimI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUyeUvLyacswJVHOCjyg3pdMYGuPxcnqPKq6DROUODM4aTVhKvEm2DFWaefmjj8z76%2B9URYNatzQc8EIxGjzUYnvkfZXlxIjUkmCH4M1MIVfCnEcwv1rSzb%2B5KXQWewgCh0ND7gfVziUCs%2BrN7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6fa3a327a8d191f6-FRA
localstore.js
script.4dex.io/ 		483 B
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1659
x-amz-request-id
tx8a12f882e5454f5f9ac74-00625414f6
x-amz-id-2
tx8a12f882e5454f5f9ac74-00625414f6
last-modified
Tue, 22 Mar 2022 09:15:21 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyioF%2BggjmjZj0KxDClVxanOIbQBcRR9rVy3SrOu9EBHd8%2FqBuqrGEt0UOVmWpA1%2FbEXwvjTSLapinxbt%2BkkZ%2FmXk9pLB4vdUyRPxb9DzCcEGMSoixsM4fcNf8%2BMZ3iNJWEM%2BjM3EpoOjFdc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1647940521027959
cf-ray
6fa3a327cfb99001-FRA
bid
ap.lijit.com/rtb/ 		94 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.12.0
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
35103a3b0866a871a115035bfdc07056394355c7508160540ab9e4f40af86534

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 11 Apr 2022 12:13:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://nordot.app
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
s-rtb-pb.send.microad.jp/ 		47 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s-rtb-pb.send.microad.jp/prebid?spot=0424f1ac630be70cae5b5f5f91fd6e4d&url=https%3A%2F%2Fnordot.app%2F885617193202221056&referrer=https%3A%2F%2Fnordot.app%2F885617193202221056&bid_id=4d7985609a9eb3&transaction_id=462f466f-652c-449c-b245-479c0afdac7f&media_types=1&cbt=9a0533c3ee5b000180188b34b4
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Apr 2022 12:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=86400
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
x-xss-protection
1; mode=block
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c6ebadf76411888b65bf98c55e4d1d016fb444b12a178f4126dc7c915ed7e664
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 11 Apr 2022 12:13:38 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5ff3f822-a1e0-499b-874a-e8432c36f81b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://nordot.app
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
didna-d.openx.net/w/1.0/ 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://didna-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fnordot.app%2F885617193202221056&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=462f466f-652c-449c-b245-479c0afdac7f&nocache=1649679217847&aus=300x250&divids=300x250_A&aucs=&auid=541019007&aumfs=50
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
f9373ba07dc615d06ad29db9726f4d9d7ddb676db2fa43ff661d269289aef4c3

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 12:13:37 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://nordot.app
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d5067700f3&cmd=bid&secure=1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e60e65bd89ccd2a90bf37fcd783cbb7c64e9f2a4560d20a2aaabae15b28c147b

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Apr 2022 12:13:38 GMT
server
ATS/9.1.0.33
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
content-length
62
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Mon, 11 Apr 2022 12:13:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
s-rtb-pb.send.microad.jp/ 		47 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s-rtb-pb.send.microad.jp/prebid?spot=0424f1ac630be70cae5b5f5f91fd6e4d&url=https%3A%2F%2Fnordot.app%2F885617193202221056&referrer=https%3A%2F%2Fnordot.app%2F885617193202221056&bid_id=15dfac6d69ac428&transaction_id=15ae5268-6a7c-4cb1-85ca-c7a98ab5b67e&media_types=1&cbt=3aa4b8b907a8300180188b34bf
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Apr 2022 12:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=86400
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
x-xss-protection
1; mode=block
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2c312d1bf38f125f462f1860eb2061a6f0b4b4f5f8d6bee726c808dbdd2c303c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 11 Apr 2022 12:13:38 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7e367aa2-dc29-42d0-8cf3-fa015241d271
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://nordot.app
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
didna-d.openx.net/w/1.0/ 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://didna-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fnordot.app%2F885617193202221056&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=15ae5268-6a7c-4cb1-85ca-c7a98ab5b67e&nocache=1649679217861&aus=300x250&divids=300x250_B&aucs=&auid=541019007&aumfs=50
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
051e8777cb64cd13498e7756c88f82cf564f26959b372bbf98c05430892ef3af

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 12:13:37 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://nordot.app
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Mon, 11 Apr 2022 12:13:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d5067700f3&cmd=bid&secure=1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
4f28c965c7210ff591f941568ac033cdac9b4e7e1149064e49a782fdc255849f

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Apr 2022 12:13:38 GMT
server
ATS/9.1.0.33
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
content-length
62
bid
ap.lijit.com/rtb/ 		94 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.12.0
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
206546ba929a91b7effd478f794328eb667178e3c64f85452c635458030e4428

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 11 Apr 2022 12:13:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://nordot.app
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d5067700f3&cmd=bid&secure=1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
4788dc53784b8b8d36f0b1ea6e7624797dfcd9816d68144b7efb8817c578af4b

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
content-length
62
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7c3eba43de9ff73e3b0c6ab1627a5011abbd6d4220b625445761538f7b7811dd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 11 Apr 2022 12:13:38 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5eaf07c4-4843-42cf-9bbc-d3076a88965a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://nordot.app
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
s-rtb-pb.send.microad.jp/ 		47 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s-rtb-pb.send.microad.jp/prebid?spot=0424f1ac630be70cae5b5f5f91fd6e4d&url=https%3A%2F%2Fnordot.app%2F885617193202221056&referrer=https%3A%2F%2Fnordot.app%2F885617193202221056&bid_id=322733a3162539c&transaction_id=38039019-82ed-4a25-bd76-c67ad4845c63&media_types=1&cbt=72f733e94a31d40180188b34cb
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Apr 2022 12:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=86400
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
x-xss-protection
1; mode=block
bid
ap.lijit.com/rtb/ 		94 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.12.0
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
3d3a2ffaf38efdd267c7464ca11e25543d144c7a83f89795e7c0ce77a93ba8d9

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 11 Apr 2022 12:13:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://nordot.app
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
translator
hbopenbid.pubmatic.com/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Mon, 11 Apr 2022 12:13:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
didna-d.openx.net/w/1.0/ 		73 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://didna-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fnordot.app%2F885617193202221056&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=38039019-82ed-4a25-bd76-c67ad4845c63&nocache=1649679217869&aus=300x250&divids=300x250_C&aucs=&auid=541019007&aumfs=50
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
49b35aa8184508e64f1b3416587155b1503e8b8168bc14de1c45c0cf5e1f3767

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 12:13:37 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://nordot.app
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d5067700f3&cmd=bid&secure=1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
a50bf9873a61ced3d9ad01737e7074b04c63579f573ed7f73801c6a5b925c4f9

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Apr 2022 12:13:38 GMT
server
ATS/9.1.0.33
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d5637f00f4&cmd=bid&secure=1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
94cee08e68efb3c84d3f2f1a7aaea81c713cea0348070ee46fc63fccd97d7a5b

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d7444000fb&cmd=bid&secure=1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
41d5137ce27cbbc0100072fb283aee141afabe8c986e3e897a1682181ba4557e

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Apr 2022 12:13:38 GMT
server
ATS/9.1.0.33
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
content-length
62
arj
didna-d.openx.net/w/1.0/ 		72 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://didna-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fnordot.app%2F885617193202221056&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3f52c11f-9c61-41e2-b1c2-993c6f74bcd1%2C3f52c11f-9c61-41e2-b1c2-993c6f74bcd1%2C3f52c11f-9c61-41e2-b1c2-993c6f74bcd1&nocache=1649679217873&aus=300x250%2C336x280%2C300x600%7C300x250%2C336x280%2C300x600%7C300x250%2C336x280%2C300x600&divids=right_content_1%2Cright_content_1%2Cright_content_1&aucs=%2C%2C&auid=541019007%2C541019007%2C541019009&aumfs=50%2C50%2C50
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
53d8e2df0b9330aafcf9a35de9c0f67da108cb1f93b2be1066de0401e6cb0b10

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 12:13:37 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://nordot.app
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
s-rtb-pb.send.microad.jp/ 		47 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s-rtb-pb.send.microad.jp/prebid?spot=0424f1ac630be70cae5b5f5f91fd6e4d&url=https%3A%2F%2Fnordot.app%2F885617193202221056&referrer=https%3A%2F%2Fnordot.app%2F885617193202221056&bid_id=49e91d72e575a95&transaction_id=3f52c11f-9c61-41e2-b1c2-993c6f74bcd1&media_types=1&cbt=38a43ccf3d1ae00180188b34d2
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Apr 2022 12:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=86400
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
x-xss-protection
1; mode=block
prebid
s-rtb-pb.send.microad.jp/ 		47 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s-rtb-pb.send.microad.jp/prebid?spot=0424f1ac630be70cae5b5f5f91fd6e4d&url=https%3A%2F%2Fnordot.app%2F885617193202221056&referrer=https%3A%2F%2Fnordot.app%2F885617193202221056&bid_id=507c049c60b43c&transaction_id=3f52c11f-9c61-41e2-b1c2-993c6f74bcd1&media_types=1&cbt=a33dbfed8b2e980180188b34d2
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Apr 2022 12:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=86400
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
x-xss-protection
1; mode=block
prebid
s-rtb-pb.send.microad.jp/ 		47 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s-rtb-pb.send.microad.jp/prebid?spot=bdab9c43160ecd0c3a19cf1006af2f91&url=https%3A%2F%2Fnordot.app%2F885617193202221056&referrer=https%3A%2F%2Fnordot.app%2F885617193202221056&bid_id=51ce5778b69db94&transaction_id=3f52c11f-9c61-41e2-b1c2-993c6f74bcd1&media_types=1&cbt=8f7c4382dcc1a80180188b34d2
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Apr 2022 12:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=86400
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
x-xss-protection
1; mode=block
bid
ap.lijit.com/rtb/ 		94 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.12.0
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
1eb5bb2f0595ecdb0737df726242b61fd4cf567cb238860e7c5a83f6228b9480

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 11 Apr 2022 12:13:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://nordot.app
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Mon, 11 Apr 2022 12:13:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5fb3a7b0bf654df7c41dee33015cb647083ab836ae4fe8165c4e27886070afa8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 11 Apr 2022 12:13:38 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d3b202bb-eeb1-435f-9d5d-3211a299800a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://nordot.app
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1651
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txb0571e26e6054f2e8ea93-00625414f7
x-amz-id-2
txb0571e26e6054f2e8ea93-00625414f7
last-modified
Tue, 22 Mar 2022 09:15:19 GMT
server
cloudflare
etag
W/"f6062b9ed3c12dab430d5d33afafadb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuwHAXk2E0aL79EN9noJtXeq81KVY%2BOtmQI4rk2W2bsLJQNsNc6yaOXqRan4Yvp6wUG5Z9vvC87ZUE3LJMgI7dTlU8%2BAyDBlJamBke2ccsf0bgqlQPAb5YpFkkT4wqUjFmWc1TzT1M84dsdy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1647940519211847
cf-ray
6fa3a3282baa91e4-FRA
access-control-allow-headers
Authorization
popIn-common-8.min.js
api.popin.cc/lib8-lightweight/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/lib8-lightweight/popIn-common-8.min.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/this_kiji.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
823ae0b92286f0ee5672eac80dae41ff1c895a8cc42b435d8d0c3fdddf723718

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 12:13:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Oct 2021 06:15:54 GMT
Server
nginx
ETag
W/"11c60c82428f41a838d3070986449da0"
X-Cache-Status
HIT from 10.252.55.44
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
x-amz-version-id
Gmdcq_RRlzJmuTlx_OMwWgmhEXSXMVk0
Expires
Mon, 11 Apr 2022 13:13:38 GMT
popIn-discovery-8.min.js
api.popin.cc/lib8-lightweight/ 		94 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/lib8-lightweight/popIn-discovery-8.min.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/this_kiji.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
9ff8fba31b0756fb1973a27c58fed21091e6c2862efcef9e6c9612f0f99cf910

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 12:13:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Apr 2022 10:00:49 GMT
Server
nginx
ETag
W/"d9d708db8470c9def6a596a442f7e5ed"
X-Cache-Status
HIT from 10.252.55.25
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
x-amz-version-id
TRYpCCNN3NOTwxX.0prlin4PeUxlah4O
Expires
Mon, 11 Apr 2022 13:13:38 GMT
popIn-read-8.min.js
api.popin.cc/lib8-lightweight/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/lib8-lightweight/popIn-read-8.min.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/this_kiji.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
a8c7bd5889bf7cafa5224603b5d25e472799c1305d1746737be4686ec4254834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 12:13:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Feb 2020 08:22:46 GMT
Server
nginx
ETag
W/"bfabdf785f1615c61dbed4cf0bf7e547"
X-Cache-Status
HIT from 10.252.55.25
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
x-amz-version-id
null
Expires
Mon, 11 Apr 2022 13:13:39 GMT
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMC4wLjQ4OTYuNzUgU2FmYXJpLzUzNy4zNiIsInJlZmVycmVyIjoiIiwicGF0aCI6Ii84ODU2MTcxOTMyMDIyMjEwNTYiLCJjaGFyc2V0IjoidXRmLTgiLCJsYW5ndWFnZSI6ImVuLXVzIiwiY29sb3IiOiIyNC1iaXQiLCJ0aXRsZSI6IuODreOCt+OCouOAgeWtkOOBqeOCgjEy5LiH5Lq66YCj44KM5Y6744KK44CA44Km44Kv44Op44Kk44OK44GM5Li75by1IO+9nCDlhbHlkIzpgJrkv6EiLCJ1cmwiOiJodHRwczovL25vcmRvdC5hcHAvODg1NjE3MTkzMjAyMjIxMDU2IiwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJob3N0Ijoibm9yZG90LmFwcCIsInR5cGUiOjksIm1lZGlhIjoibm9yZG90LmFwcCIsInBvcGluX3ZlcnNpb24iOiI4In0=&t=1649679218682
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 12:13:39 GMT
Last-Modified
Thu, 13 Dec 2018 07:24:27 GMT
Server
nginx/1.13.5
ETag
"5c12092b-42"
Content-Type
image/jpeg
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nordot.app
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 12:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nordot.app
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 12:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		420 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3727295848532060&correlator=3835695973077228&eid=31065713%2C31066948%2C31066962%2C31066965%2C31065402%2C44752585%2C31062931&output=ldjh&gdfp_req=1&vrg=2022040501&ptt=17&impl=fifs&iu_parts=126379976%2C300x250_A&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2757231701&sfv=1-0-38&ecs=20220411&fsapi=false&prev_scp=auid%3D300x250_A%26adLocation%3Dbtf%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=system%3Ddidna%26iab%3Diab11%26pub%3Dnordot.app%26path%3D%252F%26didna_version%3D4%26chunitid%3D39166665832988672%26cuunitid%3D0%26expid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1649679218806&lmt=1649679218&dlt=1649679217103&idt=642&biw=1600&bih=1200&adxs=314&adys=1409&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fnordot.app%2F885617193202221056&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=103172366.1649679219&ga_sid=1649679219&ga_hid=1432397132&ga_fc=false&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
c4c9e197a9dd4b9cbdc6bced1042c5cde6335c236bc667aadf47b969802fc3a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
229
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nordot.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fb147623433f69633503ad3e60be8353.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DCBF 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fb147623433f69633503ad3e60be8353.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Apr 2022 12:13:38 GMT
expires
Tue, 11 Apr 2023 12:13:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
skeleton.gif
static.adsafeprotected.com/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:6400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
age
21412744
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
8VpG-HbiT8WwJK_kGYLXumnQn_9-M3nqRtbzFGYs9UQB5a7FyD86MA==
pageview
log.nordot.jp/ 		0
342 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/pageview
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 11 Apr 2022 12:13:40 GMT
server
Google Frontend
vary
Origin
p3p
CP="Nordot does not have a P3P policy."
access-control-allow-origin
https://nordot.app
x-cloud-trace-context
9991999a98c4004e36d799678a29b2a6
cache-control
private
access-control-allow-credentials
true
content-type
text/html
x-appengine-log-flush-count
1
content-length
0
expires
Mon, 11 Apr 2022 12:13:40 GMT
event
log.nordot.jp/ 		0
462 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 11 Apr 2022 12:13:38 GMT
server
Google Frontend
vary
Origin
p3p
CP="Nordot does not have a P3P policy."
access-control-allow-origin
https://nordot.app
x-cloud-trace-context
57ed52d8e6431d65b96a3bdeb937331a
cache-control
private
access-control-allow-credentials
true
content-type
text/html
x-appengine-log-flush-count
1
content-length
0
expires
Mon, 11 Apr 2022 12:13:38 GMT
event
log.nordot.jp/ 		0
318 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 11 Apr 2022 12:13:40 GMT
server
Google Frontend
vary
Origin
p3p
CP="Nordot does not have a P3P policy."
access-control-allow-origin
https://nordot.app
x-cloud-trace-context
92e59ac5107331c1bb47ae76378c371f
cache-control
private
access-control-allow-credentials
true
content-type
text/html
x-appengine-log-flush-count
1
content-length
0
expires
Mon, 11 Apr 2022 12:13:40 GMT
event
log.nordot.jp/ 		0
317 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 11 Apr 2022 12:13:40 GMT
server
Google Frontend
vary
Origin
p3p
CP="Nordot does not have a P3P policy."
access-control-allow-origin
https://nordot.app
x-cloud-trace-context
355b6409a23e3d9d6bc9422df5f0cf11
cache-control
private
access-control-allow-credentials
true
content-type
text/html
x-appengine-log-flush-count
1
content-length
0
expires
Mon, 11 Apr 2022 12:13:40 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nordot.app
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 12:13:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nordot.app
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 12:13:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		403 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3727295848532060&correlator=3093873649921174&eid=31065713%2C31066948%2C31066962%2C31066965%2C31065402%2C44752585%2C31062931&output=ldjh&gdfp_req=1&vrg=2022040501&ptt=17&impl=fifs&iu_parts=126379976%2C300x250_C&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=3834782773&sfv=1-0-38&ecs=20220411&fsapi=false&prev_scp=auid%3D300x250_C%26adLocation%3Dbtf%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=system%3Ddidna%26iab%3Diab11%26pub%3Dnordot.app%26path%3D%252F%26didna_version%3D4%26chunitid%3D39166665832988672%26cuunitid%3D0%26expid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1649679219033&lmt=1649679219&dlt=1649679217103&idt=642&biw=1600&bih=1200&adxs=986&adys=1409&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fnordot.app%2F885617193202221056&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=103172366.1649679219&ga_sid=1649679219&ga_hid=1432397132&ga_fc=false&btvi=2&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
18ebc2bcc341f9e8eb3a62c4820d7fcf2ab919806d77d93f2717ca9c04215bc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
215
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nordot.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		420 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3727295848532060&correlator=353760178464867&eid=31065713%2C31066948%2C31066962%2C31066965%2C31065402%2C44752585%2C31062931&output=ldjh&gdfp_req=1&vrg=2022040501&ptt=17&impl=fifs&iu_parts=126379976%2C300x250_B&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&adks=3051579454&sfv=1-0-38&ecs=20220411&fsapi=false&prev_scp=auid%3D300x250_B%26adLocation%3Dbtf%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=system%3Ddidna%26iab%3Diab11%26pub%3Dnordot.app%26path%3D%252F%26didna_version%3D4%26chunitid%3D39166665832988672%26cuunitid%3D0%26expid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1649679219039&lmt=1649679219&dlt=1649679217103&idt=642&biw=1600&bih=1200&adxs=650&adys=1409&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fnordot.app%2F885617193202221056&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=103172366.1649679219&ga_sid=1649679219&ga_hid=1432397132&ga_fc=false&btvi=3&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
1002afcb5c3548fa4edd6eb5da0e0fff71fbc21fbc89c4c8191ace4fd357db5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
230
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nordot.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		426 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3727295848532060&correlator=3540344294050003&eid=31065713%2C31066948%2C31066962%2C31066965%2C31065402%2C44752585%2C31062931&output=ldjh&gdfp_req=1&vrg=2022040501&ptt=17&impl=fifs&iu_parts=126379976%2Cright_content_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C300x600&ifi=4&adks=453510430&sfv=1-0-38&ecs=20220411&fsapi=false&prev_scp=auid%3Dright_content_1%26adLocation%3Datf%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=system%3Ddidna%26iab%3Diab11%26pub%3Dnordot.app%26path%3D%252F%26didna_version%3D4%26chunitid%3D39166665832988672%26cuunitid%3D0%26expid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1649679219044&lmt=1649679219&dlt=1649679217103&idt=642&biw=1600&bih=1200&adxs=1172&adys=301&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fnordot.app%2F885617193202221056&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=512&ohw=0&ga_vid=103172366.1649679219&ga_sid=1649679219&ga_hid=1432397132&ga_fc=false&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
da6a2b68e0cb96609339326fd2f420d4ed9505873d724b1e67ead8e5cf9bf326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
230
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nordot.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
td_js_sdk_171.js
api.popin.cc/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/td_js_sdk_171.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/lib8-lightweight/popIn-common-8.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 12:13:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2018 09:42:51 GMT
Server
nginx
ETag
W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status
HIT from 10.252.55.44
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
x-amz-version-id
null
Expires
Mon, 11 Apr 2022 13:13:39 GMT
v2hqjWPHbUF0hGLCkbiWWalPc_3XBQxwjQ2QKjXELBRMfk1lIoIAL24yO8byQsJV1Kg4mhHlZ
ancientact.com/ 		209 B
641 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ancientact.com/v2hqjWPHbUF0hGLCkbiWWalPc_3XBQxwjQ2QKjXELBRMfk1lIoIAL24yO8byQsJV1Kg4mhHlZ
Requested by
Host: ancientact.com
URL: https://ancientact.com/v2gnp6T4I2RaHC6htBpJnb4Le1Yyo41UruGDrxJGN435l7JgxnHoIwKO_7z_20Imb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.62.190.35.bc.googleusercontent.com
Software
/
Resource Hash
89c2f1110cfc6c6dd15d945a34cefa7b0eafb075e801d97ef48815bdd549106c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Mon, 11 Apr 2022 12:13:39 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-97sw
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-buildnumber
505852149
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
209
expires
Mon, 11 Apr 2022 12:13:38 GMT
v2ufgBnMuSAuw4izdgVP6A1ti9jKt3TJHZc2ANJuZSLRAad7bmH6XPVcKv1zfUb1dYcWtTOUA
ancientact.com/ 		3 B
37 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ancientact.com/v2ufgBnMuSAuw4izdgVP6A1ti9jKt3TJHZc2ANJuZSLRAad7bmH6XPVcKv1zfUb1dYcWtTOUA
Requested by
Host: ancientact.com
URL: https://ancientact.com/v2gnp6T4I2RaHC6htBpJnb4Le1Yyo41UruGDrxJGN435l7JgxnHoIwKO_7z_20Imb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.62.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Mon, 11 Apr 2022 12:13:39 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-97sw
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
x-buildnumber
505852149
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
id
api.britepool.com/v1/britepool/ Frame 		0
0
id
api.britepool.com/v1/britepool/ 		0
0
725.json
id5-sync.com/g/v2/ 		212 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/725.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.99.211 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3213278.ip-141-95-99.eu
Software
/
Resource Hash
a5b066379a6520a34faff1286c72fb3e8042e987c0d79b049e9360202562122f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Mon, 11 Apr 2022 12:13:39 GMT
access-control-allow-credentials
true
vary
Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		63 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.131.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-131-63.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
dfc1b7f980e1096b89312daf202ecc007d52821e7d19eb32d9b057482473e75d

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 12:13:39 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://nordot.app
cache-control
no-cache
x-server
10.45.18.193
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
id
id.sharedid.org/ 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.19.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-19-115.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
pragma
no-cache
date
Mon, 11 Apr 2022 12:13:40 GMT
cache-control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires
0
rid
match.adsrvr.org/track/ 		109 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
0bf55733215d7960802d025540a53d0ba585eee3cf669207db742ba95335b4e8

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Apr 2022 12:13:39 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Wed, 11 May 2022 12:13:39 GMT
recommend
jp.popin.cc/popin_discovery/ 		252 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jp.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fnordot.app%2F885617193202221056&alg=ltr&media=this.kiji.is&agency=popinag&device=pc&extra=windows&topn=100&ad=50&uid=3866041f7b601bf4ae71649679219232&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTAwLjAuNDg5NiIsInVzZXJfdGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidXNlcl90ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2Ljc1IFNhZmFyaS81MzcuMzYiLCJ1c2VyX3RkX3JlZmVycmVyIjoiIiwidXNlcl90ZF9wYXRoIjoiLzg4NTYxNzE5MzIwMjIyMTA1NiIsInVzZXJfdGRfY2hhcnNldCI6InV0Zi04IiwidXNlcl90ZF9sYW5ndWFnZSI6ImVuLXVzIiwidXNlcl90ZF9jb2xvciI6IjI0LWJpdCIsInVzZXJfdGRfdGl0bGUiOiIlRTMlODMlQUQlRTMlODIlQjclRTMlODIlQTIlRTMlODAlODElRTUlQUQlOTAlRTMlODElQTklRTMlODIlODIxMiVFNCVCOCU4NyVFNCVCQSVCQSVFOSU4MCVBMyVFMyU4MiU4QyVFNSU4RSVCQiVFMyU4MiU4QSVFMyU4MCU4MCVFMyU4MiVBNiVFMyU4MiVBRiVFMyU4MyVBOSVFMyU4MiVBNCVFMyU4MyU4QSVFMyU4MSU4QyVFNCVCOCVCQiVFNSVCQyVCNSUyMCVFRiVCRCU5QyUyMCVFNSU4NSVCMSVFNSU5MCU4QyVFOSU4MCU5QSVFNCVCRiVBMSIsInVzZXJfdGRfdXJsIjoiaHR0cHM6Ly9ub3Jkb3QuYXBwLzg4NTYxNzE5MzIwMjIyMTA1NiIsInVzZXJfdGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ1c2VyX3RkX2hvc3QiOiJub3Jkb3QuYXBwIiwidXNlcl9kZXZpY2UiOiJwYyIsInVzZXJfdGltZSI6MTY0OTY3OTIxOTIzNSwiZnJ1aXRfYm94X3Bvc2l0aW9uIjoiIiwiZnJ1aXRfc3R5bGUiOiIifQ==&r_category=all&redirect=true&ad_reserved=10&callback=popInRequestCallBack0
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/lib8-lightweight/popIn-common-8.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.176 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
61e65dec908b50de370c420321227c637a8081e6558e35a808916aed68f7c550

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 12:13:40 GMT
Content-Encoding
gzip
Server
nginx/1.13.5
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
recommend
jp.popin.cc/popin_discovery/ 		882 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jp.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fnordot.app%2F885617193202221056&alg=ltr&device=pc&extra=windows&topn=0&uid=3866041f7b601bf4ae71649679219232&related=false&callback=popInRequestCallBack1
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/lib8-lightweight/popIn-common-8.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.176 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
f2f4ffe9d1d56b80a8c1b7506de19cdc97d4ccfcbcb7e69c2543725146b4f10b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 12:13:40 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
nginx/1.13.5
Connection
keep-alive
Content-Length
882
Content-Type
application/javascript;charset=UTF-8
didna_trackers.html
storage.didna.io/ Frame 5F22 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.didna.io/didna_trackers.html
Requested by
Host: nordot.app
URL: blob:https://nordot.app/4e79a0a6-c9f5-4003-999d-53bccef9b883
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.239.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.239.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e042f7b9638fdd28d660eb5a9552b5192f96a1131c0e28c3f63666c9b9deebfe

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2924
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
2867
content-type
text/html
date
Mon, 11 Apr 2022 11:24:56 GMT
etag
"13d9c4d6c276bc3cb0b5afd7ff642b8d"
expires
Mon, 11 Apr 2022 12:24:56 GMT
last-modified
Sun, 14 Jun 2020 19:10:59 GMT
server
UploadServer
x-goog-generation
1592161859249348
x-goog-hash
crc32c=+vRTlQ== md5=E9nE1sJ2vDywta/X/2QrjQ==
x-goog-metageneration
2
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2867
x-guploader-uploadid
ADPycdt6-6sFjfNLwAErQb1o2WIGGs_ED8jZb7elYsCcn17wi0H4AWwhoUJiT0CiYAp4GIPccr7FKYI07Q8R-0LUvHnw9tl8gBUt
quant.js
secure.quantserve.com/ Frame 5F22 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:40 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 18 Apr 2022 12:13:40 GMT
beacon.js
sb.scorecardresearch.com/ Frame 5F22 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-80.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 03:13:54 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
32389
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5db4f6b1c04035a37ba6548e89b362be.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
Jpv_HL_KDIhdsAlqPKH9OZkwY6PFzNBMbZ-9GmB30W_5mnVQPwXwlg==
b2
sb.scorecardresearch.com/ Frame 5F22
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=27875916&ns__t=1649679220774&ns_c=UTF-8&ns_if=1&cv=3.5&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c7=https...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=27875916&ns__t=1649679220774&ns_c=UTF-8&ns_if=1&cv=3.5&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c7=http...
0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=27875916&ns__t=1649679220774&ns_c=UTF-8&ns_if=1&cv=3.5&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c9=https%3A%2F%2Fnordot.app%2F
Requested by
Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol
H2
Server
108.157.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-80.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:40 GMT
via
1.1 5db4f6b1c04035a37ba6548e89b362be.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
wL7H1BF05baiWsCEyvMouYViRMgKM5dKBEwmjv5EpXhbdF08_hRUtQ==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=27875916&ns__t=1649679220774&ns_c=UTF-8&ns_if=1&cv=3.5&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c9=https%3A%2F%2Fnordot.app%2F
date
Mon, 11 Apr 2022 12:13:40 GMT
via
1.1 5db4f6b1c04035a37ba6548e89b362be.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
content-length
0
x-amz-cf-id
wifUKY9HTMJDqyKfOSZomVUJ_eBVxdn7fNj5gaOarbwru0bD3eSOMw==
x-cache
Miss from cloudfront
rules-p-WnvyhEGJaE9Xh.js
rules.quantcount.com/ Frame 5F22 		2 B
346 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-WnvyhEGJaE9Xh.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:e000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 11:27:41 GMT
via
1.1 2667cbb82aabb944a65b99430aa06d1a.cloudfront.net (CloudFront)
server
AmazonS3
age
2758
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-P2
content-length
2
x-amz-cf-id
qdtsszKF6Uyk_0uhYuLQWfpRANk9uC7-QxIdzN8AmM4HR8XjKKAhZQ==
pixel;r=933621731;rf=0;a=p-WnvyhEGJaE9Xh;url=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html;ref=https%3A%2F%2Fnordot.app%2F;uht=2;fpan=1;fpa=P0-1049073432-1649679220849;pbc=;ns=1;ce=1;qjs=1;q...
pixel.quantserve.com/ Frame 5F22 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=933621731;rf=0;a=p-WnvyhEGJaE9Xh;url=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html;ref=https%3A%2F%2Fnordot.app%2F;uht=2;fpan=1;fpa=P0-1049073432-1649679220849;pbc=;ns=1;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;d=storage.didna.io;je=0;sr=1600x1200x24;dst=0;et=1649679220849;tzo=0;ogl=locale.en_US%2Ctype.website%2Ctitle.diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield%2Cdescription.diDNA%20programmatic%20yield%20management%2Curl.https%3A%2F%2Fwww%252Edidna%252Eio%2F%2Csite_name.diDNA
Requested by
Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 12:13:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
graph.facebook.com/ 		231 B
637 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fnordot.app%2F885617193202221056&callback=popInRequestCallBack2
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/lib8-lightweight/popIn-common-8.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0fbb4508456978017475344cdce526b9e070d7266bf7e7bd46ccc93e85059aa8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1005330911
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
174
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
eQ4tnKYkxbgSwvhjO5mZFolwJuP96g5mkhqaSmz4VG8CeXK6/YpZ4/Tw6u7MS87nCfbeIsARsESOcwcN0IeU7Q==
x-fb-trace-id
DGSUnxiu4sv
date
Mon, 11 Apr 2022 12:13:41 GMT
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AvaJwzTrfwLYYiRYhCD4wrX
cache-control
no-store
facebook-api-version
v6.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
adlogs
in.treasuredata.com/js/v3/event/popin_ads/ 		89 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1649679221784&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjUwLCJyaWQiOiIiLCJhbGciOiJsdHIiLCJkbWYiOiJtIiwicmVzcG9uc2VfYWQiOjM4LCJzbWphZCI6MCwiYXBpX2hvc3QiOiJqcC5wb3Bpbi5jYyIsImNhdGVnb3J5IjoiamEiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwidXJsIjoiaHR0cHM6Ly9ub3Jkb3QuYXBwLzg4NTYxNzE5MzIwMjIyMTA1NiIsInBvcGluX3VzZXJfaWQiOiIzODY2MDQxZjdiNjAxYmY0YWU3MTY0OTY3OTIxOTIzMiIsInVpZCI6IjM4NjYwNDFmN2I2MDFiZjRhZTcxNjQ5Njc5MjE5MjMyIiwic21qSWQiOiIiLCJjb21tb25fY2F0ZWdvcnkiOiJlY29sb2d5IiwibG9naWQiOiI4YjJiMGY4OS01MjJkLTQ1YjUtYTRkNC1iMTYwMzA5YjE2YzUiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI3YmU5ZWE3Zi1mZGYxLTQzOTktOGQwZi03MDU3YTcxNGIxYzQiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi44Ot44K344Ki44CB5a2Q44Gp44KCMTLkuIfkurrpgKPjgozljrvjgooiLCJ0ZF91cmwiOiJodHRwczovL25vcmRvdC5hcHAvODg1NjE3MTkzMjAyMjIxMDU2IiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2Ljc1IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJub3Jkb3QuYXBwIiwidGRfcGF0aCI6Ii84ODU2MTcxOTMyMDIyMjEwNTYiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiIsImNsaWVudF9pZCI6IjdiZTllYTdmLWZkZjEtNDM5OS04ZDBmLTcwNTdhNzE0YjFjNCIsInBvcGluX3ZlcnNpb24iOjgsImludGVyYWN0aW9uX251bWJlciI6MH0%3D&callback=TreasureJSONPCallback0
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.232.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-232-80.compute-1.amazonaws.com
Software
/
Resource Hash
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 12:13:42 GMT
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
P3P
CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Content-Length
89
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
log.gif
r.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/log.gif?type=related-jp&uid=&url=https%3A%2F%2Fnordot.app%2F885617193202221056&t=1649679221769
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:42 GMT
last-modified
Tue, 10 Sep 2019 08:00:29 GMT
server
nginx
etag
"5d77581d-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
s.gif
rlog.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rlog.popin.cc/s.gif?url=https%3A%2F%2Fnordot.app%2F885617193202221056&uid=3866041f7b601bf4ae71649679219232&type=pc_pv&nid=pc&media=this.kiji.is&r5=ca_ja&t=1649679221784&tz=jp
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:42 GMT
last-modified
Wed, 04 Sep 2019 04:26:06 GMT
server
nginx
etag
"5d6f3cde-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImV4cGVjdGVkX2FkIjozNiwicmVuZGVyZWRfYWQiOjM2LCJhcGlfaG9zdCI6ImpwLnBvcGluLmNjIiwiY2F0ZWdvcnkiOiJqYSIsImRldmljZSI6InBjIiwibWVkaWEiOiJ0aGlzLmtpamkuaXMiLCJ1cmwiOiJodHRwczovL25vcmRvdC5hcHAvODg1NjE3MTkzMjAyMjIxMDU2IiwicG9waW5fdXNlcl9pZCI6IjM4NjYwNDFmN2I2MDFiZjRhZTcxNjQ5Njc5MjE5MjMyIiwidWlkIjoiMzg2NjA0MWY3YjYwMWJmNGFlNzE2NDk2NzkyMTkyMzIiLCJzbWpJZCI6IiIsImNvbW1vbl9jYXRlZ29yeSI6ImVjb2xvZ3kiLCJsb2dpZCI6IjhiMmIwZjg5LTUyMmQtNDViNS1hNGQ0LWIxNjAzMDliMTZjNSIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjdiZTllYTdmLWZkZjEtNDM5OS04ZDBmLTcwNTdhNzE0YjFjNCIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLjg63jgrfjgqLjgIHlrZDjganjgoIxMuS4h+S6uumAo+OCjOWOu+OCiiIsInRkX3VybCI6Imh0dHBzOi8vbm9yZG90LmFwcC84ODU2MTcxOTMyMDIyMjEwNTYiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMC4wLjQ4OTYuNzUgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Im5vcmRvdC5hcHAiLCJ0ZF9wYXRoIjoiLzg4NTYxNzE5MzIwMjIyMTA1NiIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwMC4wLjQ4OTYiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiN2JlOWVhN2YtZmRmMS00Mzk5LThkMGYtNzA1N2E3MTRiMWM0IiwicG9waW5fdmVyc2lvbiI6OCwiaW50ZXJhY3Rpb25fbnVtYmVyIjowfQ==&t=1649679221784
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 12:13:41 GMT
Last-Modified
Thu, 13 Dec 2018 07:24:27 GMT
Server
nginx/1.13.5
ETag
"5c12092b-42"
Content-Type
image/jpeg
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
other
inrecsys.popin.cc/PopinService/Logs/ 		0
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJkb21haW4iOiJub3Jkb3QuYXBwIiwidl9kaXNoX2xhYmVscyI6IuOCpuOCr+ODqeOCpOODiuacgOmrmOS8muitsCzjgqbjgq/jg6njgqTjg4os44Ov44Or44K344Oj44OvLOODreOCt+OCoui7jSzlm73pmLLnnIEs44OV44Kn44Kk44K544OW44OD44KvLOS6uuaoqSzlhbHlkIws5oqV56i/LOODnuODquOCpuODneODqiIsInZfZGlzaF90bGFiZWxzIjoi44Ot44K344KiLOWtkOOBqeOCgizkuIfkuroiLCJrZXkiOiJrZXkxNjQ5Njc5MjE5NzkzIiwiY2xpZW50X2lkIjoiN2JlOWVhN2YtZmRmMS00Mzk5LThkMGYtNzA1N2E3MTRiMWM0IiwidXJsIjoiaHR0cHM6Ly9ub3Jkb3QuYXBwLzg4NTYxNzE5MzIwMjIyMTA1NiIsInVpZCI6IjM4NjYwNDFmN2I2MDFiZjRhZTcxNjQ5Njc5MjE5MjMyIiwicG9waW5fdXNlcl9pZCI6IjM4NjYwNDFmN2I2MDFiZjRhZTcxNjQ5Njc5MjE5MjMyIiwic21qSWQiOiIiLCJhcGlfaG9zdCI6ImpwLnBvcGluLmNjIiwiY2F0ZWdvcnkiOiJqYSIsImRldmljZSI6InBjIiwibG9naWQiOiI4YjJiMGY4OS01MjJkLTQ1YjUtYTRkNC1iMTYwMzA5YjE2YzUiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI3YmU5ZWE3Zi1mZGYxLTQzOTktOGQwZi03MDU3YTcxNGIxYzQiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi44Ot44K344Ki44CB5a2Q44Gp44KCMTLkuIfkurrpgKPjgozljrvjgooiLCJ0ZF91cmwiOiJodHRwczovL25vcmRvdC5hcHAvODg1NjE3MTkzMjAyMjIxMDU2IiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2Ljc1IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJub3Jkb3QuYXBwIiwidGRfcGF0aCI6Ii84ODU2MTcxOTMyMDIyMjEwNTYiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoiMTg1LjIxMy4xNTUuMTY2IiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwMC4wLjQ4OTYiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiZGlzaF9jb21tb25fY2F0ZWdvcnkiOiJlY29sb2d5IiwiZGlzaF9tZWRpYSI6InRoaXMua2lqaS5pcyIsIm5vdyI6MTY0OTY3OTIyMTc4NCwicG9waW5fdmVyc2lvbiI6OH0=
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.63.197.136 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
0
Cross-Origin-Resource-Policy
cross-origin
Content-Type
text/plain
s.gif
rlog.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rlog.popin.cc/s.gif?url=https%3A%2F%2Fnordot.app%2F885617193202221056&uid=3866041f7b601bf4ae71649679219232&type=pc_channel_pv&nid=pc&media=this.kiji.is&r5=ca_ja|ch_with_sz_pc&t=1649679221784&tz=jp
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:42 GMT
last-modified
Wed, 04 Sep 2019 04:26:06 GMT
server
nginx
etag
"5d6f3cde-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJjaGFubmVsX2lkIjoid2l0aF9zel9wYyIsImV4cGVjdGVkX2FkIjozNiwicmVuZGVyZWRfYWQiOjM2LCJhcGlfaG9zdCI6ImpwLnBvcGluLmNjIiwiY2F0ZWdvcnkiOiJqYSIsImRldmljZSI6InBjIiwibWVkaWEiOiJ0aGlzLmtpamkuaXMiLCJ1cmwiOiJodHRwczovL25vcmRvdC5hcHAvODg1NjE3MTkzMjAyMjIxMDU2IiwicG9waW5fdXNlcl9pZCI6IjM4NjYwNDFmN2I2MDFiZjRhZTcxNjQ5Njc5MjE5MjMyIiwidWlkIjoiMzg2NjA0MWY3YjYwMWJmNGFlNzE2NDk2NzkyMTkyMzIiLCJzbWpJZCI6IiIsImNvbW1vbl9jYXRlZ29yeSI6ImVjb2xvZ3kiLCJsb2dpZCI6IjhiMmIwZjg5LTUyMmQtNDViNS1hNGQ0LWIxNjAzMDliMTZjNSIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjdiZTllYTdmLWZkZjEtNDM5OS04ZDBmLTcwNTdhNzE0YjFjNCIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLjg63jgrfjgqLjgIHlrZDjganjgoIxMuS4h+S6uumAo+OCjOWOu+OCiiIsInRkX3VybCI6Imh0dHBzOi8vbm9yZG90LmFwcC84ODU2MTcxOTMyMDIyMjEwNTYiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMC4wLjQ4OTYuNzUgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Im5vcmRvdC5hcHAiLCJ0ZF9wYXRoIjoiLzg4NTYxNzE5MzIwMjIyMTA1NiIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwMC4wLjQ4OTYiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiN2JlOWVhN2YtZmRmMS00Mzk5LThkMGYtNzA1N2E3MTRiMWM0IiwicG9waW5fdmVyc2lvbiI6OCwiaW50ZXJhY3Rpb25fbnVtYmVyIjowfQ==&t=1649679221784
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 12:13:41 GMT
Last-Modified
Thu, 13 Dec 2018 07:24:27 GMT
Server
nginx/1.13.5
ETag
"5c12092b-42"
Content-Type
image/jpeg
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
adlogs
log.popin.cc/log/popin_ads/ 		66 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjUwLCJyaWQiOiIiLCJhbGciOiJsdHIiLCJkbWYiOiJtIiwicmVzcG9uc2VfYWQiOjM4LCJzbWphZCI6MCwiYXBpX2hvc3QiOiJqcC5wb3Bpbi5jYyIsImNhdGVnb3J5IjoiamEiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwidXJsIjoiaHR0cHM6Ly9ub3Jkb3QuYXBwLzg4NTYxNzE5MzIwMjIyMTA1NiIsInBvcGluX3VzZXJfaWQiOiIzODY2MDQxZjdiNjAxYmY0YWU3MTY0OTY3OTIxOTIzMiIsInVpZCI6IjM4NjYwNDFmN2I2MDFiZjRhZTcxNjQ5Njc5MjE5MjMyIiwic21qSWQiOiIiLCJjb21tb25fY2F0ZWdvcnkiOiJlY29sb2d5IiwibG9naWQiOiI4YjJiMGY4OS01MjJkLTQ1YjUtYTRkNC1iMTYwMzA5YjE2YzUiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI3YmU5ZWE3Zi1mZGYxLTQzOTktOGQwZi03MDU3YTcxNGIxYzQiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi44Ot44K344Ki44CB5a2Q44Gp44KCMTLkuIfkurrpgKPjgozljrvjgooiLCJ0ZF91cmwiOiJodHRwczovL25vcmRvdC5hcHAvODg1NjE3MTkzMjAyMjIxMDU2IiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2Ljc1IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJub3Jkb3QuYXBwIiwidGRfcGF0aCI6Ii84ODU2MTcxOTMyMDIyMjEwNTYiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDAuMC40ODk2IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6IjdiZTllYTdmLWZkZjEtNDM5OS04ZDBmLTcwNTdhNzE0YjFjNCIsInBvcGluX3ZlcnNpb24iOjgsImludGVyYWN0aW9uX251bWJlciI6MH0=&t=1649679221785
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 12:13:42 GMT
Last-Modified
Thu, 13 Dec 2018 07:24:27 GMT
Server
nginx/1.13.5
ETag
"5c12092b-42"
Content-Type
image/jpeg
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
logo.png
api.popin.cc/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.popin.cc/images/logo.png
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 12:13:41 GMT
Last-Modified
Tue, 02 Apr 2019 12:00:56 GMT
Server
nginx
ETag
"b10c5c3579ba2dba39fd2804188dc3f1"
X-Cache-Status
HIT from 10.252.55.44
x-amz-version-id
null
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
2316
Expires
Mon, 11 Apr 2022 13:13:41 GMT
pd
u.openx.net/w/1.0/ 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 12:13:41 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159745
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159745&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDhCMDQ3RUYtRjdEOS00QkI0LTk1NDgtQTdFQzFCOUE4MTA5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: nordot.app
URL: https://nordot.app/885617193202221056
Protocol
H2
Server
192.82.242.208 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 11 Apr 2022 12:13:42 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:343
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022040501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3bebf9244d0ce3c01d0cd2e4e0f41c8e6a92aa51c9fa95bbcac7988d5129407a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 12:13:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10549
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Apr 2022 12:13:43 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8A66 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
233
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Apr 2022 12:09:50 GMT
expires
Tue, 11 Apr 2023 12:09:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7BCB 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
05d9a809027457b0b944df0b3886cb30030588cd2032cfc17fe5009a6f5e9604
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xQiEMCAreH8Y9AJ5Guwsug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-xQiEMCAreH8Y9AJ5Guwsug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 11 Apr 2022 12:13:43 GMT
expires
Mon, 11 Apr 2022 12:13:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
yPRSpnmC7kCVHbP5HJYGhFaCAnVrOjYDhSjhq7GpE_U.js
pagead2.googlesyndication.com/bg/ Frame 8A66 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yPRSpnmC7kCVHbP5HJYGhFaCAnVrOjYDhSjhq7GpE_U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f452a67982ee40951db3f91c960684568202756b3a36038528e1abb1a913f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 05:39:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
23628
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13627
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Apr 2023 05:39:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7BCB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022040501&jk=3727295848532060&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 8A66 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?k4CbmA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
event
log.nordot.jp/ 		0
76 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 11 Apr 2022 12:13:43 GMT
server
Google Frontend
vary
Origin
content-type
text/html
access-control-allow-origin
https://nordot.app
x-cloud-trace-context
89883e8d1c1ec370b8951e771eafecf4
access-control-allow-credentials
true
x-appengine-log-flush-count
1
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022040501&jk=3727295848532060&bg=!AwClAETNAAZAkm7qYJI7ACkAdvg8WutHCVKRpTa-oqi7cgUlZWFis7Gj_xgtm4nRb9ETEgYY8j2pEgIAAABMUgAAAAJoAQeZAqMkdJRzm3Wd5vjuJxXY30_88v-l1evyr2eSDRQIzPogiLCd5dZfrDuXnE4wc9RszTnJAAVzm4MspWjcVvtas73gSxyUfFE1lFkh9qlFZ7AUXD9Mw8bBS-3VqcwIvpHzKu42H3PUO4Abr39f-fGofQQUw0OCdKuvi2oyhSVI2gLUepV3V2uhRTnSX2mYGq23hOuDrWnFVV9S6lOLGzOLYd4yNZpQd0rPIU_9-6afZ8exmgVYULy6EOFf31asdl0XpyR1-OXeZ19qalJHvOG1zzNwbAkzJFxOuIfUSdLPveH7614qHeJRsTTksk6SbP7WWLZTw6sK3ngpI7djvSXJ8_qUVbJCoVLlIsRZhKQ4H-2m7VHtXrQ7htqwNPDZ5d4yHb8sPde3-fNIwD2UREjFFnlE6McTeDoCYHIUBNe1wuPn9j6L2g44IKeDBpDoh34_Eks8ujBRO5lFD0n0Is3u1X46DeZitns0iyMVL5pETvaZdOI5e7gBibKvgBkFr87XoC_kkfsHTwbBe_U-rBUMgBGhgdgOT-cgzWOh_N9wA_JhdFrW3ohSi0Zi7aPOajVC_deSiFRVnw1y3jOw5FKoUjxjx6kc3rBNoCA1BEyQPZ-rNT0JunxptX5Ms9529__TSJ96i-BfOywf43oHzFIURnh-umaFqe9JOaPhz8JXnS7hYIpeDg0dUfaZo5EZj9_95YoYQDCEnVigPwdmPiKNNnpbX4OiqI3hiAONYDslMokccPJH8bxOsK0eCehspP46Sx2EZjhuKxj-E5KFZg6JJUU5cst6y9ija35E8hnxDRBqD7_a-L-ttC6cJ-avXoIg-3Emoj_R0nunLOjjKGDDor39dQTTYqZvZwkiyZztFVF1M6lYl4AC_icNnc38_d_6V8FA5lQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 12:13:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
readlogs
in.treasuredata.com/js/v3/event/popin_media/ 		89 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.treasuredata.com/js/v3/event/popin_media/readlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1649679225171&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJpbWFnZSI6IiIsInB1YmRhdGUiOiIiLCJjYXRlZ29yeSI6IiIsInJlYWRfcmUiOiJvcmdhbmljIiwicmVhZF9jYyI6ImVjb2xvZ3kiLCJtYWluX2NhdGVnb3J5IjoiZWNvbG9neSIsInBvcGluX3VzZXJfaWQiOiIiLCJkb21haW4iOiJub3Jkb3QuYXBwIiwibWVkaWEiOiJ0aGlzLmtpamkuaXMiLCJuaWQiOiJMUXRVeERseGgxY0IiLCJkZXZpY2UiOiJwYyIsImFwaV9ob3N0IjoianAucG9waW4uY2MiLCJyZWFkIjoyMCwicmVhZF90aW1lIjoyLCJyZWFkX3N0YXRfdGV4dCI6MzAwLCJyZWFkX3N0YXRfaW1hZ2UiOjU1LCJyZWFkX3N0YXRfaW5fdGV4dCI6MzAwLCJyZWFkX3N0YXRfaW5faW1hZ2UiOjU1LCJyZWFkX3N0YXRfb3V0X3RleHQiOm51bGwsInJlYWRfc3RhdF9vdXRfaW1hZ2UiOm51bGwsInJlYWRfc3RhdF9vdXRfciI6bnVsbCwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiN2JlOWVhN2YtZmRmMS00Mzk5LThkMGYtNzA1N2E3MTRiMWM0IiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuODreOCt%2BOCouOAgeWtkOOBqeOCgjEy5LiH5Lq66YCj44KM5Y6744KK44CA44Km44Kv44Op44Kk44OK44GM5Li75by1IO%2B9nCDlhbHlkIzpgJrkv6EiLCJ0ZF91cmwiOiJodHRwczovL25vcmRvdC5hcHAvODg1NjE3MTkzMjAyMjIxMDU2IiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2Ljc1IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJub3Jkb3QuYXBwIiwidGRfcGF0aCI6Ii84ODU2MTcxOTMyMDIyMjEwNTYiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiIsInBvcGluX3ZlcnNpb24iOjgsImludGVyYWN0aW9uX251bWJlciI6MH0%3D&callback=TreasureJSONPCallback1
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.232.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-232-80.compute-1.amazonaws.com
Software
/
Resource Hash
0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 12:13:45 GMT
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
P3P
CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Content-Length
89
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
s.gif
rlog.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rlog.popin.cc/s.gif?url=https%3A%2F%2Fnordot.app%2F885617193202221056&uid=&type=pc_viewall&nid=pc&media=this.kiji.is&r5=&t=1649679225170
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:45 GMT
last-modified
Wed, 04 Sep 2019 04:26:06 GMT
server
nginx
etag
"5d6f3cde-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
s.gif
rlog.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rlog.popin.cc/s.gif?url=https%3A%2F%2Fnordot.app%2F885617193202221056&uid=&nid=LQtUxDlxh1cB&media=this.kiji.is&r1=20&r2=0&r3=text300|image55|in_text300|in_image55&r4=2&r5=re_organic|dv_pc|session|sstorage&r6=2&r7=0&r8=19.658888888888885&t=1649679225171
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:13:45 GMT
last-modified
Wed, 04 Sep 2019 04:26:06 GMT
server
nginx
etag
"5d6f3cde-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
px.britepool.com
URL
https://px.britepool.com/new?partner_id=t
Domain
api.britepool.com
URL
https://api.britepool.com/v1/britepool/id
Domain
api.britepool.com
URL
https://api.britepool.com/v1/britepool/id
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=26

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| googletag object| didna function| admiral object| adhUnitSettings object| devices number| len object| searchParams boolean| disableSticky number| policyRetry number| retryMax number| checkPolicy function| getUrlParameter function| getCookie function| policyAccepted function| inIframe object| DIDNA_CONFIG object| apstag boolean| apstagLOADED function| $ function| jQuery string| GoogleAnalyticsObject function| ga function| _ object| hindsight boolean| hindsight_loaded function| 4dm1r11545242527 object| ggeac object| google_tag_data object| google_js_reporting_queue object| pbjs object| confiant function| parcelRequire function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| PWT object| gaplugins undefined| google_measure_js_timing function| pbjsChunk object| ADAGIO object| mnet string| nobidVersion object| nobid object| sas object| apntag object| _ADAGIO string| _popIn_nordot_lang object| _pop object| _popIn5_config object| PopIn object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| platform object| nor boolean| adBlocked undefined| oReq object| jQuery1113015066589656432794 function| Treasure2 object| JSON3 function| TreasureJSONPCallback0 boolean| popInPositionAndStyle object| $header boolean| hasMoreButton number| moduleHidePoint number| moduleShrinkPoint object| GoogleGcLKhOms object| google_image_requests

27 Cookies

Domain/Path Name / Value
nordot.app/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
nordot.app/ Name: cto_bidid
Value: 8kmR5V80c2g2TVYlMkZKJTJCZlllQjczR1pibTUxciUyRjZXSm1tOGZtdVFvSDRDSXRtN2VxNDZPeSUyRnhxMkVtdERCRlZtbGRkMU9rVSUyRkNOQmFyZWwwN2hNcUpTYkklMkJ4USUzRCUzRA
nordot.app/ Name: cto_bundle
Value: UOjR_l83SGZuOHpXbFgxZHNRJTJGbEo1T2FxNUtRd21CSDZiZWxnQ2c1c0IyYURXaTBSWFFuSGExSSUyRkJ1RzNvdmZFbCUyRmNvNSUyQlZsWHNDVW5zY3RKTlNQQlQ5MWpjaWRza2pIUURVYyUyRmRHN2tVeVZ0dWt0ajlNamk0S0NJc1I4dzFlbCUyRkZ3Yg
.adnxs.com/ Name: icu
Value: ChgInIc_EAoYASABKAEw8rbQkgY4AUABSAEQ8rbQkgYYAA..
.adnxs.com/ Name: uuid2
Value: 5090279854857519214
.nordot.app/ Name: _ss_pp_id
Value: 3866041f7b601bf4ae71649679219232
.nordot.app/ Name: _awl
Value: 2.1649679219.0.5-655cdec071949622266ccddf42b2ebaa-6763652d6575726f70652d7765737431-0
.nordot.app/ Name: __gads
Value: ID=3418b0eca674a321-225dd36074cd00f6:T=1649679219:S=ALNI_MbIgM-FA5W8d4h8gtWgBh4vrt8McQ
nordot.app/ Name: _lr_retry_request
Value: true
nordot.app/ Name: _lr_env_src_ats
Value: false
.nordot.app/ Name: _td
Value: 7be9ea7f-fdf1-4399-8d0f-7057a714b1c4
.adsrvr.org/ Name: TDID
Value: 36da59ed-48a2-429d-a145-4fcecadf2f7a
nordot.app/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2236da59ed-48a2-429d-a145-4fcecadf2f7a%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-04-11T12%3A13%3A39%22%7D
.nordot.app/ Name: panoramaId_expiry
Value: 1649765619801
log.nordot.jp/ Name: browser
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJlNGI3NGI0Njg1MzQ3NDNhZmIyODI0YTFlZDdiYmI4MyIsImlhdCI6MTY0OTY3OTIyMCwianRpIjoiMjA2NDQwOTcxIiwiZXhwIjoxNzEyNzUxMjIwfQ.QBsntnthMFSV51Oz2VW0GkLL6syMvjMRURACoLZqDzE
nordot.app/ Name: _pubcid
Value: %7B%7D
.popin.cc/ Name: uid
Value: 3866041f7b601bf4ae71649679219232
.scorecardresearch.com/ Name: UID
Value: 1B846fe4291d63de64f8c3c1649679220
.quantserve.com/ Name: mc
Value: 62541b74-d4564-d9644-06c34
.in.treasuredata.com/ Name: _td_global
Value: bce865d1-884c-4101-9dd5-f602b9353d6d
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: SyncRTB3
Value: 1650844800%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 48B047EF-F7D9-4BB4-9548-A7EC1B9A8109
.doubleclick.net/ Name: IDE
Value: AHWqTUmuSWjhMZ2paA7qLhrmw7-3DyDVgZCbIMvCcTdyQ9BtT0vVbedvymtTQpXK9co
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: pi
Value: 159745:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2

3 Console Messages

Source Level URL
Text
network error URL: https://px.britepool.com/new?partner_id=t
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: https://nordot.app/885617193202221056
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=26' from origin 'https://nordot.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=26
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ancientact.com
ap.lijit.com
api.britepool.com
api.popin.cc
api.rlcdn.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
didna-d.openx.net
fb147623433f69633503ad3e60be8353.safeframe.googlesyndication.com
graph.facebook.com
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.crwdcntrl.net
id.sharedid.org
id5-sync.com
image2.pubmatic.com
image8.pubmatic.com
in.treasuredata.com
inrecsys.popin.cc
jp.popin.cc
log.nordot.jp
log.popin.cc
match.adsrvr.org
mug.criteo.com
nordot-res.cloudinary.com
nordot.app
pagead2.googlesyndication.com
pixel.quantserve.com
px.britepool.com
r.popin.cc
rlog.popin.cc
rules.quantcount.com
s-rtb-pb.send.microad.jp
sb.scorecardresearch.com
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.solutionshindsight.net
storage.didna.io
storage.googleapis.com
tpc.googlesyndication.com
u.openx.net
www.google-analytics.com
www.google.com
api.britepool.com
api.rlcdn.com
px.britepool.com
108.157.4.80
119.63.193.220
119.63.197.136
119.63.198.143
119.63.198.176
119.63.198.188
141.95.99.211
142.250.185.130
142.250.185.226
143.204.98.30
151.101.129.194
178.250.0.157
185.64.189.110
192.82.242.208
2001:4860:4802:32::15
202.233.84.2
204.237.133.116
216.52.2.19
23.35.236.201
2600:9000:224a:6400:8:48e:53c0:93a1
2600:9000:2315:e000:6:44e3:f8c0:93a1
2606:4700:20::681a:8a9
2606:4700::6810:5914
2606:4700::6811:180e
2620:116:800d:21:fcb8:22d2:d390:5f1b
2a00:1450:4001:801::200a
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:811::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2010
2a00:1450:4001:82f::2013
2a00:1450:4001:830::2001
2a00:1450:4014:80b::2002
2a02:2638:1::13
2a03:2880:f02d:e:face:b00c:0:2
2a04:4e42:400::393
3.248.131.63
35.157.246.167
35.190.62.199
35.227.239.69
35.244.159.8
37.252.172.123
52.10.19.115
52.200.232.80
52.223.40.198
65.9.66.173
051e8777cb64cd13498e7756c88f82cf564f26959b372bbf98c05430892ef3af
05d9a809027457b0b944df0b3886cb30030588cd2032cfc17fe5009a6f5e9604
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0bf55733215d7960802d025540a53d0ba585eee3cf669207db742ba95335b4e8
0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5
0fbb4508456978017475344cdce526b9e070d7266bf7e7bd46ccc93e85059aa8
1002afcb5c3548fa4edd6eb5da0e0fff71fbc21fbc89c4c8191ace4fd357db5d
18ebc2bcc341f9e8eb3a62c4820d7fcf2ab919806d77d93f2717ca9c04215bc7
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1a8d35142c8246a1dd7f90003343a8c951aedea43fd4ccc983718d76fdd39cf7
1ae3c9b0b069cb086206a52c704de47c39b5b42be6f74eb746728b198d140e78
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1eb5bb2f0595ecdb0737df726242b61fd4cf567cb238860e7c5a83f6228b9480
206546ba929a91b7effd478f794328eb667178e3c64f85452c635458030e4428
20dae3bb473081bf9c5bbe7560565708d726e1db6791503d1bd97a0dba962f7d
217b9e539bd55ad03f86545c4afc436c1d61f04aa131a4679181a3d30bde9480
2c312d1bf38f125f462f1860eb2061a6f0b4b4f5f8d6bee726c808dbdd2c303c
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21
35103a3b0866a871a115035bfdc07056394355c7508160540ab9e4f40af86534
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3bebf9244d0ce3c01d0cd2e4e0f41c8e6a92aa51c9fa95bbcac7988d5129407a
3d3a2ffaf38efdd267c7464ca11e25543d144c7a83f89795e7c0ce77a93ba8d9
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
41d5137ce27cbbc0100072fb283aee141afabe8c986e3e897a1682181ba4557e
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4788dc53784b8b8d36f0b1ea6e7624797dfcd9816d68144b7efb8817c578af4b
49b35aa8184508e64f1b3416587155b1503e8b8168bc14de1c45c0cf5e1f3767
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f28c965c7210ff591f941568ac033cdac9b4e7e1149064e49a782fdc255849f
503c7d7b547489f331708af7ba63a596423fea119d4d21d637737ce5aa2bfd75
53d8e2df0b9330aafcf9a35de9c0f67da108cb1f93b2be1066de0401e6cb0b10
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5fb3a7b0bf654df7c41dee33015cb647083ab836ae4fe8165c4e27886070afa8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e65dec908b50de370c420321227c637a8081e6558e35a808916aed68f7c550
6490abd6dd4d539356d314cc8bcf1dce7e5ff4afd9e325caddd8157d5e782be9
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e
734688c48e3725752d393537165f0f316d63d474547aeb86c2feb3f29d406145
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7993a83292a6344fcf727c7035025f93fc8d0dbe6d2d7e7a12e765cab2ab4879
799e81b5d4ca1cfd0f7ef8de2f75c3a3f7b6250e190bd217a774a83e64fd6038
7c3eba43de9ff73e3b0c6ab1627a5011abbd6d4220b625445761538f7b7811dd
7f73ee585e817432c0d98736b26ed2301b1a13eaa60596380425554f15b171e3
815ee379589e2686af0a423df3987810358aaa03ea11a46250de270ad307a383
823ae0b92286f0ee5672eac80dae41ff1c895a8cc42b435d8d0c3fdddf723718
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85d66b12ddbfc2341a8022c9ebada3e1a8ba7558f4b0d80ed9f86c2bd4ce449d
88f110fd4bd8b497292c95013d0efd1d3aac5cfbd5e42281f8839f6db1a3b787
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89c2f1110cfc6c6dd15d945a34cefa7b0eafb075e801d97ef48815bdd549106c
8ab9fa103650046342de38f683571626ce9ee7a6bb345d93f72c0349fbbbeb34
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
94cee08e68efb3c84d3f2f1a7aaea81c713cea0348070ee46fc63fccd97d7a5b
9ff8fba31b0756fb1973a27c58fed21091e6c2862efcef9e6c9612f0f99cf910
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0dbeec4cc12d0406830bb508a6b9d6086c4fcc1aee5e3f7879d9240f9946bf2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50bf9873a61ced3d9ad01737e7074b04c63579f573ed7f73801c6a5b925c4f9
a562056fa84fd667a864978c5ebed4269389c216c2577ce5295e3153b7c3fbac
a5b066379a6520a34faff1286c72fb3e8042e987c0d79b049e9360202562122f
a6f948ba073710fc2c67dbc8b868468bf485bc9f1762c2e48780f22c4a230178
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8c7bd5889bf7cafa5224603b5d25e472799c1305d1746737be4686ec4254834
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b4319fedacfef8cb54f96287baf3357fef228da794298b305f66f10124fe0876
b69a8e8537dd94ac9f5b31c30027378b8ce391b803766078bfb27121e9a3f137
c03a6775fa5c252225c265947633ff860ce3859f0a408af7e7871d471ab7e3c9
c4c9e197a9dd4b9cbdc6bced1042c5cde6335c236bc667aadf47b969802fc3a8
c6ebadf76411888b65bf98c55e4d1d016fb444b12a178f4126dc7c915ed7e664
c8f452a67982ee40951db3f91c960684568202756b3a36038528e1abb1a913f5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
da6a2b68e0cb96609339326fd2f420d4ed9505873d724b1e67ead8e5cf9bf326
dcc45c991696d726863fbd33b7c423cb24056d250b818b2fa735dc193718dbb9
dfc1b7f980e1096b89312daf202ecc007d52821e7d19eb32d9b057482473e75d
e042f7b9638fdd28d660eb5a9552b5192f96a1131c0e28c3f63666c9b9deebfe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60e65bd89ccd2a90bf37fcd783cbb7c64e9f2a4560d20a2aaabae15b28c147b
e8a56b7248517b052849b0d606b0c402c9a147d231cfba361af5dfb5794a3766
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
f10ab824acc419ad38dda5f5cd8f4b0156a181da4a113acc11ee820caff50140
f2f4ffe9d1d56b80a8c1b7506de19cdc97d4ccfcbcb7e69c2543725146b4f10b
f761f9ff09a7397cd83f74d4363021c930e74a2737814771d7b92f0b54367b06
f9373ba07dc615d06ad29db9726f4d9d7ddb676db2fa43ff661d269289aef4c3
fad6f2e928efe7174fd7a7a658c140bccf686767ad3a8222b73e982a13896a21
ffee0be929b065731441d3ac6e956f41c9413a3df305f2e0a04507b6c490eea8