noracora.com Open in urlscan Pro
65.9.26.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.downnload.com/
Effective URL:
https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Imp...
Submission: On May 17 via api (May 17th 2022, 3:12:02 pm UTC) from US — Scanned from DE

Summary HTTP 248 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 49 IPs in 6 countries across 41 domains to perform 248 HTTP transactions. The main IP is 65.9.26.121, located in United States and belongs to AMAZON-02, US. The main domain is noracora.com. The Cisco Umbrella rank of the primary domain is 143045.
TLS certificate: Issued by Amazon on May 2nd 2022. Valid for: a year.

This is the only time noracora.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	103.224.182.244 103.224.182.244	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 5	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1	78.46.197.88 78.46.197.88	24940 (HETZNER-AS) (HETZNER-AS)
2	157.90.169.168 157.90.169.168	24940 (HETZNER-AS) (HETZNER-AS)
1 1	104.248.96.70 104.248.96.70	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	212.32.251.44 212.32.251.44	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	35.201.76.231 35.201.76.231	15169 (GOOGLE) (GOOGLE)
1 1	34.95.127.121 34.95.127.121	15169 (GOOGLE) (GOOGLE)
79	65.9.26.121 65.9.26.121	16509 (AMAZON-02) (AMAZON-02)
1	8.45.52.250 8.45.52.250	() ()
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
6	2600:9000:224... 2600:9000:224a:1c00:14:28af:c80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:214... 2600:9000:214f:8400:a:d1a:b500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:7600:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.92.209.58 52.92.209.58	() ()
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.248.107 18.66.248.107	16509 (AMAZON-02) (AMAZON-02)
1	104.102.29.173 104.102.29.173	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
58	23.36.163.230 23.36.163.230	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	23.36.162.25 23.36.162.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	65.9.63.124 65.9.63.124	16509 (AMAZON-02) (AMAZON-02)
3	64.202.112.31 64.202.112.31	() ()
2	142.250.185.162 142.250.185.162	() ()
4	2a00:1450:401... 2a00:1450:4014:80f::200e	() ()
3 4	142.250.186.134 142.250.186.134	() ()
5	23.36.162.71 23.36.162.71	() ()
2	2a00:1450:400... 2a00:1450:4001:829::2002	() ()
1 2	99.86.7.20 99.86.7.20	() ()
2	2a00:1450:400... 2a00:1450:4001:831::2002	() ()
1	2a04:4e42:200... 2a04:4e42:200::729	() ()
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	() ()
1	151.139.242.29 151.139.242.29	() ()
3	198.11.178.42 198.11.178.42	() ()
1	44.240.119.169 44.240.119.169	() ()
2	2a00:1450:400... 2a00:1450:4001:80e::2004	() ()
2	2a00:1450:400... 2a00:1450:4001:810::2003	() ()
1	52.88.55.75 52.88.55.75	() ()
1	2a00:1450:400... 2a00:1450:4001:82b::2002	() ()
1	65.9.63.28 65.9.63.28	() ()
5	151.101.193.21 151.101.193.21	() ()
1 2	185.33.221.89 185.33.221.89	() ()
2	2600:9000:206... 2600:9000:206f:f800:18:33e:4e80:93a1	() ()
3	192.229.221.25 192.229.221.25	() ()
2	151.101.1.35 151.101.1.35	() ()
1	2600:9000:205... 2600:9000:2057:1800:19:9934:6a80:93a1	() ()
1	2600:9000:205... 2600:9000:2057:f800:16:3cc5:1a40:21	() ()
1	2a00:1450:400... 2a00:1450:400c:c04::9d	() ()
2	2600:9000:206... 2600:9000:206f:c800:11:f728:3040:93a1	() ()
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a2::1931	() ()
1	2a02:2638::3 2a02:2638::3	() ()
1	2620:1ec:c11:... 2620:1ec:c11::200	() ()
248	49

2 103.224.182.244 (Australia) 2 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-244.above.com

www.downnload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.224.182.206 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

1redirc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.197.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de

clever-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.169.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de

lookandfind.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.248.96.70 (Singapore, Singapore) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

ir3.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.32.251.44 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

stvkr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.76.231 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 231.76.201.35.bc.googleusercontent.com

noracora.pxf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.127.121 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 121.127.95.34.bc.googleusercontent.com

www.ojrq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

79 65.9.26.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-26-121.zag50.r.cloudfront.net

noracora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.45.52.250 (None, )

ASN- ()

at.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:224a:1c00:14:28af:c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

harbor-hyperf.harborcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:214f:8400:a:d1a:b500:93a1 (United States)

ASN16509 (AMAZON-02, US)

wzstatic1.streamoptim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:7600:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.209.58 (None, )

ASN- ()

cmall-static-resource.s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-107.dus51.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.29.173 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-173.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 23.36.163.230 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-230.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.36.162.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-25.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.63.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-124.fra56.r.cloudfront.net

aac473ea903c.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.31 (None, )

ASN- ()

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (None, )

ASN- ()

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4014:80f::200e (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.134 (None, ) 3 redirects

ASN- ()

10726730.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.36.162.71 (None, )

ASN- ()

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.7.20 (None, ) 1 redirects

ASN- ()

cdn9.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (None, )

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::729 (None, )

ASN- ()

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (None, )

ASN- ()

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.29 (None, )

ASN- ()

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.11.178.42 (None, )

ASN- ()

exit.streamoptim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sl.streamoptim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.240.119.169 (None, )

ASN- ()

jingwei.harborcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (None, )

ASN- ()

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.88.55.75 (None, )

ASN- ()

sentry.chicv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (None, )

ASN- ()

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.63.28 (None, )

ASN- ()

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.193.21 (None, )

ASN- ()

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.89 (None, ) 1 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:f800:18:33e:4e80:93a1 (None, )

ASN- ()

wzstatic.streamoptim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.221.25 (None, )

ASN- ()

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.35 (None, )

ASN- ()

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:1800:19:9934:6a80:93a1 (None, )

ASN- ()

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:f800:16:3cc5:1a40:21 (None, )

ASN- ()

d1x82c5eu9l6cp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (None, )

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:c800:11:f728:3040:93a1 (None, )

ASN- ()

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a2::1931 (None, )

ASN- ()

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (None, )

ASN- ()

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
79	noracora.com noracora.com — Cisco Umbrella Rank: 143045	1 MB
58	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1150	768 KB
9	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 6139 api.livechatinc.com secure.livechatinc.com accounts.livechatinc.com	270 KB
9	streamoptim.com wzstatic1.streamoptim.com — Cisco Umbrella Rank: 54879 exit.streamoptim.com sl.streamoptim.com wzstatic.streamoptim.com	403 KB
7	paypal.com www.paypal.com t.paypal.com	7 KB
7	doubleclick.net 3 redirects 10726730.fls.doubleclick.net googleads.g.doubleclick.net ad.doubleclick.net stats.g.doubleclick.net	4 KB
7	harborcdn.com harbor-hyperf.harborcdn.com — Cisco Umbrella Rank: 69763 jingwei.harborcdn.com	62 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	287 KB
5	1redirc.com 1 redirects 1redirc.com — Cisco Umbrella Rank: 330730	8 KB
4	facebook.net connect.facebook.net	110 KB
4	google.com adservice.google.com www.google.com	2 KB
4	google-analytics.com www.google-analytics.com	59 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2276 tr.outbrain.com	4 KB
4	gstatic.com fonts.gstatic.com	68 KB
3	paypalobjects.com www.paypalobjects.com	50 KB
3	branch.io cdn.branch.io api2.branch.io	25 KB
3	google.de www.google.de adservice.google.de	1 KB
3	forter.com 1 redirects aac473ea903c.cdn4.forter.com — Cisco Umbrella Rank: 74058 cdn9.forter.com a2be1ed49e1c42499e547290e30473be-aac473ea903c.cdn.forter.com Failed	71 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	3 KB
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	googleadservices.com www.googleadservices.com	30 KB
2	pxf.io 2 redirects noracora.pxf.io	904 B
2	stvkr.com 1 redirects stvkr.com — Cisco Umbrella Rank: 189174	2 KB
2	lookandfind.me lookandfind.me	794 B
2	downnload.com 2 redirects www.downnload.com	2 KB
1	bing.com bat.bing.com
1	criteo.net static.criteo.net
1	pinimg.com s.pinimg.com
1	cloudfront.net d1x82c5eu9l6cp.cloudfront.net	124 KB
1	app.link app.link	564 B
1	chicv.com sentry.chicv.com	311 B
1	dmca.com images.dmca.com	4 KB
1	sentry-cdn.com browser.sentry-cdn.com	89 KB
1	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 19930	50 KB
1	amazonaws.com cmall-static-resource.s3.us-west-2.amazonaws.com	13 KB
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4337	9 KB
1	alicdn.com at.alicdn.com	51 KB
1	ojrq.net 1 redirects www.ojrq.net — Cisco Umbrella Rank: 8362	546 B
1	ir3.xyz 1 redirects ir3.xyz — Cisco Umbrella Rank: 152170	873 B
1	clever-redirect.com clever-redirect.com	674 B
0	creativecdn.com Failed us.creativecdn.com Failed
248	41

	Domain	Requested by
79	noracora.com	stvkr.com noracora.com harbor-hyperf.harborcdn.com 1redirc.com
58	analytics.tiktok.com	noracora.com analytics.tiktok.com
6	harbor-hyperf.harborcdn.com	1redirc.com harbor-hyperf.harborcdn.com
5	www.paypal.com	1redirc.com www.paypalobjects.com
5	www.googletagmanager.com	noracora.com www.googletagmanager.com
5	1redirc.com	1 redirects 1redirc.com
4	connect.facebook.net	noracora.com connect.facebook.net 1redirc.com
4	www.google-analytics.com	www.googletagmanager.com noracora.com www.google-analytics.com
4	cdn.livechatinc.com	noracora.com secure.livechatinc.com
4	fonts.gstatic.com	fonts.googleapis.com
4	wzstatic1.streamoptim.com	noracora.com wzstatic1.streamoptim.com
3	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
3	api.livechatinc.com	cdn.livechatinc.com
3	tr.outbrain.com	amplify.outbrain.com noracora.com
3	fonts.googleapis.com	noracora.com wzstatic1.streamoptim.com secure.livechatinc.com
2	api2.branch.io	cdn.branch.io
2	t.paypal.com	noracora.com
2	wzstatic.streamoptim.com	wzstatic1.streamoptim.com
2	secure.adnxs.com	1 redirects noracora.com
2	ad.doubleclick.net	2 redirects
2	www.google.de	noracora.com
2	www.google.com	noracora.com
2	exit.streamoptim.com	wzstatic1.streamoptim.com
2	adservice.google.com	10726730.fls.doubleclick.net noracora.com
2	cdn9.forter.com	1 redirects noracora.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	10726730.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googleadservices.com	www.googletagmanager.com
2	noracora.pxf.io	2 redirects
2	stvkr.com	1 redirects lookandfind.me
2	lookandfind.me	clever-redirect.com
2	www.downnload.com	2 redirects
1	bat.bing.com	1redirc.com
1	static.criteo.net	www.googletagmanager.com
1	s.pinimg.com	www.googletagmanager.com
1	accounts.livechatinc.com	cdn.livechatinc.com
1	secure.livechatinc.com	cdn.livechatinc.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	d1x82c5eu9l6cp.cloudfront.net	noracora.com
1	app.link	cdn.branch.io
1	sl.streamoptim.com	wzstatic1.streamoptim.com
1	cdn.branch.io	1redirc.com
1	adservice.google.de	adservice.google.com
1	sentry.chicv.com	browser.sentry-cdn.com
1	jingwei.harborcdn.com	harbor-hyperf.harborcdn.com
1	images.dmca.com	noracora.com
1	browser.sentry-cdn.com	cmall-static-resource.s3.us-west-2.amazonaws.com
1	aac473ea903c.cdn4.forter.com	noracora.com
1	amplify.outbrain.com	noracora.com
1	analytics.webgains.io	noracora.com
1	cmall-static-resource.s3.us-west-2.amazonaws.com	noracora.com
1	www.dwin1.com	noracora.com
1	at.alicdn.com	noracora.com
1	www.ojrq.net	1 redirects
1	ir3.xyz	1 redirects
1	clever-redirect.com	1redirc.com
0	a2be1ed49e1c42499e547290e30473be-aac473ea903c.cdn.forter.com Failed
0	us.creativecdn.com Failed	www.googletagmanager.com
248	58

This site contains links to these domains. Also see Links.

Domain
outlet.noracora.com
apps.apple.com
play.google.com

Subject Issuer	Validity	Valid
tracker.clever-redirect.com R3	`2022-04-07` - `2022-07-06`	3 months	crt.sh
lookandfind.me R3	`2022-05-03` - `2022-08-01`	3 months	crt.sh
stvkr.com R3	`2022-05-14` - `2022-08-12`	3 months	crt.sh
noracorashop.net Amazon	`2022-05-02` - `2023-05-31`	a year	crt.sh
*.alicdn.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-07-03` - `2022-08-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.harborcdn.com Amazon	`2021-09-14` - `2022-10-13`	a year	crt.sh
*.streamoptim.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-01-17` - `2023-02-17`	a year	crt.sh
*.dwin1.com Amazon	`2021-11-19` - `2022-12-17`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-12-17` - `2022-11-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.webgains.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
livechat.com DigiCert ECC Secure Server CA	`2022-02-25` - `2023-03-01`	a year	crt.sh
*.cdn4.forter.com GeoTrust RSA CA 2018	`2021-11-16` - `2022-12-16`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-11-26` - `2022-12-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-23` - `2022-05-24`	3 months	crt.sh
images.dmca.com Go Daddy Secure Certificate Authority - G2	`2022-03-11` - `2023-03-29`	a year	crt.sh
harborcdn.com Amazon	`2022-04-12` - `2023-05-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
sentry.chicv.com TrustAsia TLS RSA CA	`2021-11-24` - `2022-11-23`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-12` - `2023-04-12`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-03-04` - `2022-11-23`	9 months	crt.sh
appipv4.link Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh

This page contains 10 frames:

Primary Page: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Frame ID: 989CD8C0CEE8D8E11DB16A7D3A251CF2
Requests: 226 HTTP requests in this frame

Frame: https://10726730.fls.doubleclick.net/activityi;dc_pre=CKyK2v7o5vcCFUO0GwodLBsLkw;src=10726730;type=norac00;cat=norac0;ord=3405996895400;gtm=2od5g0;auiddc=1675267696.1652800318;~oref=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720
Frame ID: 5362CF7C5F41875F1FCF2A29D4FB2036
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKyK2v7o5vcCFUO0GwodLBsLkw;src=10726730;type=norac00;cat=norac0;ord=3405996895400;gtm=2od5g0;auiddc=1675267696.1652800318;~oref=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720
Frame ID: DD5BE606E64496FCD35BE797C9F58AC8
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKyK2v7o5vcCFUO0GwodLBsLkw;src=10726730;type=norac00;cat=norac0;ord=3405996895400;gtm=2od5g0;auiddc=1675267696.1652800318;~oref=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720
Frame ID: B1F17276F755F333AA6A55368D8A0938
Requests: 1 HTTP requests in this frame

Frame: https://wzstatic.streamoptim.com/stream/streamUidIframe.html
Frame ID: 6D6C6214994F799AB56D518A73ED76D2
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/store-cash-lite/index.html
Frame ID: 0FD9F9B5224CEFB009F57BB34182F764
Requests: 2 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 75AF26B060418ECF468BFE0156BFEC6B
Requests: 2 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=12657117&group=1&embedded=1&widget_version=3&unique_groups=0
Frame ID: 34DC51E85F36EF135EA50B0CA0FD18C4
Requests: 9 HTTP requests in this frame

Frame: https://us.creativecdn.com/tags?type=iframe&id=pr_ugpG9309T8IGKwk03tIu_home&id=pr_ugpG9309T8IGKwk03tIu_lid_bDAwpI5Uc4GpbywkcY6H&su=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720&sr=https%3A%2F%2Fstvkr.com%2F&ts=1652800321843
Frame ID: ADC071FCCE213B67E0B53598F48DF7E2
Requests: 1 HTTP requests in this frame

Frame: https://us.creativecdn.com/tags?type=iframe&id=pr_ugpG9309T8IGKwk03tIu&ncm=1&id=pr_ugpG9309T8IGKwk03tIu_lid_bDAwpI5Uc4GpbywkcY6H&su=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720&sr=https%3A%2F%2Fstvkr.com%2F&ts=1652800321858
Frame ID: CB3957695193518DA965DCAA096CFAC3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Casual Womens Clothing Store Online, Womens Dresses & Tops | Noracora

Page URL History Show full URLs

http://www.downnload.com/ HTTP 302
https://www.downnload.com/ HTTP 302
http://1redirc.com/r2.php?e=qwDB2QrCWObUu96G6R7zIn49flhDeE8zRWZBYzJSeGtIcUZydE0vY2Z2UnNhdy90aDd... Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D12373... HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=1237394603&sid=202205180111524f93d2dd89342f1d9b Page URL
https://lookandfind.me/s/a?t=6&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=noracora.com&s1=721614&s2=&... Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Fir3.xyz%2F6274bf7dd86c3%3Fp1%3D3da3773d230827b540b989b26... Page URL
https://ir3.xyz/6274bf7dd86c3?p1=3da3773d230827b540b989b2619fe91d HTTP 302
https://stvkr.com/v2/click-AjK4m-46Vld7-x9nEJ-9ad9d845?tl=1&sa=7079b46f-dcc9-4eb9-85e1-4c8ce95... Page URL
https://stvkr.com/v2/click-AjK4m-46Vld7-x9nEJ-9ad9d845?tl=1&sa=7079b46f-dcc9-4eb9-85e1-4c8ce95... HTTP 303
https://noracora.pxf.io/NKv55v?SharedId=9wLZ1WmEK9Z5c90&subId2=KOxnQM&u= HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Fnoracora.pxf.io%2Fc%2F1234031%2F1309225%2F15980%3FSh... HTTP 302
https://noracora.pxf.io/c/1234031/1309225/15980?SharedId=9wLZ1WmEK9Z5c90&subId2=KOxnQM&u=&svlink=561... HTTP 301
https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affi... Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Forter (Analytics) Expand

Overall confidence: 100%
Detected patterns

forter\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

248
Requests

92 %
HTTPS

42 %
IPv6

41
Domains

58
Subdomains

49
IPs

6
Countries

3791 kB
Transfer

10598 kB
Size

27
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://outlet.noracora.com/collections/outlet-best-sellers?utm_source=nc&utm_medium=nc&utm_campaign=saleguide
Title: Outlet

Search URL Search Domain Scan URL

URL: https://outlet.noracora.com/collections/outlet-best-sellers?utm_source=nc&utm_medium=nc&utm_campaign=homecategory

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/noracora/id1535962668

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.flutter_use_redux.noracora

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.downnload.com/ HTTP 302
https://www.downnload.com/ HTTP 302
http://1redirc.com/r2.php?e=qwDB2QrCWObUu96G6R7zIn49flhDeE8zRWZBYzJSeGtIcUZydE0vY2Z2UnNhdy90aDdqZitPd1ZqUXYrc2tOWVRCcmxuN05NQWdxZ3BNUFpGWHpKaDVKcHh5TktiQ0NsSjNVUGRyLzA4ZGRUeEZFb0FpL0V5Wkh2ZWU0M0VOVk1vK0hZWXdzQ3oweDdVc0dXYk81VXZaV1NPQk5WM0trZys5azZQa3NEa1dlYTBxRUhWZWpBeU9OdFlaQW5tVW9pUmdrMlIyRFlZcjB1YUJoYW9UMW5vQnF6dzdJUkxhS1haTzk5OHpuL1MwMEhBaXFZTVJvQ3kyOWxLQURoZU9wUE9ONG1vYWxvdENoWlUvOFVIN3dtVWZJRkRqK21LK29TVTZVRkUybFFFWTYwOWkrZUMyV1NCSEk0SzlCY3ZBQ1M4Y3Z0WmIwT281bkI1R085ZDR2K3p2MWFQMU9GOFJxcHNGSW5JTHR6OVZTakdvdFY2czFGWGsvdWYydTRTN0lyUEtTVWFKY3ZSTlhVbW4vOEdIZU5Cd1RlS0FjYk9naTlhWkFsTVRmMDVCWVZXN0RpaHFwTS9lRXIwWUNPN0xyOFc1V01CVzhDajNmR0lNcndlMklEdDExSjZwZlRMT0ZPQjN3K3plaGlOMnUwQ3o3MlBEZS9XYmRqS0FWeFV1UTB3c3RhakdCMytkcWxtMnRHVnFIZGZnMjdlMlUrbGxxTVlwWU5CZElQaFF2bUNkWWh2UkJBcjZhTSsvU2UvWWRMUHFnMmpIYy9MNUNLYWtBSE9QZGl4ZUVRRWVOemZQRGR6ME1Lck92dmtuOHk5UFdTRUJ0ZjNNSVYyTmFaMG0wczdGZzN3RkxKd3BHK3JVZFQzWmNHS0NmSFVOZlZMbGFyK3JSWDFyMUFMTkFOTUZHbitQZ3VWaTF0M2x3ajVuVjNLelFKczltcEdmM0FFNkZJYkxCMmN4MVl0ODdubDVGV2FNb3hRVmdvcSthWXd3cUxrdXlyT1JKZVlmbHd6V2JJa1FHSUYxVGdjand5UnZWb0ZUVg%3D%3D Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1237394603%26sid%3D202205180111524f93d2dd89342f1d9b&s=j&enc=R13dv9hl2DpeJ0d%2BiJfCj349fmtOTmJMZHRqSVROUjV0aHVKY2RyQ3lFN3NvQmZSYWI4T0VuNXNtRldJZnpxbmhTTHFjRzluYm5STk5JYVlzNUxVTWhRR29TZStjTm5SdVczciswdkdjc2ZFeFFEYmNudGNHV0xRVjlmT2xoRjNTTm5EYUoxZkNYOFJwN1JFc0NFNXVrNUFZWGt1c3FTU1NEUTJ6UXZzbDIyTUR5cnNpdnIxd2E5ck1BZXAzTmhqUFdmeXlwWExSU1dHRWhmRktXdUlQTFc4TllnS0c3TmFNN0NOdUNEVWJiTjUvN3ZBYk4rOHZaWHg0Tko3dmkvT1RJai9BQUl4V2hEK0psdytGVXhSU1JwV0hkcVM2bC9veE9KejZwWkhWTWxROSt1WTQzVE5sODV5NlVQNW1OOUhDYmsvQ3VNYy9aazR0cU93bklnNU1EdmNzbFM5MngzdlpRSFJnTjk2OXRPbUVDb0Jwdm5uTEFBUitwL280VHdhOFFXcmRmci80RVE2ZGZiaU9xS09PeThNajY1MXI4aG5oOWxrSlRuRGJqQzY4U2c3MjFpaFRXNUc2RkdSdnJRRytFVkkrODIzTjZNc2YvZmtET1Jjb3A0U2FlOUdJdTlZa2VLZFViVy9tdnlMaWlMdkdYRHAxbDNoSXJiK3VXczVNYU9DVzFYN0hiTnd6b3YxQjh6WE02MmxnaDJ6WHRtcE0xWlllamREdmlYZ3dJRmdibTVkaDcweWlhQnVoc0I0WnJPeFptVUdENisyRjEzOGlCclhwWU9HWDBDMEYzdFJnRnY1VzE1eCtwdFQxNVlFQzJBUUhjNXNZcHdyWXBheWRZd2dRU3Rqa1BkM1VqTkt5eVZNejRQT1cwQS9RR3kzeGJMbFlOU3A5emxqQktXbnJnakd5UE1HNndabEFHdFBvQUJlUEg0NU9SWHMxN05XZUZ4Y2FKWDFZd1lLTGxJUUxjR0dHU3EwQkVGVWt2cTlmczJpMm93MGVldEJNK3hmMXA2STRDVnNheDFqRTl0RXk5UE1rREJ3M1NpZ2NHS2tMUWMvOXk2ZndKYnp4Z0xEbTEvd2UwWVhBaGMxeFZVRUhoSll1cHMrYitETzRiT0RBUzdLV3dHUEJJRXMvd0lTS0V0TXNHR1ZRPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=1237394603&sid=202205180111524f93d2dd89342f1d9b Page URL
https://lookandfind.me/s/a?t=6&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=noracora.com&s1=721614&s2=&s3=1237394603&s5=woc Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Fir3.xyz%2F6274bf7dd86c3%3Fp1%3D3da3773d230827b540b989b2619fe91d&h=bc7881a2f2475de918ce732fb75d1f62 Page URL
https://ir3.xyz/6274bf7dd86c3?p1=3da3773d230827b540b989b2619fe91d HTTP 302
https://stvkr.com/v2/click-AjK4m-46Vld7-x9nEJ-9ad9d845?tl=1&sa=7079b46f-dcc9-4eb9-85e1-4c8ce95bcf21&sa2=60910da1d915b81f2932b7a1 Page URL
https://stvkr.com/v2/click-AjK4m-46Vld7-x9nEJ-9ad9d845?tl=1&sa=7079b46f-dcc9-4eb9-85e1-4c8ce95bcf21&sa2=60910da1d915b81f2932b7a1&no_cookie=1&rfr=NNNNS%2BfhcApNO9IAl9SYmZgWF8kBm8%2FWm9sFgvtcXFwYNjVNNNNNNNvYUj%3D%3D&widht=1600&height=1200 HTTP 303
https://noracora.pxf.io/NKv55v?SharedId=9wLZ1WmEK9Z5c90&subId2=KOxnQM&u= HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Fnoracora.pxf.io%2Fc%2F1234031%2F1309225%2F15980%3FSharedId%3D9wLZ1WmEK9Z5c90%26subId2%3DKOxnQM%26u%3D%26svlink%3D5616180%26level%3D1%26srcref%3Dhttps%253A%252F%252Fstvkr.com%252F&cid=15980&tpsync=yes HTTP 302
https://noracora.pxf.io/c/1234031/1309225/15980?SharedId=9wLZ1WmEK9Z5c90&subId2=KOxnQM&u=&svlink=5616180&level=1&srcref=https%3A%2F%2Fstvkr.com%2F&brwsr=b109041a-d5f3-11ec-a560-3b7a0116e7cd&brwsrsig=xoEWWy2dNR90UAewHCy0i3rmytDwvZ HTTP 301
https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.downnload.com/ HTTP 302
https://www.downnload.com/ HTTP 302
http://1redirc.com/r2.php?e=qwDB2QrCWObUu96G6R7zIn49flhDeE8zRWZBYzJSeGtIcUZydE0vY2Z2UnNhdy90aDdqZitPd1ZqUXYrc2tOWVRCcmxuN05NQWdxZ3BNUFpGWHpKaDVKcHh5TktiQ0NsSjNVUGRyLzA4ZGRUeEZFb0FpL0V5Wkh2ZWU0M0VOVk1vK0hZWXdzQ3oweDdVc0dXYk81VXZaV1NPQk5WM0trZys5azZQa3NEa1dlYTBxRUhWZWpBeU9OdFlaQW5tVW9pUmdrMlIyRFlZcjB1YUJoYW9UMW5vQnF6dzdJUkxhS1haTzk5OHpuL1MwMEhBaXFZTVJvQ3kyOWxLQURoZU9wUE9ONG1vYWxvdENoWlUvOFVIN3dtVWZJRkRqK21LK29TVTZVRkUybFFFWTYwOWkrZUMyV1NCSEk0SzlCY3ZBQ1M4Y3Z0WmIwT281bkI1R085ZDR2K3p2MWFQMU9GOFJxcHNGSW5JTHR6OVZTakdvdFY2czFGWGsvdWYydTRTN0lyUEtTVWFKY3ZSTlhVbW4vOEdIZU5Cd1RlS0FjYk9naTlhWkFsTVRmMDVCWVZXN0RpaHFwTS9lRXIwWUNPN0xyOFc1V01CVzhDajNmR0lNcndlMklEdDExSjZwZlRMT0ZPQjN3K3plaGlOMnUwQ3o3MlBEZS9XYmRqS0FWeFV1UTB3c3RhakdCMytkcWxtMnRHVnFIZGZnMjdlMlUrbGxxTVlwWU5CZElQaFF2bUNkWWh2UkJBcjZhTSsvU2UvWWRMUHFnMmpIYy9MNUNLYWtBSE9QZGl4ZUVRRWVOemZQRGR6ME1Lck92dmtuOHk5UFdTRUJ0ZjNNSVYyTmFaMG0wczdGZzN3RkxKd3BHK3JVZFQzWmNHS0NmSFVOZlZMbGFyK3JSWDFyMUFMTkFOTUZHbitQZ3VWaTF0M2x3ajVuVjNLelFKczltcEdmM0FFNkZJYkxCMmN4MVl0ODdubDVGV2FNb3hRVmdvcSthWXd3cUxrdXlyT1JKZVlmbHd6V2JJa1FHSUYxVGdjand5UnZWb0ZUVg%3D%3D

Request Chain 4

http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1237394603%26sid%3D202205180111524f93d2dd89342f1d9b&s=j&enc=R13dv9hl2DpeJ0d%2BiJfCj349fmtOTmJMZHRqSVROUjV0aHVKY2RyQ3lFN3NvQmZSYWI4T0VuNXNtRldJZnpxbmhTTHFjRzluYm5STk5JYVlzNUxVTWhRR29TZStjTm5SdVczciswdkdjc2ZFeFFEYmNudGNHV0xRVjlmT2xoRjNTTm5EYUoxZkNYOFJwN1JFc0NFNXVrNUFZWGt1c3FTU1NEUTJ6UXZzbDIyTUR5cnNpdnIxd2E5ck1BZXAzTmhqUFdmeXlwWExSU1dHRWhmRktXdUlQTFc4TllnS0c3TmFNN0NOdUNEVWJiTjUvN3ZBYk4rOHZaWHg0Tko3dmkvT1RJai9BQUl4V2hEK0psdytGVXhSU1JwV0hkcVM2bC9veE9KejZwWkhWTWxROSt1WTQzVE5sODV5NlVQNW1OOUhDYmsvQ3VNYy9aazR0cU93bklnNU1EdmNzbFM5MngzdlpRSFJnTjk2OXRPbUVDb0Jwdm5uTEFBUitwL280VHdhOFFXcmRmci80RVE2ZGZiaU9xS09PeThNajY1MXI4aG5oOWxrSlRuRGJqQzY4U2c3MjFpaFRXNUc2RkdSdnJRRytFVkkrODIzTjZNc2YvZmtET1Jjb3A0U2FlOUdJdTlZa2VLZFViVy9tdnlMaWlMdkdYRHAxbDNoSXJiK3VXczVNYU9DVzFYN0hiTnd6b3YxQjh6WE02MmxnaDJ6WHRtcE0xWlllamREdmlYZ3dJRmdibTVkaDcweWlhQnVoc0I0WnJPeFptVUdENisyRjEzOGlCclhwWU9HWDBDMEYzdFJnRnY1VzE1eCtwdFQxNVlFQzJBUUhjNXNZcHdyWXBheWRZd2dRU3Rqa1BkM1VqTkt5eVZNejRQT1cwQS9RR3kzeGJMbFlOU3A5emxqQktXbnJnakd5UE1HNndabEFHdFBvQUJlUEg0NU9SWHMxN05XZUZ4Y2FKWDFZd1lLTGxJUUxjR0dHU3EwQkVGVWt2cTlmczJpMm93MGVldEJNK3hmMXA2STRDVnNheDFqRTl0RXk5UE1rREJ3M1NpZ2NHS2tMUWMvOXk2ZndKYnp4Z0xEbTEvd2UwWVhBaGMxeFZVRUhoSll1cHMrYitETzRiT0RBUzdLV3dHUEJJRXMvd0lTS0V0TXNHR1ZRPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=1237394603&sid=202205180111524f93d2dd89342f1d9b

Request Chain 7

https://ir3.xyz/6274bf7dd86c3?p1=3da3773d230827b540b989b2619fe91d HTTP 302
https://stvkr.com/v2/click-AjK4m-46Vld7-x9nEJ-9ad9d845?tl=1&sa=7079b46f-dcc9-4eb9-85e1-4c8ce95bcf21&sa2=60910da1d915b81f2932b7a1

Request Chain 105

https://10726730.fls.doubleclick.net/activityi;src=10726730;type=norac00;cat=norac0;ord=3405996895400;gtm=2od5g0;auiddc=1675267696.1652800318;~oref=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720 HTTP 302
https://10726730.fls.doubleclick.net/activityi;dc_pre=CKyK2v7o5vcCFUO0GwodLBsLkw;src=10726730;type=norac00;cat=norac0;ord=3405996895400;gtm=2od5g0;auiddc=1675267696.1652800318;~oref=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720

Request Chain 128

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/2fbd08ce3d1f787f3471b34918ac02b6f9e69b0f298a4f65ede5615bb8c79041ac7f4bcb611f57e7daf140d1aa79

Request Chain 187

https://ad.doubleclick.net/ddm/activity/src=10726730;type=-floo0;cat=norac0;u1=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=10726730;dc_pre=CLuy_v_o5vcCFYrFsgod0WYO4Q;type=-floo0;cat=norac0;u1=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=10726730;dc_pre=CLuy_v_o5vcCFYrFsgod0WYO4Q;type=-floo0;cat=norac0;u1=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1

Request Chain 188

https://secure.adnxs.com/px?id=1460301&seg=25959792&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1460301%26seg%3D25959792%26t%3D2

248 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

r2.php Show response
1redirc.com/
Redirect Chain

http://www.downnload.com/
https://www.downnload.com/
http://1redirc.com/r2.php?e=qwDB2QrCWObUu96G6R7zIn49flhDeE8zRWZBYzJSeGtIcUZydE0vY2Z2UnNhdy90aDdqZitPd1ZqUXYrc2tOWVRCcmxuN05NQWdxZ3BNUFpGWHpKaDVKcHh5TktiQ0NsSjNVUGRyLzA4ZGRUeEZFb0FpL0V5Wkh2ZWU0M0VOV...

4 KB
2 KB

521ms
157ms

Document
text/html

103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/r2.php?e=qwDB2QrCWObUu96G6R7zIn49flhDeE8zRWZBYzJSeGtIcUZydE0vY2Z2UnNhdy90aDdqZitPd1ZqUXYrc2tOWVRCcmxuN05NQWdxZ3BNUFpGWHpKaDVKcHh5TktiQ0NsSjNVUGRyLzA4ZGRUeEZFb0FpL0V5Wkh2ZWU0M0VOVk1vK0hZWXdzQ3oweDdVc0dXYk81VXZaV1NPQk5WM0trZys5azZQa3NEa1dlYTBxRUhWZWpBeU9OdFlaQW5tVW9pUmdrMlIyRFlZcjB1YUJoYW9UMW5vQnF6dzdJUkxhS1haTzk5OHpuL1MwMEhBaXFZTVJvQ3kyOWxLQURoZU9wUE9ONG1vYWxvdENoWlUvOFVIN3dtVWZJRkRqK21LK29TVTZVRkUybFFFWTYwOWkrZUMyV1NCSEk0SzlCY3ZBQ1M4Y3Z0WmIwT281bkI1R085ZDR2K3p2MWFQMU9GOFJxcHNGSW5JTHR6OVZTakdvdFY2czFGWGsvdWYydTRTN0lyUEtTVWFKY3ZSTlhVbW4vOEdIZU5Cd1RlS0FjYk9naTlhWkFsTVRmMDVCWVZXN0RpaHFwTS9lRXIwWUNPN0xyOFc1V01CVzhDajNmR0lNcndlMklEdDExSjZwZlRMT0ZPQjN3K3plaGlOMnUwQ3o3MlBEZS9XYmRqS0FWeFV1UTB3c3RhakdCMytkcWxtMnRHVnFIZGZnMjdlMlUrbGxxTVlwWU5CZElQaFF2bUNkWWh2UkJBcjZhTSsvU2UvWWRMUHFnMmpIYy9MNUNLYWtBSE9QZGl4ZUVRRWVOemZQRGR6ME1Lck92dmtuOHk5UFdTRUJ0ZjNNSVYyTmFaMG0wczdGZzN3RkxKd3BHK3JVZFQzWmNHS0NmSFVOZlZMbGFyK3JSWDFyMUFMTkFOTUZHbitQZ3VWaTF0M2x3ajVuVjNLelFKczltcEdmM0FFNkZJYkxCMmN4MVl0ODdubDVGV2FNb3hRVmdvcSthWXd3cUxrdXlyT1JKZVlmbHd6V2JJa1FHSUYxVGdjand5UnZWb0ZUVg%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 3833b580c57145f52617930c1a425d017d0ce1c374f0f9246270590535a06aef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Length: 2034
Content-Type: text/html; charset=UTF-8
Date: Tue, 17 May 2022 15:11:53 GMT
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 17 May 2022 15:11:52 GMT
Location: http://1redirc.com/r2.php?e=qwDB2QrCWObUu96G6R7zIn49flhDeE8zRWZBYzJSeGtIcUZydE0vY2Z2UnNhdy90aDdqZitPd1ZqUXYrc2tOWVRCcmxuN05NQWdxZ3BNUFpGWHpKaDVKcHh5TktiQ0NsSjNVUGRyLzA4ZGRUeEZFb0FpL0V5Wkh2ZWU0M0VOVk1vK0hZWXdzQ3oweDdVc0dXYk81VXZaV1NPQk5WM0trZys5azZQa3NEa1dlYTBxRUhWZWpBeU9OdFlaQW5tVW9pUmdrMlIyRFlZcjB1YUJoYW9UMW5vQnF6dzdJUkxhS1haTzk5OHpuL1MwMEhBaXFZTVJvQ3kyOWxLQURoZU9wUE9ONG1vYWxvdENoWlUvOFVIN3dtVWZJRkRqK21LK29TVTZVRkUybFFFWTYwOWkrZUMyV1NCSEk0SzlCY3ZBQ1M4Y3Z0WmIwT281bkI1R085ZDR2K3p2MWFQMU9GOFJxcHNGSW5JTHR6OVZTakdvdFY2czFGWGsvdWYydTRTN0lyUEtTVWFKY3ZSTlhVbW4vOEdIZU5Cd1RlS0FjYk9naTlhWkFsTVRmMDVCWVZXN0RpaHFwTS9lRXIwWUNPN0xyOFc1V01CVzhDajNmR0lNcndlMklEdDExSjZwZlRMT0ZPQjN3K3plaGlOMnUwQ3o3MlBEZS9XYmRqS0FWeFV1UTB3c3RhakdCMytkcWxtMnRHVnFIZGZnMjdlMlUrbGxxTVlwWU5CZElQaFF2bUNkWWh2UkJBcjZhTSsvU2UvWWRMUHFnMmpIYy9MNUNLYWtBSE9QZGl4ZUVRRWVOemZQRGR6ME1Lck92dmtuOHk5UFdTRUJ0ZjNNSVYyTmFaMG0wczdGZzN3RkxKd3BHK3JVZFQzWmNHS0NmSFVOZlZMbGFyK3JSWDFyMUFMTkFOTUZHbitQZ3VWaTF0M2x3ajVuVjNLelFKczltcEdmM0FFNkZJYkxCMmN4MVl0ODdubDVGV2FNb3hRVmdvcSthWXd3cUxrdXlyT1JKZVlmbHd6V2JJa1FHSUYxVGdjand5UnZWb0ZUVg%3D%3D
Server: Apache/2.4.38 (Debian)

GET
H/1.1 200
OK jscheck.js Show response
1redirc.com/javascript/ 899 B
718 B 151ms
151ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/javascript/jscheck.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=qwDB2QrCWObUu96G6R7zIn49flhDeE8zRWZBYzJSeGtIcUZydE0vY2Z2UnNhdy90aDdqZitPd1ZqUXYrc2tOWVRCcmxuN05NQWdxZ3BNUFpGWHpKaDVKcHh5TktiQ0NsSjNVUGRyLzA4ZGRUeEZFb0FpL0V5Wkh2ZWU0M0VOVk1vK0hZWXdzQ3oweDdVc0dXYk81VXZaV1NPQk5WM0trZys5azZQa3NEa1dlYTBxRUhWZWpBeU9OdFlaQW5tVW9pUmdrMlIyRFlZcjB1YUJoYW9UMW5vQnF6dzdJUkxhS1haTzk5OHpuL1MwMEhBaXFZTVJvQ3kyOWxLQURoZU9wUE9ONG1vYWxvdENoWlUvOFVIN3dtVWZJRkRqK21LK29TVTZVRkUybFFFWTYwOWkrZUMyV1NCSEk0SzlCY3ZBQ1M4Y3Z0WmIwT281bkI1R085ZDR2K3p2MWFQMU9GOFJxcHNGSW5JTHR6OVZTakdvdFY2czFGWGsvdWYydTRTN0lyUEtTVWFKY3ZSTlhVbW4vOEdIZU5Cd1RlS0FjYk9naTlhWkFsTVRmMDVCWVZXN0RpaHFwTS9lRXIwWUNPN0xyOFc1V01CVzhDajNmR0lNcndlMklEdDExSjZwZlRMT0ZPQjN3K3plaGlOMnUwQ3o3MlBEZS9XYmRqS0FWeFV1UTB3c3RhakdCMytkcWxtMnRHVnFIZGZnMjdlMlUrbGxxTVlwWU5CZElQaFF2bUNkWWh2UkJBcjZhTSsvU2UvWWRMUHFnMmpIYy9MNUNLYWtBSE9QZGl4ZUVRRWVOemZQRGR6ME1Lck92dmtuOHk5UFdTRUJ0ZjNNSVYyTmFaMG0wczdGZzN3RkxKd3BHK3JVZFQzWmNHS0NmSFVOZlZMbGFyK3JSWDFyMUFMTkFOTUZHbitQZ3VWaTF0M2x3ajVuVjNLelFKczltcEdmM0FFNkZJYkxCMmN4MVl0ODdubDVGV2FNb3hRVmdvcSthWXd3cUxrdXlyT1JKZVlmbHd6V2JJa1FHSUYxVGdjand5UnZWb0ZUVg%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=qwDB2QrCWObUu96G6R7zIn49flhDeE8zRWZBYzJSeGtIcUZydE0vY2Z2UnNhdy90aDdqZitPd1ZqUXYrc2tOWVRCcmxuN05NQWdxZ3BNUFpGWHpKaDVKcHh5TktiQ0NsSjNVUGRyLzA4ZGRUeEZFb0FpL0V5Wkh2ZWU0M0VOVk1vK0hZWXdzQ3oweDdVc0dXYk81VXZaV1NPQk5WM0trZys5azZQa3NEa1dlYTBxRUhWZWpBeU9OdFlaQW5tVW9pUmdrMlIyRFlZcjB1YUJoYW9UMW5vQnF6dzdJUkxhS1haTzk5OHpuL1MwMEhBaXFZTVJvQ3kyOWxLQURoZU9wUE9ONG1vYWxvdENoWlUvOFVIN3dtVWZJRkRqK21LK29TVTZVRkUybFFFWTYwOWkrZUMyV1NCSEk0SzlCY3ZBQ1M4Y3Z0WmIwT281bkI1R085ZDR2K3p2MWFQMU9GOFJxcHNGSW5JTHR6OVZTakdvdFY2czFGWGsvdWYydTRTN0lyUEtTVWFKY3ZSTlhVbW4vOEdIZU5Cd1RlS0FjYk9naTlhWkFsTVRmMDVCWVZXN0RpaHFwTS9lRXIwWUNPN0xyOFc1V01CVzhDajNmR0lNcndlMklEdDExSjZwZlRMT0ZPQjN3K3plaGlOMnUwQ3o3MlBEZS9XYmRqS0FWeFV1UTB3c3RhakdCMytkcWxtMnRHVnFIZGZnMjdlMlUrbGxxTVlwWU5CZElQaFF2bUNkWWh2UkJBcjZhTSsvU2UvWWRMUHFnMmpIYy9MNUNLYWtBSE9QZGl4ZUVRRWVOemZQRGR6ME1Lck92dmtuOHk5UFdTRUJ0ZjNNSVYyTmFaMG0wczdGZzN3RkxKd3BHK3JVZFQzWmNHS0NmSFVOZlZMbGFyK3JSWDFyMUFMTkFOTUZHbitQZ3VWaTF0M2x3ajVuVjNLelFKczltcEdmM0FFNkZJYkxCMmN4MVl0ODdubDVGV2FNb3hRVmdvcSthWXd3cUxrdXlyT1JKZVlmbHd6V2JJa1FHSUYxVGdjand5UnZWb0ZUVg%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 15:11:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Jan 2022 12:05:23 GMT
Server: Apache/2.4.38 (Debian)
ETag: "383-5d53926b806c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 405

GET
H/1.1 200
OK swfobject.js Show response
1redirc.com/javascript/ 10 KB
4 KB 299ms
149ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/javascript/swfobject.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=qwDB2QrCWObUu96G6R7zIn49flhDeE8zRWZBYzJSeGtIcUZydE0vY2Z2UnNhdy90aDdqZitPd1ZqUXYrc2tOWVRCcmxuN05NQWdxZ3BNUFpGWHpKaDVKcHh5TktiQ0NsSjNVUGRyLzA4ZGRUeEZFb0FpL0V5Wkh2ZWU0M0VOVk1vK0hZWXdzQ3oweDdVc0dXYk81VXZaV1NPQk5WM0trZys5azZQa3NEa1dlYTBxRUhWZWpBeU9OdFlaQW5tVW9pUmdrMlIyRFlZcjB1YUJoYW9UMW5vQnF6dzdJUkxhS1haTzk5OHpuL1MwMEhBaXFZTVJvQ3kyOWxLQURoZU9wUE9ONG1vYWxvdENoWlUvOFVIN3dtVWZJRkRqK21LK29TVTZVRkUybFFFWTYwOWkrZUMyV1NCSEk0SzlCY3ZBQ1M4Y3Z0WmIwT281bkI1R085ZDR2K3p2MWFQMU9GOFJxcHNGSW5JTHR6OVZTakdvdFY2czFGWGsvdWYydTRTN0lyUEtTVWFKY3ZSTlhVbW4vOEdIZU5Cd1RlS0FjYk9naTlhWkFsTVRmMDVCWVZXN0RpaHFwTS9lRXIwWUNPN0xyOFc1V01CVzhDajNmR0lNcndlMklEdDExSjZwZlRMT0ZPQjN3K3plaGlOMnUwQ3o3MlBEZS9XYmRqS0FWeFV1UTB3c3RhakdCMytkcWxtMnRHVnFIZGZnMjdlMlUrbGxxTVlwWU5CZElQaFF2bUNkWWh2UkJBcjZhTSsvU2UvWWRMUHFnMmpIYy9MNUNLYWtBSE9QZGl4ZUVRRWVOemZQRGR6ME1Lck92dmtuOHk5UFdTRUJ0ZjNNSVYyTmFaMG0wczdGZzN3RkxKd3BHK3JVZFQzWmNHS0NmSFVOZlZMbGFyK3JSWDFyMUFMTkFOTUZHbitQZ3VWaTF0M2x3ajVuVjNLelFKczltcEdmM0FFNkZJYkxCMmN4MVl0ODdubDVGV2FNb3hRVmdvcSthWXd3cUxrdXlyT1JKZVlmbHd6V2JJa1FHSUYxVGdjand5UnZWb0ZUVg%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=qwDB2QrCWObUu96G6R7zIn49flhDeE8zRWZBYzJSeGtIcUZydE0vY2Z2UnNhdy90aDdqZitPd1ZqUXYrc2tOWVRCcmxuN05NQWdxZ3BNUFpGWHpKaDVKcHh5TktiQ0NsSjNVUGRyLzA4ZGRUeEZFb0FpL0V5Wkh2ZWU0M0VOVk1vK0hZWXdzQ3oweDdVc0dXYk81VXZaV1NPQk5WM0trZys5azZQa3NEa1dlYTBxRUhWZWpBeU9OdFlaQW5tVW9pUmdrMlIyRFlZcjB1YUJoYW9UMW5vQnF6dzdJUkxhS1haTzk5OHpuL1MwMEhBaXFZTVJvQ3kyOWxLQURoZU9wUE9ONG1vYWxvdENoWlUvOFVIN3dtVWZJRkRqK21LK29TVTZVRkUybFFFWTYwOWkrZUMyV1NCSEk0SzlCY3ZBQ1M4Y3Z0WmIwT281bkI1R085ZDR2K3p2MWFQMU9GOFJxcHNGSW5JTHR6OVZTakdvdFY2czFGWGsvdWYydTRTN0lyUEtTVWFKY3ZSTlhVbW4vOEdIZU5Cd1RlS0FjYk9naTlhWkFsTVRmMDVCWVZXN0RpaHFwTS9lRXIwWUNPN0xyOFc1V01CVzhDajNmR0lNcndlMklEdDExSjZwZlRMT0ZPQjN3K3plaGlOMnUwQ3o3MlBEZS9XYmRqS0FWeFV1UTB3c3RhakdCMytkcWxtMnRHVnFIZGZnMjdlMlUrbGxxTVlwWU5CZElQaFF2bUNkWWh2UkJBcjZhTSsvU2UvWWRMUHFnMmpIYy9MNUNLYWtBSE9QZGl4ZUVRRWVOemZQRGR6ME1Lck92dmtuOHk5UFdTRUJ0ZjNNSVYyTmFaMG0wczdGZzN3RkxKd3BHK3JVZFQzWmNHS0NmSFVOZlZMbGFyK3JSWDFyMUFMTkFOTUZHbitQZ3VWaTF0M2x3ajVuVjNLelFKczltcEdmM0FFNkZJYkxCMmN4MVl0ODdubDVGV2FNb3hRVmdvcSthWXd3cUxrdXlyT1JKZVlmbHd6V2JJa1FHSUYxVGdjand5UnZWb0ZUVg%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 15:11:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Jan 2022 12:05:23 GMT
Server: Apache/2.4.38 (Debian)
ETag: "27ef-5d53926b806c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 3949

GET
H/1.1 200
OK jscheck.php
1redirc.com/ 0
166 B 307ms
158ms XHR
text/html 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/jscheck.php?enc=R13dv9hl2DpeJ0d%2BiJfCj349fmtOTmJMZHRqSVROUjV0aHVKY2RyQ3lFN3NvQmZSYWI4T0VuNXNtRldJZnpxbmhTTHFjRzluYm5STk5JYVlzNUxVTWhRR29TZStjTm5SdVczciswdkdjc2ZFeFFEYmNudGNHV0xRVjlmT2xoRjNTTm5EYUoxZkNYOFJwN1JFc0NFNXVrNUFZWGt1c3FTU1NEUTJ6UXZzbDIyTUR5cnNpdnIxd2E5ck1BZXAzTmhqUFdmeXlwWExSU1dHRWhmRktXdUlQTFc4TllnS0c3TmFNN0NOdUNEVWJiTjUvN3ZBYk4rOHZaWHg0Tko3dmkvT1RJai9BQUl4V2hEK0psdytGVXhSU1JwV0hkcVM2bC9veE9KejZwWkhWTWxROSt1WTQzVE5sODV5NlVQNW1OOUhDYmsvQ3VNYy9aazR0cU93bklnNU1EdmNzbFM5MngzdlpRSFJnTjk2OXRPbUVDb0Jwdm5uTEFBUitwL280VHdhOFFXcmRmci80RVE2ZGZiaU9xS09PeThNajY1MXI4aG5oOWxrSlRuRGJqQzY4U2c3MjFpaFRXNUc2RkdSdnJRRytFVkkrODIzTjZNc2YvZmtET1Jjb3A0U2FlOUdJdTlZa2VLZFViVy9tdnlMaWlMdkdYRHAxbDNoSXJiK3VXczVNYU9DVzFYN0hiTnd6b3YxQjh6WE02MmxnaDJ6WHRtcE0xWlllamREdmlYZ3dJRmdibTVkaDcweWlhQnVoc0I0WnJPeFptVUdENisyRjEzOGlCclhwWU9HWDBDMEYzdFJnRnY1VzE1eCtwdFQxNVlFQzJBUUhjNXNZcHdyWXBheWRZd2dRU3Rqa1BkM1VqTkt5eVZNejRQT1cwQS9RR3kzeGJMbFlOU3A5emxqQktXbnJnakd5UE1HNndabEFHdFBvQUJlUEg0NU9SWHMxN05XZUZ4Y2FKWDFZd1lLTGxJUUxjR0dHU3EwQkVGVWt2cTlmczJpMm93MGVldEJNK3hmMXA2STRDVnNheDFqRTl0RXk5UE1rREJ3M1NpZ2NHS2tMUWMvOXk2ZndKYnp4Z0xEbTEvd2UwWVhBaGMxeFZVRUhoSll1cHMrYitETzRiT0RBUzdLV3dHUEJJRXMvd0lTS0V0TXNHR1ZRPT0%3D&rand=0.5845180001880053
Requested by: Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=qwDB2QrCWObUu96G6R7zIn49flhDeE8zRWZBYzJSeGtIcUZydE0vY2Z2UnNhdy90aDdqZitPd1ZqUXYrc2tOWVRCcmxuN05NQWdxZ3BNUFpGWHpKaDVKcHh5TktiQ0NsSjNVUGRyLzA4ZGRUeEZFb0FpL0V5Wkh2ZWU0M0VOVk1vK0hZWXdzQ3oweDdVc0dXYk81VXZaV1NPQk5WM0trZys5azZQa3NEa1dlYTBxRUhWZWpBeU9OdFlaQW5tVW9pUmdrMlIyRFlZcjB1YUJoYW9UMW5vQnF6dzdJUkxhS1haTzk5OHpuL1MwMEhBaXFZTVJvQ3kyOWxLQURoZU9wUE9ONG1vYWxvdENoWlUvOFVIN3dtVWZJRkRqK21LK29TVTZVRkUybFFFWTYwOWkrZUMyV1NCSEk0SzlCY3ZBQ1M4Y3Z0WmIwT281bkI1R085ZDR2K3p2MWFQMU9GOFJxcHNGSW5JTHR6OVZTakdvdFY2czFGWGsvdWYydTRTN0lyUEtTVWFKY3ZSTlhVbW4vOEdIZU5Cd1RlS0FjYk9naTlhWkFsTVRmMDVCWVZXN0RpaHFwTS9lRXIwWUNPN0xyOFc1V01CVzhDajNmR0lNcndlMklEdDExSjZwZlRMT0ZPQjN3K3plaGlOMnUwQ3o3MlBEZS9XYmRqS0FWeFV1UTB3c3RhakdCMytkcWxtMnRHVnFIZGZnMjdlMlUrbGxxTVlwWU5CZElQaFF2bUNkWWh2UkJBcjZhTSsvU2UvWWRMUHFnMmpIYy9MNUNLYWtBSE9QZGl4ZUVRRWVOemZQRGR6ME1Lck92dmtuOHk5UFdTRUJ0ZjNNSVYyTmFaMG0wczdGZzN3RkxKd3BHK3JVZFQzWmNHS0NmSFVOZlZMbGFyK3JSWDFyMUFMTkFOTUZHbitQZ3VWaTF0M2x3ajVuVjNLelFKczltcEdmM0FFNkZJYkxCMmN4MVl0ODdubDVGV2FNb3hRVmdvcSthWXd3cUxrdXlyT1JKZVlmbHd6V2JJa1FHSUYxVGdjand5UnZWb0ZUVg%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 15:11:54 GMT
Server: Apache/2.4.38 (Debian)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

r6
clever-redirect.com/s/
Redirect Chain

http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1237394603%26sid%3D202205180111524f93d2dd89342f1d9b&s=j&enc=R13dv9hl2DpeJ0d%2BiJfCj349fmtOTmJMZHRqSVROUjV0a...
https://clever-redirect.com/s/r6?s=721614&s3=1237394603&sid=202205180111524f93d2dd89342f1d9b

324 B
674 B

44ms
15ms

Document
text/html

78.46.197.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clever-redirect.com/s/r6?s=721614&s3=1237394603&sid=202205180111524f93d2dd89342f1d9b
Requested by: Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.197.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.197.46.78.clients.your-server.de
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash

Request headers

Referer: http://1redirc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 324
content-type: text/html; charset=UTF-8
date: Tue, 17 May 2022 15:11:55 GMT
referrer-policy: no-referrer
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by: PHP/7.4.27

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 17 May 2022 15:11:55 GMT
Location: https://clever-redirect.com/s/r6?s=721614&s3=1237394603&sid=202205180111524f93d2dd89342f1d9b
Server: Apache/2.4.38 (Debian)

GET
H2 200 a Show response
lookandfind.me/s/ 328 B
495 B 51ms
27ms Document
text/html 157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/a?t=6&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=noracora.com&s1=721614&s2=&s3=1237394603&s5=woc
Requested by: Host: clever-redirect.com
URL: https://clever-redirect.com/s/r6?s=721614&s3=1237394603&sid=202205180111524f93d2dd89342f1d9b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash: da3ae9f0c301e5769910c90b65690fdcf633d70b81a2b1fa875194ea470d8ecb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 328
content-type: text/html; charset=UTF-8
date: Tue, 17 May 2022 15:11:55 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24
x-powered-by: PHP/7.4.24

GET
H2 200 r
lookandfind.me/s/ 270 B
299 B 15ms
15ms Document
text/html 157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/r?u=https%3A%2F%2Fir3.xyz%2F6274bf7dd86c3%3Fp1%3D3da3773d230827b540b989b2619fe91d&h=bc7881a2f2475de918ce732fb75d1f62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash

Request headers

Referer: https://lookandfind.me/s/a?t=6&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=noracora.com&s1=721614&s2=&s3=1237394603&s5=woc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 270
content-type: text/html; charset=UTF-8
date: Tue, 17 May 2022 15:11:55 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24
x-powered-by: PHP/7.4.24

GET
H/1.1

200
OK

click-AjK4m-46Vld7-x9nEJ-9ad9d845
stvkr.com/v2/
Redirect Chain

https://ir3.xyz/6274bf7dd86c3?p1=3da3773d230827b540b989b2619fe91d
https://stvkr.com/v2/click-AjK4m-46Vld7-x9nEJ-9ad9d845?tl=1&sa=7079b46f-dcc9-4eb9-85e1-4c8ce95bcf21&sa2=60910da1d915b81f2932b7a1

2 KB
2 KB

70ms
20ms

Document
text/html

212.32.251.44
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://stvkr.com/v2/click-AjK4m-46Vld7-x9nEJ-9ad9d845?tl=1&sa=7079b46f-dcc9-4eb9-85e1-4c8ce95bcf21&sa2=60910da1d915b81f2932b7a1
Requested by: Host: lookandfind.me
URL: https://lookandfind.me/s/r?u=https%3A%2F%2Fir3.xyz%2F6274bf7dd86c3%3Fp1%3D3da3773d230827b540b989b2619fe91d&h=bc7881a2f2475de918ce732fb75d1f62
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.32.251.44 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://lookandfind.me/s/r?u=https%3A%2F%2Fir3.xyz%2F6274bf7dd86c3%3Fp1%3D3da3773d230827b540b989b2619fe91d&h=bc7881a2f2475de918ce732fb75d1f62
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 17 May 2022 15:11:56 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 17 May 2022 15:11:56 GMT
Location: https://stvkr.com/v2/click-AjK4m-46Vld7-x9nEJ-9ad9d845?tl=1&sa=7079b46f-dcc9-4eb9-85e1-4c8ce95bcf21&sa2=60910da1d915b81f2932b7a1
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-DATA-COUPONUTS: MTM3NTU6NzA3OWI0NmYtZGNjOS00ZWI5LTg1ZTEtNGM4Y2U5NWJjZjIx

GET
H2

200

Primary Request / Show response
noracora.com/
Redirect Chain

https://stvkr.com/v2/click-AjK4m-46Vld7-x9nEJ-9ad9d845?tl=1&sa=7079b46f-dcc9-4eb9-85e1-4c8ce95bcf21&sa2=60910da1d915b81f2932b7a1&no_cookie=1&rfr=NNNNS%2BfhcApNO9IAl9SYmZgWF8kBm8%2FWm9sFgvtcXFwYNjVN...
https://noracora.pxf.io/NKv55v?SharedId=9wLZ1WmEK9Z5c90&subId2=KOxnQM&u=
https://www.ojrq.net/p/?return=https%3A%2F%2Fnoracora.pxf.io%2Fc%2F1234031%2F1309225%2F15980%3FSharedId%3D9wLZ1WmEK9Z5c90%26subId2%3DKOxnQM%26u%3D%26svlink%3D5616180%26level%3D1%26srcref%3Dhttps%25...
https://noracora.pxf.io/c/1234031/1309225/15980?SharedId=9wLZ1WmEK9Z5c90&subId2=KOxnQM&u=&svlink=5616180&level=1&srcref=https%3A%2F%2Fstvkr.com%2F&brwsr=b109041a-d5f3-11ec-a560-3b7a0116e7cd&brwsrsi...
https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&u...

1 MB
129 KB

823ms
767ms

Document
text/html

65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720

Requested by

Host: stvkr.com
URL: https://stvkr.com/v2/click-AjK4m-46Vld7-x9nEJ-9ad9d845?tl=1&sa=7079b46f-dcc9-4eb9-85e1-4c8ce95bcf21&sa2=60910da1d915b81f2932b7a1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

789d2f63cc1babb8872b67fbd961c74e802e5fbe6448e40d6864ba8a6539b853

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stvkr.com/v2/click-AjK4m-46Vld7-x9nEJ-9ad9d845?tl=1&sa=7079b46f-dcc9-4eb9-85e1-4c8ce95bcf21&sa2=60910da1d915b81f2932b7a1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 17 May 2022 15:11:57 GMT
etag: W/"13c770-lDmNYF4koktHXtGGsOI/Ncw3XCc"
server: openresty
strict-transport-security: max-age=31536000; includeSubdomains; preload max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
x-amz-cf-id: A9Ac9sUzyWu1ZfwXJkQDnFtqDvMdY1PYdSg6WxOTyD_0BkIQfvjVaw==
x-amz-cf-pop: ZAG50-C1
x-cache: Miss from cloudfront
x-cache-status: MISS
x-content-type-options: nosniff
x-powered-by: Express
x-response-time: 503.804ms
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
date: Tue, 17 May 2022 15:11:56 GMT
expires: Tue, 17 May 2022 15:11:56 GMT
location: https://noracora.com?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
pragma: no-cache
via: 1.1 google

GET
H2 200 futura.woff
noracora.com/static/ 18 KB
18 KB 26ms
25ms Font
font/woff 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/static/futura.woff

Requested by

Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

29a13c4e1a7fd52b35fc98429da1397df6bd3940db63623406a5548402875b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
etag: W/"46c0-1806535b038"
age: 365847
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18112
x-response-time: 1.819ms
last-modified: Tue, 26 Apr 2022 09:30:59 GMT
server: openresty
date: Fri, 13 May 2022 09:34:31 GMT
content-type: font/woff
cache-control: public, max-age=0, public, max-age=31536000
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
x-amz-cf-id: 3cUsKyBvBUas_OCkksu-0oYUH6UbAULHVR0EN4nqA0hXOIqyJB3XmA==

GET
H2 200 font_1199517_i448p0pizvd.js Show response
at.alicdn.com/t/ 154 KB
51 KB 586ms
150ms Script
application/javascript 8.45.52.250

General

Check archive.org

Show headers Download Go to

Full URL: https://at.alicdn.com/t/font_1199517_i448p0pizvd.js
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.45.52.250 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: 39838046ca9987aae8b9b4ecfabfea8487e8dd19f9952e18687b333fdc1722ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 09:26:03 GMT
content-encoding: gzip
x-oss-request-id: 61BB062B9F70D6323752C46D
content-md5: 1Q9f+5ZitgrMTweeAsPJ/Q==
age: 13153554
x-cache: HIT TCP_MEM_HIT dirn:11:252204622
x-swift-cachetime: 57302724
x-swift-savetime: Mon, 21 Feb 2022 04:00:39 GMT
content-length: 51278
x-oss-object-type: Normal
access-control-allow-origin: *
last-modified: Fri, 10 Dec 2021 06:26:58 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1639646763
content-type: application/javascript
via: cache32.l2ot7-1[0,0,200-0,H], cache9.l2ot7-1[1,0], cache3.us8[0,0,200-0,H], cache1.us8[1,0]
cache-control: max-age=63072000
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 1121390269737962638
eagleid: 082d349516528003179763616e
x-oss-server-time: 11

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 54ms
13ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,400;1,100&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5fe90280875fb1c1556e46db62d7e1331e6fc5050e1f6c2ad369b4fcd4695173

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 17 May 2022 15:11:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 17 May 2022 15:11:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 tgpA3U7vGA1652166229.jpg
noracora.com/image/catalog/activity/ 13 KB
13 KB 35ms
18ms Image
image/webp 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noracora.com/image/catalog/activity/tgpA3U7vGA1652166229.jpg
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.26.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-26-121.zag50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1debd9fb051712d794ed8bafd87454babc1f0de13d7407cc48cac80d8f86079f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 18:01:47 GMT
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
last-modified: Tue, 10 May 2022 07:04:20 GMT
server: AmazonS3
age: 162611
etag: "0945051b21dbb2d0f8b385c1550c9659"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-length: 13048
x-amz-cf-id: lyDQxDivjZalg_UMSG2fTXGv51ls3UCn_r6kzJdRGcZ5sRyXEtUXdQ==

GET
H2 200 dL3Mnr4cqL1652166150.jpg
noracora.com/image/catalog/activity/ 264 KB
264 KB 37ms
24ms Image
image/webp 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noracora.com/image/catalog/activity/dL3Mnr4cqL1652166150.jpg
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.26.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-26-121.zag50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4cbb8418fce7479f876b994c15db4c37b05a1a2fafe0ef5b8ab5edda8c3efd09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:26:47 GMT
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
last-modified: Tue, 10 May 2022 07:04:01 GMT
server: AmazonS3
age: 27911
etag: "a99ead1e420e80fa24e0cfb28765889e"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-length: 269846
x-amz-cf-id: Z8raCo-SPV-ipHCtJhy7lDHhwai-KrTMTlhg40X2J0EytTOH-HTukw==

GET
H2 200 m17RtRa4Ku1648452439.jpg
noracora.com/image/catalog/activity/ 7 KB
7 KB 36ms
25ms Image
image/webp 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noracora.com/image/catalog/activity/m17RtRa4Ku1648452439.jpg
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.26.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-26-121.zag50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c42579de372a61fce7060d5bc79979ff1274e2b993a50b804ee77a68a4eed291

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 04:35:42 GMT
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
last-modified: Mon, 28 Mar 2022 07:27:50 GMT
server: AmazonS3
age: 124575
etag: "18784c92c91827ae2f2513d80cc025fc"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-length: 6936
x-amz-cf-id: rHMNLz1c1MkvP7hGRgbsinkGIPAtbBApXBoTyvN6xuMxvs__4Lvq0g==

GET
H2 200 MoagAeVP3x1652165893.jpg
noracora.com/image/catalog/activity/ 70 KB
70 KB 60ms
49ms Image
image/webp 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noracora.com/image/catalog/activity/MoagAeVP3x1652165893.jpg
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.26.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-26-121.zag50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ace677c97460b0c4dafc67749c8a3413aa6701d9a57b6a6bea41a06110e40219

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:26:47 GMT
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
last-modified: Tue, 10 May 2022 06:59:12 GMT
server: AmazonS3
age: 27911
etag: "792607de867faaf5b7a1369c9e58f525"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-length: 71606
x-amz-cf-id: UL7mOU2JzSoyVaGBhCbpU_usMiy7ZTu4-UXYdyZ5skdVqYhDbyVaLQ==

GET
H2 200 iLp74fzEht1652165900.jpg
noracora.com/image/catalog/activity/ 81 KB
82 KB 60ms
49ms Image
image/webp 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noracora.com/image/catalog/activity/iLp74fzEht1652165900.jpg
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.26.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-26-121.zag50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d7615fba68738296b8008ee114b70548000e73df35021e502499d8fa3fd0de1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:26:47 GMT
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
last-modified: Tue, 10 May 2022 06:59:12 GMT
server: AmazonS3
age: 27911
etag: "60e53f60ffae2f5c308e1a213f4fe0fa"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-length: 83138
x-amz-cf-id: 5eLrlDpiXr5QHX2wjCrpy6hsnFJCLOHcdrhObStQVk9Zy2x9daotMA==

GET
H2 200 21776de0a5a4fd9b086c.css
noracora.com/_next/static/css/ 10 KB
3 KB 25ms
24ms Stylesheet
text/css 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/css/21776de0a5a4fd9b086c.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

d007e5cdfcc85939444c9a3b6fa93b37d403c613b014ae5946ef8037027908b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 117639
x-powered-by: Express
x-cache: Hit from cloudfront
date: Mon, 16 May 2022 06:31:29 GMT
x-xss-protection: 1; mode=block
x-response-time: 0.774ms
last-modified: Tue, 26 Apr 2022 09:33:50 GMT
server: openresty
etag: W/"26e9-18065384c30"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: DphlS-xb4k2leTbA5kjOWqq0JYirfs_bYrm2GzcYEjy-Wo-LWmSYKA==

GET
H2 200 009d4027b9c6af62b38e.css
noracora.com/_next/static/css/ 13 KB
4 KB 26ms
24ms Stylesheet
text/css 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/css/009d4027b9c6af62b38e.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

afc6be4f4b5f58bd2e1d6fe8d2eff2edd09073dec202c0b431fe168f37170705

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 11:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11578
x-powered-by: Express
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.765ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"3479-180d1207d28"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: 7dZCHgx3_yyfKlA37hdSy2MTYp2HEwPByQFip_j9WmqmiSLdH-OeLQ==

GET
H2 200 cb16e9a42621755dff0c7f4c6108defb605e7e97.124960f5c4bef5cef631.js Show response
noracora.com/_next/static/chunks/ 12 KB
5 KB 224ms
221ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/cb16e9a42621755dff0c7f4c6108defb605e7e97.124960f5c4bef5cef631.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

ce6678c03366e3e913a19d1245613bec0df7e164b3c208d1bfe1f0d7e8cd211d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 1.714ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"2e08-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 7YCR9JJnjdszPr1fqwpYUbL2TOfGq7enVBFWHA_Cg84JyMVBx8gnqw==

GET
H2 200 5c8e9372be9ed8b7f0bcfe79f67a184ea4f76124.be7a5009efdb52f24d87.js Show response
noracora.com/_next/static/chunks/ 10 KB
3 KB 199ms
195ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/5c8e9372be9ed8b7f0bcfe79f67a184ea4f76124.be7a5009efdb52f24d87.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

66118437cc76650f2d00114241f045f0fb94c399255b006d3e1d7dc138e7141c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 1.296ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"2661-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: nIMucoOWx-hMd0D0V7GCTa-xKssr9H12M5-VEfiSmfhgQJdiPm8m8g==

GET
H2 200 380d42e81165839365c4703ae67985f785a96bdc.a892526447460ea22898.js Show response
noracora.com/_next/static/chunks/ 165 KB
41 KB 210ms
204ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/380d42e81165839365c4703ae67985f785a96bdc.a892526447460ea22898.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

f6e0deb339694520ce928323c06750ed0129007c9eeca794452da0cc816260eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.890ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"295a5-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 1815LslqWjjVV0QOHDDGPqwwj3WKtoxgv62QGw5N9a7FEPlWPsbqzQ==

GET
H2 200 8c8b213ebec95c34cd34d9c818a41f4799ffc010.2a902e5cd57059399594.js Show response
noracora.com/_next/static/chunks/ 15 KB
5 KB 200ms
194ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/8c8b213ebec95c34cd34d9c818a41f4799ffc010.2a902e5cd57059399594.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

f270bb0c0e21c689a80cfd96561a2760eb3358bffa6b3cd9ae8a42ec0df40216

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.761ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"3d1c-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: kl9qq3N6LtnW3FwBDbIo2s0KpaBb_bmyb3b6RRHQDbyOt-cpgWNNlA==

GET
H2 200 104.d868915c7c6b9e67f35f.js Show response
noracora.com/_next/static/chunks/ 103 KB
26 KB 205ms
199ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/104.d868915c7c6b9e67f35f.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

ffc1e443a700db7ed765925bcdc9b4572dfd89b3c18978a41af71e95734cf087

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 1.929ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"19cca-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: LrxG-alWAHtewV-7il69f4lSJRMgF-DsOl8Umioq2BP5a0-LEC_6sg==

GET
H2 200 135.f2311ff058137a480f1e.js Show response
noracora.com/_next/static/chunks/ 2 KB
2 KB 215ms
207ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/135.f2311ff058137a480f1e.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

71e5f6ded670161d73acd6ceda3a31ebeb9a93e8504429446ad799bae9b5e1e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.782ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"96f-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: JalcghNAThhYp4J0p4hoA_30P1ehc6Qp6BKs5G7ZAHlyW4xesMCGdw==

GET
H2 200 106.0f73340d3f8a0efa802c.js Show response
noracora.com/_next/static/chunks/ 69 KB
20 KB 654ms
646ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/106.0f73340d3f8a0efa802c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

d26a0c5287f55d13718f5f6ccafe93576ecb06a10188fd6f21d6fbd712c997ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.823ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"11325-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: _DgUhfxB2ScIN_-7xHkPJaHvl3vC3VONUUNeRSyxqMv1ucLrUb1DcA==

GET
H2 200 111.e5a6a0dc55f8f5377ea3.js Show response
noracora.com/_next/static/chunks/ 11 KB
5 KB 248ms
240ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/111.e5a6a0dc55f8f5377ea3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

59c32b7590ad285ae70a14fd2e75a7d26842d101a14e4c5e5c9eecd7bc44bb3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.952ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"2d99-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: lEmeX8MN6RiYQ09qnCeo51Rv5qTa9dg57Di5ylueBIrAZPP4vVED2Q==

GET
H2 200 1ad6307d6727159eb4c2561fbc3ffa30080c8e6c.a12cacafdc68f4fa6364.js Show response
noracora.com/_next/static/chunks/ 13 KB
4 KB 228ms
220ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/1ad6307d6727159eb4c2561fbc3ffa30080c8e6c.a12cacafdc68f4fa6364.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

497f7417863953bee73fdcc95e829a0ef7d1126efa8e2ba6a1a191556227e916

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.761ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"336a-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: LpAHriCQycRNm4yZJx0TmrsrLKSEiUnvUXU7BtUMMBkuc7OunJAUNQ==

GET
H2 200 6a4b677102e8d7206c109266081f35e697ba4b31.b1e25f2137df733b6acd.js Show response
noracora.com/_next/static/chunks/ 50 KB
15 KB 228ms
220ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/6a4b677102e8d7206c109266081f35e697ba4b31.b1e25f2137df733b6acd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

7611e7ede9a86f22a84bf6c3687089f8dd6938cd6ca7543ac6bd276946ca9b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.855ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"c777-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: pJiEy-MlTC5cI_3W3c5DjlWtAD6mR_f6aDJHF4DkVcPx56zRB21rjQ==

GET
H2 200 108.f581756ac43bb28c96bc.js Show response
noracora.com/_next/static/chunks/ 44 KB
13 KB 228ms
220ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/108.f581756ac43bb28c96bc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

1690ec838b85e79a402499ae733bf02a1bc6d854179f7157f331db53964bb6d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.735ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"b1c6-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 2LlwTK71EQVNVbJC2q1JesM8Yh4zdz120yERUzSLycPn_FBz0rr52A==

GET
H2 200 107.ac7ba24c079049c82c35.js Show response
noracora.com/_next/static/chunks/ 45 KB
14 KB 211ms
203ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/107.ac7ba24c079049c82c35.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

157ae16f8ad4fa03467fa1b04a9a53caa41d33f12b8c784ff12881e6b640f2ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.860ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"b385-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: bW6eSh96xzwlQZWnDvW29Z-g_nMT7je3ibyFOTd67H7BiD24DzF4oQ==

GET
H2 200 102.1468e68e9614dc228aa0.js Show response
noracora.com/_next/static/chunks/ 141 KB
39 KB 263ms
255ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/102.1468e68e9614dc228aa0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

a613a2d65ac54c9d41e49624f1424b1ca20f48e3f017c17830af8127c4cda4fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.838ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"23564-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: -6cEMkn5N5qFeyDZR-yo1NTd6_M1rsAGO_QQpNhtZCe6JrH-squC_A==

GET
H2 200 101.6f1203610f5a6954904b.js Show response
noracora.com/_next/static/chunks/ 54 KB
16 KB 243ms
235ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/101.6f1203610f5a6954904b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

322d68baa6a99ef39ef6db62efcdb4735271605414b2ae04906cc582bd9f07c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.980ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"d7c0-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: tJwTiW3vrBf4ZB6rDlhacJq5Hkj9hubRHIhDtlRopQrIBlPiGfESew==

GET
H2 200 main-6fd61f0a5e377e851e83.js Show response
noracora.com/_next/static/chunks/ 20 KB
8 KB 672ms
664ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/main-6fd61f0a5e377e851e83.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

03a489972229b8cf54326e7d9e38645917d164de26b38d995588fb9a373fe67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.823ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"4f28-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: aOPnj0wWtrZVS7UB_nOWXlLurHGUzYtNYKxa8wZO2ye7TJvwkbrAuw==

GET
H2 200 webpack-90719b980c209c207237.js Show response
noracora.com/_next/static/chunks/ 8 KB
4 KB 225ms
218ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/webpack-90719b980c209c207237.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

649c77d53ec4e030905b124b24ac1513f034511a634d7715355b56667a1ac445

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.635ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"2003-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 9FB_WcIXdDYbsrWCKltcwdv2HsSm5nn-iVcQzQBpePURuDzqL3DsdA==

GET
H2 200 framework.3105c3e333ee10fd9558.js Show response
noracora.com/_next/static/chunks/ 129 KB
42 KB 263ms
256ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/framework.3105c3e333ee10fd9558.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

4e0e1e988e01c390c4e977764e65b3d439b32641f6f80533a338b4e39c23267b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 1.065ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"20274-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: R75dUuSfNnlfiDnmFrHf0wR7g0iomP0WxsvPAjIfREuG4Hmllr0gLg==

GET
H2 200 commons.c1e8cb5bddc14e39df3d.js Show response
noracora.com/_next/static/chunks/ 75 KB
27 KB 246ms
239ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/commons.c1e8cb5bddc14e39df3d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

e9fc871e6f49b5eee90271ae8d7414b31057498093ae7b53221eb09a73185649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.881ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"12b80-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: BsJk-weNq7LMbCNLTU1Z32Zf5JzGGWJgpaPLE5d34yG8IgCIJV7o4A==

GET
H2 200 df36674ea73f2f8fb906baf455a54ca33bcc9977.503bd71db2b2cbcbfc94.js Show response
noracora.com/_next/static/chunks/ 10 KB
4 KB 240ms
233ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/df36674ea73f2f8fb906baf455a54ca33bcc9977.503bd71db2b2cbcbfc94.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

35421b5c208d0ad760209424756e3edff966fbaa553aa62d7e7ac075394e54ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.875ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"27b1-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: HOBOrIg1Gu0j5bdA3ClHLZ3eeIRfxyFcWJczNYJnm912gXwhVny-WQ==

GET
H2 200 71b5d7c6608ae271ea2a73e79131205335737294.3d4fe868c6e1e93d6737.js Show response
noracora.com/_next/static/chunks/ 19 KB
7 KB 252ms
245ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/71b5d7c6608ae271ea2a73e79131205335737294.3d4fe868c6e1e93d6737.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

59513a4caf6dc441d96679c3b72083bd91196574ffc82dd31ff67e5e29265f7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 1.211ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"4dde-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: Swwhto5yo2YZ36VMXxddsC7Pib3jFrXqs8kcEC0ovpHoEQ9fXVbNkg==

GET
H2 200 468d62d50f96ff182eaa6461aeffe179ddb51e55.9d5692061dee2e321a4c.js Show response
noracora.com/_next/static/chunks/ 26 KB
10 KB 215ms
209ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/468d62d50f96ff182eaa6461aeffe179ddb51e55.9d5692061dee2e321a4c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

19df2f4636e335586330f7fc61067a1d29523a2ae37a641979a2fb05647727d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 1.056ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"69ca-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: th_A00RvUzjkufqreo9Ruv41_EDsTDX8wD05YXCtZTU_aTMenYPzeQ==

GET
H2 200 a159f834b048a4d63f12173d0d48cc3befa2f30c.108b53133284edaa1e5b.js Show response
noracora.com/_next/static/chunks/ 9 KB
4 KB 219ms
212ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/a159f834b048a4d63f12173d0d48cc3befa2f30c.108b53133284edaa1e5b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

646a541e113020cef37f018467c3306ff3cb2d6f435d0806d8368dad24c97343

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.749ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"23ab-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 2nD-dPoO7AxncJrLiQ3UKvtUyG6SG7Z5F1vB-f8KfcxDnp4PIt57fw==

GET
H2 200 cc5c80950987c41c48b560c7e7718f5293e30af1.503fa63a45d71525670b.js Show response
noracora.com/_next/static/chunks/ 9 KB
4 KB 242ms
235ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/cc5c80950987c41c48b560c7e7718f5293e30af1.503fa63a45d71525670b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

27fc2b35704c71658cb391da2678d197c71b1a00a13c2ec0226d3bbe3afc6439

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.938ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"24b5-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: URTxIlOzfI-vkzoHSfNY2F4HS1k_U44rersSTYP7w4uklJ8P12HOLg==

GET
H2 200 2e77556187aab7d7da499b9f68205317b087d73c.947c0ddcc0949aecb29f.js Show response
noracora.com/_next/static/chunks/ 17 KB
6 KB 231ms
225ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/2e77556187aab7d7da499b9f68205317b087d73c.947c0ddcc0949aecb29f.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

a483035970c0d8040b0718c1d73d22b8c62cd6e06658b99a339cae8294b86cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.842ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"4426-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: ExI_6WDpJFb7HrUvtNnb7REfzf8Khl7vbmVC1LqT5jDwjp_wnHL90A==

GET
H2 200 56ee975b05db03df9aeb0f54fb0a612b2fe2e6b6.79dcc692fbd53099958a.js Show response
noracora.com/_next/static/chunks/ 9 KB
4 KB 219ms
213ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/56ee975b05db03df9aeb0f54fb0a612b2fe2e6b6.79dcc692fbd53099958a.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

2e36be5ecbadb804d9d1d73af67e5d3df88dd20d0259d72c18e728553f0af7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.966ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"25ab-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: RknF4-k4GQ1q2iXYUIEj1EKJbzFlHl3UIp59O5KLU-REUNP9dKJ6xg==

GET
H2 200 95b70baaaaa67dd5a0feff61396956e036045177.7de04737b049cbb4591b.js Show response
noracora.com/_next/static/chunks/ 6 KB
3 KB 233ms
227ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/95b70baaaaa67dd5a0feff61396956e036045177.7de04737b049cbb4591b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

52c9e1d5b8267cbf303877349189ae507b85e9fecd9d5a00b6ac6d4254db455a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 1.007ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"17f9-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 95-yoTS4qyXrP15V5UOVasbBrmi9SLxrX3mKrlP7pMqWMBmrmwnQXw==

GET
H2 200 bca0bd9c367cfbd49a0be623595ae651892a7265.83be5cc2406c3c7da6de.js Show response
noracora.com/_next/static/chunks/ 16 KB
6 KB 267ms
262ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/bca0bd9c367cfbd49a0be623595ae651892a7265.83be5cc2406c3c7da6de.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

35292ad5ebdec2b69df473f981fba41e7857f71070a763c0507ed4f223d12c28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 1.005ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"40ec-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: qqZxe1FUtSFLRkU2ui6bD7OaqGHxkBJfpc3OM7YErQFkcZy-iJ42AA==

GET
H2 200 45cd8388f06b3ed3749ae9d63166bd3dcce37b03.3c98b7c04f7be585b40d.js Show response
noracora.com/_next/static/chunks/ 40 KB
12 KB 223ms
217ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/45cd8388f06b3ed3749ae9d63166bd3dcce37b03.3c98b7c04f7be585b40d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

670336c7a01a2eba128c7baa9e0c4d411d690d2bf0af5b16180066efe5f4671a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 1.035ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"9f75-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: g5OZ_av6L4O3ptEDKep_jvHVAUP_3fa84G6_a5EfZfvb_PH6uVkxxA==

GET
H2 200 da004bc953067c01c3ef2bc3666a7bdb86aac904.ac2937ef6e063e194f1b.js Show response
noracora.com/_next/static/chunks/ 13 KB
5 KB 233ms
228ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/da004bc953067c01c3ef2bc3666a7bdb86aac904.ac2937ef6e063e194f1b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

ec7fa8d8bd2a6ab04d184cc8e3631c40bce05c6692b25fb65b624cd5bdb021c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 1.024ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"3337-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: sSVkYdfhsIVvM0dF2uctca0vDjrSj2lH4_yf_nZmB5CRqzWLdECaFA==

GET
H2 200 f11eb017a2060b7fca50c5ebf2efc7018a5a551b.92e25c60b7dd47fcb4ed.js Show response
noracora.com/_next/static/chunks/ 15 KB
4 KB 266ms
261ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/f11eb017a2060b7fca50c5ebf2efc7018a5a551b.92e25c60b7dd47fcb4ed.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

9355e17318f74aef88dacc37013716a2478e6fe85881a327cfd222a02f5e1a20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.703ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"3ad0-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: Yr_kQGlhx-_WU-7w9m8yjrPwaElG_6K0JtMV2ZmzP3g0RKvAI09MVQ==

GET
H2 200 70bc3c431769a7f742686231b5461c7ab14af988.0ea4e24b5d945d0c6f0e.js Show response
noracora.com/_next/static/chunks/ 12 KB
4 KB 218ms
213ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/70bc3c431769a7f742686231b5461c7ab14af988.0ea4e24b5d945d0c6f0e.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

0b17090117c8a8ee9ab439a234181893eaa1ef4b7e9bec7ef5b426d91aacd2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.890ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"2f0a-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: q9Vyk7dJsh-voJNkaRpGjNeivhuo4OuhTHFQ2mmpzxadL6a4zg139Q==

GET
H2 200 8fcd6ac119a8ba09bfe8c074c5f55a95bbc3dedb.847ec983b8b8d77093be.js Show response
noracora.com/_next/static/chunks/ 9 KB
3 KB 238ms
233ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/8fcd6ac119a8ba09bfe8c074c5f55a95bbc3dedb.847ec983b8b8d77093be.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

8ab527f292c2886c9f1be9d85f566fbcf00fdd20468863e365295826e62ee91d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.750ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"2241-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: BVEYM8Xv2ge9lY-1n-THQLpHFfuKRPcW5jrpxU4KZTbNpV7cuu3-fQ==

GET
H2 200 c91ac2621178163a7dd7456904450ee2cb103b3c.30b80c51786eedebc4a1.js Show response
noracora.com/_next/static/chunks/ 17 KB
4 KB 230ms
226ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/c91ac2621178163a7dd7456904450ee2cb103b3c.30b80c51786eedebc4a1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

55933f759a9712b62784c956a0d25b8a1d75f7f0caaf32e2721cc48477f8177f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.657ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"44da-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: gm8T8PDqOfgLA2EYwP6TGpGsgTDfL_EZgY9jU4ylk0gPgZN6ee0hQw==

GET
H2 200 056dfb6a55001dea38cf7b4c81c4140d49a6000e.3b036efb63fc6909d80c.js Show response
noracora.com/_next/static/chunks/ 11 KB
4 KB 237ms
232ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/056dfb6a55001dea38cf7b4c81c4140d49a6000e.3b036efb63fc6909d80c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

b4eab304f4ae78083d12668202c066ee8fec2c40e893d9e5d8a3c49f1495c1a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.744ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"2cad-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: b0Cn5CnlhC7vx25oxCUA-oCS7BBtFekqIA7VcLTn98Cm-f5nGWtJNQ==

GET
H2 200 020875921e13b332a626e81104f6978b77becbbf.e927d4eb7ff30a7cf98d.js Show response
noracora.com/_next/static/chunks/ 54 KB
12 KB 247ms
242ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/020875921e13b332a626e81104f6978b77becbbf.e927d4eb7ff30a7cf98d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

640d6c0ccc6a8eae88d7a5c7c431e364f72cdd7c807b388a08aef6520f109aca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 1.118ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"d636-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 3cfS4fTLcm4f4bfVrRJjhUR90Da4jYGUn99So_QtdlILU-2LlP7_fw==

GET
H2 200 52610638ccac719a97d5c9689ebc666130ac2f0a.7e7b4a98880c551f50ef.js Show response
noracora.com/_next/static/chunks/ 8 KB
3 KB 229ms
225ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/52610638ccac719a97d5c9689ebc666130ac2f0a.7e7b4a98880c551f50ef.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

a81b049a31f352a089f9173fe0a2964c5a3b6417996c8168c67456ef545f9a21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.753ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"1e76-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: xce9RuPRZ0-IJkeAy7grzcHxv8zTV7jqOZe2fSPQ1mLcMI1hlQfvWg==

GET
H2 200 _app-f7bd23e25fa9c3dae5be.js Show response
noracora.com/_next/static/chunks/pages/ 73 KB
24 KB 238ms
234ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/pages/_app-f7bd23e25fa9c3dae5be.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

c120f6b60a564b50efbc05b009c6062f9baf7498788bf783e6123f9425a7df37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.873ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"124ef-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: DyDecURabTX5CI7mxlLFQsuBGdidIiQL_X5nPKAKob0Av7nf13OpOQ==

GET
H2 200 062d88ebf2290e024a99702ef82f3fb8a8adaae4.b0b020cecece3a5ab052.js Show response
noracora.com/_next/static/chunks/ 19 KB
6 KB 215ms
211ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/062d88ebf2290e024a99702ef82f3fb8a8adaae4.b0b020cecece3a5ab052.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

d056106895249ea7f0dd5d7d63ee882f05074a58b914904c9f6ef15867059f38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.994ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"4b00-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: Z83F1tOksavyQjJeQKq5Bv2vPQNMnrwBHMxHOl9tj-F0FUzB_wjMQw==

GET
H2 200 2c2f28ac432c4413883c43df7aeb02f910395ee2.65e91031c6fb81cd387b.js Show response
noracora.com/_next/static/chunks/ 52 KB
15 KB 223ms
219ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/2c2f28ac432c4413883c43df7aeb02f910395ee2.65e91031c6fb81cd387b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

9b889582cd4d1928d536022b11bba57bfe90fcbd6af57926da1bac40a3957c90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.961ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"cfe0-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: EXllCHQOZ-15LcuDGdbUZJskcMjv0CW0EgtSVn1mSlBOmUWaCrl31A==

GET
H2 200 home-534668d96b85f501e180.js Show response
noracora.com/_next/static/chunks/pages/ 35 KB
11 KB 288ms
285ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/pages/home-534668d96b85f501e180.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

396e2ec58d15a4a2b38e9fc2ffcc1c6eeb0ee6785243799ea44a29ac7b5acc1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 1.138ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"8d47-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: vbY1r1GikXOduU8UAckHlp1180gJIS8XYAi4r7bfJiVAJlI4TBTPtA==

GET
H2 200 ZGyEOkclDq1579628541.png
noracora.com/image/catalog/activity/ 8 KB
8 KB 36ms
25ms Image
image/webp 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noracora.com/image/catalog/activity/ZGyEOkclDq1579628541.png
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.26.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-26-121.zag50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44eb572375de97815e7ff25b049ed0305e88e739718d1ff8d726aff53ddcafa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 04:53:08 GMT
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
last-modified: Mon, 03 Aug 2020 05:36:50 GMT
server: AmazonS3
age: 123530
etag: "ff884c76c366b33e6a60b706e6ba5210"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-length: 7780
x-amz-cf-id: dcnilpZXKIEMtLMBV27kss7UMCT4BP4xtxF-K5uAIvhwQCuWOOHnwQ==

GET
H2 200 login-facebook.svg
noracora.com/static/images/ 482 B
945 B 100ms
90ms Image
image/svg+xml 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://noracora.com/static/images/login-facebook.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

9750d34d8d2458444dd732da3a5e25571d42061896039cd078ccf40ee8d40b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 09:36:23 GMT
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
age: 20134
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 482
x-response-time: 0.777ms
last-modified: Tue, 17 May 2022 08:24:03 GMT
server: openresty
etag: W/"1e2-180d11df4b8"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
cache-control: public, max-age=0, public, max-age=31536000
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
x-amz-cf-id: NTnnXguSOht5_-BzF5eOt2Zs1agLvEP1IpUDyMQvaCVR3P_9DndPDg==

GET
H2 200 login-google.svg
noracora.com/static/images/ 1 KB
1 KB 82ms
72ms Image
image/svg+xml 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://noracora.com/static/images/login-google.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

a111eee4e8d95538ca80508a6c7f76c5f6592b0282e4e791ea1c1efae63ef08a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 09:36:23 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 20134
x-powered-by: Express
x-cache: Hit from cloudfront
x-response-time: 1.039ms
last-modified: Tue, 17 May 2022 08:24:03 GMT
server: openresty
etag: W/"42e-180d11df4b8"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=0, public, max-age=31536000
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: DFHW2RSUbiAubanvuOIXfG7Lpks-3vgx0O1l6VGURHYB5FZbRIp97A==

GET
H2 200 home_icon_more_pc.png
noracora.com/static/images/home/ 790 B
1 KB 81ms
71ms Image
image/png 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://noracora.com/static/images/home/home_icon_more_pc.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

9a19a7286c809d408598238e3f3e9d505465de9f0a55cec729dbd7fb2b010ad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 09:36:23 GMT
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
age: 20134
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 790
x-response-time: 0.887ms
last-modified: Tue, 17 May 2022 08:24:03 GMT
server: openresty
etag: W/"316-180d11df4b8"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: public, max-age=0, public, max-age=31536000
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
x-amz-cf-id: 46gy0kX8RYdNDEXPXqK9Wxe9n6rk4SEiJ_BJj2Uj3VYX0pgU5sDEVA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 215 KB
67 KB 70ms
34ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M7869G6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

24563db5ff92b6410f00a243363c2125945b9085eb14891285a1950a32c044a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68932
x-xss-protection: 0
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 statisData.modern.js Show response
harbor-hyperf.harborcdn.com/statisData/js/ 70 KB
26 KB 266ms
189ms Script
application/javascript 2600:9000:224a:1c00:14:28af:c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://harbor-hyperf.harborcdn.com/statisData/js/statisData.modern.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=qwDB2QrCWObUu96G6R7zIn49flhDeE8zRWZBYzJSeGtIcUZydE0vY2Z2UnNhdy90aDdqZitPd1ZqUXYrc2tOWVRCcmxuN05NQWdxZ3BNUFpGWHpKaDVKcHh5TktiQ0NsSjNVUGRyLzA4ZGRUeEZFb0FpL0V5Wkh2ZWU0M0VOVk1vK0hZWXdzQ3oweDdVc0dXYk81VXZaV1NPQk5WM0trZys5azZQa3NEa1dlYTBxRUhWZWpBeU9OdFlaQW5tVW9pUmdrMlIyRFlZcjB1YUJoYW9UMW5vQnF6dzdJUkxhS1haTzk5OHpuL1MwMEhBaXFZTVJvQ3kyOWxLQURoZU9wUE9ONG1vYWxvdENoWlUvOFVIN3dtVWZJRkRqK21LK29TVTZVRkUybFFFWTYwOWkrZUMyV1NCSEk0SzlCY3ZBQ1M4Y3Z0WmIwT281bkI1R085ZDR2K3p2MWFQMU9GOFJxcHNGSW5JTHR6OVZTakdvdFY2czFGWGsvdWYydTRTN0lyUEtTVWFKY3ZSTlhVbW4vOEdIZU5Cd1RlS0FjYk9naTlhWkFsTVRmMDVCWVZXN0RpaHFwTS9lRXIwWUNPN0xyOFc1V01CVzhDajNmR0lNcndlMklEdDExSjZwZlRMT0ZPQjN3K3plaGlOMnUwQ3o3MlBEZS9XYmRqS0FWeFV1UTB3c3RhakdCMytkcWxtMnRHVnFIZGZnMjdlMlUrbGxxTVlwWU5CZElQaFF2bUNkWWh2UkJBcjZhTSsvU2UvWWRMUHFnMmpIYy9MNUNLYWtBSE9QZGl4ZUVRRWVOemZQRGR6ME1Lck92dmtuOHk5UFdTRUJ0ZjNNSVYyTmFaMG0wczdGZzN3RkxKd3BHK3JVZFQzWmNHS0NmSFVOZlZMbGFyK3JSWDFyMUFMTkFOTUZHbitQZ3VWaTF0M2x3ajVuVjNLelFKczltcEdmM0FFNkZJYkxCMmN4MVl0ODdubDVGV2FNb3hRVmdvcSthWXd3cUxrdXlyT1JKZVlmbHd6V2JJa1FHSUYxVGdjand5UnZWb0ZUVg%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1c00:14:28af:c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.0 /
Resource Hash: fc41df911ac5e1a263791cfa8b1bdde083f69908c112c456dcfcf399f0e4372a

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
last-modified: Wed, 02 Mar 2022 08:07:45 GMT
server: nginx/1.21.0
etag: W/"621f25d1-116c9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE
content-type: application/javascript
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
cache-control: public, max-age=1800
access-control-allow-credentials: true
access-control-allow-headers: *
x-amz-cf-id: i2ujs0C2d1fiEzCKKI-rCP7RJr8arZhf5M7eLRXIXAQtXTJda0J9kA==

GET
H2 200 collectData.modern.js Show response
harbor-hyperf.harborcdn.com/collect-data/ 94 KB
36 KB 254ms
178ms Script
application/javascript 2600:9000:224a:1c00:14:28af:c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://harbor-hyperf.harborcdn.com/collect-data/collectData.modern.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=qwDB2QrCWObUu96G6R7zIn49flhDeE8zRWZBYzJSeGtIcUZydE0vY2Z2UnNhdy90aDdqZitPd1ZqUXYrc2tOWVRCcmxuN05NQWdxZ3BNUFpGWHpKaDVKcHh5TktiQ0NsSjNVUGRyLzA4ZGRUeEZFb0FpL0V5Wkh2ZWU0M0VOVk1vK0hZWXdzQ3oweDdVc0dXYk81VXZaV1NPQk5WM0trZys5azZQa3NEa1dlYTBxRUhWZWpBeU9OdFlaQW5tVW9pUmdrMlIyRFlZcjB1YUJoYW9UMW5vQnF6dzdJUkxhS1haTzk5OHpuL1MwMEhBaXFZTVJvQ3kyOWxLQURoZU9wUE9ONG1vYWxvdENoWlUvOFVIN3dtVWZJRkRqK21LK29TVTZVRkUybFFFWTYwOWkrZUMyV1NCSEk0SzlCY3ZBQ1M4Y3Z0WmIwT281bkI1R085ZDR2K3p2MWFQMU9GOFJxcHNGSW5JTHR6OVZTakdvdFY2czFGWGsvdWYydTRTN0lyUEtTVWFKY3ZSTlhVbW4vOEdIZU5Cd1RlS0FjYk9naTlhWkFsTVRmMDVCWVZXN0RpaHFwTS9lRXIwWUNPN0xyOFc1V01CVzhDajNmR0lNcndlMklEdDExSjZwZlRMT0ZPQjN3K3plaGlOMnUwQ3o3MlBEZS9XYmRqS0FWeFV1UTB3c3RhakdCMytkcWxtMnRHVnFIZGZnMjdlMlUrbGxxTVlwWU5CZElQaFF2bUNkWWh2UkJBcjZhTSsvU2UvWWRMUHFnMmpIYy9MNUNLYWtBSE9QZGl4ZUVRRWVOemZQRGR6ME1Lck92dmtuOHk5UFdTRUJ0ZjNNSVYyTmFaMG0wczdGZzN3RkxKd3BHK3JVZFQzWmNHS0NmSFVOZlZMbGFyK3JSWDFyMUFMTkFOTUZHbitQZ3VWaTF0M2x3ajVuVjNLelFKczltcEdmM0FFNkZJYkxCMmN4MVl0ODdubDVGV2FNb3hRVmdvcSthWXd3cUxrdXlyT1JKZVlmbHd6V2JJa1FHSUYxVGdjand5UnZWb0ZUVg%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1c00:14:28af:c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.0 /
Resource Hash: e9b1e0baca9eb4c37a0844af6ad4925bd22a460e73574b0c0a66c57e8cd5970f

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
last-modified: Tue, 17 May 2022 12:47:08 GMT
server: nginx/1.21.0
etag: W/"6283994c-17778"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE
content-type: application/javascript
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
cache-control: public, max-age=1800
access-control-allow-credentials: true
access-control-allow-headers: *
x-amz-cf-id: aZ8lC3wQkOz7zupgP28q2NTjB1qjPWtizgMEetUAP2fkcB8H1CXbfw==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 152 KB
57 KB 45ms
18ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-846809347

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6296ec7385b1348bde40c855f7a20afba1421b80d6ce3c7fa6d32d728f2feb60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57930
x-xss-protection: 0
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 stream-harbor.js Show response
wzstatic1.streamoptim.com/ 112 KB
40 KB 287ms
10ms Script
application/javascript 2600:9000:214f:8400:a:d1a:b500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wzstatic1.streamoptim.com/stream-harbor.js?shop=noracora.com
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8400:a:d1a:b500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e979e184f779712a9abaa7f0cdf0bf19ef1b2d84e03c2ebf44acaf356b5b41c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:11:51 GMT
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
last-modified: Thu, 14 Apr 2022 10:11:22 GMT
age: 25218
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-pop: FRA53-C1
content-encoding: gzip
x-amz-cf-id: rU6236jl1H8QKnkYdSc7MAOn5QqVWE5ES28_NCK0DRsZZqqJ2hNZtw==
service-worker-allowed: /

GET
H2 200 test-harbor.js Show response
wzstatic1.streamoptim.com/intelligent/ 0
324 B 294ms
16ms Script
application/javascript 2600:9000:214f:8400:a:d1a:b500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wzstatic1.streamoptim.com/intelligent/test-harbor.js?shop=noracora.com
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8400:a:d1a:b500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 03:15:35 GMT
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
last-modified: Thu, 03 Mar 2022 08:15:48 GMT
age: 42999
etag: "62207934-0"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 1dUYQq5yTngO2-B-9KAZvmpma4nJNEgy-jJnf2iLoOIV49H84iAlVw==
service-worker-allowed: /

GET
H2 200 19038.js Show response
www.dwin1.com/ 32 KB
9 KB 42ms
10ms Script
application/javascript 2600:9000:2182:7600:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/19038.js
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:7600:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6a653254dcb6271f0c3c090d18a77bbe300f8ed4f334202f3e9a168847cbc4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: vr4kEQKb1_2ZnNaBtC4clvOyuuQRf5Ln
content-encoding: gzip
etag: W/"924bce3615e72324db21557383de00b3"
age: 599
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 12 May 2022 10:18:09 GMT
server: AmazonS3
date: Tue, 17 May 2022 15:01:58 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
via: 1.1 9e627a2e7bf673974b02e3bf374bb842.cloudfront.net (CloudFront)
cache-control: max-age=600, s-maxage=600
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: ShinjzSXKuUN5lHGhM9fQXi8cf0UyvFPXL5acFmEnbFmnEId6uKnog==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
68 KB 49ms
26ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S937ZDTJL6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

989ae9852b11c2691813a528b42dd5c5c4a1a152edf2f1dcd2457545a3c7d4ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69925
x-xss-protection: 0
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H/1.1 200
OK sentry-util.umd.js Show response
cmall-static-resource.s3.us-west-2.amazonaws.com/libs/sentry-utils/1.1.7/ 13 KB
13 KB 759ms
198ms Script
application/javascript 52.92.209.58

General

Check archive.org

Show headers Download Go to

Full URL: https://cmall-static-resource.s3.us-west-2.amazonaws.com/libs/sentry-utils/1.1.7/sentry-util.umd.js
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.209.58 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d87e01fccc9cb3d100bfd02a1b740cd7d6536ecfe46c623e5dbd85eb607ee35a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 15:11:59 GMT
Last-Modified: Tue, 22 Feb 2022 11:34:11 GMT
Server: AmazonS3
x-amz-request-id: DJMTQGKV10DRW8SS
ETag: "e959ff973a8c7e69acb2242a463e2587"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 12876
x-amz-id-2: MeewGJKcAr32PByHg46ORr1PEdycT+XTsGxipzdWyFNmi9cMLpk5S/Rorcd1SBhL0ggAg7vB9Ng=

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 30 KB
31 KB 33ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,400;1,100&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 17:07:05 GMT
x-content-type-options: nosniff
age: 597892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 May 2023 17:07:05 GMT

GET
H2 200 clk.min.js Show response
analytics.webgains.io/ 50 KB
50 KB 61ms
12ms Script
application/javascript 18.66.248.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/clk.min.js
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-107.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b2666a2f678a8564527f79c02b49ef33d0e84c154b80fa3bfb763e7e5f55814f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: _qWy7jSlABDVwiqEq3_9IYFeis5MzLuf
via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
last-modified: Wed, 23 Mar 2022 11:22:01 GMT
server: AmazonS3
age: 47535
etag: "71290d77b2c1ab57ec6fa02e2ac89892"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 17 May 2022 01:59:44 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 50779
x-amz-cf-id: A5qBPU9Qc_NKs7bQU27hZUw-HRTqVoXy8cOd5GA3WxwrvB5cOrqLdw==

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 83ms
23ms Script
application/x-javascript 104.102.29.173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-173.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 15:11:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Feb 2022 12:30:38 GMT
Server: AkamaiNetStorage
ETag: "23b34d08f648c3f51b232443afced826:1644409863.170279"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Tue, 17 May 2022 15:31:57 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 169ms
125ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0UUOMMF998V43B9DLFG&lib=ttq
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 7ae3118
date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=4, origin; dur=108
content-length: 37143
pragma: no-cache
server: nginx
x-tt-logid: 20220517151157010113135233271FB093
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 108,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9fbc6ee8c111a1dc251c84e552db45b5badb366ad193433c5ed3c6a733cc15bf279eb8c48d43c5de56cee15f59b574853d912b34acee6394f3d372b42c5c5a4833
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 169ms
126ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C13EB1NMJ1JP7306JPLG&lib=ttq
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 7ae311f
date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=3, origin; dur=107
content-length: 37161
pragma: no-cache
server: nginx
x-tt-logid: 2022051715115701011300606921B9FAF3
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 107,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9f4a9b5de49d624a6fbbf3863e5221798747600a7daf1ff55e8c5b7ba70ae319ce44ed29db5c5cbad6d85241689151fe28a9ba6edca6e70c617a100e1944e3abd6
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 169ms
126ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2RO8GC98FMAUGDPE1LG&lib=ttq
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 7ae3123
date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=3, origin; dur=107
content-length: 37178
pragma: no-cache
server: nginx
x-tt-logid: 2022051715115701011313508409C1846D
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 107,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9fbc6ee8c111a1dc251c84e552db45b5ba01fea6e9eadf266fb737ab81db65a8f810057f90222df468f75d6c313a484e324b4653fe5dafe477ea4659da42e6f86b
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 158ms
115ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022051715115601011313410620E944AC
vary: Accept-Encoding
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 91,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9fbc6ee8c111a1dc251c84e552db45b5bac091f02e1de791c7ecc1db81f34652c39cec1b68c6d3b7a3cf9c470bc4e1a50f974827b23c2030596f75a71eeaa8824e
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=91
x-akamai-request-id: 7ae3126
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 162ms
126ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4892BOE6TN457G0JPLG&lib=ttq
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 6b5dc50f.7ae3128
date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 105,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=8, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 20220517151157010113135084053FE711
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.104.7
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e09cf48e2a8c21fc3050d9899e0c4a58d77b37d73eaf0eb3af24847da3a966d4f31f77a9761a75504bc2eaeceb6d02ffaa8a0b1258648389189f3a6766ea644759b623cb4b91527d2246fe9b5278cc1ef86c06472e7378afc83ce6a98fb7009b
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 125ms
115ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BVQNE8DF86N7FV70DOI0&lib=ttq
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 7ae3149
date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=98
content-length: 37178
pragma: no-cache
server: nginx
x-tt-logid: 202205171511570101130061331C9C77E1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 98,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9f4a9b5de49d624a6fbbf3863e522179877b0e7a6e7c300f55502e2ddf19a2712b3fcce1d5cd3c7608da463289e1bd791879a8eebc00157e639ae86eef1b441dff
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 122ms
115ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BUGJ229S5CGOI9R4QFSG&lib=ttq
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 6b5dc4b6.7ae314c
date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 99,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=3, inner; dur=2
pragma: no-cache
server: nginx
x-tt-logid: 202205171511570101131350440A80B54C
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 3,23.220.104.7
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e09cf48e2a8c21fc3050d9899e0c4a58d77b37d73eaf0eb3af24847da3a966d4f31f77a9761a75504bc2eaeceb6d02ff8b6148c7ef38deffcaa2fe5698a09b2f6e495d766a1fa8d1a5dac80aeaf8309349e099b0fe3baabb281d2590e2bda9e0
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 122ms
116ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8GNNVD6SEU3P64PIBK0&lib=ttq
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 79d1122a.7ae314e
date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a184-51-149-148.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 98,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=12, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 202205171511570101131351350B826B9D
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,184.51.149.148
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd99535ad01e9350be19accde1ae3cf043ec608af676a14043f4a45904866625a3e941c78623279fedc9c424f082f7997bedbdcac5e4d0fcb5ddb9f92ca90f31b380b81125bd7898bece083be7064ed39fdf83944381b21606719334cf3c1fefe4a01
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 121ms
115ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8GR860394AVM2008NV0&lib=ttq
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202205171511570101131352331563B88A
vary: Accept-Encoding
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 95,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9fbc6ee8c111a1dc251c84e552db45b5badb366ad193433c5ed3c6a733cc15bf277c2a6b0622e5c7c713e1bee561733c88c7a0ebf2b46ba141811e52053d211eea
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=1, origin; dur=95
x-akamai-request-id: 7ae3150
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 124ms
118ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8O2RB0VMNUOS5KM1D2G&lib=ttq
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022051715115701011313518810912BC2
vary: Accept-Encoding
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 100,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9fbc6ee8c111a1dc251c84e552db45b5baa1324085aaa2bd57c8b1f43ac91cc03636e56834f35ec2dcac902771a6bd54787177b3accf47610b22ea8a23a55db1c4
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=2, origin; dur=99
x-akamai-request-id: 7ae3152
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 124ms
118ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8O2U091P6OF1JAHABUG&lib=ttq
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 7ae3156
date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=2, origin; dur=95
content-length: 37162
pragma: no-cache
server: nginx
x-tt-logid: 20220517151157010113135139203AFC31
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 95,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9fbc6ee8c111a1dc251c84e552db45b5baf69a824659f4ea921dd4d6709d1e6fc7a65348728c5accf628e669a2ecbc199f14b735183bd4032f1491e4142a0e8504
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 125ms
119ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8O2VC0VMNUOS5KM1D80&lib=ttq
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 7b8d551d.7ae3158
date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a184-51-149-158.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 96,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=11, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 202205171511570101131352270581FA4D
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,184.51.149.158
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd99535ad01e9350be19accde1ae3cf043ec6015d2bb8588f77ec5fcaf0b327cb8cec5fe5075ed071c2eb0877473ad9ac6709b0e479eda1da0484f4197df96b8a9d0f10b2ce6162ddfe1cefc707b89e73c2006027dae9c991ef13f6813c9b4dfc11e3
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 214ms
208ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8O30BDVV6OQ74PC7SDG&lib=ttq
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 6a33f0c1.7ae315c
date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 193,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=175, origin; dur=18, inner; dur=3
content-length: 37225
pragma: no-cache
server: nginx
x-tt-logid: 202205171511570101131352501F8A3E4D
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 18,23.220.104.8
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e09cf48e2a8c21fc3050d9899e0c4a58d96dccc98ced878deb11e109b8362e25544f00933dcd1874131305f92a83cc0204910605c3bb914df07d233ae6526574c73ae99f303e33f21e69b9e3a3b069270742fd04e785d01adc8245d40f3a26dc
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 127ms
121ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8O2VUP1P6OF1JAHAC50&lib=ttq
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202205171511570101130062052620BB64
vary: Accept-Encoding
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 96,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9f4a9b5de49d624a6fbbf3863e522179876478d154fb7d6a41e5e0fcd4d0c9fe9855bd76c447b45b76cd0d849d7dd4768ea3b48ae0a4c08fb0e185eadc1d262335
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=96
x-akamai-request-id: 7ae315f
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 128ms
123ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8UOMN9P0K9TKPOGDUM0&lib=ttq
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 7b8d54e6.7ae3162
date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a184-51-149-158.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 99,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=84, origin; dur=16, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 202205171511570101130061650ED65FAB
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 17,184.51.149.158
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd99535ad01e9350be19accde1ae3cf043ec6015d2bb8588f77ec5fcaf0b327cb8cec5fe5075ed071c2eb0877473ad9ac67091ef0c0187dc398ad29dcf381043aa05b0b3ba970dcf2cc367576b0b2650b0922566614dfc61bc5ba7a0749c2b28aba33
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 127ms
121ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8UOBLM6LEB679H43Q30&lib=ttq
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 7b8d4f37.7ae3163
date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a184-51-149-158.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 93,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=82, origin; dur=12, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 2022051715115701011313523323A764E8
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,184.51.149.158
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd99535ad01e9350be19accde1ae3cf043ec6015d2bb8588f77ec5fcaf0b327cb8cec5fe5075ed071c2eb0877473ad9ac670956ca1b7f8a2a78d75a510bac1bf54435444169f348298e203a7a4d59648218019e415eec14f4e9bbd60ca8cdb45dd65b
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 127ms
122ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8UOLUFRAOSJ17FR7E9G&lib=ttq
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 7cd3c175.7ae3166
date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a184-51-149-164.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 93,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=83, origin; dur=11, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 2022051715115501011300723110DD3C59
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,184.51.149.164
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd99535ad01e9350be19accde1ae3cf043ec6931c2b74846aee2dc2473bcab5ae33dee7525c6e9e4be9610ae8178fd6b5921924b57ed844d28392ed6af0768cd32b9aa6bc52c3e123977dbe2548b270d3d38a952bc7972ccdf2d5f2dde9a3746f6d1e
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 129ms
124ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8UOR4VRAOSJ17FR7F10&lib=ttq
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 250ce5d.7ae3168
date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a184-51-149-175.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 95,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=83, origin; dur=12, inner; dur=2
pragma: no-cache
server: nginx
x-tt-logid: 202205171511550101130072491426A4A6
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,184.51.149.175
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd99535ad01e9350be19accde1ae3cf043ec695318f9e213604ae80227911c10a176c063ff7e6a90c658a23b57a02d54e27f5c996e78b467c6c0d695aa55548cbd0ed6ff4014d5f88a422a463fbce98d8a91d6d852349262017a7bdd8d886f76c0576
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 130ms
124ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8UOVDHP0K9TKPOGDVH0&lib=ttq
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022051715115701011300622124AA0A57
vary: Accept-Encoding
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 95,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9f4a9b5de49d624a6fbbf3863e52217987a2e8530fb2e20f87598d2f9d1beda097bf159add6d14cb1b345dd4aee6e456a48b6e8b5a0487c11d763d37308526f500
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=94
x-akamai-request-id: 7ae316c
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 79 KB
24 KB 135ms
6ms Script
application/javascript 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: da7467977c765c981853b32b9b1921dcb3539e536724ec2220fa573be0939cee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: ghJcOFIBGZBohqivWveAHwu0qB9FCKKR
content-encoding: br
last-modified: Tue, 17 May 2022 09:36:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"dc14429bf736287fa6a67c99a96249f3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
date: Tue, 17 May 2022 15:11:57 GMT
content-length: 24196
x-amz-cf-id: _KQ5EvS43dCwvAnge0L6DbznAc4ytaJOgWImYqf6jH2QNsKqLCDAiQ==
expires: Tue, 17 May 2022 23:11:57 GMT

GET
H2 200 _buildManifest.js Show response
noracora.com/_next/static/4b7a127f944814b6816e919054d51684514db5cb/ 7 KB
3 KB 241ms
231ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/4b7a127f944814b6816e919054d51684514db5cb/_buildManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

f2adfede0290df57fcfcd97967ced55fd3b479ea549aa0e37392eb108a6b54f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.805ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"1d34-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: NBTdvvX-i93u7k8ft8ZGkJbz7eDwNbHRT2ldImJKcuSLXLz8ihleCQ==

GET
H2 200 _ssgManifest.js Show response
noracora.com/_next/static/4b7a127f944814b6816e919054d51684514db5cb/ 76 B
630 B 206ms
194ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/4b7a127f944814b6816e919054d51684514db5cb/_ssgManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
content-length: 76
x-xss-protection: 1; mode=block
x-response-time: 1.159ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"4c-180d1207d28"
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: JNLyVW2eW8kOV2oubHkxSlhDT3syH8JQq3aICN5wBZ1rnCxqEQpCZQ==

GET
H2 200 script.js Show response
aac473ea903c.cdn4.forter.com/sn/aac473ea903c/ 203 KB
70 KB 47ms
9ms Script
application/javascript 65.9.63.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aac473ea903c.cdn4.forter.com/sn/aac473ea903c/script.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.63.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-63-124.fra56.r.cloudfront.net

Software

Resource Hash

b1944bb580e56c670e58ad51bde1b2a34d28325e17da47a40afea12284fb995b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 11:45:56 GMT
content-encoding: br
vary: Accept-Encoding
age: 12361
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 17 May 2022 11:45:56 GMT
x-sourcemap: https://cdn4.forter.com/map/suid/aac473ea903c/39096302125
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript; charset=utf-8
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
cache-control: private, max-age=300
x-amz-cf-pop: FRA56-C1
timing-allow-origin: *
x-amz-cf-id: qYbIEQ-L_xCRCzDRGEPnXBMdyECPeoZJYrTWoNQkmZmFXAGGOtwbiQ==
expires: Tue, 17 May 2022 11:50:56 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 152 KB
57 KB 36ms
16ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-796867273&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-846809347

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

28f476ca97be920cbf162008079a06660784b953b842f7decb99c43c29cba24b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57920
x-xss-protection: 0
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10726730

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7869G6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f53fa4c33cc7e60f43d53cfb1154a76ca4c1355ab67480da2f831c380ea64329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38879
x-xss-protection: 0
expires: Tue, 17 May 2022 15:11:57 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 423ms
94ms Script
application/javascript 64.202.112.31

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00ea78aa863de12d0f9b5b8f44cb930763
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
X-TraceId: 732b6be821895b7393c28c29cfd311d2
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 430ms
99ms Image
image/gif 64.202.112.31

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00ea78aa863de12d0f9b5b8f44cb930763&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720&optOut=false&bust=08199068858716112
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 15:11:58 GMT
Cache-Control: no-cache
X-TraceId: 572937402bd41fee388d761b3d96ed05
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
BLOB 200
OK 4b647a7a-eda2-494d-bfdc-6c509c514d17
https://noracora.com/ 3 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://noracora.com/4b647a7a-eda2-494d-bfdc-6c509c514d17
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbdf038eb8a89476aa6d289707e454739ae480d540e5897ac2d08e5d36134ebe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length: 2584
Content-Type: application/javascript

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 80ms
48ms Script
text/javascript 142.250.185.162

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-796867273&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14865
x-xss-protection: 0
server: cafe
etag: 2710672821686371805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 17 May 2022 15:11:57 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
335 B 72ms
31ms Ping
text/plain 2a00:1450:4014:80f::200e

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-S937ZDTJL6&gtm=2oe5g0&_p=40324815&_z=ccd.tbB&cid=102679107.1652800318&ul=en-us&sr=1600x1200&_s=1&sid=1652800317&sct=1&seg=0&dl=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720&dr=https%3A%2F%2Fstvkr.com%2F&dt=Casual%20Womens%20Clothing%20Store%20Online%2C%20Womens%20Dresses%20%26%20Tops%20%7C%20Noracora&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S937ZDTJL6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4014:80f::200e -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:11:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://noracora.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CKyK2v7o5vcCFUO0GwodLBsLkw;src=10726730;type=norac00;cat=norac0;ord=3405996895400;gtm=2od5g0;auiddc=1675267696.1652800318;~oref=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVi... Show response
10726730.fls.doubleclick.net/ Frame 5362
Redirect Chain

https://10726730.fls.doubleclick.net/activityi;src=10726730;type=norac00;cat=norac0;ord=3405996895400;gtm=2od5g0;auiddc=1675267696.1652800318;~oref=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0k...
https://10726730.fls.doubleclick.net/activityi;dc_pre=CKyK2v7o5vcCFUO0GwodLBsLkw;src=10726730;type=norac00;cat=norac0;ord=3405996895400;gtm=2od5g0;auiddc=1675267696.1652800318;~oref=https%3A%2F%2Fn...

700 B
520 B

39ms
21ms

Document
text/html

142.250.186.134

General

Check archive.org

Show headers Download Go to

Full URL

https://10726730.fls.doubleclick.net/activityi;dc_pre=CKyK2v7o5vcCFUO0GwodLBsLkw;src=10726730;type=norac00;cat=norac0;ord=3405996895400;gtm=2od5g0;auiddc=1675267696.1652800318;~oref=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10726730

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

6db211fe2d7681864a8ab94148498c47497214dcea8a47d4e0f5eb7ebb80f7be

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 495
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 15:11:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 15:11:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10726730.fls.doubleclick.net/activityi;dc_pre=CKyK2v7o5vcCFUO0GwodLBsLkw;src=10726730;type=norac00;cat=norac0;ord=3405996895400;gtm=2od5g0;auiddc=1675267696.1652800318;~oref=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 104ms
104ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 1930e84f.7ae3411
date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-11.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 92,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=4, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 20220517151155010113007249003E8B49
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.220.104.11
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e09cf48e2a8c21fc3050d9899e0c4a585efbe4884e388445bbd9d0d63cb193a42efdb7f72054aad7621deb494d63de7b890cc194c49dad5843e122b1fa33bd565ffcc3a5c0fa7c6caeb464ede0cf56801cafaab05b857e6c40160d2ca7e49306
expires: Tue, 17 May 2022 15:11:58 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 861 B
1 KB 113ms
112ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C0UUOMMF998V43B9DLFG&hostname=noracora.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3d2e1b9596d9a9bd460ec6096ba1ba0cc2c15c80fded944806d6fbb59b18f567

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 47e6d1bd.7ae34a8
date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-24.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 101,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=8, inner; dur=4
content-length: 342
pragma: no-cache
server: nginx
x-tt-logid: 202205171511580101131351351BB83876
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.104.24
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e09cf48e2a8c21fc3050d9899e0c4a58f1bed3c045abdbb621886ec426eb9117ac211c2c94509eb7476fcf0551323340cb185c5218dadb9705e103e0e7f47bf7af208524ea5994c0fdfb0882509ba3f57fd4e81e5530ae51cb0c4675bf864526
expires: Tue, 17 May 2022 15:11:58 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 876 B
1 KB 110ms
109ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C13EB1NMJ1JP7306JPLG&hostname=noracora.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 257698901f2e511376a8abc1a62a2473e2a575e9a66bb45fbef9aa9cd18d8bed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: e3cf9f6.7ae34ad
date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-5.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 95,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=7, inner; dur=4
content-length: 371
pragma: no-cache
server: nginx
x-tt-logid: 202205171511580101130061331457090B
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.104.5
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e09cf48e2a8c21fc3050d9899e0c4a58a926911b0371999300fd6bf038b272eeafe5ebb52cdee7ccc09c3e88230fe1c7d829344a700f7cc8ef59710f36a94c77dec4906af4f2ebda08fa0efce87b0608b265031560d4e740a33885206628864e
expires: Tue, 17 May 2022 15:11:58 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 875 B
1 KB 111ms
110ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C2RO8GC98FMAUGDPE1LG&hostname=noracora.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d9dbe216fc20a559b9ae318c2e381d32977515f506a9ae85244eca36647265f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 7ae34b2
date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=96
content-length: 367
pragma: no-cache
server: nginx
x-tt-logid: 20220517151158010113135200181D1DB8
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 96,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9fbc6ee8c111a1dc251c84e552db45b5bac92ec956dfc3b189743a2e954c180b41176765b810b5248c02fa1803dad7e59a63c1b3cbd9bc9b9804004bcec43d0fc0
expires: Tue, 17 May 2022 15:11:58 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 864 B
1 KB 110ms
109ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C488U928DUFBM3732U2G&hostname=noracora.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a2f5d51fbede89feca8cc348b927221d14f73ee537a23574197df31e14279ba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 7ae34b3
date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=94
content-length: 343
pragma: no-cache
server: nginx
x-tt-logid: 2022051715115801011300603727AF6C5A
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 94,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9f4a9b5de49d624a6fbbf3863e5221798721817b87c24e704a20612ac8ff833bb97ff187166dca07b1d8f089514eea86a0149089b998a9376e0d95c547a0ae8f94
expires: Tue, 17 May 2022 15:11:58 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 857 B
1 KB 108ms
107ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C4892BOE6TN457G0JPLG&hostname=noracora.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b721bf454fafa6070b861bab51482cdb61c6951a4e87240494fcbafbaa6a190d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 7ae34b5
date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=91
content-length: 343
pragma: no-cache
server: nginx
x-tt-logid: 202205171511550101130072312205CE9E
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 91,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9f9502353b95450e534eb770ddf6e9c51f20a3b4ed3508d94c8d134fee58eb0465055b5d61484479d104b32b7ccafb04ae8753650c11ad25b85f7c8d031bd79417
expires: Tue, 17 May 2022 15:11:58 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 867 B
1 KB 111ms
110ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=BVQNE8DF86N7FV70DOI0&hostname=noracora.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5695d448b0b1e0a4a751cc7f739599d00f6c258f824dc5ff14a56b3d13fbe056

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 6b5dd411.7ae34b6
date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 97,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=7, inner; dur=3
content-length: 350
pragma: no-cache
server: nginx
x-tt-logid: 2022051715115801011313508427E5C53F
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.104.7
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e09cf48e2a8c21fc3050d9899e0c4a58d77b37d73eaf0eb3af24847da3a966d4f31f77a9761a75504bc2eaeceb6d02ffaa8a0b1258648389189f3a6766ea644725265cd76c91945c0fd97fabdf0c5b34c0a395779b9d1eea12dcababdd1280ee
expires: Tue, 17 May 2022 15:11:58 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 861 B
1 KB 110ms
110ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=BUGJ229S5CGOI9R4QFSG&hostname=noracora.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 023bab8fdcb0c04588ae039ddbd09709fa6610fbba9c2cf82f42b0e84a2e5d95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 6573ea80.7ae34b9
date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a184-51-149-142.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 95,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=81, origin; dur=14, inner; dur=5
content-length: 343
pragma: no-cache
server: nginx
x-tt-logid: 20220517151158010113135200068650DF
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,184.51.149.142
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd99535ad01e9350be19accde1ae3cf043ec61427a18a49ac9f49f8a4157632ba43eb08c874a1c48dc45a04f07914d712bec6366fc2c3899b988610e3526eb38e2a02ff64cfe5a0ce5632bf06cb53df129f67265f0448fdc83d9b7fc99a5311991cab
expires: Tue, 17 May 2022 15:11:58 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 864 B
1 KB 212ms
212ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C8GNNVD6SEU3P64PIBK0&hostname=noracora.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 75eb94b7f06a49fd9d5fc4802e804ca1244678e9b9a5189040d63f2abb7928dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 6a33c8b5.7ae34ba
date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 193,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=161, origin; dur=32, inner; dur=3
content-length: 345
pragma: no-cache
server: nginx
x-tt-logid: 202205171511580101130060110843114B
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 32,23.220.104.8
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e09cf48e2a8c21fc3050d9899e0c4a58d96dccc98ced878deb11e109b8362e259e34d0121cded4d261d9faa9e1c82400141a6ff39fe4b855ec82b9ef7a53943f0144a95f6799274eab951441f5ca596642074e69687e91ca2d85789d12343b81
expires: Tue, 17 May 2022 15:11:58 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 864 B
1 KB 111ms
111ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C8GR860394AVM2008NV0&hostname=noracora.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bc6bc527edd4f5aab95d57769f11fa25054defaa9f93ff70a17207956f3db218

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 1930a306.7ae34bc
date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-11.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 95,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=6, inner; dur=3
content-length: 343
pragma: no-cache
server: nginx
x-tt-logid: 2022051715115801011300623317A18806
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.104.11
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e09cf48e2a8c21fc3050d9899e0c4a585efbe4884e388445bbd9d0d63cb193a4d8a7b640e4f85741af94c16417704e971cb3a10d1e2a8f4df9270b6f72a4b7a910833b23ae216c86be296754ee0ecc43e4bc634a2f81e02f0e80675bbbfc9373
expires: Tue, 17 May 2022 15:11:58 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 864 B
1 KB 116ms
115ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C8O2RB0VMNUOS5KM1D2G&hostname=noracora.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d59948ca6024e68b79e9c799b9e0945890d7e0e44e2e91e63094664328d7a5e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 47e6d01f.7ae34bf
date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-24.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 104,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=6, inner; dur=4
content-length: 346
pragma: no-cache
server: nginx
x-tt-logid: 202205171511580101130060370A3B41D3
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.104.24
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e09cf48e2a8c21fc3050d9899e0c4a58f1bed3c045abdbb621886ec426eb91178c6eaccb563c5477a68e8527bd54ac571bd3560af8ccf5e3b3c51d373c62b5c247665a1e25c5f698179258a7241ab7e567d236097575b0e7b5837a02c50c38bb
expires: Tue, 17 May 2022 15:11:58 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 864 B
1 KB 127ms
127ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C8O2U091P6OF1JAHABUG&hostname=noracora.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7ea47152d56d1690f28d19c2fcda17fcea3f42dbaec0432fda269e70ab5cb63f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 6573ea0c.7ae34c3
date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a184-51-149-142.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 114,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=30, inner; dur=4
content-length: 345
pragma: no-cache
server: nginx
x-tt-logid: 2022051715115801011313514712F10049
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 30,184.51.149.142
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd99535ad01e9350be19accde1ae3cf043ec61427a18a49ac9f49f8a4157632ba43eb08c874a1c48dc45a04f07914d712bec6d8840a49a56730d31f9fa3f9936e6a1ffe81fb3d58a267cd531c599809c1f86a37cd7d4fdbe4a56ca5d75a530c23bec0
expires: Tue, 17 May 2022 15:11:58 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 864 B
1 KB 111ms
111ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C8O2VC0VMNUOS5KM1D80&hostname=noracora.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 663199fbe8264b7ce36a387d7191656d51c397bc38c10f9c83bb34010c798d4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 79d11349.7ae34c6
date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a184-51-149-148.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 96,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=81, origin; dur=15, inner; dur=4
content-length: 343
pragma: no-cache
server: nginx
x-tt-logid: 202205171511580101131352091546691B
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 15,184.51.149.148
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd99535ad01e9350be19accde1ae3cf043ec608af676a14043f4a45904866625a3e941c78623279fedc9c424f082f7997bedbb272bb207860d390a6b78876b8a589cbf156148e3906b761b00cd3f3813f86a46fda9829c66a1fce652f19e37b7f3f9c
expires: Tue, 17 May 2022 15:11:58 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 864 B
1 KB 108ms
107ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C8O30BDVV6OQ74PC7SDG&hostname=noracora.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a71abe10a7b2df1906f5dfa8cbc40b6d0044069f69232588612d7a130742dfe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 79d112b3.7ae34c8
date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a184-51-149-148.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 89,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=79, origin; dur=10, inner; dur=2
content-length: 345
pragma: no-cache
server: nginx
x-tt-logid: 20220517151158010113135194197FEC14
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,184.51.149.148
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd99535ad01e9350be19accde1ae3cf043ec608af676a14043f4a45904866625a3e941c78623279fedc9c424f082f7997bedb7a3e1fe896031d08a9f803e4b4c052353144e2f3236db0e6a4f5aae1e2362c4fbd64dd13f9eef31b00c9dde9eb671ad3
expires: Tue, 17 May 2022 15:11:58 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 864 B
1 KB 110ms
110ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C8O2VUP1P6OF1JAHAC50&hostname=noracora.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: df56bf97fe3e8a65361eb7910625d53c715ba6710dddd1a39d7dbf2ca578e371

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 3ad768e9.7ae34cb
date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a184-51-149-150.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 94,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=83, origin; dur=11, inner; dur=3
content-length: 345
pragma: no-cache
server: nginx
x-tt-logid: 2022051715115501011313402504DDB2DB
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,184.51.149.150
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd99535ad01e9350be19accde1ae3cf043ec6f88247c46c9fbcc01a5b1ad042af7d11b5e6075832aee7ad3b4847f7805d396dcb80ccf86099e9bdccac96d13b91e0d2dd3a7a24ddf3104ddec03f96df700ed2f047de17119a0d95b100e6b87dbb3aae
expires: Tue, 17 May 2022 15:11:58 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 864 B
1 KB 109ms
109ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C8UOMN9P0K9TKPOGDUM0&hostname=noracora.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f8e0df9555a2a1afb97307b09664c429be5c68843f6bb758e67c2d6303de18eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 7ae34cc
date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=92
content-length: 343
pragma: no-cache
server: nginx
x-tt-logid: 2022051715115801011300613307EF2A42
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 92,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9f4a9b5de49d624a6fbbf3863e522179877b0e7a6e7c300f55502e2ddf19a2712b3fcce1d5cd3c7608da463289e1bd791879a8eebc00157e639ae86eef1b441dff
expires: Tue, 17 May 2022 15:11:58 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 858 B
1 KB 111ms
111ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C8UOBLM6LEB679H43Q30&hostname=noracora.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 819b3d44a1a8b615eeefa5036c5e47a5c4606acce8a52b3d6f5ccd66ffe873e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 7ae34d0
date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=1, origin; dur=93
content-length: 344
pragma: no-cache
server: nginx
x-tt-logid: 2022051715115801011300619411E22621
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 93,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9f4a9b5de49d624a6fbbf3863e52217987b0ea08260fd372d88ff94f4fe05bbfe0ea12643f0968ac16b100bfc900d98dec807166c3522d1cc74a754ea76af1f65a
expires: Tue, 17 May 2022 15:11:58 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 858 B
1 KB 125ms
124ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C8UOLUFRAOSJ17FR7E9G&hostname=noracora.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 90ad022a6282ef2781aae6b6e063625fab5a09fc30cacce89e6e06e5ce5b902b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 47e5ef46.7ae34d2
date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-24.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 110,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=104, origin; dur=7, inner; dur=2
content-length: 344
pragma: no-cache
server: nginx
x-tt-logid: 202205171511580101130060370A3B41D5
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.104.24
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e09cf48e2a8c21fc3050d9899e0c4a58f1bed3c045abdbb621886ec426eb91178c6eaccb563c5477a68e8527bd54ac571bd3560af8ccf5e3b3c51d373c62b5c2afbe66c3d3ac3a84d1569fc74063c3161ffb76a962f4b196b026cb6612733a7c
expires: Tue, 17 May 2022 15:11:58 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 858 B
1 KB 108ms
108ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C8UOR4VRAOSJ17FR7F10&hostname=noracora.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7a6b5a73c1e223ce8259f8a667f027ff8c2b3b6739ab484d094b8a285e9b9e1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 7ae34d5
date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=91
content-length: 343
pragma: no-cache
server: nginx
x-tt-logid: 2022051715115801011300622124AA0AB9
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 91,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9f4a9b5de49d624a6fbbf3863e52217987a2e8530fb2e20f87598d2f9d1beda097cd3452f8c2a3a2bfaddcf9b9c9cd9a55809ff5242a218e79e0102fb13e226193
expires: Tue, 17 May 2022 15:11:58 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 858 B
1 KB 112ms
111ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C8UOVDHP0K9TKPOGDVH0&hostname=noracora.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 99932e2971bf1bb7bfbc4fa46d4be947d86c3080f07cd75af9bba831962c79ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 3ad768c7.7ae34d8
date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a184-51-149-150.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 96,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=81, origin; dur=15, inner; dur=3
content-length: 343
pragma: no-cache
server: nginx
x-tt-logid: 20220517151156010113134106060D1BF2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 15,184.51.149.150
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd99535ad01e9350be19accde1ae3cf043ec6f88247c46c9fbcc01a5b1ad042af7d11b5e6075832aee7ad3b4847f7805d396d3d8fe74e23ed20f135f29041e946d6a9ef4f108dac07eee1e509107700355139cfd30c7c2e39e1fb80edae48333b955b
expires: Tue, 17 May 2022 15:11:58 GMT

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 345 B
835 B 1335ms
143ms Script
application/javascript 23.36.162.71

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=12657117&url=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720&channel_type=code&jsonp=__t9rac3osw9m

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.71 -, , ASN (),

Reverse DNS

Software

Resource Hash

bd42cb8c16cbf4576eea889cb82fddb9da4cc892bb45ecbaf59c094951fbb822

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720;
X-Frame-Options	allow-from https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720;
vary: Accept-Encoding
x-frame-options: allow-from https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
date: Tue, 17 May 2022 15:11:59 GMT
content-length: 345
legacy: 2023-06-30
content-type: application/javascript; charset=UTF-8

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/796867273/ 3 KB
2 KB 75ms
25ms Script
text/javascript 2a00:1450:4001:829::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/796867273/?random=1652800318461&cv=9&fst=1652800318461&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720&ref=https%3A%2F%2Fstvkr.com%2F&tiba=Casual%20Womens%20Clothing%20Store%20Online%2C%20Womens%20Dresses%20%26%20Tops%20%7C%20Noracora&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

c1ae7d18413d96351771ae4f49749b60774f82e2f7b97abb3b27abe1ecb99d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1204
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

2fbd08ce3d1f787f3471b34918ac02b6f9e69b0f298a4f65ede5615bb8c79041ac7f4bcb611f57e7daf140d1aa79 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/2fbd08ce3d1f787f3471b34918ac02b6f9e69b0f298a4f65ede5615bb8c79041ac7f4bcb611f57e7daf140d1aa79

0
322 B

102ms
102ms

XHR
text/plain

99.86.7.20

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/2fbd08ce3d1f787f3471b34918ac02b6f9e69b0f298a4f65ede5615bb8c79041ac7f4bcb611f57e7daf140d1aa79

Requested by

Protocol

Server

99.86.7.20 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:12:00 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: gadu3ZjM_XNOvYwD4c_mfZDlS6lYUZkF5lAjUoVcjwyHKtX7hctIbg==

Redirect headers

date: Tue, 17 May 2022 15:11:59 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
location: https://cdn9.forter.com/vchk2/v1/2fbd08ce3d1f787f3471b34918ac02b6f9e69b0f298a4f65ede5615bb8c79041ac7f4bcb611f57e7daf140d1aa79
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: Yb8tJNRJCpEA61ryiCxMSwONdz0UdT-Wme2n5MCW5EkrQE5T-IMYJQ==

GET
BLOB 200
OK 52fddad8-61d7-4e7d-a20b-6f3bbe5af2ef
https://noracora.com/ 12 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://noracora.com/52fddad8-61d7-4e7d-a20b-6f3bbe5af2ef
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5ae6e9290d1ddac2f8ec1589383acd5ae62da5d3b83bcc4c3eec2419ae688bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length: 11959
Content-Type: application/javascript

GET
H2 200 dc_pre=CKyK2v7o5vcCFUO0GwodLBsLkw;src=10726730;type=norac00;cat=norac0;ord=3405996895400;gtm=2od5g0;auiddc=1675267696.1652800318;~oref=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%... Show response
adservice.google.com/ddm/fls/i/ Frame DD5B 699 B
964 B 933ms
44ms Document
text/html 2a00:1450:4001:831::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKyK2v7o5vcCFUO0GwodLBsLkw;src=10726730;type=norac00;cat=norac0;ord=3405996895400;gtm=2od5g0;auiddc=1675267696.1652800318;~oref=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720

Requested by

Host: 10726730.fls.doubleclick.net
URL: https://10726730.fls.doubleclick.net/activityi;dc_pre=CKyK2v7o5vcCFUO0GwodLBsLkw;src=10726730;type=norac00;cat=norac0;ord=3405996895400;gtm=2od5g0;auiddc=1675267696.1652800318;~oref=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

b98153fe43148d71e3be959486b031e33e8114c51ba787e0be6dcd0099f085e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10726730.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 495
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 15:11:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
569 B 127ms
126ms Ping
application/octet-stream 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:11:58 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022051715115801011300603727AF6CC1
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 110,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9f4a9b5de49d624a6fbbf3863e5221798721817b87c24e704a20612ac8ff833bb9d942ee2ad300522b6c97d2b729caf03ffc5f6a98899d60fbec6412bd185ebbfc
server-timing: inner; dur=11, cdn-cache; desc=MISS, edge; dur=0, origin; dur=110
x-akamai-request-id: 7ae3ae6
content-length: 0
expires: Tue, 17 May 2022 15:11:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
568 B 140ms
139ms Ping
application/octet-stream 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:11:58 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022051715115801011313518810912CCF
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 122,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9fbc6ee8c111a1dc251c84e552db45b5baa1324085aaa2bd57c8b1f43ac91cc0366dccd116576daff4c52fdfbdd4234a10b9d246e391d42e7d3d59225766857c71
server-timing: inner; dur=11, cdn-cache; desc=MISS, edge; dur=2, origin; dur=122
x-akamai-request-id: 7ae3aea
content-length: 0
expires: Tue, 17 May 2022 15:11:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
569 B 132ms
131ms Ping
application/octet-stream 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:11:58 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022051715115801011300619411E226B9
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 109,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9f4a9b5de49d624a6fbbf3863e52217987b0ea08260fd372d88ff94f4fe05bbfe0700dd443289e790c08f4a8fab1909e06068ee76a98fcee3c19b0be1681b719b5
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=8, origin; dur=109
x-akamai-request-id: 7ae3afc
content-length: 0
expires: Tue, 17 May 2022 15:11:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
710 B 295ms
294ms Ping
application/octet-stream 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6b5de1fb.7ae3afe
date: Tue, 17 May 2022 15:11:58 GMT
x-cache-remote: TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 267,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=236, origin; dur=34, inner; dur=12
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202205171511560101130072321A171B1F
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 34,23.220.104.7
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e09cf48e2a8c21fc3050d9899e0c4a58d77b37d73eaf0eb3af24847da3a966d4ff93142b0acd14089be6a18374c999be986abb621ae7ff1414c5af28d5c192154ee05d4288d9b9c057f3196277c1da7877c3fd45267199a122eb835c7bfd60a2
expires: Tue, 17 May 2022 15:11:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
568 B 126ms
125ms Ping
application/octet-stream 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:11:58 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022051715115801011300613307EF2ADF
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 107,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9f4a9b5de49d624a6fbbf3863e522179877b0e7a6e7c300f55502e2ddf19a2712b9612cfbc2aa2f59e0303b3327b4610cca45d51d112c978c254d15c6f9ef00cbf
server-timing: inner; dur=11, cdn-cache; desc=MISS, edge; dur=9, origin; dur=107
x-akamai-request-id: 7ae3b02
content-length: 0
expires: Tue, 17 May 2022 15:11:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
709 B 134ms
129ms Ping
application/octet-stream 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 250d4a5.7ae3b5b
date: Tue, 17 May 2022 15:11:58 GMT
x-cache-remote: TCP_MISS from a184-51-149-175.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 117,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=18, inner; dur=9
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022051715115801011300606901839B54
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 18,184.51.149.175
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd99535ad01e9350be19accde1ae3cf043ec695318f9e213604ae80227911c10a176c063ff7e6a90c658a23b57a02d54e27f5147a894ad9aa400badadf34726d0065ad70e2e2fcb84ceea0d4d6241846187cb909e1fd78457cbad1de9755ad0752eb5
expires: Tue, 17 May 2022 15:11:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
710 B 149ms
147ms Ping
application/octet-stream 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 19310388.7ae3b95
date: Tue, 17 May 2022 15:11:58 GMT
x-cache-remote: TCP_MISS from a23-220-104-11.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 125,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=30, inner; dur=28
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022051715115601011313407506F08A65
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 30,23.220.104.11
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e09cf48e2a8c21fc3050d9899e0c4a585efbe4884e388445bbd9d0d63cb193a4a16c28e56245198589e7dd87575b6065f0ad446ce2e442ffc28578ecd13e9801f0b9aa0fba72eba4097f8daaa806d44625b76ff93901c2725dae4ec189418bc8
expires: Tue, 17 May 2022 15:11:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
711 B 140ms
139ms Ping
application/octet-stream 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7da74025.7ae3b9b
date: Tue, 17 May 2022 15:11:58 GMT
x-cache-remote: TCP_MISS from a184-51-149-180.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 122,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=26, inner; dur=8
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202205171511580101131350091BA9B99E
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 26,184.51.149.180
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd99535ad01e9350be19accde1ae3cf043ec6102164d7e36f7685447d903e4deb3c2432c2ef5db86e7b0268f664f67d9564db475be8e5831bd7954112dc462a07f923bf873b22f6f5b5283415ba49eabee2444a1f4c6d7c9d211c9a1fe4474d4b0b56
expires: Tue, 17 May 2022 15:11:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
566 B 109ms
108ms Ping
application/octet-stream 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:11:58 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022051715115801011313520905526629
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 101,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9fbc6ee8c111a1dc251c84e552db45b5ba0d7b540e063e9eb7d384e52bfc9dcc6d1dfdc1f5db9ffbe58acde1258474399ac2fdb6f7d2699053f5729aa80ec18b46
server-timing: inner; dur=9, cdn-cache; desc=MISS, edge; dur=0, origin; dur=101
x-akamai-request-id: 7ae3ba5
content-length: 0
expires: Tue, 17 May 2022 15:11:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
568 B 133ms
132ms Ping
application/octet-stream 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:11:58 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202205171511580101131352331563B9C1
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 114,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9fbc6ee8c111a1dc251c84e552db45b5badb366ad193433c5ed3c6a733cc15bf2713f83462709e82ff5b29d04479d46e1b1d3845e5086e4d6fc1c5405f721c29c0
server-timing: inner; dur=24, cdn-cache; desc=MISS, edge; dur=8, origin; dur=114
x-akamai-request-id: 7ae3bb5
content-length: 0
expires: Tue, 17 May 2022 15:11:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
566 B 143ms
143ms Ping
application/octet-stream 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:11:58 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220517151158010113135200181D1E71
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 127,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9fbc6ee8c111a1dc251c84e552db45b5bac92ec956dfc3b189743a2e954c180b417f2bcece9eec98094babe23127128aa0e1385116414b75fe695ccfe4034cd3a7
server-timing: inner; dur=14, cdn-cache; desc=MISS, edge; dur=3, origin; dur=127
x-akamai-request-id: 7ae3bd0
content-length: 0
expires: Tue, 17 May 2022 15:11:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
711 B 136ms
136ms Ping
application/octet-stream 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7200a273.7ae3c0c
date: Tue, 17 May 2022 15:11:58 GMT
x-cache-remote: TCP_MISS from a184-51-149-206.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 114,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=28, inner; dur=13
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022051715115701011300707609601DB7
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 28,184.51.149.206
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd99535ad01e9350be19accde1ae3cf043ec6ad144dedbbc1e5b54894b237c5935c24e4e91eeb39f3adecdf16940d6ac612800cabbfd803c99ef653af0b8fdece3f7f491139cec6fe15c971df9e6a2aeb420d4307fdd6870949b6cb15647699bcf388
expires: Tue, 17 May 2022 15:11:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
568 B 123ms
123ms Ping
application/octet-stream 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:11:58 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022051715115801011300603727AF6CDE
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 113,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9f4a9b5de49d624a6fbbf3863e5221798721817b87c24e704a20612ac8ff833bb918c109ca207fa9eedd9c61c0c4f2226e5a8e7833412a6e7fbb67fcee13e43de2
server-timing: inner; dur=10, cdn-cache; desc=MISS, edge; dur=0, origin; dur=113
x-akamai-request-id: 7ae3c21
content-length: 0
expires: Tue, 17 May 2022 15:11:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
568 B 125ms
124ms Ping
application/octet-stream 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:11:58 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022051715115801011300619411E226D4
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 109,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9f4a9b5de49d624a6fbbf3863e52217987b0ea08260fd372d88ff94f4fe05bbfe0878981611f452a84a1d4c0a07c52cf02dc77dda4255b409436eacb0282bcede3
server-timing: inner; dur=10, cdn-cache; desc=MISS, edge; dur=0, origin; dur=109
x-akamai-request-id: 7ae3c3d
content-length: 0
expires: Tue, 17 May 2022 15:11:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
567 B 135ms
134ms Ping
application/octet-stream 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:11:58 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022051715115801011313518810912CF0
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 117,23.36.161.202
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e4a400542c67d45f48ee3b6d9a5cec9fbc6ee8c111a1dc251c84e552db45b5baa1324085aaa2bd57c8b1f43ac91cc036d0b7e1ec62ca83d9e17744b0c84066a923eeb7825ae4febcb633a95f8c4a5523
server-timing: inner; dur=14, cdn-cache; desc=MISS, edge; dur=1, origin; dur=117
x-akamai-request-id: 7ae3c52
content-length: 0
expires: Tue, 17 May 2022 15:11:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
711 B 183ms
181ms Ping
application/octet-stream 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6573f0a0.7ae3c63
date: Tue, 17 May 2022 15:11:58 GMT
x-cache-remote: TCP_MISS from a184-51-149-142.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 166,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=144, origin; dur=25, inner; dur=9
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220517151157010113134106050A9292
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 25,184.51.149.142
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd99535ad01e9350be19accde1ae3cf043ec61427a18a49ac9f49f8a4157632ba43eb08c874a1c48dc45a04f07914d712bec64d45e55bc385b60f311a8c3e37c1b56c914a4e25b7265458f0975ecfc02a1b298b054632f60db48dba107e9e61467933
expires: Tue, 17 May 2022 15:11:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
710 B 108ms
108ms Ping
application/octet-stream 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 79d118c5.7ae3c6e
date: Tue, 17 May 2022 15:11:58 GMT
x-cache-remote: TCP_MISS from a184-51-149-148.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 100,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=15, inner; dur=9
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220517151158010113006165208A5F71
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 15,184.51.149.148
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd99535ad01e9350be19accde1ae3cf043ec608af676a14043f4a45904866625a3e941c78623279fedc9c424f082f7997bedb03263e59a2b83c5653aaf8934e1952a3e383fb785e23240f5ce6c9ca20dda222101cf0bb957409586eae197c2df6581f
expires: Tue, 17 May 2022 15:11:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
711 B 138ms
137ms Ping
application/octet-stream 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3ad76fef.7ae3caf
date: Tue, 17 May 2022 15:11:58 GMT
x-cache-remote: TCP_MISS from a184-51-149-150.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 109,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=24, inner; dur=12
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022051715115801011313505005620B20
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 24,184.51.149.150
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd99535ad01e9350be19accde1ae3cf043ec6f88247c46c9fbcc01a5b1ad042af7d11b5e6075832aee7ad3b4847f7805d396da898eda03ec48e8b61a5766edcde9a1ae9854469d9c5894ec44133a92444d46d465d0ff2f8847599f2349858e54e77ae
expires: Tue, 17 May 2022 15:11:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
708 B 126ms
125ms Ping
application/octet-stream 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C488U928DUFBM3732U2G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6b5dda39.7ae3cb3
date: Tue, 17 May 2022 15:11:58 GMT
x-cache-remote: TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 108,23.36.161.202
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=12, inner; dur=9
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022051715115701011300707614695571
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.220.104.7
x-tt-trace-host: 0175b5813af3470dbb78432686a19dd995e09cf48e2a8c21fc3050d9899e0c4a58d77b37d73eaf0eb3af24847da3a966d42e06a720ff1910e105b72a7a960d0ed00fcdce313fd5d4cb1edc002bdfcb66825ba5359d9179f1bc883b72c83e35ddb262458c6f7d58c8da5b16453911b2eb8e
expires: Tue, 17 May 2022 15:11:58 GMT

GET
H2 200 bundle.tracing.min.js Show response
browser.sentry-cdn.com/6.17.9/ 89 KB
89 KB 726ms
7ms Script
application/javascript 2a04:4e42:200::729

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.17.9/bundle.tracing.min.js

Requested by

Host: cmall-static-resource.s3.us-west-2.amazonaws.com
URL: https://cmall-static-resource.s3.us-west-2.amazonaws.com/libs/sentry-utils/1.1.7/sentry-util.umd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

3e40fce7a45adfa95bcd4b3f99b56a8e24ccb9672a2597a71229c6fe020cb4c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:59 GMT
last-modified: Wed, 16 Feb 2022 13:06:26 GMT
server: Fastly
age: 5383033
etag: W/"6e7867ba1be1fee889d1f2f64a5b84f6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-guploader-response-body-transformations: gunzipped
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
access-control-allow-origin: *
content-length: 90662
expires: Thu, 16 Mar 2023 07:54:46 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 283ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: noracora.com
URL: https://noracora.com/_next/static/chunks/062d88ebf2290e024a99702ef82f3fb8a8adaae4.b0b020cecece3a5ab052.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

ccfd49b1835856dd58068f8a8db2388dfaf0c2cd5f0ace85e924e404bb832af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: L75Ok2v6e2lqD+0Dz63YFg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Tue, 17 May 2022 15:13:35 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 1kohhMCcKUHRMuQIO4AZIyFgHGB9bZdjl7azAEmyC68+2iwQQw1kyLLcYfpW4MWiyMUf23krQr8wR13hQLMuUA==
x-fb-trip-id: 917726464
x-fb-content-md5: 8ba325e71b8cb913145c016edcae506a
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 17 May 2022 15:11:59 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "19f3ad2b22cc318661ce56bbc4597a40"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 41ms
14ms Script
text/javascript 2a00:1450:4014:80f::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: noracora.com
URL: https://noracora.com/_next/static/chunks/2e77556187aab7d7da499b9f68205317b087d73c.947c0ddcc0949aecb29f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3696
date: Tue, 17 May 2022 14:10:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 17 May 2022 16:10:23 GMT

GET
H2 200 131.eebc8527c68e13e248c2.js Show response
noracora.com/_next/static/chunks/ 6 KB
3 KB 241ms
241ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/131.eebc8527c68e13e248c2.js

Requested by

Host: noracora.com
URL: https://noracora.com/_next/static/chunks/webpack-90719b980c209c207237.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

f496e35c98dbeed1378159c12d3a149a5769d3e2bab62f172df7da99be876b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 44.276ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"1772-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: a13DXIpJRBajBs6j4C0_4jie6C2EjZNgSabQT0tVFL9ieMKhlFQTHA==

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 101ms
101ms Image
image/gif 64.202.112.31

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00ea78aa863de12d0f9b5b8f44cb930763&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720&optOut=false&bust=07192284110784832
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 15:11:59 GMT
Cache-Control: no-cache
X-TraceId: 821d382b46db77b516c242a61f8b7ca4
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 attr Show response
noracora.com/rest/products/ 5 KB
698 B 216ms
216ms XHR
application/json 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/rest/products/attr?id=11628847,13222926,13335163,13254491,11761641,13344600,13167990,13417681,12667861,13417816,13415415,11930454,13315756,9118650,11849599,13315767,12891443,13314814,12096786,13231401&with=review,corner_mark

Requested by

Host: noracora.com
URL: https://noracora.com/_next/static/chunks/468d62d50f96ff182eaa6461aeffe179ddb51e55.9d5692061dee2e321a4c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty /

Resource Hash

2a954cbb3d4a7d971e776e74137055801d2af612a5187101688e41d63e0dbc16

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

site-domain: noracora.com
foo-real-ip
platform-appVersion
accept-language: de-DE,de;q=0.9
Authorization: un-exist
utm-medium
is_abandon: 1
x-currency-code: USD
from-edm
x-language-id: 4
forter-token: a2be1ed49e1c42499e547290e30473be_1652800317617__UDF43_9ck
x-real-port: un-exist
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
x-utm-source: Affiliate
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
x-real-origin: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
x-sub-email
x-mirage-cid
client-os: pc

Response headers

date: Tue, 17 May 2022 15:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: ZAG50-C1
etag: W/"2623f911fd8bf9ffcec6fdf8dcc4f701e9dc0351"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Miss from cloudfront
content-type: application/json
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: private, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: HEb8e1HOA4rVUt1uYMTu-98ztCjSnFoIzsSYRrc90chOjTqEZZj2XA==
x-xss-protection: 1; mode=block

GET
H2 200 nav Show response
noracora.com/rest/simple/ 64 KB
7 KB 258ms
258ms XHR
application/json 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/rest/simple/nav?type=mobile

Requested by

Host: noracora.com
URL: https://noracora.com/_next/static/chunks/468d62d50f96ff182eaa6461aeffe179ddb51e55.9d5692061dee2e321a4c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty /

Resource Hash

1128defc1bb060a86cfb24fae08527827b9a0da67591c05a7da7e75a63e96300

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

site-domain: noracora.com
foo-real-ip
platform-appVersion
accept-language: de-DE,de;q=0.9
Authorization: un-exist
utm-medium
is_abandon: 1
x-currency-code: USD
from-edm
x-language-id: 4
forter-token: a2be1ed49e1c42499e547290e30473be_1652800317617__UDF43_9ck
x-real-port: un-exist
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
x-utm-source: Affiliate
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
x-real-origin: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
x-sub-email
x-mirage-cid
client-os: pc

Response headers

date: Tue, 17 May 2022 15:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: ZAG50-C1
etag: W/"879aa65d20778767a4d8c4e620e26d08aa79cf83"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Miss from cloudfront
content-type: application/json
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: private, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: -_Z0YizOCbaVfLS6MiTqz8I_1Jqr_WRv44ZmY6kV7d-IWrbcR_00Fw==
x-xss-protection: 1; mode=block

GET
H2 200 term_services Show response
noracora.com/rest/ 1 KB
898 B 220ms
220ms XHR
application/json 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/rest/term_services

Requested by

Host: noracora.com
URL: https://noracora.com/_next/static/chunks/468d62d50f96ff182eaa6461aeffe179ddb51e55.9d5692061dee2e321a4c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty /

Resource Hash

bea31dce1870a821ccbe0f1fc53d37af0afd26d9592aa294c7713327b697bb29

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

site-domain: noracora.com
foo-real-ip
platform-appVersion
accept-language: de-DE,de;q=0.9
Authorization: un-exist
utm-medium
is_abandon: 1
x-currency-code: USD
from-edm
x-language-id: 4
forter-token: a2be1ed49e1c42499e547290e30473be_1652800317617__UDF43_9ck
x-real-port: un-exist
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
x-utm-source: Affiliate
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
x-real-origin: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
x-sub-email
x-mirage-cid
client-os: pc

Response headers

date: Tue, 17 May 2022 15:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: ZAG50-C1
etag: W/"3d28388f026054829d22fe1a75c28ffa63f0399f"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Miss from cloudfront
content-type: application/json
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: private, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: ysqG3Hu15U57xp5l2tilPwFsSuXU1oDxcPXchrBA_-J6fBf7PbwNHA==
x-xss-protection: 1; mode=block

GET
H2 200 navigation Show response
noracora.com/rest/ 9 KB
2 KB 253ms
253ms XHR
application/json 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/rest/navigation?type=bottom

Requested by

Host: noracora.com
URL: https://noracora.com/_next/static/chunks/468d62d50f96ff182eaa6461aeffe179ddb51e55.9d5692061dee2e321a4c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty /

Resource Hash

ea1e9c96ddc44937cacd0aaa9f0b379f5222507d984dd5b286a0e7a985790035

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

site-domain: noracora.com
foo-real-ip
platform-appVersion
accept-language: de-DE,de;q=0.9
Authorization: un-exist
utm-medium
is_abandon: 1
x-currency-code: USD
from-edm
x-language-id: 4
forter-token: a2be1ed49e1c42499e547290e30473be_1652800317617__UDF43_9ck
x-real-port: un-exist
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
x-utm-source: Affiliate
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
x-real-origin: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
x-sub-email
x-mirage-cid
client-os: pc

Response headers

date: Tue, 17 May 2022 15:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: ZAG50-C1
etag: W/"d2b2d18d3550aaac49aa385fba590ee737c7824d"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Miss from cloudfront
content-type: application/json
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: private, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: u9UrJOjmT8yx95DnkUp7q2pnTkAQWq7ysjsggds1_DCd_HBXw5yBfA==
x-xss-protection: 1; mode=block

GET
H2 200 subdomain Show response
noracora.com/rest/domain_name/ 266 B
630 B 234ms
233ms XHR
application/json 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/rest/domain_name/subdomain

Requested by

Host: noracora.com
URL: https://noracora.com/_next/static/chunks/468d62d50f96ff182eaa6461aeffe179ddb51e55.9d5692061dee2e321a4c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty /

Resource Hash

c603443b7b0fa530ed7fe59a7dcdbb5e64d99ec56a1082bd5651981a031e536a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

site-domain: noracora.com
foo-real-ip
platform-appVersion
accept-language: de-DE,de;q=0.9
Authorization: un-exist
utm-medium
is_abandon: 1
x-currency-code: USD
from-edm
x-language-id: 4
forter-token: a2be1ed49e1c42499e547290e30473be_1652800317617__UDF43_9ck
x-real-port: un-exist
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
x-utm-source: Affiliate
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
x-real-origin: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
x-sub-email
x-mirage-cid
client-os: pc

Response headers

date: Tue, 17 May 2022 15:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: ZAG50-C1
etag: W/"0f4e09981393add79f7952f7646bf5836f467209"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Miss from cloudfront
content-type: application/json
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: private, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: EllfLyp_qVboZKo14NxswJEOL_xGkTeLGgSkDDix5xitLyb21lxLnA==
x-xss-protection: 1; mode=block

GET
H2 200 Q8dmOiOm2l1608113693.png
noracora.com/image/catalog/activity/ 482 B
838 B 21ms
21ms Image
image/webp 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noracora.com/image/catalog/activity/Q8dmOiOm2l1608113693.png
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.26.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-26-121.zag50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 870ce1d50e308cca893a59c22c437f8b306f1e49ce34fd24b5688621008c9e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 18:57:37 GMT
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
last-modified: Tue, 09 Feb 2021 19:16:07 GMT
server: AmazonS3
age: 159263
etag: "13c5a8c97167ed9293bc4efb20104df2"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-length: 482
x-amz-cf-id: yde54KV6O4sKpZu2XevQQ4h1CL80vVVUm5P0labqmd28prkZhqMCCg==

GET
H2 200 LXD7UEiyMu1608113490.png
noracora.com/image/catalog/activity/ 586 B
942 B 22ms
21ms Image
image/webp 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noracora.com/image/catalog/activity/LXD7UEiyMu1608113490.png
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.26.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-26-121.zag50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e24bf5c4766749d78d4eba852f25128baaec3dcfebdf55a61224eb25781b541

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 04:26:06 GMT
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
last-modified: Wed, 16 Dec 2020 10:11:50 GMT
server: AmazonS3
age: 125154
etag: "fdecb38bb64e7c11249526bd48250257"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-length: 586
x-amz-cf-id: C7WxRVZV2KaFNS8oQOiJlukjfKekcrtV_RiTnJ9toKihN3TxV6JATQ==

GET
H2 200 DMCA_logo-grn-btn100w.png
images.dmca.com/Badges/ 4 KB
4 KB 304ms
29ms Image
image/png 151.139.242.29

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/DMCA_logo-grn-btn100w.png?ID=5b6a1078-24f0-4f26-9764-7e3b22f78cef
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 -, , ASN (),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: c9604d43e9ef350f22eb191f170a6cb8787feb44c22feabc9bcfbc90317e200e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:12:00 GMT
last-modified: Thu, 22 Apr 2010 19:55:17 GMT
server: nginx
x-powered-by: ASP.NET
etag: "b4f45bb55e2ca1:0"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.azurewebsites.net/Badges/DMCA_logo-grn-btn100w.png>; rel="canonical"
content-length: 3713
expires: Thu, 16 Jun 2022 15:12:00 GMT

OPTIONS
H2 200 /
harbor-hyperf.harborcdn.com/ Frame 0
0 153ms
153ms Preflight
application/octet-stream 2600:9000:224a:1c00:14:28af:c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://harbor-hyperf.harborcdn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1c00:14:28af:c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://noracora.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-origin: *
access-control-max-age: 172800
content-length: 0
content-type: application/octet-stream
date: Tue, 17 May 2022 15:12:00 GMT
server: nginx/1.21.0
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-id: ZARTAU9hpRokf5uS_afLIWEYvdug52ZdNOHTNVnjxI4c1BESIyXXVQ==
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront

POST
H2 200 / Show response
harbor-hyperf.harborcdn.com/ 2 B
348 B 157ms
156ms XHR
text/html 2600:9000:224a:1c00:14:28af:c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://harbor-hyperf.harborcdn.com/
Requested by: Host: harbor-hyperf.harborcdn.com
URL: https://harbor-hyperf.harborcdn.com/statisData/js/statisData.modern.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1c00:14:28af:c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.0 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 May 2022 15:12:00 GMT
content-encoding: gzip
server: nginx/1.21.0
x-amz-cf-pop: DUS51-P1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: AcSi1cQOY4mdzimXMFL8XscmWz6ehMny97r7tc0vd8InnHhIJyIJVw==
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)

GET
H2 200 log.js Show response
wzstatic1.streamoptim.com/ 23 KB
9 KB 8ms
8ms Script
application/javascript 2600:9000:214f:8400:a:d1a:b500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wzstatic1.streamoptim.com/log.js
Requested by: Host: wzstatic1.streamoptim.com
URL: https://wzstatic1.streamoptim.com/stream-harbor.js?shop=noracora.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8400:a:d1a:b500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 933405701c29b58aa121b9574fada92036c2d9e2427e11e0bbe92e3fd55e888a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:11:37 GMT
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
last-modified: Tue, 15 Mar 2022 08:37:01 GMT
age: 25225
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-pop: FRA53-C1
content-encoding: gzip
x-amz-cf-id: vBjtf_QvK0QdliI3gktA9S2o1O_-R4iBgIpfHgJK1jlOPNWfRZCRow==
service-worker-allowed: /

GET
H2 200 config Show response
exit.streamoptim.com/prize/ 115 B
308 B 626ms
178ms XHR
application/json 198.11.178.42

General

Check archive.org

Show headers Download Go to

Full URL: https://exit.streamoptim.com/prize/config?uid=&ukey=5hc0fcqhx365&shop=noracora.com&url=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720
Requested by: Host: wzstatic1.streamoptim.com
URL: https://wzstatic1.streamoptim.com/stream-harbor.js?shop=noracora.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.11.178.42 -, , ASN (),
Reverse DNS
Software: / PHP/7.3.3
Resource Hash: 2bafd66077b4b0c72d6a5371eb1d96e8671b26ffe3139a91bbbbe198a7bba703

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://noracora.com
date: Tue, 17 May 2022 15:12:00 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
x-powered-by: PHP/7.3.3
access-control-expose-headers: X-Redirect

GET
H2 200 stream-subscribe.js Show response
wzstatic1.streamoptim.com/ 600 KB
308 KB 9ms
8ms Script
application/javascript 2600:9000:214f:8400:a:d1a:b500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wzstatic1.streamoptim.com/stream-subscribe.js
Requested by: Host: wzstatic1.streamoptim.com
URL: https://wzstatic1.streamoptim.com/stream-harbor.js?shop=noracora.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8400:a:d1a:b500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1f1ffdd32e572a5abb5540e6c2d447b8d51a75135ee410e7d8a84d846a23790c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 03:36:51 GMT
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
last-modified: Sat, 07 May 2022 09:21:33 GMT
age: 41708
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-pop: FRA53-C1
content-encoding: gzip
x-amz-cf-id: Cu2w24uAXQemdj0Nbr0nVHGGYCb2eSGlikjtn4vfZuLc-CDGQSdX2Q==
service-worker-allowed: /

POST
H2 200 bury-log-web Show response
jingwei.harborcdn.com/v1/dot/topic/ 97 B
365 B 555ms
177ms XHR
application/json 44.240.119.169

General

Check archive.org

Show headers Download Go to

Full URL: https://jingwei.harborcdn.com/v1/dot/topic/bury-log-web
Requested by: Host: harbor-hyperf.harborcdn.com
URL: https://harbor-hyperf.harborcdn.com/collect-data/collectData.modern.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.119.169 -, , ASN (),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9bd98639c897234e99ad70e510b4742fa9eaa655b34a1dae3429d677485a69f0

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://noracora.com
date: Tue, 17 May 2022 15:12:00 GMT
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: X-Tingyun-Data

GET
H2 200 /
www.google.com/pagead/1p-user-list/796867273/ 42 B
548 B 50ms
23ms Image
image/gif 2a00:1450:4001:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/796867273/?random=1652800318461&cv=9&fst=1652799600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720&ref=https%3A%2F%2Fstvkr.com%2F&tiba=Casual%20Womens%20Clothing%20Store%20Online%2C%20Womens%20Dresses%20%26%20Tops%20%7C%20Noracora&async=1&fmt=3&is_vtc=1&random=3911049921&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:12:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/796867273/ 42 B
548 B 52ms
23ms Image
image/gif 2a00:1450:4001:810::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/796867273/?random=1652800318461&cv=9&fst=1652799600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720&ref=https%3A%2F%2Fstvkr.com%2F&tiba=Casual%20Womens%20Clothing%20Store%20Online%2C%20Womens%20Dresses%20%26%20Tops%20%7C%20Noracora&async=1&fmt=3&is_vtc=1&random=3911049921&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:12:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cb16e9a42621755dff0c7f4c6108defb605e7e97.124960f5c4bef5cef631.js
noracora.com/_next/static/chunks/ 0
5 KB 44ms
42ms Other
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/cb16e9a42621755dff0c7f4c6108defb605e7e97.124960f5c4bef5cef631.js

Requested by

Host: noracora.com
URL: https://noracora.com/_next/static/chunks/commons.c1e8cb5bddc14e39df3d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3
x-powered-by: Express
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 1.714ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"2e08-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: 2DP7Gb-cOVNBWZcsYxt2Fixvt6B1BvJctrmAsoAUp0SuGpgWIkSLJQ==

GET
H2 200 1ad6307d6727159eb4c2561fbc3ffa30080c8e6c.a12cacafdc68f4fa6364.js
noracora.com/_next/static/chunks/ 0
4 KB 45ms
42ms Other
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/1ad6307d6727159eb4c2561fbc3ffa30080c8e6c.a12cacafdc68f4fa6364.js

Requested by

Host: noracora.com
URL: https://noracora.com/_next/static/chunks/commons.c1e8cb5bddc14e39df3d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3
x-powered-by: Express
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.761ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"336a-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: k7GyN-1vEliimAvVKEd7vwhji6k8oLv4iRFgG6QT53oXlNJO3SEpzA==

GET
H2 200 6a4b677102e8d7206c109266081f35e697ba4b31.b1e25f2137df733b6acd.js
noracora.com/_next/static/chunks/ 0
15 KB 44ms
41ms Other
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/6a4b677102e8d7206c109266081f35e697ba4b31.b1e25f2137df733b6acd.js

Requested by

Host: noracora.com
URL: https://noracora.com/_next/static/chunks/commons.c1e8cb5bddc14e39df3d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3
x-powered-by: Express
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.855ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"c777-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: y-0r1MQ_KhTv88KFWsa235fjHtJZ6KAS_RWeBzHnMdwTD64PmRM7LA==

GET
H2 200 5c8e9372be9ed8b7f0bcfe79f67a184ea4f76124.be7a5009efdb52f24d87.js
noracora.com/_next/static/chunks/ 0
3 KB 42ms
39ms Other
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/5c8e9372be9ed8b7f0bcfe79f67a184ea4f76124.be7a5009efdb52f24d87.js

Requested by

Host: noracora.com
URL: https://noracora.com/_next/static/chunks/commons.c1e8cb5bddc14e39df3d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3
x-powered-by: Express
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 1.296ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"2661-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: vQzgYwT3cT9GYrBYpW23PgSS0CKV-iv8vV-MMwuVDSvWV_yswk_vqA==

GET
H2 200 3fa230860bcb0c5c5744caf0fc0f6d65895fa478.c1ab4c5644307f0b6801.js
noracora.com/_next/static/chunks/ 0
4 KB 200ms
198ms Other
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/3fa230860bcb0c5c5744caf0fc0f6d65895fa478.c1ab4c5644307f0b6801.js

Requested by

Host: noracora.com
URL: https://noracora.com/_next/static/chunks/commons.c1e8cb5bddc14e39df3d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 1.510ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"2bfe-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 14r6h1DPu8WBu4QZcAfxBWzZ19MIHr0xnDwapUv77PDUWEDB20WOuQ==

GET
H2 200 b99c52a0318916b3d7f621f22c807a318c833c12.04bed6d9d22b0405bd70.js
noracora.com/_next/static/chunks/ 0
20 KB 253ms
251ms Other
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/b99c52a0318916b3d7f621f22c807a318c833c12.04bed6d9d22b0405bd70.js

Requested by

Host: noracora.com
URL: https://noracora.com/_next/static/chunks/commons.c1e8cb5bddc14e39df3d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.799ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"11260-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: UNNgJ9p145szTUrzqIXQTVuSLJo8Ju8ieyKjNQD5HdEBOi2WLyejPA==

GET
H2 200 5d2baf1d22a39c41ba497c524c441eeeeb882675.b0b31302284c09653a09.js
noracora.com/_next/static/chunks/ 0
4 KB 201ms
200ms Other
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/5d2baf1d22a39c41ba497c524c441eeeeb882675.b0b31302284c09653a09.js

Requested by

Host: noracora.com
URL: https://noracora.com/_next/static/chunks/commons.c1e8cb5bddc14e39df3d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.866ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"2a2f-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: I_mJjlNO2yAtPJE6qRWg6tJNLMkRy3-fz2F8Vx4YBeNh7fSipsjctA==

GET
H2 200 flashsale-20bbc5355635c3325763.js
noracora.com/_next/static/chunks/pages/ 0
21 KB 200ms
199ms Other
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/pages/flashsale-20bbc5355635c3325763.js

Requested by

Host: noracora.com
URL: https://noracora.com/_next/static/chunks/commons.c1e8cb5bddc14e39df3d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZAG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.806ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"1340b-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: IT8eaLrBA4EiX3Jb9XFjOHMryUP6TqW4O8HyKS3bki6sBeowf3wtng==

GET
H2 200 ZFLfA8CeUK1639987648.png
noracora.com/image/catalog/activity/ 6 KB
6 KB 33ms
30ms Image
image/webp 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noracora.com/image/catalog/activity/ZFLfA8CeUK1639987648.png
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.26.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-26-121.zag50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5f3d285fe0cecc381f4fdfeae09acd9192e2a748ae9b0e28880da5e9c37f2e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 04:37:18 GMT
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
last-modified: Mon, 20 Dec 2021 08:07:37 GMT
server: AmazonS3
age: 124483
etag: "3baeb27dc97d903e31cf70878014b18b"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-length: 5996
x-amz-cf-id: 6Nei_8vdMlrZP7O6DWiTEY0Ojb3wVVS1jPm7K6DY5o3ezZKl2NAiEQ==

GET
H2 200 fgVQoMyBOj1640352953.png
noracora.com/image/catalog/activity/ 1 KB
2 KB 34ms
30ms Image
image/webp 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noracora.com/image/catalog/activity/fgVQoMyBOj1640352953.png
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.26.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-26-121.zag50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c032c71b7cd53fbdf9115d21cb866e05b99a8aa6dbaae110bc88d826fa0c714

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 03:54:30 GMT
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
last-modified: Fri, 24 Dec 2021 13:36:27 GMT
server: AmazonS3
age: 127051
etag: "a7ca4ba93cdd02f71255522a8d929071"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-length: 1272
x-amz-cf-id: pCUx_uOP2PAjBosUGA5MRxv26aKPMIwy0eOcTi5_WON2wOvoaiesYg==

POST
H/1.1 200
OK / Show response
sentry.chicv.com/api/3/envelope/ 2 B
311 B 543ms
176ms Fetch
application/json 52.88.55.75

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry.chicv.com/api/3/envelope/?sentry_key=d64451f78a654021a9895cfd16e39413&sentry_version=7
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.9/bundle.tracing.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.88.55.75 -, , ASN (),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://noracora.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 17 May 2022 15:12:00 GMT
Server: nginx/1.14.0 (Ubuntu)
vary: Origin
Content-Type: application/json
access-control-allow-origin: https://noracora.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
Connection: keep-alive
Content-Length: 2

GET
H2 200 dc_pre=CKyK2v7o5vcCFUO0GwodLBsLkw;src=10726730;type=norac00;cat=norac0;ord=3405996895400;gtm=2od5g0;auiddc=1675267696.1652800318;~oref=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%... Show response
adservice.google.de/ddm/fls/i/ Frame B1F1 194 B
870 B 77ms
48ms Document
text/html 2a00:1450:4001:82b::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CKyK2v7o5vcCFUO0GwodLBsLkw;src=10726730;type=norac00;cat=norac0;ord=3405996895400;gtm=2od5g0;auiddc=1675267696.1652800318;~oref=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKyK2v7o5vcCFUO0GwodLBsLkw;src=10726730;type=norac00;cat=norac0;ord=3405996895400;gtm=2od5g0;auiddc=1675267696.1652800318;~oref=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 15:12:00 GMT
expires: Tue, 17 May 2022 15:12:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 6 KB
2 KB 499ms
498ms Script
application/javascript 23.36.162.71

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=12657117&version=553.6.6.5074.1110.313.10.8.1.1.1.6&group_id=1&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.71 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 921b6510be7d5658379417f20d0ed7747eeb57b8f0ff1d025b577c75b4a74ebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:12:00 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
cache-control: public, max-age=600
content-length: 1635
expires: Tue, 17 May 2022 15:22:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 286 KB
82 KB 19ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=15dbe223d8bea5659ea72809e745903f

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

f729a145513e9a80525f5dfbdfa5f02c6c25c69562229e2d57c1544ec0e56295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: p3PVABzHmKX9wWuBzweqng==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 17 May 2023 14:24:44 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 83818
x-fb-rlafr: 0
x-fb-debug: NYBwY7Y2AgFqN6NUemuHzg3TgFQcMly9mZ7f43+9o2UfMu1VunD3UQhbDSWPmOT0QPXyYmEDbJVZmX60izVjCg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 0e44481e4d056ac715d8ff873009d91f
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 17 May 2022 15:12:00 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "645e4bf2bcfe9cafc3149d226ffd692e"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 81 KB
24 KB 39ms
8ms Script
text/javascript 65.9.63.28

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=qwDB2QrCWObUu96G6R7zIn49flhDeE8zRWZBYzJSeGtIcUZydE0vY2Z2UnNhdy90aDdqZitPd1ZqUXYrc2tOWVRCcmxuN05NQWdxZ3BNUFpGWHpKaDVKcHh5TktiQ0NsSjNVUGRyLzA4ZGRUeEZFb0FpL0V5Wkh2ZWU0M0VOVk1vK0hZWXdzQ3oweDdVc0dXYk81VXZaV1NPQk5WM0trZys5azZQa3NEa1dlYTBxRUhWZWpBeU9OdFlaQW5tVW9pUmdrMlIyRFlZcjB1YUJoYW9UMW5vQnF6dzdJUkxhS1haTzk5OHpuL1MwMEhBaXFZTVJvQ3kyOWxLQURoZU9wUE9ONG1vYWxvdENoWlUvOFVIN3dtVWZJRkRqK21LK29TVTZVRkUybFFFWTYwOWkrZUMyV1NCSEk0SzlCY3ZBQ1M4Y3Z0WmIwT281bkI1R085ZDR2K3p2MWFQMU9GOFJxcHNGSW5JTHR6OVZTakdvdFY2czFGWGsvdWYydTRTN0lyUEtTVWFKY3ZSTlhVbW4vOEdIZU5Cd1RlS0FjYk9naTlhWkFsTVRmMDVCWVZXN0RpaHFwTS9lRXIwWUNPN0xyOFc1V01CVzhDajNmR0lNcndlMklEdDExSjZwZlRMT0ZPQjN3K3plaGlOMnUwQ3o3MlBEZS9XYmRqS0FWeFV1UTB3c3RhakdCMytkcWxtMnRHVnFIZGZnMjdlMlUrbGxxTVlwWU5CZElQaFF2bUNkWWh2UkJBcjZhTSsvU2UvWWRMUHFnMmpIYy9MNUNLYWtBSE9QZGl4ZUVRRWVOemZQRGR6ME1Lck92dmtuOHk5UFdTRUJ0ZjNNSVYyTmFaMG0wczdGZzN3RkxKd3BHK3JVZFQzWmNHS0NmSFVOZlZMbGFyK3JSWDFyMUFMTkFOTUZHbitQZ3VWaTF0M2x3ajVuVjNLelFKczltcEdmM0FFNkZJYkxCMmN4MVl0ODdubDVGV2FNb3hRVmdvcSthWXd3cUxrdXlyT1JKZVlmbHd6V2JJa1FHSUYxVGdjand5UnZWb0ZUVg%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.28 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5bbb9c0f0e0824480fd077d8340987a94369f9565dfcf6b89dcb00229fb49673

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: qdsw2NkSLBBvb7vdgXpE9mqgp_9x4Fln
content-encoding: gzip
last-modified: Wed, 04 May 2022 17:13:35 GMT
server: AmazonS3
age: 176
etag: "02288b6b1ca1a8d5a1ce841c5df3ee19"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Tue, 17 May 2022 15:09:05 GMT
x-amz-cf-pop: FRA56-C1
content-length: 24357
x-amz-cf-id: C9Kb6KIJuQ1RcDvaFQldPCtCXi0ve4ihpW0nQTx-BMht6cYWKPcB9w==

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 15 KB
6 KB 76ms
9ms Script
application/x-javascript 151.101.193.21

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?t=xo&id=noracora.com

Requested by

Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=qwDB2QrCWObUu96G6R7zIn49flhDeE8zRWZBYzJSeGtIcUZydE0vY2Z2UnNhdy90aDdqZitPd1ZqUXYrc2tOWVRCcmxuN05NQWdxZ3BNUFpGWHpKaDVKcHh5TktiQ0NsSjNVUGRyLzA4ZGRUeEZFb0FpL0V5Wkh2ZWU0M0VOVk1vK0hZWXdzQ3oweDdVc0dXYk81VXZaV1NPQk5WM0trZys5azZQa3NEa1dlYTBxRUhWZWpBeU9OdFlaQW5tVW9pUmdrMlIyRFlZcjB1YUJoYW9UMW5vQnF6dzdJUkxhS1haTzk5OHpuL1MwMEhBaXFZTVJvQ3kyOWxLQURoZU9wUE9ONG1vYWxvdENoWlUvOFVIN3dtVWZJRkRqK21LK29TVTZVRkUybFFFWTYwOWkrZUMyV1NCSEk0SzlCY3ZBQ1M4Y3Z0WmIwT281bkI1R085ZDR2K3p2MWFQMU9GOFJxcHNGSW5JTHR6OVZTakdvdFY2czFGWGsvdWYydTRTN0lyUEtTVWFKY3ZSTlhVbW4vOEdIZU5Cd1RlS0FjYk9naTlhWkFsTVRmMDVCWVZXN0RpaHFwTS9lRXIwWUNPN0xyOFc1V01CVzhDajNmR0lNcndlMklEdDExSjZwZlRMT0ZPQjN3K3plaGlOMnUwQ3o3MlBEZS9XYmRqS0FWeFV1UTB3c3RhakdCMytkcWxtMnRHVnFIZGZnMjdlMlUrbGxxTVlwWU5CZElQaFF2bUNkWWh2UkJBcjZhTSsvU2UvWWRMUHFnMmpIYy9MNUNLYWtBSE9QZGl4ZUVRRWVOemZQRGR6ME1Lck92dmtuOHk5UFdTRUJ0ZjNNSVYyTmFaMG0wczdGZzN3RkxKd3BHK3JVZFQzWmNHS0NmSFVOZlZMbGFyK3JSWDFyMUFMTkFOTUZHbitQZ3VWaTF0M2x3ajVuVjNLelFKczltcEdmM0FFNkZJYkxCMmN4MVl0ODdubDVGV2FNb3hRVmdvcSthWXd3cUxrdXlyT1JKZVlmbHd6V2JJa1FHSUYxVGdjand5UnZWb0ZUVg%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 -, , ASN (),

Reverse DNS

Software

Resource Hash

6ef2bbf91c58f63adb85fc715ebc77310621b7c05deb8163623e30892b4f8e8b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-17hhzWZWzWzjLZ6jTK3sVOgvM3GCG31gPOA3dFV+j2xJaE4b' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-17hhzWZWzWzjLZ6jTK3sVOgvM3GCG31gPOA3dFV+j2xJaE4b' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 54532
x-cache: HIT
paypal-debug-id: f3739273b849b
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 5080
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4021-HHN
x-timer: S1652800321.716416,VS0,VE2
x-frame-options: SAMEORIGIN
date: Tue, 17 May 2022 15:12:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish
cache-control: public, max-age=3600
etag: W/"3c9a-pJz7SxajXSpesb/uExPFJZFxqXw"
accept-ranges: bytes
x-cache-hits: 1

GET
H3

200

src=10726730;dc_pre=CLuy_v_o5vcCFYrFsgod0WYO4Q;type=-floo0;cat=norac0;u1=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=10726730;type=-floo0;cat=norac0;u1=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://ad.doubleclick.net/ddm/activity/src=10726730;dc_pre=CLuy_v_o5vcCFYrFsgod0WYO4Q;type=-floo0;cat=norac0;u1=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...
https://adservice.google.com/ddm/fls/z/src=10726730;dc_pre=CLuy_v_o5vcCFYrFsgod0WYO4Q;type=-floo0;cat=norac0;u1=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gd...

42 B
63 B

74ms
44ms

Image
image/gif

2a00:1450:4001:831::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=10726730;dc_pre=CLuy_v_o5vcCFYrFsgod0WYO4Q;type=-floo0;cat=norac0;u1=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1

Requested by

Protocol

Server

2a00:1450:4001:831::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:12:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 May 2022 15:12:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=10726730;dc_pre=CLuy_v_o5vcCFYrFsgod0WYO4Q;type=-floo0;cat=norac0;u1=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1460301&seg=25959792&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1460301%26seg%3D25959792%26t%3D2

43 B
1 KB

18ms
17ms

Image
image/gif

185.33.221.89

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1460301%26seg%3D25959792%26t%3D2

Requested by

Protocol

HTTP/1.1

Server

185.33.221.89 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 May 2022 15:12:00 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ab628239-babf-4b45-bd03-e1662f781b79
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 17 May 2022 15:12:00 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: dbc4f95d-55c8-4314-9cf0-7ab78ba84f70
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1460301%26seg%3D25959792%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 102 KB
39 KB 38ms
38ms Script
application/javascript 2a00:1450:4014:80f::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-PKR656H&cid=102679107.1652800318

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::200e -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd182fc19af54722ab99cf5e7c3f2743196313ac7829fb6138f4141e067c37ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:12:00 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39776
x-xss-protection: 0
expires: Tue, 17 May 2022 15:12:00 GMT

GET
H2 200 report Show response
sl.streamoptim.com/log/ 0
211 B 229ms
167ms XHR
text/html 198.11.178.42

General

Check archive.org

Show headers Download Go to

Full URL: https://sl.streamoptim.com/log/report?p=%7B%22uuid%22%3A%22%22%2C%22ukey%22%3A%225hc0fcqhx365%22%2C%22rand%22%3A1652800320701%2C%22browser_time%22%3A%222022-05-17%2015%3A12%3A00%22%2C%22timezone%22%3A0%2C%22language%22%3A%22en%22%2C%22stream_msg_num%22%3A%22%22%2C%22event%22%3A%22visit%22%2C%22option%22%3A%7B%22behavior%22%3A%22%22%2C%22exit_stategy%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720%22%2C%22shop%22%3A%22noracora.com%22%7D%7D
Requested by: Host: wzstatic1.streamoptim.com
URL: https://wzstatic1.streamoptim.com/log.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.11.178.42 -, , ASN (),
Reverse DNS
Software: / PHP/7.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://noracora.com
date: Tue, 17 May 2022 15:12:00 GMT
content-encoding: gzip
access-control-allow-credentials: true
x-powered-by: PHP/7.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 streamUidIframe.html Show response
wzstatic.streamoptim.com/stream/ Frame 6D6C 3 KB
2 KB 64ms
9ms Document
text/html 2600:9000:206f:f800:18:33e:4e80:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://wzstatic.streamoptim.com/stream/streamUidIframe.html
Requested by: Host: wzstatic1.streamoptim.com
URL: https://wzstatic1.streamoptim.com/stream-subscribe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f800:18:33e:4e80:93a1 -, , ASN (),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 3c949c5151460fdd3fa34196f91976f15465b023e360bfb6906e76045528011f

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67172
content-encoding: gzip
content-md5: YOVJYeMCSH0akyM8BK4kiA==
content-type: text/html
date: Mon, 16 May 2022 20:32:27 GMT
last-modified: Wed, 16 Mar 2022 02:35:46 GMT
server: AliyunOSS
vary: Accept-Encoding
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-id: 5G3HH_z3aXuPtLZpzyJ67EEPKh68nErTJJfDaLLJrpn0uJbe5A0dZA==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-oss-hash-crc64ecma: 9570096327103776374
x-oss-object-type: Normal
x-oss-request-id: 6282B4DB91795F3939906F9C
x-oss-server-time: 53
x-oss-storage-class: Standard

GET
H2 200 fonts-style.css
wzstatic.streamoptim.com/stream/style/ 86 KB
38 KB 64ms
10ms Stylesheet
text/css 2600:9000:206f:f800:18:33e:4e80:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://wzstatic.streamoptim.com/stream/style/fonts-style.css
Requested by: Host: wzstatic1.streamoptim.com
URL: https://wzstatic1.streamoptim.com/stream-subscribe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f800:18:33e:4e80:93a1 -, , ASN (),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 015f884821f06b02bed600100cb93f5435a9fddd0014472082eb191134404f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 03:31:55 GMT
content-encoding: gzip
x-oss-request-id: 627F229976EC4B3437C00941
content-md5: 9h/+Bs66X1XZqOeOfipmdQ==
age: 42014
x-cache: Hit from cloudfront
x-oss-object-type: Normal
last-modified: Thu, 24 Jun 2021 03:21:47 GMT
server: AliyunOSS
etag: "F61FFE06CEBA5F55D9A8E78E7E2A6675"
vary: Accept-Encoding
content-type: text/css
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-oss-storage-class: Standard
x-amz-cf-pop: FRA56-C1
x-oss-hash-crc64ecma: 4707530008504402095
x-amz-cf-id: aqen-FDneeI3vNRg8TV8c8Y022BGZI8wEIVDIjH5SJyNsvgdQFkBrQ==
x-oss-server-time: 2

GET
H3 200 css
fonts.googleapis.com/ 19 KB
2 KB 38ms
20ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: wzstatic1.streamoptim.com
URL: https://wzstatic1.streamoptim.com/stream-subscribe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3e3237928651dd4515c87bd69117f4d4f381b9dc50a8f0d1c70f9b6a44e64cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:27:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 17 May 2022 15:12:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 May 2022 15:12:00 GMT

GET
H2 200 capture-config Show response
exit.streamoptim.com/notify/ 7 KB
7 KB 217ms
216ms XHR
application/json 198.11.178.42

General

Check archive.org

Show headers Download Go to

Full URL: https://exit.streamoptim.com/notify/capture-config?shop=noracora.com
Requested by: Host: wzstatic1.streamoptim.com
URL: https://wzstatic1.streamoptim.com/stream-subscribe.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.11.178.42 -, , ASN (),
Reverse DNS
Software: / PHP/7.3.3
Resource Hash: f5af8aa4330e195317a6be7d7bc87fc8e0c14d0a42c6ec47754ce591f249dc62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://noracora.com
date: Tue, 17 May 2022 15:12:00 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
x-powered-by: PHP/7.3.3
access-control-expose-headers: X-Redirect

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v24/ 12 KB
12 KB 28ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59d09721ef5d6a8a6aa8cf8100a1eaa2ef1644bd196fc1a788ad31e16a505734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 17:08:28 GMT
x-content-type-options: nosniff
age: 597812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12708
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 May 2023 17:08:28 GMT

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
16 KB 51ms
17ms Script
application/javascript 192.229.221.25

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?t=xo&id=noracora.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 -, , ASN (),

Reverse DNS

Software

ECAcc (frc/8F14) /

Resource Hash

64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 28852bda2cc09
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 16464
last-modified: Tue, 03 May 2022 17:28:29 GMT
server: ECAcc (frc/8F14)
etag: "6271663d-da91"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 17 May 2022 16:12:00 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
760 B 244ms
182ms Image
image/gif 151.101.1.35

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AAJE2RRYR3SNZ6-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AAJE2RRYR3SNZ6-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=5ab94f0e-6649-4a70-b41a-35dc76668d3c&fltp=analytics&mrid=AJE2RRYR3SNZ6&code=MUSE_ADMIN_TOOL&partner_name=MUSE_ADMIN_TOOL&flag_consume=yes&pt=Casual%20Womens%20Clothing%20Store%20Online%2C%20Womens%20Dresses%20%26%20Tops%20%7C%20Noracora&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1652800320855&g=0&completeurl=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720&ru=https%3A%2F%2Fstvkr.com%2F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 -, , ASN (),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:12:01 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 99b40ee0dd619
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4057-HHN
pragma: no-cache
x-timer: S1652800321.922412,VS0,VE168
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 15:12:01 GMT

GET
H2 200 _r Show response
app.link/ 91 B
564 B 189ms
160ms Script
text/javascript 2600:9000:2057:1800:19:9934:6a80:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.61.0&branch_key=key_live_no0eidoU1qUjKl39v6lW4bbosxakHab7&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:1800:19:9934:6a80:93a1 -, , ASN (),

Reverse DNS

Software

openresty / Express

Resource Hash

cb8f8c5a7b1bdf8485500f17e677780d20689462e3c390ac20f14b192488d09d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:12:00 GMT
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: FRA6-C1
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
etag: W/"5b-dL6jy9BGvUWtpJL0OA9WgWTqw4E"
x-amz-cf-id: o3Z_H2Oifi8B2L6S9NZPx7MAxBZX8oTWaZENMVyod_hOvOgwHOCTMg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 29ms
29ms XHR
text/plain 2a00:1450:4014:80f::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=40324815&t=pageview&_s=1&dl=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720&dr=https%3A%2F%2Fstvkr.com%2F&dp=%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720&ul=en-us&de=UTF-8&dt=Casual%20Womens%20Clothing%20Store%20Online%2C%20Womens%20Dresses%20%26%20Tops%20%7C%20Noracora&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=6uAYwHQ5RSCAlGmK-4SotA.0&_u=aCDAAEADQAAAAC~&jid=1268994417&gjid=335249803&cid=102679107.1652800318&tid=UA-107972033-1&_gid=117902507.1652800321&_r=1&_slc=1&z=1479959030

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:12:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://noracora.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uRopZ4jqWVEv8CJ5vrmtFzvapADUJr8J.gif
d1x82c5eu9l6cp.cloudfront.net/library/20211021/170930_481281/ 123 KB
124 KB 54ms
7ms Image
application/octet-stream 2600:9000:2057:f800:16:3cc5:1a40:21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1x82c5eu9l6cp.cloudfront.net/library/20211021/170930_481281/uRopZ4jqWVEv8CJ5vrmtFzvapADUJr8J.gif
Requested by: Host: noracora.com
URL: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:f800:16:3cc5:1a40:21 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6eb8fe21b6e7d7d5b9b9340dfb8bf2f7e546beedebdb899a900b72445d51de1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:06:55 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Thu, 21 Oct 2021 09:09:31 GMT
server: AmazonS3
age: 29648
etag: "00d43bb5f7bec840f9950b222d7351c1"
x-cache: Hit from cloudfront
content-type: application/octet-stream
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 126365
x-amz-cf-id: Qzie5ry2jONFdnmAuJA64fMrHesRJqMCyQ_QP6bu7yues1FZzqQuXQ==

GET
DATA 200
OK truncated
/ 16 KB
16 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f8d1a2da0bf0ec53abb2d35090b83c91483c7b8208c02d377d6a4906db06757

Request headers

Referer
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: font/truetype;charset=utf-8

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/store-cash-lite/ Frame 0FD9 54 KB
17 KB 19ms
19ms Document
text/html 192.229.221.25

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/store-cash-lite/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 -, , ASN (),

Reverse DNS

Software

ECAcc (frc/8FC1) /

Resource Hash

74e6cbf9d967897b24bdcd28a98163ecab3aafdfa0252dda26c573eb80ebd281

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16832
content-type: text/html
date: Tue, 17 May 2022 15:12:01 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "6271663d-d957"
expires: Tue, 17 May 2022 16:12:01 GMT
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 294299ae2d024
server: ECAcc (frc/8FC1)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 75AF 54 KB
16 KB 9ms
8ms Document
text/html 192.229.221.25

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 -, , ASN (),

Reverse DNS

Software

ECAcc (frc/8F27) /

Resource Hash

8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16791
content-type: text/html
date: Tue, 17 May 2022 15:12:01 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "6271663d-d994"
expires: Tue, 17 May 2022 16:12:01 GMT
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: b8b447e95c4f1
server: ECAcc (frc/8F27)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 71ms
16ms XHR
text/plain 2a00:1450:400c:c04::9d

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-107972033-1&cid=102679107.1652800318&jid=1268994417&gjid=335249803&_gid=117902507.1652800321&_u=aCDAAEACQAAAAC~&z=701079523

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 17 May 2022 15:12:01 GMT
content-type: text/plain
access-control-allow-origin: https://noracora.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 open_chat Show response
secure.livechatinc.com/customer/action/ Frame 34DC 4 KB
2 KB 150ms
137ms Document
text/html 23.36.162.71

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=12657117&group=1&embedded=1&widget_version=3&unique_groups=0
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.71 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad96a8ca40727dd37f61798a2349904ff819001830076b6cc938a897bbfbf0f5

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 1986
content-type: text/html; charset=utf-8
date: Tue, 17 May 2022 15:12:01 GMT
vary: Accept-Encoding

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.3/customer/action/ 11 KB
4 KB 143ms
143ms Script
application/javascript 23.36.162.71

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_localization?license_id=12657117&version=ff93808ef52c6dd040640c4853b854bd_a915f1cf6a1cb774f752c54f0f5eaf19&language=en&group_id=1&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.71 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5dc361d316164a593ef5c5cc92c69b27c5300d1e303bfa7c1fb9bf7508f51873

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:12:01 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
cache-control: public, max-age=600
content-length: 3791
expires: Tue, 17 May 2022 15:22:01 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 99ms
48ms Image
image/gif 2a00:1450:4001:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-107972033-1&cid=102679107.1652800318&jid=1268994417&_u=aCDAAEACQAAAAC~&z=1898680725

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:12:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 104ms
53ms Image
image/gif 2a00:1450:4001:810::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-107972033-1&cid=102679107.1652800318&jid=1268994417&_u=aCDAAEACQAAAAC~&z=1898680725

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:12:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 open Show response
api2.branch.io/v1/ 271 B
585 B 213ms
167ms XHR
application/json 2600:9000:206f:c800:11:f728:3040:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c800:11:f728:3040:93a1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14a518ec7d14a8051acc4ce8099e95cda77420b5eabd2c78d29f1298681dee16

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 17 May 2022 15:12:01 GMT
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 8c4bfa144071450a9275de0c8ae9b83c-2022051715
content-length: 271
x-amz-cf-id: CpcO2t0m3PTJO48E1eYvFK2a6NxBLJoij-TQBk3uvOBJxog0rBmSSg==

GET
H3 200 css
fonts.googleapis.com/ Frame 34DC 5 KB
710 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Requested by

Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=12657117&group=1&embedded=1&widget_version=3&unique_groups=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae9eb832495b375e14e3efb8d1711b5a849d3782fcf1b4e9fa3569a9e2dee83e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:59:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 17 May 2022 15:12:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 May 2022 15:12:01 GMT

GET
H2 200 0.15fb1a69.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 34DC 208 KB
65 KB 9ms
8ms Script
application/javascript 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/0.15fb1a69.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=12657117&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1eb7f96550baa7122111f189a87c107d654f037f92b6c6f305a2ec4925de238e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: 86bJfdBwIYbEsHS0KhR0VEcn3IKNjCyV
content-encoding: br
last-modified: Thu, 14 Apr 2022 10:07:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"e1c5ae761b035e078f16539c7a724199"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Tue, 17 May 2022 15:12:01 GMT
content-length: 65896
x-amz-cf-id: eMZE544gHsLN4HlhhuFh126jcjlSrvgctCsxgNNSiTMMgDVrBLWq9g==
expires: Wed, 17 May 2023 15:12:01 GMT

GET
H2 200 2.cfcaf31c.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 34DC 218 KB
62 KB 16ms
15ms Script
application/javascript 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/2.cfcaf31c.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=12657117&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 468c139eadb67c474f5cf5ed00fc117ab07298284b55c1dee696236c8f085806

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: brd0wPPM5.aLIcQHuAe6lW.kaBDXniO6
content-encoding: br
last-modified: Thu, 28 Apr 2022 12:44:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"ae006549d13fe0e4c037c6bcad6ec22c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Tue, 17 May 2022 15:12:01 GMT
content-length: 63082
x-amz-cf-id: OEJeBcjRj72tfU2JsctgjqsWjW4iibIfN3B_zkNg44g22Glj59t6qQ==
expires: Wed, 17 May 2023 15:12:01 GMT

GET
H2 200 iframe.c2923c7f.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 34DC 408 KB
110 KB 11ms
10ms Script
application/javascript 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/iframe.c2923c7f.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=12657117&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 207da87731dc9eb56d1c715cabc3e289ac3556ac63545510e093699c4c359b40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: 8Vr8Ob80tqUFT4puansf8YE6i.Vml_5e
content-encoding: br
last-modified: Tue, 17 May 2022 09:36:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"e06dafbdf9ffbd25a061e40a75d931fa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Tue, 17 May 2022 15:12:01 GMT
content-length: 111623
x-amz-cf-id: 5K2ymotALmQTwZIBZrO_2C9FfZxGJ93yY6pHiiiuzZT16dy8AFyGsQ==
expires: Wed, 17 May 2023 15:12:01 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
119 B 188ms
188ms Image
image/gif 151.101.1.35

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AAJE2RRYR3SNZ6-1&page=muse%3Aoffer%3A%3A%3AAJE2RRYR3SNZ6-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=5ab94f0e-6649-4a70-b41a-35dc76668d3c&es=visitorInfoFlowStarted&mrid=AJE2RRYR3SNZ6&code=MUSE_ADMIN_TOOL&partner_name=MUSE_ADMIN_TOOL&pt=Casual%20Womens%20Clothing%20Store%20Online%2C%20Womens%20Dresses%20%26%20Tops%20%7C%20Noracora&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1652800321566&g=0&completeurl=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 -, , ASN (),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:12:01 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 5ba21f24dd729
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4057-HHN
pragma: no-cache
x-timer: S1652800322.570176,VS0,VE181
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 15:12:01 GMT

POST
H2 200 graphql
www.paypal.com/targeting/ Frame 0FD9 0
0 285ms
285ms Fetch
application/json 151.101.193.21

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/store-cash-lite/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-X2E0AyC/umXzm4p16gQLezlxdVGEcbmy3/KjJ8YXKsjTUXKD' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-X2E0AyC/umXzm4p16gQLezlxdVGEcbmy3/KjJ8YXKsjTUXKD' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish
vary: Accept-Encoding
x-cache: MISS
paypal-debug-id: f591161cb54a3
date: Tue, 17 May 2022 15:12:02 GMT
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4021-HHN
x-timer: S1652800322.769180,VS0,VE273
x-frame-options: SAMEORIGIN
etag: W/W/"1b2-ESVfzmIPFty+k/rqp1UkPQtO/Jo"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
content-encoding: br
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 189ms
173ms Preflight 151.101.193.21

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Tue, 17 May 2022 15:12:01 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f591161831c49
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4028-HHN
x-timer: S1652800322.594505,VS0,VE163

GET
H3 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ Frame 34DC 13 KB
13 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.livechatinc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 17:47:57 GMT
x-content-type-options: nosniff
age: 77044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 17:47:57 GMT

GET
H3 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ Frame 34DC 12 KB
12 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.livechatinc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:22:46 GMT
x-content-type-options: nosniff
age: 82155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:28:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 16:22:46 GMT

POST
H2 200 graphql
www.paypal.com/targeting/ Frame 75AF 0
0 251ms
248ms Fetch
application/json 151.101.193.21

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-XoTcEL6WoMHo2byWPY77hYIr+E4UpbOLgmC/J6xsZ97T8rN+' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-XoTcEL6WoMHo2byWPY77hYIr+E4UpbOLgmC/J6xsZ97T8rN+' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish
vary: Accept-Encoding
x-cache: MISS
paypal-debug-id: f591161bf5ec6
date: Tue, 17 May 2022 15:12:02 GMT
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4021-HHN
x-timer: S1652800322.793463,VS0,VE233
x-frame-options: SAMEORIGIN
etag: W/W/"1b2-wa1KuVIGUkSpza6LCKVtgeAus6k"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
content-encoding: br
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 178ms
178ms Preflight 151.101.193.21

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Tue, 17 May 2022 15:12:01 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f591161bfcc14
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4028-HHN
x-timer: S1652800322.606171,VS0,VE171

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
390 B 191ms
191ms XHR
application/json 2600:9000:206f:c800:11:f728:3040:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c800:11:f728:3040:93a1 -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 17 May 2022 15:12:01 GMT
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: a8e5cd28a21142089091d530bf12a107-2022051715
content-length: 28
x-amz-cf-id: _KUBeSWygHjIVSzgLjXK-SFp-kGOnxuh4rUC2fztJVRmT9VOLAHF4Q==

GET
H2 200 3fa230860bcb0c5c5744caf0fc0f6d65895fa478.c1ab4c5644307f0b6801.js Show response
noracora.com/_next/static/chunks/ 11 KB
4 KB 41ms
39ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/3fa230860bcb0c5c5744caf0fc0f6d65895fa478.c1ab4c5644307f0b6801.js

Requested by

Host: noracora.com
URL: https://noracora.com/_next/static/chunks/commons.c1e8cb5bddc14e39df3d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

b3f2aa5374e4c38c6f8945fd64dce7373d52ea9d590ab0b92cf9f7f72113d2b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
x-powered-by: Express
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 1.510ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"2bfe-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: mhpUgvUA6hSvEw-a3z7ZUPYOX15Wm_NGRTB0dOBT9v0FL2vPqOZ7yw==

GET
H2 200 b99c52a0318916b3d7f621f22c807a318c833c12.04bed6d9d22b0405bd70.js Show response
noracora.com/_next/static/chunks/ 69 KB
20 KB 41ms
39ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/b99c52a0318916b3d7f621f22c807a318c833c12.04bed6d9d22b0405bd70.js

Requested by

Host: noracora.com
URL: https://noracora.com/_next/static/chunks/commons.c1e8cb5bddc14e39df3d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

1d60249e4b8d1ac9b914ed07876affc91480ee49eda34dc5cee13f793610c078

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
x-powered-by: Express
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.799ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"11260-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: tZxN_WXpoSleDwKKA0qsWByYQVrgkSFmQGGY-7q1WDAfq2TToDlSTw==

GET
H2 200 5d2baf1d22a39c41ba497c524c441eeeeb882675.b0b31302284c09653a09.js Show response
noracora.com/_next/static/chunks/ 11 KB
4 KB 41ms
40ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/5d2baf1d22a39c41ba497c524c441eeeeb882675.b0b31302284c09653a09.js

Requested by

Host: noracora.com
URL: https://noracora.com/_next/static/chunks/commons.c1e8cb5bddc14e39df3d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

66412057ce5fb05d3de0dd5b916b8b8263df6c9956b53f1a9d84e751e9e6e20d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
x-powered-by: Express
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.866ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"2a2f-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: PJy9SIHRYYsWvFQLDUEAozxAmDzXvbmUUaDk_wYtvS3w2nWV_Y3jCg==

GET
H2 200 flashsale-20bbc5355635c3325763.js Show response
noracora.com/_next/static/chunks/pages/ 77 KB
21 KB 42ms
41ms Script
application/javascript 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/chunks/pages/flashsale-20bbc5355635c3325763.js

Requested by

Host: noracora.com
URL: https://noracora.com/_next/static/chunks/commons.c1e8cb5bddc14e39df3d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

725cc203295c7b8a6faf24cf99779875f00a9c17db885f253297d728235896df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
Origin: https://noracora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
x-powered-by: Express
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.806ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"1340b-180d1207d28"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: kLcc6UGC_QunWPhHB23yJZ9HJkKW_crRnH94VhZt9Qb3OtUHQ9-hEQ==

GET
H2 200 009d4027b9c6af62b38e.css Show response
noracora.com/_next/static/css/ 13 KB
4 KB 31ms
31ms Fetch
text/css 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noracora.com/_next/static/css/009d4027b9c6af62b38e.css

Requested by

Host: harbor-hyperf.harborcdn.com
URL: https://harbor-hyperf.harborcdn.com/collect-data/collectData.modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.26.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-26-121.zag50.r.cloudfront.net

Software

openresty / Express

Resource Hash

afc6be4f4b5f58bd2e1d6fe8d2eff2edd09073dec202c0b431fe168f37170705

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 11:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11582
x-powered-by: Express
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-response-time: 0.765ms
last-modified: Tue, 17 May 2022 08:26:49 GMT
server: openresty
etag: W/"3479-180d1207d28"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: 1iTP2c-zHRU10CxD5fddTWQIcAx4q0ovem3w_OanI3WpG6iFLg4ozw==

POST
H2 200 /
harbor-hyperf.harborcdn.com/ 2 B
348 B 167ms
167ms XHR
text/html 2600:9000:224a:1c00:14:28af:c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://harbor-hyperf.harborcdn.com/
Requested by: Host: harbor-hyperf.harborcdn.com
URL: https://harbor-hyperf.harborcdn.com/statisData/js/statisData.modern.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1c00:14:28af:c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.0 /
Resource Hash

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 May 2022 15:12:01 GMT
content-encoding: gzip
server: nginx/1.21.0
x-amz-cf-pop: DUS51-P1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: AvnfO2k-OTboyscZuFkKOSluqhMlo20mSBZO2cV-L19dcyaG4D5k1w==
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)

OPTIONS
H2 200 /
harbor-hyperf.harborcdn.com/ Frame 0
0 151ms
150ms Preflight
application/octet-stream 2600:9000:224a:1c00:14:28af:c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://harbor-hyperf.harborcdn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1c00:14:28af:c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.21.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://noracora.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-origin: *
access-control-max-age: 172800
content-length: 0
content-type: application/octet-stream
date: Tue, 17 May 2022 15:12:01 GMT
server: nginx/1.21.0
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-id: 7TFXxzN3gu053qlltEvOV_yKmA2i494Y4g3HvwuNA8CmKE_YwyT8pw==
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront

POST
H2 200 token
accounts.livechatinc.com/customer/ Frame 34DC 138 B
1 KB 154ms
146ms XHR
application/json 23.36.162.71

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.livechatinc.com/customer/token
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/0.15fb1a69.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.71 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://secure.livechatinc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:12:01 GMT
content-type: application/json
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 138
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 77ms
41ms Script
text/javascript 142.250.185.162

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7869G6

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14865
x-xss-protection: 0
server: cafe
etag: 2710672821686371805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 17 May 2022 15:12:01 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 41ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: PGog7YHF9rt/aAyhfnUNx8ju/O7hRQxjJAVdStpQZTgvVkhZtingUVTvGeFaSSkJweKIWMLGDdtyO5ATRg4r/Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 17 May 2022 15:12:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 422 fb-conversions
noracora.com/rest/ 113 B
378 B 206ms
204ms Ping
application/json 65.9.26.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://noracora.com/rest/fb-conversions
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=qwDB2QrCWObUu96G6R7zIn49flhDeE8zRWZBYzJSeGtIcUZydE0vY2Z2UnNhdy90aDdqZitPd1ZqUXYrc2tOWVRCcmxuN05NQWdxZ3BNUFpGWHpKaDVKcHh5TktiQ0NsSjNVUGRyLzA4ZGRUeEZFb0FpL0V5Wkh2ZWU0M0VOVk1vK0hZWXdzQ3oweDdVc0dXYk81VXZaV1NPQk5WM0trZys5azZQa3NEa1dlYTBxRUhWZWpBeU9OdFlaQW5tVW9pUmdrMlIyRFlZcjB1YUJoYW9UMW5vQnF6dzdJUkxhS1haTzk5OHpuL1MwMEhBaXFZTVJvQ3kyOWxLQURoZU9wUE9ONG1vYWxvdENoWlUvOFVIN3dtVWZJRkRqK21LK29TVTZVRkUybFFFWTYwOWkrZUMyV1NCSEk0SzlCY3ZBQ1M4Y3Z0WmIwT281bkI1R085ZDR2K3p2MWFQMU9GOFJxcHNGSW5JTHR6OVZTakdvdFY2czFGWGsvdWYydTRTN0lyUEtTVWFKY3ZSTlhVbW4vOEdIZU5Cd1RlS0FjYk9naTlhWkFsTVRmMDVCWVZXN0RpaHFwTS9lRXIwWUNPN0xyOFc1V01CVzhDajNmR0lNcndlMklEdDExSjZwZlRMT0ZPQjN3K3plaGlOMnUwQ3o3MlBEZS9XYmRqS0FWeFV1UTB3c3RhakdCMytkcWxtMnRHVnFIZGZnMjdlMlUrbGxxTVlwWU5CZElQaFF2bUNkWWh2UkJBcjZhTSsvU2UvWWRMUHFnMmpIYy9MNUNLYWtBSE9QZGl4ZUVRRWVOemZQRGR6ME1Lck92dmtuOHk5UFdTRUJ0ZjNNSVYyTmFaMG0wczdGZzN3RkxKd3BHK3JVZFQzWmNHS0NmSFVOZlZMbGFyK3JSWDFyMUFMTkFOTUZHbitQZ3VWaTF0M2x3ajVuVjNLelFKczltcEdmM0FFNkZJYkxCMmN4MVl0ODdubDVGV2FNb3hRVmdvcSthWXd3cUxrdXlyT1JKZVlmbHd6V2JJa1FHSUYxVGdjand5UnZWb0ZUVg%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.26.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-26-121.zag50.r.cloudfront.net
Software: openresty /
Resource Hash

Request headers

Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 17 May 2022 15:12:01 GMT
via: 1.1 158b0f42a1d87ab9108e2baf28e8c990.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: ZAG50-C1
x-cache: Error from cloudfront
content-type: application/json
cache-control: no-cache, private
x-amz-cf-id: XnDpNLTZqlL-j-fErh6d5jB-DtX1vGAlT4KytMIY3mdBKD7NuaW9pg==

GET
H2 200 core.js
s.pinimg.com/ct/ 1 KB
0 141ms
117ms Script
application/javascript 2a02:26f0:6c00:2a2::1931

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7869G6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a2::1931 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET tags
us.creativecdn.com/ Frame ADC0 0
0

GET tags
us.creativecdn.com/ Frame CB39 0
0

GET
H2 200 ld.js
static.criteo.net/js/ld/ 41 KB
0 81ms
21ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7869G6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:12:01 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 06:27:13 GMT
server: nginx
etag: W/"626a33c1-a5a0"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 18 May 2022 15:12:01 GMT

GET
H2 200 bat.js
bat.bing.com/ 38 KB
0 52ms
33ms Script
application/javascript 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2FC7DAECF0D2491E8D09F2FC59E7E376 Ref B: FRA31EDGE0206 Ref C: 2022-05-17T15:12:01Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 17 May 2022 15:12:01 GMT
accept-ranges: bytes
content-length: 11333

POST prop.json
a2be1ed49e1c42499e547290e30473be-aac473ea903c.cdn.forter.com/ 0
0

GET
H3 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/796867273/ 3 KB
0 86ms
61ms Script
text/javascript 2a00:1450:4001:829::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/796867273/?random=1652800321897&cv=9&fst=1652800321897&num=1&value=0&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5g0&sendb=1&ig=1&data=event%3Dpage_view%3Becomm_pagetype%3DHome%3Becomm_totalvalue%3D0%3Becomm_category%3D&frm=0&url=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720&ref=https%3A%2F%2Fstvkr.com%2F&tiba=Casual%20Womens%20Clothing%20Store%20Online%2C%20Womens%20Dresses%20%26%20Tops%20%7C%20Noracora&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 15:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1246
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 136770776909564
connect.facebook.net/signals/config/ 92 KB
0 131ms
129ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/136770776909564?v=2.9.60&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noracora.com/?irclickid=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&irgwc=1&utm_source=Affiliate&utm_medium=Impact&utm_campaign=1234031&utm_content=TwR0kGVibxyIWlszN%3A0wnXCVUkD0qUzZh1412c0&utm_term=03720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: IaTmuB5roJvBrEPYAvVYS+CHoTS8NA6TZjBZvsajCdSDT/o1MysdxpxU+Oa+nZN4pkcEfLiJurftirVYKMpr3w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 17 May 2022 15:12:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1652800322041
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET 127.d8047637f12cb6e6da41.js
noracora.com/_next/static/chunks/ 0
0

GET 138.2bf71465d3a5b94eac6e.js
noracora.com/_next/static/chunks/ 0
0

GET all
noracora.com/rest/payment-icon/ 0
0

OPTIONS check_goals
api.livechatinc.com/v3.3/customer/action/ Frame 0
0

POST check_goals
api.livechatinc.com/v3.3/customer/action/ Frame 34DC 0
0

POST bury-log-web
jingwei.harborcdn.com/v1/dot/topic/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: us.creativecdn.com
URL: https://us.creativecdn.com/tags?type=iframe&id=pr_ugpG9309T8IGKwk03tIu_home&id=pr_ugpG9309T8IGKwk03tIu_lid_bDAwpI5Uc4GpbywkcY6H&su=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720&sr=https%3A%2F%2Fstvkr.com%2F&ts=1652800321843

Domain: us.creativecdn.com
URL: https://us.creativecdn.com/tags?type=iframe&id=pr_ugpG9309T8IGKwk03tIu&ncm=1&id=pr_ugpG9309T8IGKwk03tIu_lid_bDAwpI5Uc4GpbywkcY6H&su=https%3A%2F%2Fnoracora.com%2F%3Firclickid%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26irgwc%3D1%26utm_source%3DAffiliate%26utm_medium%3DImpact%26utm_campaign%3D1234031%26utm_content%3DTwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0%26utm_term%3D03720&sr=https%3A%2F%2Fstvkr.com%2F&ts=1652800321858

Domain: a2be1ed49e1c42499e547290e30473be-aac473ea903c.cdn.forter.com
URL: https://a2be1ed49e1c42499e547290e30473be-aac473ea903c.cdn.forter.com/prop.json

Domain: noracora.com
URL: https://noracora.com/_next/static/chunks/127.d8047637f12cb6e6da41.js

Domain: noracora.com
URL: https://noracora.com/_next/static/chunks/138.2bf71465d3a5b94eac6e.js

Domain: noracora.com
URL: https://noracora.com/rest/payment-icon/all

Domain: api.livechatinc.com
URL: https://api.livechatinc.com/v3.3/customer/action/check_goals?license_id=12657117

Domain: api.livechatinc.com
URL: https://api.livechatinc.com/v3.3/customer/action/check_goals?license_id=12657117

Domain: jingwei.harborcdn.com
URL: https://jingwei.harborcdn.com/v1/dot/topic/bury-log-web

Domain: jingwei.harborcdn.com
URL: https://jingwei.harborcdn.com/v1/dot/topic/bury-log-web

Domain: jingwei.harborcdn.com
URL: https://jingwei.harborcdn.com/v1/dot/topic/bury-log-web

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.downnload.com/	1970-01-23 18:42:40	Name: __tad Value: 1652800312.8923779
.1redirc.com/	1970-01-20 11:52:16	Name: __dsnsid Value: 202205180111524f93d2dd89342f1d9b
clever-redirect.com/	1970-01-20 03:08:06	Name: 99d42e3b91f278fceb0cb45096967533 Value: 354d2679bfa3189aa7c7b07064ae925307e308db35de63e872bd299337c0aadea%3A2%3A%7Bi%3A0%3Bs%3A32%3A%2299d42e3b91f278fceb0cb45096967533%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
.ir3.xyz/	1970-01-20 04:11:28	Name: 13755 Value: 7079b46f-dcc9-4eb9-85e1-4c8ce95bcf21
stvkr.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0ls22ltb8l0n71p646ln1286k2
.stvkr.com/	1970-01-20 11:52:16	Name: cnt Value: 59ffb811b18c50c21ecaf7b9165e5382
stvkr.com/	1970-01-20 03:06:40	Name: init_referer Value: NNNNS%2BfhcApNO9IAl9SYmZgWF8kBm8%2FWm9sFgvtcXFwYNjVNNNNNNNvYUj%3D%3D
stvkr.com/	1970-01-20 03:49:52	Name: skip_js_r Value: 1
stvkr.com/	1970-01-24 07:06:40	Name: widht Value: 1600
stvkr.com/	1970-01-24 07:06:40	Name: height Value: 1200
.stvkr.com/	1970-01-20 11:52:16	Name: pc Value: %60%FF%94%A5%04%87%FD%A9%E3%9A%22%D9%D6%A9%11%F2%CB%D2
.ojrq.net/	1970-01-20 20:23:28	Name: brwsr Value: b109041a-d5f3-11ec-a560-3b7a0116e7cd
.pxf.io/	1970-01-20 20:23:28	Name: brwsr Value: b109041a-d5f3-11ec-a560-3b7a0116e7cd
noracora.pxf.io/	1970-01-20 07:25:52	Name: irld Value: LVBrQZ%3AXWkRmjT-Ty6zTppwf2XKD27z1K0yac0HMypr1ltVrD
noracora.com/	1970-01-20 04:33:04	Name: epm_variation_v2 Value: 6uAYwHQ5RSCAlGmK-4SotA:0
noracora.com/	1969-12-31 23:59:59	Name: device Value: pc
noracora.com/	1969-12-31 23:59:59	Name: language Value: 4
noracora.com/	1969-12-31 23:59:59	Name: language-code Value: en
noracora.com/	1969-12-31 23:59:59	Name: currency Value: USD
noracora.com/	1969-12-31 23:59:59	Name: UTM_MEDIUM Value: Impact
noracora.com/	1969-12-31 23:59:59	Name: UTM_CAMPAIGN Value: 1234031
noracora.com/	1969-12-31 23:59:59	Name: UTM_CONTENT Value: TwR0kGVibxyIWlszN%253A0wnXCVUkD0qUzZh1412c0
.noracora.com/	1970-01-21 22:54:40	Name: forterToken Value: a2be1ed49e1c42499e547290e30473be_1652800317617__UDF4_9ck
.noracora.com/	1970-01-20 05:16:16	Name: _gcl_au Value: 1.1.1675267696.1652800318
.noracora.com/	1970-01-20 20:37:52	Name: _ga_S937ZDTJL6 Value: GS1.1.1652800317.1.0.1652800317.0
.noracora.com/	1970-01-20 20:37:52	Name: _ga Value: GA1.1.102679107.1652800318
.doubleclick.net/	1970-01-20 03:06:41	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://noracora.com/rest/fb-conversions Message: Failed to load resource: the server responded with a status of 422 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10726730.fls.doubleclick.net
1redirc.com
a2be1ed49e1c42499e547290e30473be-aac473ea903c.cdn.forter.com
aac473ea903c.cdn4.forter.com
accounts.livechatinc.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
amplify.outbrain.com
analytics.tiktok.com
analytics.webgains.io
api.livechatinc.com
api2.branch.io
app.link
at.alicdn.com
bat.bing.com
browser.sentry-cdn.com
cdn.branch.io
cdn.livechatinc.com
cdn9.forter.com
clever-redirect.com
cmall-static-resource.s3.us-west-2.amazonaws.com
connect.facebook.net
d1x82c5eu9l6cp.cloudfront.net
exit.streamoptim.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
harbor-hyperf.harborcdn.com
images.dmca.com
ir3.xyz
jingwei.harborcdn.com
lookandfind.me
noracora.com
noracora.pxf.io
s.pinimg.com
secure.adnxs.com
secure.livechatinc.com
sentry.chicv.com
sl.streamoptim.com
static.criteo.net
stats.g.doubleclick.net
stvkr.com
t.paypal.com
tr.outbrain.com
us.creativecdn.com
www.downnload.com
www.dwin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.ojrq.net
www.paypal.com
www.paypalobjects.com
wzstatic.streamoptim.com
wzstatic1.streamoptim.com
a2be1ed49e1c42499e547290e30473be-aac473ea903c.cdn.forter.com
api.livechatinc.com
jingwei.harborcdn.com
noracora.com
us.creativecdn.com
103.224.182.206
103.224.182.244
104.102.29.173
104.248.96.70
142.250.185.162
142.250.186.134
151.101.1.35
151.101.193.21
151.139.242.29
157.90.169.168
18.66.248.107
185.33.221.89
192.229.221.25
198.11.178.42
212.32.251.44
23.36.162.25
23.36.162.71
23.36.163.230
2600:9000:2057:1800:19:9934:6a80:93a1
2600:9000:2057:f800:16:3cc5:1a40:21
2600:9000:206f:c800:11:f728:3040:93a1
2600:9000:206f:f800:18:33e:4e80:93a1
2600:9000:214f:8400:a:d1a:b500:93a1
2600:9000:2182:7600:f:8ce2:fb80:93a1
2600:9000:224a:1c00:14:28af:c80:93a1
2620:1ec:c11::200
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2003
2a00:1450:4001:811::2008
2a00:1450:4001:812::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c04::9d
2a00:1450:4014:80f::200e
2a02:2638::3
2a02:26f0:6c00:2a2::1931
2a03:2880:f02d:100:face:b00c:0:3
2a04:4e42:200::729
34.95.127.121
35.201.76.231
44.240.119.169
52.88.55.75
52.92.209.58
64.202.112.31
65.9.26.121
65.9.63.124
65.9.63.28
78.46.197.88
8.45.52.250
99.86.7.20
015f884821f06b02bed600100cb93f5435a9fddd0014472082eb191134404f90
023bab8fdcb0c04588ae039ddbd09709fa6610fbba9c2cf82f42b0e84a2e5d95
03a489972229b8cf54326e7d9e38645917d164de26b38d995588fb9a373fe67c
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0b17090117c8a8ee9ab439a234181893eaa1ef4b7e9bec7ef5b426d91aacd2c8
1128defc1bb060a86cfb24fae08527827b9a0da67591c05a7da7e75a63e96300
14a518ec7d14a8051acc4ce8099e95cda77420b5eabd2c78d29f1298681dee16
157ae16f8ad4fa03467fa1b04a9a53caa41d33f12b8c784ff12881e6b640f2ed
1690ec838b85e79a402499ae733bf02a1bc6d854179f7157f331db53964bb6d4
19df2f4636e335586330f7fc61067a1d29523a2ae37a641979a2fb05647727d7
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d60249e4b8d1ac9b914ed07876affc91480ee49eda34dc5cee13f793610c078
1debd9fb051712d794ed8bafd87454babc1f0de13d7407cc48cac80d8f86079f
1eb7f96550baa7122111f189a87c107d654f037f92b6c6f305a2ec4925de238e
1f1ffdd32e572a5abb5540e6c2d447b8d51a75135ee410e7d8a84d846a23790c
207da87731dc9eb56d1c715cabc3e289ac3556ac63545510e093699c4c359b40
24563db5ff92b6410f00a243363c2125945b9085eb14891285a1950a32c044a8
257698901f2e511376a8abc1a62a2473e2a575e9a66bb45fbef9aa9cd18d8bed
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27fc2b35704c71658cb391da2678d197c71b1a00a13c2ec0226d3bbe3afc6439
28f476ca97be920cbf162008079a06660784b953b842f7decb99c43c29cba24b
29a13c4e1a7fd52b35fc98429da1397df6bd3940db63623406a5548402875b3c
2a954cbb3d4a7d971e776e74137055801d2af612a5187101688e41d63e0dbc16
2bafd66077b4b0c72d6a5371eb1d96e8671b26ffe3139a91bbbbe198a7bba703
2e24bf5c4766749d78d4eba852f25128baaec3dcfebdf55a61224eb25781b541
2e36be5ecbadb804d9d1d73af67e5d3df88dd20d0259d72c18e728553f0af7b2
322d68baa6a99ef39ef6db62efcdb4735271605414b2ae04906cc582bd9f07c5
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
35292ad5ebdec2b69df473f981fba41e7857f71070a763c0507ed4f223d12c28
35421b5c208d0ad760209424756e3edff966fbaa553aa62d7e7ac075394e54ab
3833b580c57145f52617930c1a425d017d0ce1c374f0f9246270590535a06aef
396e2ec58d15a4a2b38e9fc2ffcc1c6eeb0ee6785243799ea44a29ac7b5acc1e
39838046ca9987aae8b9b4ecfabfea8487e8dd19f9952e18687b333fdc1722ee
3c949c5151460fdd3fa34196f91976f15465b023e360bfb6906e76045528011f
3d2e1b9596d9a9bd460ec6096ba1ba0cc2c15c80fded944806d6fbb59b18f567
3e40fce7a45adfa95bcd4b3f99b56a8e24ccb9672a2597a71229c6fe020cb4c8
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44eb572375de97815e7ff25b049ed0305e88e739718d1ff8d726aff53ddcafa5
468c139eadb67c474f5cf5ed00fc117ab07298284b55c1dee696236c8f085806
497f7417863953bee73fdcc95e829a0ef7d1126efa8e2ba6a1a191556227e916
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cbb8418fce7479f876b994c15db4c37b05a1a2fafe0ef5b8ab5edda8c3efd09
4e0e1e988e01c390c4e977764e65b3d439b32641f6f80533a338b4e39c23267b
52c9e1d5b8267cbf303877349189ae507b85e9fecd9d5a00b6ac6d4254db455a
55933f759a9712b62784c956a0d25b8a1d75f7f0caaf32e2721cc48477f8177f
5695d448b0b1e0a4a751cc7f739599d00f6c258f824dc5ff14a56b3d13fbe056
59513a4caf6dc441d96679c3b72083bd91196574ffc82dd31ff67e5e29265f7b
59c32b7590ad285ae70a14fd2e75a7d26842d101a14e4c5e5c9eecd7bc44bb3c
59d09721ef5d6a8a6aa8cf8100a1eaa2ef1644bd196fc1a788ad31e16a505734
5bbb9c0f0e0824480fd077d8340987a94369f9565dfcf6b89dcb00229fb49673
5dc361d316164a593ef5c5cc92c69b27c5300d1e303bfa7c1fb9bf7508f51873
5fe90280875fb1c1556e46db62d7e1331e6fc5050e1f6c2ad369b4fcd4695173
6296ec7385b1348bde40c855f7a20afba1421b80d6ce3c7fa6d32d728f2feb60
640d6c0ccc6a8eae88d7a5c7c431e364f72cdd7c807b388a08aef6520f109aca
646a541e113020cef37f018467c3306ff3cb2d6f435d0806d8368dad24c97343
649c77d53ec4e030905b124b24ac1513f034511a634d7715355b56667a1ac445
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
66118437cc76650f2d00114241f045f0fb94c399255b006d3e1d7dc138e7141c
663199fbe8264b7ce36a387d7191656d51c397bc38c10f9c83bb34010c798d4a
66412057ce5fb05d3de0dd5b916b8b8263df6c9956b53f1a9d84e751e9e6e20d
670336c7a01a2eba128c7baa9e0c4d411d690d2bf0af5b16180066efe5f4671a
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6db211fe2d7681864a8ab94148498c47497214dcea8a47d4e0f5eb7ebb80f7be
6ef2bbf91c58f63adb85fc715ebc77310621b7c05deb8163623e30892b4f8e8b
71e5f6ded670161d73acd6ceda3a31ebeb9a93e8504429446ad799bae9b5e1e0
725cc203295c7b8a6faf24cf99779875f00a9c17db885f253297d728235896df
74e6cbf9d967897b24bdcd28a98163ecab3aafdfa0252dda26c573eb80ebd281
75eb94b7f06a49fd9d5fc4802e804ca1244678e9b9a5189040d63f2abb7928dc
7611e7ede9a86f22a84bf6c3687089f8dd6938cd6ca7543ac6bd276946ca9b5b
789d2f63cc1babb8872b67fbd961c74e802e5fbe6448e40d6864ba8a6539b853
7a6b5a73c1e223ce8259f8a667f027ff8c2b3b6739ab484d094b8a285e9b9e1c
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d
7ea47152d56d1690f28d19c2fcda17fcea3f42dbaec0432fda269e70ab5cb63f
7f8d1a2da0bf0ec53abb2d35090b83c91483c7b8208c02d377d6a4906db06757
819b3d44a1a8b615eeefa5036c5e47a5c4606acce8a52b3d6f5ccd66ffe873e3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
870ce1d50e308cca893a59c22c437f8b306f1e49ce34fd24b5688621008c9e4b
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749
8ab527f292c2886c9f1be9d85f566fbcf00fdd20468863e365295826e62ee91d
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
8c032c71b7cd53fbdf9115d21cb866e05b99a8aa6dbaae110bc88d826fa0c714
8d7615fba68738296b8008ee114b70548000e73df35021e502499d8fa3fd0de1
90ad022a6282ef2781aae6b6e063625fab5a09fc30cacce89e6e06e5ce5b902b
921b6510be7d5658379417f20d0ed7747eeb57b8f0ff1d025b577c75b4a74ebb
924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402
933405701c29b58aa121b9574fada92036c2d9e2427e11e0bbe92e3fd55e888a
9355e17318f74aef88dacc37013716a2478e6fe85881a327cfd222a02f5e1a20
9750d34d8d2458444dd732da3a5e25571d42061896039cd078ccf40ee8d40b5a
989ae9852b11c2691813a528b42dd5c5c4a1a152edf2f1dcd2457545a3c7d4ac
99932e2971bf1bb7bfbc4fa46d4be947d86c3080f07cd75af9bba831962c79ed
9a19a7286c809d408598238e3f3e9d505465de9f0a55cec729dbd7fb2b010ad4
9b889582cd4d1928d536022b11bba57bfe90fcbd6af57926da1bac40a3957c90
9bd98639c897234e99ad70e510b4742fa9eaa655b34a1dae3429d677485a69f0
a111eee4e8d95538ca80508a6c7f76c5f6592b0282e4e791ea1c1efae63ef08a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
a2f5d51fbede89feca8cc348b927221d14f73ee537a23574197df31e14279ba8
a483035970c0d8040b0718c1d73d22b8c62cd6e06658b99a339cae8294b86cfb
a5f3d285fe0cecc381f4fdfeae09acd9192e2a748ae9b0e28880da5e9c37f2e5
a613a2d65ac54c9d41e49624f1424b1ca20f48e3f017c17830af8127c4cda4fc
a6a653254dcb6271f0c3c090d18a77bbe300f8ed4f334202f3e9a168847cbc4f
a71abe10a7b2df1906f5dfa8cbc40b6d0044069f69232588612d7a130742dfe9
a81b049a31f352a089f9173fe0a2964c5a3b6417996c8168c67456ef545f9a21
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1
ace677c97460b0c4dafc67749c8a3413aa6701d9a57b6a6bea41a06110e40219
ad96a8ca40727dd37f61798a2349904ff819001830076b6cc938a897bbfbf0f5
ae9eb832495b375e14e3efb8d1711b5a849d3782fcf1b4e9fa3569a9e2dee83e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afc6be4f4b5f58bd2e1d6fe8d2eff2edd09073dec202c0b431fe168f37170705
b1944bb580e56c670e58ad51bde1b2a34d28325e17da47a40afea12284fb995b
b2666a2f678a8564527f79c02b49ef33d0e84c154b80fa3bfb763e7e5f55814f
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b3f2aa5374e4c38c6f8945fd64dce7373d52ea9d590ab0b92cf9f7f72113d2b5
b4eab304f4ae78083d12668202c066ee8fec2c40e893d9e5d8a3c49f1495c1a9
b6eb8fe21b6e7d7d5b9b9340dfb8bf2f7e546beedebdb899a900b72445d51de1
b721bf454fafa6070b861bab51482cdb61c6951a4e87240494fcbafbaa6a190d
b98153fe43148d71e3be959486b031e33e8114c51ba787e0be6dcd0099f085e0
bc6bc527edd4f5aab95d57769f11fa25054defaa9f93ff70a17207956f3db218
bd182fc19af54722ab99cf5e7c3f2743196313ac7829fb6138f4141e067c37ed
bd42cb8c16cbf4576eea889cb82fddb9da4cc892bb45ecbaf59c094951fbb822
bea31dce1870a821ccbe0f1fc53d37af0afd26d9592aa294c7713327b697bb29
c120f6b60a564b50efbc05b009c6062f9baf7498788bf783e6123f9425a7df37
c1ae7d18413d96351771ae4f49749b60774f82e2f7b97abb3b27abe1ecb99d7e
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
c42579de372a61fce7060d5bc79979ff1274e2b993a50b804ee77a68a4eed291
c603443b7b0fa530ed7fe59a7dcdbb5e64d99ec56a1082bd5651981a031e536a
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c9604d43e9ef350f22eb191f170a6cb8787feb44c22feabc9bcfbc90317e200e
cb8f8c5a7b1bdf8485500f17e677780d20689462e3c390ac20f14b192488d09d
ccfd49b1835856dd58068f8a8db2388dfaf0c2cd5f0ace85e924e404bb832af9
ce6678c03366e3e913a19d1245613bec0df7e164b3c208d1bfe1f0d7e8cd211d
d007e5cdfcc85939444c9a3b6fa93b37d403c613b014ae5946ef8037027908b2
d056106895249ea7f0dd5d7d63ee882f05074a58b914904c9f6ef15867059f38
d26a0c5287f55d13718f5f6ccafe93576ecb06a10188fd6f21d6fbd712c997ff
d59948ca6024e68b79e9c799b9e0945890d7e0e44e2e91e63094664328d7a5e3
d87e01fccc9cb3d100bfd02a1b740cd7d6536ecfe46c623e5dbd85eb607ee35a
d9dbe216fc20a559b9ae318c2e381d32977515f506a9ae85244eca36647265f4
da3ae9f0c301e5769910c90b65690fdcf633d70b81a2b1fa875194ea470d8ecb
da7467977c765c981853b32b9b1921dcb3539e536724ec2220fa573be0939cee
df56bf97fe3e8a65361eb7910625d53c715ba6710dddd1a39d7dbf2ca578e371
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e3237928651dd4515c87bd69117f4d4f381b9dc50a8f0d1c70f9b6a44e64cb
e979e184f779712a9abaa7f0cdf0bf19ef1b2d84e03c2ebf44acaf356b5b41c0
e9b1e0baca9eb4c37a0844af6ad4925bd22a460e73574b0c0a66c57e8cd5970f
e9fc871e6f49b5eee90271ae8d7414b31057498093ae7b53221eb09a73185649
ea1e9c96ddc44937cacd0aaa9f0b379f5222507d984dd5b286a0e7a985790035
ec7fa8d8bd2a6ab04d184cc8e3631c40bce05c6692b25fb65b624cd5bdb021c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f270bb0c0e21c689a80cfd96561a2760eb3358bffa6b3cd9ae8a42ec0df40216
f2adfede0290df57fcfcd97967ced55fd3b479ea549aa0e37392eb108a6b54f0
f496e35c98dbeed1378159c12d3a149a5769d3e2bab62f172df7da99be876b81
f53fa4c33cc7e60f43d53cfb1154a76ca4c1355ab67480da2f831c380ea64329
f5ae6e9290d1ddac2f8ec1589383acd5ae62da5d3b83bcc4c3eec2419ae688bb
f5af8aa4330e195317a6be7d7bc87fc8e0c14d0a42c6ec47754ce591f249dc62
f6e0deb339694520ce928323c06750ed0129007c9eeca794452da0cc816260eb
f729a145513e9a80525f5dfbdfa5f02c6c25c69562229e2d57c1544ec0e56295
f8e0df9555a2a1afb97307b09664c429be5c68843f6bb758e67c2d6303de18eb
fbdf038eb8a89476aa6d289707e454739ae480d540e5897ac2d08e5d36134ebe
fc41df911ac5e1a263791cfa8b1bdde083f69908c112c456dcfcf399f0e4372a
ffc1e443a700db7ed765925bcdc9b4572dfd89b3c18978a41af71e95734cf087

noracora.com Open in urlscan Pro 65.9.26.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

248 Requests

92 %HTTPS

42 %IPv6

41 Domains

58 Subdomains

49 IPs

6 Countries

3791 kBTransfer

10598 kBSize

27 Cookies

4 Outgoing links

Page URL History

Redirected requests

248 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

noracora.com Open in urlscan Pro
65.9.26.121 Public Scan

Screenshot
Live screenshot

Full Image

248
Requests

92 %
HTTPS

42 %
IPv6

41
Domains

58
Subdomains

49
IPs

6
Countries

3791 kB
Transfer

10598 kB
Size

27
Cookies

248 HTTP transactions
2 data transactions